Design Agency

Privacy Policy

We are very pleased about your interest in our company. Data protection has a particularly high priority for the management of iDesign GmbH. The use of the iDesign GmbH website is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, the processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data—such as the name, address, email address, or telephone number of a data subject—always takes place in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to iDesign GmbH. With this data protection declaration, our company aims to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this data protection declaration informs data subjects of their rights.

As the controller responsible for processing, iDesign GmbH has implemented numerous technical and organizational measures to ensure the most complete protection possible of the personal data processed through this website. Nevertheless, internet-based data transmissions may generally have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative means, such as by telephone.

1. Definitions

The privacy policy of iDesign GmbH is based on the terminology used by the European legislator when adopting the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for the general public as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.

In this privacy policy, we use, among others, the following terms:

  • a) Personal Data

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

  • b) Data Subject

A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

  • c) Processing

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

  • d) Restriction of Processing

Restriction of processing means the marking of stored personal data with the aim of limiting its future processing.

  • e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

  • f) Pseudonymization

Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

  • g) Controller or Controller Responsible for the Processing

Verantwortlicher oder für die Verarbeitung Verantwortlicher ist die natürliche oder juristische Person, Behörde, Einrichtung oder andere Stelle, die allein oder gemeinsam mit anderen über die Zwecke und Mittel der Verarbeitung von personenbezogenen Daten entscheidet. Sind die Zwecke und Mittel dieser Verarbeitung durch das Unionsrecht oder das Recht der Mitgliedstaaten vorgegeben, so kann der Verantwortliche beziehungsweise können die bestimmten Kriterien seiner Benennung nach dem Unionsrecht oder dem Recht der Mitgliedstaaten vorgesehen werden.

  • h) Processor

A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  • i) Recipient

A recipient is a natural or legal person, public authority, agency or another body, to which personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

  • j) Third Party

A third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

  • k) Consent

Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

2. Name and Address of the Controller

The controller, as defined by the General Data Protection Regulation (GDPR), other data protection laws applicable in the Member States of the European Union, and other provisions of a data protection nature, is:

iDesign GmbH
Nindorfer Straße 2
21614 Buxtehude
Germany

Phone: 041616695940
Email: info@idesign.de
Website: wwwidesign.de

3. Cookies

The websites of iDesign GmbH use cookies. Cookies are text files that are stored on a computer system via an Internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables visited websites and servers to distinguish the individual’s browser from other Internet browsers that contain different cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

By using cookies, iDesign GmbH can provide users of this website with more user-friendly services that would not be possible without the cookie setting.

Cookies allow us, as mentioned above, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, a user of a website that uses cookies does not have to enter their login details again each time they visit the site, because this is taken care of by the website and the cookie stored on the user’s computer system. Another example is the cookie of a shopping cart in an online store. The online store remembers the items that a customer has placed in the virtual shopping cart via a cookie.

The data subject can, at any time, prevent the setting of cookies by our website by means of a corresponding setting in their Internet browser and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in their Internet browser, not all functions of our website may be fully usable.

The website of iDesign GmbH collects a range of general data and information with every access to the website by a data subject or an automated system. This general data and information are stored in the server’s log files. The data that can be collected include (1) the types and versions of browsers used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the subpages that are accessed on our website via an accessing system, (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information that serve to prevent danger in case of attacks on our information technology systems.

When using this general data and information, iDesign GmbH does not draw conclusions about the data subject. Instead, this information is needed to (1) correctly deliver the contents of our website, (2) optimize the contents of our website and the advertising for it, (3) ensure the permanent functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the necessary information for prosecution in the event of a cyberattack. These anonymously collected data and information are therefore analyzed by iDesign GmbH on the one hand statistically and on the other hand with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

5. Contact option via the website

The website of iDesign GmbH contains information due to legal requirements that enable rapid electronic contact with our company as well as immediate communication with us, which also includes a general address of the so-called electronic mail (email address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data voluntarily submitted by a data subject to the controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

6. Routine deletion and blocking of personal data

The controller processes and stores personal data of the data subject only for the period necessary to achieve the storage purpose or if this is provided for by the European directive or regulation legislator or another legislator in laws or regulations to which the controller is subject.

If the storage purpose ceases to apply or a storage period prescribed by the European directive or regulation legislator or another competent legislator expires, the personal data are routinely blocked or deleted in accordance with legal requirements.

7. Rights of the data subject

  • a) Right to confirmation

Every data subject has the right granted by the European directive and regulation legislator to request confirmation from the controller as to whether personal data concerning them is being processed. If a data subject wishes to exercise this right to confirmation, they can contact an employee of the controller at any time.

  • b) Right of access

Every person affected by the processing of personal data has the right granted by the European directive and regulation legislator to receive, at any time and free of charge, information from the controller about the personal data stored about them and a copy of this information. Furthermore, the European directive and regulation legislator grants the data subject the right to receive information about the following:

    • the purposes of the processing
    • the purposes of the processing
    • the categories of personal data being processed
    • the recipients or categories of recipients to whom the personal data have been or will be disclosed, especially recipients in third countries or international organizations
    • if possible, the planned duration for which the personal data will be stored, or, if this is not possible, the criteria used to determine this duration
    • the existence of a right to rectification or erasure of the personal data concerning them or to restriction of processing by the controller or a right to object to such processing
    • the existence of a right to lodge a complaint with a supervisory authority
    • if the personal data are not collected from the data subject: all available information about the origin of the data
    • the existence of automated decision-making including profiling according to Article 22 (1) and (4) GDPR and — at least in these cases — meaningful information about the logic involved as well as the significance and envisaged consequences of such processing for the data subject

Furthermore, the data subject has the right to know whether personal data have been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to receive information about the appropriate safeguards related to the transfer.

If a data subject wishes to exercise this right of access, they can contact an employee of the controller at any time.

  • c) Right to rectification

Every person affected by the processing of personal data has the right granted by the European directive and regulation legislator to request the immediate correction of inaccurate personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to demand the completion of incomplete personal data — including by means of a supplementary statement.

If a data subject wishes to exercise this right to rectification, they can contact an employee of the controller at any time.

  • d) Right to erasure (right to be forgotten)

Every person affected by the processing of personal data has the right granted by the European directive and regulation legislator to demand that the controller delete the personal data concerning them without delay, provided that one of the following reasons applies and insofar as the processing is not necessary:

    • The personal data were collected or otherwise processed for purposes for which they are no longer necessary.
    • The data subject withdraws their consent on which the processing pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR was based, and there is no other legal basis for the processing.
    • The data subject objects to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21(2) GDPR.
    • The personal data have been unlawfully processed.
    • The deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
    • The personal data have been collected in relation to the offer of information society services pursuant to Art. 8(1) GDPR.

If one of the above-mentioned reasons applies and a data subject wishes to request the deletion of personal data stored by iDesign GmbH, they can contact an employee of the controller at any time. The employee of iDesign GmbH will ensure that the deletion request is complied with without delay.

If the personal data have been made public by iDesign GmbH and our company, as the controller, is obliged to delete the personal data pursuant to Art. 17(1) GDPR, iDesign GmbH will take appropriate measures, including technical measures, considering the available technology and implementation costs, to inform other controllers who are processing the published personal data that the data subject has requested the deletion of all links to those personal data or copies or replications of those personal data, insofar as processing is not required. The employee of iDesign GmbH will take the necessary action on a case-by-case basis.

  • e) Right to restriction of processing

Every person affected by the processing of personal data has the right granted by the European directive and regulation legislator to request the restriction of processing by the controller if one of the following conditions applies:

    • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
    • The processing is unlawful, the data subject opposes the deletion of the personal data and requests instead the restriction of their use.
    • The controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise or defense of legal claims.
    • The data subject has objected to processing pursuant to Art. 21(1) GDPR and it is not yet clear whether the legitimate grounds of the controller override those of the data subject.

If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored by iDesign GmbH, they can contact an employee of the controller at any time. The employee of iDesign GmbH will initiate the restriction of processing.

  • f) Right to data portability

Every person affected by the processing of personal data has the right granted by the European directive and regulation legislator to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit these data to another controller without hindrance from the controller to whom the personal data were provided, provided that the processing is based on consent according to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract according to Art. 6(1)(b) GDPR, and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, when exercising the right to data portability pursuant to Art. 20(1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, insofar as this is technically feasible and does not adversely affect the rights and freedoms of others.

To assert the right to data portability, the data subject can contact an employee of iDesign GmbH at any time.

  • g) Right to object

Every person affected by the processing of personal data has the right granted by the European directive and regulation legislator to object at any time, for reasons arising from their particular situation, to the processing of personal data concerning them which is based on Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions.

iDesign GmbH will no longer process the personal data in the event of an objection unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or the processing serves the establishment, exercise, or defense of legal claims.

If iDesign GmbH processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for such marketing. This also applies to profiling insofar as it relates to such direct marketing. If the data subject objects to processing for direct marketing purposes, iDesign GmbH will no longer process the personal data for these purposes.

Moreover, the data subject has the right to object, for reasons arising from their particular situation, to the processing of personal data concerning them for scientific or historical research purposes or for statistical purposes pursuant to Art. 89(1) GDPR unless such processing is necessary for the performance of a task carried out for reasons of public interest.

To exercise the right to object, the data subject may contact any employee of iDesign GmbH or another employee directly. The data subject is also free to exercise their right to object in connection with the use of information society services, regardless of Directive 2002/58/EC, by automated means using technical specifications.

  • h) Automated individual decision-making including profiling

Every person affected by the processing of personal data has the right granted by the European directive and regulation legislator not to be subject to a decision based solely on automated processing—including profiling—that produces legal effects concerning them or similarly significantly affects them, unless the decision (1) is necessary for entering into or performing a contract between the data subject and the controller, or (2) is permitted by Union or Member State law to which the controller is subject and which contains suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is based on the explicit consent of the data subject.

If the decision (1) is necessary for entering into or performing a contract between the data subject and the controller, or (2) is based on the explicit consent of the data subject, iDesign GmbH takes appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, which include at least the right to obtain human intervention by the controller, to express their point of view, and to contest the decision.

If the data subject wishes to assert rights related to automated decisions, they may contact an employee of the controller responsible for processing at any time.

  • i) Right to revoke data protection consent

Every person affected by the processing of personal data has the right granted by the European directive and regulation legislator to revoke consent to the processing of personal data at any time.

If the data subject wishes to assert their right to revoke consent, they may contact an employee of the controller responsible for processing at any time.

8. Data protection provisions on the use of Google Analytics (with anonymization function)

The controller responsible for processing has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the collection, gathering, and evaluation of data about the behavior of visitors to websites. A web analysis service records, among other things, data about which website a data subject came from (so-called referrer), which subpages of the website were accessed, how often, and for how long a subpage was viewed. Web analysis is mainly used to optimize a website and to perform cost-benefit analyses of online advertising.

The operating company of the Google Analytics component is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

The controller responsible uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. This addition shortens and anonymizes the IP address of the data subject’s internet connection by Google when access to our website occurs from a member state of the European Union or another contracting state of the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze visitor traffic on our website. Google uses the collected data and information, among other things, to evaluate the use of our website, to compile online reports for us that show the activities on our website, and to provide further services related to the use of our website.

Google Analytics sets a cookie on the data subject’s information technology system. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyze the use of our website. With each call of an individual page of this website operated by the controller responsible and on which a Google Analytics component has been integrated, the internet browser on the data subject’s information technology system is automatically instructed by the respective Google Analytics component to transmit data for online analysis to Google. Within this technical process, Google obtains knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to trace the origin of visitors and clicks and subsequently to enable commission accounting.

By means of the cookie, personal information such as access time, the location from which access was made, and the frequency of visits to our website by the data subject are stored. On each visit to our websites, these personal data, including the IP address of the internet connection used by the data subject, are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may disclose these personal data collected via the technical process to third parties.

The data subject can prevent the setting of cookies by our website at any time by configuring the internet browser used accordingly and thus permanently object to the setting of cookies. Such a browser setting would also prevent Google from setting a cookie on the data subject’s information technology system. Additionally, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs.

Furthermore, the affected person has the option to object to the collection of data generated by Google Analytics relating to the use of this website as well as the processing of this data by Google and to prevent such collection. To do this, the affected person must download and install a browser add-on from the link https://tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites should be transmitted to Google Analytics. The installation of the browser add-on is considered an objection by Google. If the information technology system of the affected person is deleted, formatted, or reinstalled at a later time, the affected person must reinstall the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the affected person or another person within their sphere of control, it is possible to reinstall or reactivate the browser add-on.

Further information and the applicable Google privacy policies can be accessed at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link https://www.google.com/intl/de_de/analytics/.

9. Privacy Policy Regarding the Use of Google AdWords

The controller responsible for processing has integrated Google AdWords on this website. Google AdWords is an online advertising service that allows advertisers to display ads both in the Google search engine results and on the Google advertising network. Google AdWords enables an advertiser to specify certain keywords in advance, by which an ad will only be shown in the Google search results if the user retrieves a keyword-relevant search result using the search engine. In the Google advertising network, ads are distributed on topic-relevant websites by means of an automatic algorithm while taking into account the previously defined keywords.

The operating company of the Google AdWords services is Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

The purpose of Google AdWords is to promote our website by displaying interest-relevant advertising on third-party websites and in the search engine results of the Google search engine, as well as displaying third-party advertising on our website.

If an affected person reaches our website via a Google ad, a so-called conversion cookie is placed on the information technology system of the affected person by Google. What cookies are has already been explained above. A conversion cookie expires after thirty days and is not used to identify the affected person. The conversion cookie tracks, as long as it has not expired, whether certain subpages, for example the shopping cart of an online shop system, were accessed on our website. Through the conversion cookie, both we and Google can track whether an affected person who reached our website via an AdWords ad generated revenue, i.e., completed or aborted a purchase.

The data and information collected by using the conversion cookie are used by Google to create visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via AdWords ads, i.e., to determine the success or failure of the respective AdWords ad and to optimize our AdWords ads for the future. Neither our company nor other advertisers using Google AdWords receive information from Google that could identify the affected person.

Personal information, such as the websites visited by the affected person, is stored using the conversion cookie. Therefore, personal data, including the IP address of the internet connection used by the affected person, is transmitted to Google in the United States of America with each visit to our website. This personal data is stored by Google in the United States of America. Google may disclose this personal data collected through this technical process to third parties under certain circumstances.

The affected person can prevent the setting of cookies by our website at any time, as already described above, by configuring the internet browser used accordingly and thereby permanently object to the setting of cookies. Such a browser setting would also prevent Google from placing a conversion cookie on the information technology system of the affected person. Additionally, a cookie already set by Google AdWords can be deleted at any time via the internet browser or other software programs.

Furthermore, the affected person has the option to object to interest-based advertising by Google. To do so, the affected person must access the link www.google.de/settings/ads from each internet browser they use and make the desired settings there.

Further information and the applicable Google privacy policies can be accessed at https://www.google.de/intl/de/policies/privacy/.

10. Privacy Policy Regarding the Use of Instagram

The controller responsible for processing has integrated components of the Instagram service on this website. Instagram is a service qualified as an audiovisual platform that allows users to share photos and videos and also enables the further dissemination of such data on other social networks.

The operating company of Instagram’s services is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time one of the individual pages of this website, operated by the controller, which contains an Instagram component (Insta-button), is accessed, the internet browser on the information technology system of the affected person is automatically instructed by the respective Instagram component to download a representation of the corresponding Instagram component. As part of this technical process, Instagram obtains knowledge about which specific subpage of our website is visited by the affected person.

If the affected person is simultaneously logged into Instagram, Instagram recognizes with every visit to our website by the affected person, and throughout the entire duration of the visit, which specific subpage the affected person visits. This information is collected by the Instagram component and assigned by Instagram to the respective Instagram account of the affected person. If the affected person clicks on one of the Instagram buttons integrated on our website, the data and information transmitted in this context are assigned to the personal Instagram user account of the affected person and stored and processed by Instagram.

Instagram receives information via the Instagram component whenever the affected person visits our website if the affected person is logged into Instagram at the time of the visit; this occurs regardless of whether the affected person clicks on the Instagram component or not. If such transmission of information to Instagram is not desired by the affected person, they can prevent this transmission by logging out of their Instagram account before accessing our website.

Further information and the applicable privacy policies of Instagram can be accessed at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

11. Privacy Policy Regarding the Use of LinkedIn

The controller responsible for processing has integrated components of LinkedIn Corporation on this website. LinkedIn is an internet-based social network that enables users to connect with existing business contacts as well as to establish new business connections. Over 400 million registered people use LinkedIn in more than 200 countries. Thus, LinkedIn is currently the largest platform for business contacts and one of the most visited websites worldwide.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. For data protection matters outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

Each time our website, which contains a LinkedIn component (LinkedIn plug-in), is accessed, this component causes the browser used by the affected person to download a corresponding representation of the LinkedIn component. Further information on LinkedIn plug-ins can be accessed at https://developer.linkedin.com/plugins. As part of this technical procedure, LinkedIn gains knowledge of which specific subpage of our website is visited by the affected person.

If the affected person is simultaneously logged into LinkedIn, LinkedIn recognizes with each visit to our website by the affected person—and throughout the entire duration of the respective visit—which specific subpage of our website the affected person visits. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the affected person. If the affected person clicks on a LinkedIn button integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the affected person and stores this personal data.

LinkedIn receives information via the LinkedIn component whenever the affected person visits our website, provided that the affected person is logged into LinkedIn at the time of the visit; this happens regardless of whether the affected person clicks on the LinkedIn component or not. If such transmission of information to LinkedIn is not desired by the affected person, this transmission can be prevented by logging out of their LinkedIn account before accessing our website.

LinkedIn offers at https://www.linkedin.com/psettings/guest-controls the option to unsubscribe from email messages, SMS messages, and targeted advertisements as well as to manage advertisement settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, which may set cookies. Such cookies can be declined at https://www.linkedin.com/legal/cookie-policy. The applicable LinkedIn privacy policies can be accessed at https://www.linkedin.com/legal/privacy-policy. The LinkedIn cookie policy is available at https://www.linkedin.com/legal/cookie-policy

12. Privacy Policy Regarding the Use of Twitter

The controller responsible for processing has integrated components from Twitter on this website. Twitter is a multilingual, publicly accessible microblogging service where users can publish and share so-called Tweets, i.e., short messages limited to 280 characters. These short messages are accessible to everyone, including persons not registered with Twitter. The Tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow a user’s Tweets. Furthermore, Twitter allows addressing a wide audience through hashtags, links, or retweets.

The operating company of Twitter is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

With every call to one of the subpages of this website operated by the controller responsible, which contains a Twitter component (Twitter button), the internet browser on the information technology system of the affected person is automatically instructed by the respective Twitter component to download a representation of the corresponding Twitter component from Twitter. Further information about Twitter buttons can be found at https://about.twitter.com/de/resources/buttons. As part of this technical procedure, Twitter becomes aware of which specific subpage of our website is visited by the affected person. The purpose of integrating the Twitter component is to enable our users to share the content of this website further, to promote this website in the digital world, and to increase our visitor numbers.

If the affected person is logged into Twitter simultaneously, Twitter recognizes with each visit to our website by the affected person—and during the entire duration of the respective visit—which specific subpage of our website the affected person visits. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the affected person. If the affected person clicks one of the Twitter buttons integrated on our website, the data and information transmitted thereby are assigned to the personal Twitter user account of the affected person and stored and processed by Twitter.

Twitter receives information via the Twitter component whenever the affected person visits our website, provided that the affected person is logged into Twitter at the time of the visit; this occurs regardless of whether the affected person clicks on the Twitter component or not. If the affected person does not want such transmission of information to Twitter, they can prevent the transmission by logging out of their Twitter account before visiting our website.

The applicable Twitter privacy policies are available at https://twitter.com/privacy?lang=de

13. Datenschutzbestimmungen zu Einsatz und Verwendung von YouTube

Der für die Verarbeitung Verantwortliche hat auf dieser Internetseite Komponenten von YouTube integriert. YouTube ist ein Internet-Videoportal, dass Video-Publishern das kostenlose Einstellen von Videoclips und anderen Nutzern die ebenfalls kostenfreie Betrachtung, Bewertung und Kommentierung dieser ermöglicht. YouTube gestattet die Publikation aller Arten von Videos, weshalb sowohl komplette Film- und Fernsehsendungen, aber auch Musikvideos, Trailer oder von Nutzern selbst angefertigte Videos über das Internetportal abrufbar sind.

Betreibergesellschaft von YouTube ist die Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

Durch jeden Aufruf einer der Einzelseiten dieser Internetseite, die durch den für die Verarbeitung Verantwortlichen betrieben wird und auf welcher eine YouTube-Komponente (YouTube-Video) integriert wurde, wird der Internetbrowser auf dem informationstechnologischen System der betroffenen Person automatisch durch die jeweilige YouTube-Komponente veranlasst, eine Darstellung der entsprechenden YouTube-Komponente von YouTube herunterzuladen. Weitere Informationen zu YouTube können unter https://www.youtube.com/yt/about/de/ abgerufen werden. Im Rahmen dieses technischen Verfahrens erhalten YouTube und Google Kenntnis darüber, welche konkrete Unterseite unserer Internetseite durch die betroffene Person besucht wird.

Sofern die betroffene Person gleichzeitig bei YouTube eingeloggt ist, erkennt YouTube mit dem Aufruf einer Unterseite, die ein YouTube-Video enthält, welche konkrete Unterseite unserer Internetseite die betroffene Person besucht. Diese Informationen werden durch YouTube und Google gesammelt und dem jeweiligen YouTube-Account der betroffenen Person zugeordnet.

YouTube und Google erhalten über die YouTube-Komponente immer dann eine Information darüber, dass die betroffene Person unsere Internetseite besucht hat, wenn die betroffene Person zum Zeitpunkt des Aufrufs unserer Internetseite gleichzeitig bei YouTube eingeloggt ist; dies findet unabhängig davon statt, ob die betroffene Person ein YouTube-Video anklickt oder nicht. Ist eine derartige Übermittlung dieser Informationen an YouTube und Google von der betroffenen Person nicht gewollt, kann diese die Übermittlung dadurch verhindern, dass sie sich vor einem Aufruf unserer Internetseite aus ihrem YouTube-Account ausloggt.

Die von YouTube veröffentlichten Datenschutzbestimmungen, die unter https://www.google.de/intl/de/policies/privacy/ abrufbar sind, geben Aufschluss über die Erhebung, Verarbeitung und Nutzung personenbezogener Daten durch YouTube und Google.

14. Rechtsgrundlage der Verarbeitung

Art. 6 I lit. a DS-GVO dient unserem Unternehmen als Rechtsgrundlage für Verarbeitungsvorgänge, bei denen wir eine Einwilligung für einen bestimmten Verarbeitungszweck einholen. Ist die Verarbeitung personenbezogener Daten zur Erfüllung eines Vertrags, dessen Vertragspartei die betroffene Person ist, erforderlich, wie dies beispielsweise bei Verarbeitungsvorgängen der Fall ist, die für eine Lieferung von Waren oder die Erbringung einer sonstigen Leistung oder Gegenleistung notwendig sind, so beruht die Verarbeitung auf Art. 6 I lit. b DS-GVO. Gleiches gilt für solche Verarbeitungsvorgänge die zur Durchführung vorvertraglicher Maßnahmen erforderlich sind, etwa in Fällen von Anfragen zur unseren Produkten oder Leistungen.

Unterliegt unser Unternehmen einer rechtlichen Verpflichtung durch welche eine Verarbeitung von personenbezogenen Daten erforderlich wird, wie beispielsweise zur Erfüllung steuerlicher Pflichten, so basiert die Verarbeitung auf Art. 6 I lit. c DS-GVO. In seltenen Fällen könnte die Verarbeitung von personenbezogenen Daten erforderlich werden, um lebenswichtige Interessen der betroffenen Person oder einer anderen natürlichen Person zu schützen. Dies wäre beispielsweise der Fall, wenn ein Besucher in unserem Betrieb verletzt werden würde und daraufhin sein Name, sein Alter, seine Krankenkassendaten oder sonstige lebenswichtige Informationen an einen Arzt, ein Krankenhaus oder sonstige Dritte weitergegeben werden müssten. Dann würde die Verarbeitung auf Art. 6 I lit. d DS-GVO beruhen.

Letztlich könnten Verarbeitungsvorgänge auf Art. 6 I lit. f DS-GVO beruhen. Auf dieser Rechtsgrundlage basieren Verarbeitungsvorgänge, die von keiner der vorgenannten Rechtsgrundlagen erfasst werden, wenn die Verarbeitung zur Wahrung eines berechtigten Interesses unseres Unternehmens oder eines Dritten erforderlich ist, sofern die Interessen, Grundrechte und Grundfreiheiten des Betroffenen nicht überwiegen. Solche Verarbeitungsvorgänge sind uns insbesondere deshalb gestattet, weil sie durch den Europäischen Gesetzgeber besonders erwähnt wurden. Er vertrat insoweit die Auffassung, dass ein berechtigtes Interesse anzunehmen sein könnte, wenn die betroffene Person ein Kunde des Verantwortlichen ist (Erwägungsgrund 47 Satz 2 DS-GVO).

15. Berechtigte Interessen an der Verarbeitung, die von dem Verantwortlichen oder einem Dritten verfolgt werden

Basiert die Verarbeitung personenbezogener Daten auf Artikel 6 I lit. f DS-GVO ist unser berechtigtes Interesse die Durchführung unserer Geschäftstätigkeit zugunsten des Wohlergehens all unserer Mitarbeiter und unserer Anteilseigner.

16. Dauer, für die die personenbezogenen Daten gespeichert werden

Das Kriterium für die Dauer der Speicherung von personenbezogenen Daten ist die jeweilige gesetzliche Aufbewahrungsfrist. Nach Ablauf der Frist werden die entsprechenden Daten routinemäßig gelöscht, sofern sie nicht mehr zur Vertragserfüllung oder Vertragsanbahnung erforderlich sind.

17. Gesetzliche oder vertragliche Vorschriften zur Bereitstellung der personenbezogenen Daten; Erforderlichkeit für den Vertragsabschluss; Verpflichtung der betroffenen Person, die personenbezogenen Daten bereitzustellen; mögliche Folgen der Nichtbereitstellung

Wir klären Sie darüber auf, dass die Bereitstellung personenbezogener Daten zum Teil gesetzlich vorgeschrieben ist (z.B. Steuervorschriften) oder sich auch aus vertraglichen Regelungen (z.B. Angaben zum Vertragspartner) ergeben kann. Mitunter kann es zu einem Vertragsschluss erforderlich sein, dass eine betroffene Person uns personenbezogene Daten zur Verfügung stellt, die in der Folge durch uns verarbeitet werden müssen. Die betroffene Person ist beispielsweise verpflichtet uns personenbezogene Daten bereitzustellen, wenn unser Unternehmen mit ihr einen Vertrag abschließt. Eine Nichtbereitstellung der personenbezogenen Daten hätte zur Folge, dass der Vertrag mit dem Betroffenen nicht geschlossen werden könnte. Vor einer Bereitstellung personenbezogener Daten durch den Betroffenen muss sich der Betroffene an einen unserer Mitarbeiter wenden. Unser Mitarbeiter klärt den Betroffenen einzelfallbezogen darüber auf, ob die Bereitstellung der personenbezogenen Daten gesetzlich oder vertraglich vorgeschrieben oder für den Vertragsabschluss erforderlich ist, ob eine Verpflichtung besteht, die personenbezogenen Daten bereitzustellen, und welche Folgen die Nichtbereitstellung der personenbezogenen Daten hätte.

18. Bestehen einer automatisierten Entscheidungsfindung

Als verantwortungsbewusstes Unternehmen verzichten wir auf eine automatische Entscheidungsfindung oder ein Profiling.

Entwickelt von den Legal Tech Spezialisten von Willing & Able, die auch das System für das digitale Verzeichnis von Verarbeitungstätigkeiten entwickelt haben. Die Texte des Datenschutzerklärungs-Generators wurden von Prof. Dr. h.c. Heiko Jonny Maniero und Rechtsanwalt Christian Solmecke erstellt und publiziert.