Data Protection: Our Privacy Policy

Thank you for visiting our website. We will inform you with the following privacy policy on how personal data when visiting the website https://www.prosoft.net/ are processed.

 

Effective: 24.05.2018

The protection of personal data is very important to us. The use of our website is basically possible without providing personal data. However, if you wish to use the offer of our website, the processing of personal data may be required. If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject.


The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always in accordance with the current Federal Data Protection Act (BDSG), effective from 25.05.2018 effective EU data protection regulation (DSGVO) and the TMG.                                
With this privacy policy, we would like to inform about the type, scope and purpose of the personal data processed by us and to inform affected persons about the rights to which they are entitled.

Our company has implemented numerous technical and organizational measures to ensure the most complete protection of processed personal data. Nevertheless, Internet-based data transmissions can in principle have security gaps so that absolute protection can not be guaranteed.

I. Definitions

Our privacy policy is based on the GDPR and should be easy to read and understand. To ensure this, we explain in advance the terms used:

1. Personal Data

Personal data means' any information relating to an identified or identifiable natural person ('the data subject'); a natural person is considered as identifiable, which can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, the expression of the physical , physiological, genetic, psychological, economic, cultural or social identity of that natural person "(Article 4 (1) GDPR).

2. Affected Person

Affected person is any identified or identifiable natural person whose personal data is processed by the controller.

3. Processing

Processing means any process or series of operations related to personal data, such as collecting, collecting, organizing, organizing, storing, adapting or modifying, reading, querying, using, with or without the help of automated procedures; the disclosure by transmission, dissemination or any other form of provision, reconciliation or linking, limitation, erasure or destruction (Article 4 (2) GDPR).

4. Restriction of processing

Restriction of the processing is the marking of stored personal data with the aim to restrict their future processing (kind 4 No. 3 GDPR).

5. Profiling

Profiling is any type of automated processing of personal data, which involves using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects related to job performance, economic condition, health, personal preferences To analyze or predict interests, reliability, behavior, whereabouts or change of location of this natural person (Art. 4 No. 4 GDPR).

6. Pseudonymization

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the need for additional information (Article 4 (5) GDPR). This additional information will be kept separate, subject to technical and organizational measures, thus ensuring that the personal data is not assigned to an identified or identifiable natural person.

7. Responsible

The person responsible is the natural or legal person, public authority, body or other body that, alone or in concert with others, decides on the purposes and means of processing personal data. (Art. 4 No. 7 GDPR)

8. Processors

The processor is a natural or legal person, public authority, body or body that processes personal data on behalf of the controller (Article 4 (8) GDPR)

9. Receiver

Recipient is a natural or legal person, agency, agency or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered to be recipients (Article 4 (9) GDPR).

10. Third

Third is a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons empowered under the direct responsibility of the controller or processor to process the personal data (Article 4 No. 10 DSGVO).

11. Consent

Consent is any voluntarily given and unambiguously expressed in the form of a statement or other unambiguous confirmatory act by the data subject for the particular case in which the data subject indicates that they consent to the processing of the personal data concerning him or her is (Art. 4 No. 11 GDPR).

II. Responsible

The person responsible within the meaning of the basic data protection regulation and other national data protection laws of the member states as well as other data protection regulations is the:

prosoft EDV-Lösungen GmbH & Co. KG
Walhallastraße 16
D-93083 Regensburg-Obertraubling


Phone: +49 9401 88 007-0
Fax: +49 9401 88 007-200
Email: support (at) prosoft.net
www.prosoft.net
 

III. Data Protection Officer

Sie erreichen unseren Datenschutzbeauftragten unter folgenden Kontaktdaten:

prosoft EDV-Lösungen GmbH & Co. KG
Walhallastraße 16
D-93083 Regensburg-Obertraubling


Phone: +49 9401 88 007-0 
Fax: +49 9401 88 007-200
Email: datenschutz (at) prosoft.net
www.prosoft.net

IV. Provision of the website

1. Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer.

The following data is collected here:

  • Operating system of the user
  • Internet service provider of the user
  • IP address of the user
  • Date and time of access
  • Websites from which the system of the user comes to our website
  • Websites that are accessed by the user's system through our website
  • retrieved file
  • Amount of data sent

The legal basis for the temporary storage of data is Article 6 (1) (f). DSGVO.

2. The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user's IP address must be kept for the duration of the session. For these purposes, our legitimate interest lies in Art. 6 para. 1 lit. f DSGVO.

3. The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of collecting the data for providing the website, this is the case when the respective session is completed.

4. The collection of the data for the provision of the website is mandatory for the operation of the website, therefore there is no contradiction on the part of the user.

V. Logfiles

1. The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place. The legal basis for the application of log files is Art. 6 para. 1 lit. f DSGVO.

2. Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. For these purposes, our legitimate interest in the processing of data pursuant to Art. 6 para. 1 lit. f DSGVO.

3. The data in the log files will be deleted at the latest after seven days. An additional storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

4. The storage of the data in log files is essential for the operation of the website. Therefore, there is no right of objection on the part of the user.

VI. Cookies

1. Our website uses cookies. Cookies are text files that are stored in the Internet browser or the Internet browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.

We use different cookies on our website. Some of the cookies we use are deleted after the end of the browser session, ie after closing your browser (so-called session cookies). Other cookies remain on the device and allow us to recognize your browser the next time you visit it (so-called persistent cookies).                                                                                                                                                                                                                                                            
We use the following types of cookies: necessary cookies, which are necessary for the operation of our website; Analysis cookies, which allow us to anonymously collect data about the usage behavior of our visitors; functional cookies required for certain functions on our website; Targeting cookies that track your visit to our website, the individual webpages you have visited and the links you have made; Third party cookies, which are cookies set by our affiliates, which are temporary cookies that automatically delete after the specified time (usually a few days).

2. The legal basis for the processing of personal data using cookies is Article 6 (1) lit. f DSGVO

3. The use of cookies is for the purpose of simplifying the use of the website for our users and increasing the attractiveness of our website. This also includes our legitimate interest in the processing of personal data pursuant to Art. 6 lit. f DSGVO.

4. Cookies are stored on the computer of the user and transmitted by this on our side. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all the functions of the website to the full.

VII. Social-Media-Plugin  - Twitter - Button

a) On our website functions of the service Twitter are integrated. Provider of these features is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.                                                                                                                                                                                                                              
We use the two-click solution as part of the use of social media plugins.                                                                                                                                            
When visiting our website, a deactivated button appears; In this state, no personal information is sent to Twitter. The user can activate the button by clicking. In this case, a direct connection between the user's browser and the Twitter server is established via the plugin. As a result, in particular the IP address of the user is transmitted to Twitter. If the user then confirms, for example, the function "re-tweet", the websites visited by him are linked to his Twitter account and made known to other users. There is also a data transfer to Twitter.


We point out that as a mere provider of our website we are not aware of the content of these data and their use by Twitter. However, please refer to the Twitter Privacy Policy at http://twitter.com/privacy for more information. Under the following link you can change your privacy settings on Twitter: http://twitter.com/account/settings.

b) The legal basis for the use of the Twitter plug-ins in the context of the two-click solution with prior consent is Art. 6 para. 1 lit. a GDPR.

c) The purpose of using the Twitter plugin is to increase the efficiency of our website and increase its user-friendliness.

d) If you want to prevent Twitter from assigning the visit to our page to your Twitter profile, please log out with your Twitter profile after becoming aware of this privacy policy. 

VIII. Google Analytics

1. This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google also uses cookies through our website. Google Analytics also uses cookies that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.                                                                                                                                                                                                                                                   
On this website Google Analytics has been extended by the code "grt._anonymizeIP ();" in order to guarantee an anonymized collection of IP addresses.

By activating IP anonymisation on our website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.                                                                                                                                                                                        
Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services related to use and internet usage. Google may also transfer this information to third parties if required by law or if third parties process this data on behalf of Google. Google will never associate your IP address with other Google data. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data.

2. The legal basis for the use of the website analytics services Google Analytics is Art. 6 para. 1 lit. f DSGVO. The use of cookies by Google is in accordance with Art. 6 para. 1 lit. f DSGVO admissible.

3. The purpose of using Google's web analytics services and cookies is to increase the efficiency of our website through a perfected analysis of user behavior in order to fully meet the interests and needs of our users. This is also our legitimate interest in data processing according to Art. 6 lit. f DSGVO.

4. You can prevent Google from storing cookies by setting your browser software accordingly; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. You can also prevent the use of Google Analytics, ie the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google, by using the download and install the following link (http://tools.google.com/dlpage/gaoptout?hl=de) available browser plugin. 

IX. Google DoubleClick-Cookie

1. Our website also uses the so-called DoubleClick cookie when using Google Analytics. This allows you to recognize your browser when visiting other websites, which will then communicate prosoft advertising. So if you visit Google's partner sites, you'll also see ads from our website on these websites.                                                                                                                                                                                                                                                           
The information generated by the cookie about visiting our website is transmitted to and stored by Google on servers in the United States. The IP address will be truncated by activating IP anonymization on our website prior to transmission to member states of the European Union or other parties to the Agreement on the European Economic Area. The anonymized IP address provided by Google Analytics within the framework of Google Analytics will not be merged with other data provided by Google.                                                                                                                                                        
Google uses this information to generate reports on website activity and to provide other website-related services. Google may also transfer this information to third parties if required by law or as far as third parties process this data on behalf of Google.

2. The legal basis for the use of the website analytics services Google Analytics is Art. 6 para. 1 lit. f DSGVO. The use of cookies by Google is in accordance with Art. 6 para. 1 lit. f DSGVO admissible.

3. The purpose of using Google's web analytics services and cookies is to increase the efficiency of our website through a perfected analysis of user behavior in order to fully meet the interests and needs of our users. This is also our legitimate interest in data processing according to Art. 6 lit. f DSGVO.

4. You can prevent Google from storing cookies by setting your browser software accordingly; however, we point out that in this case you may not be able to use all the functions of our website to the full extent. You can also prevent the use of Google Analytics, ie the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google, by using the Download and install the following link (http://tools.google.com/dlpage/gaoptout?hl=de) available browser plug-ins. 

X. Facebook Retargeting

1. When visiting our website, a cookie is set by Facebook that enables interest-based advertising by means of a pseudonymous cookie ID and based on the web pages you visit. So if you call a product on our website, a cookie is set. If you are logged in to Facebook at the same time, you will be shown advertisements for this product on your Facebook page.

2. The legal basis for the use of this cookie is Art. 6 (1) lit. f DSGVO.

3. The purpose of using this cookie is to increase the efficiency of our website and the user-friendly advertising in order to fully take into account the interests and needs of our users. This is also our legitimate interest in data processing according to Art. 6 lit. f DSGVO.

4. As a Facebook member, you can deactivate the Retargeting Cookie via this link.                                                                                                               Alternatively, you can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or exclude the acceptance of cookies for specific cases or in general. Failure to accept cookies may limit the functionality of our website.

XI. Use of Hubspot

1. We continue to use Hubspot for analysis. This is an integrated software solution that covers various aspects of our online marketing. Hubspot is certified under the EU-US Privacy Shield .                                                                                                                                                                                                  
It uses so-called "web beacons" and also "cookies" set, which are stored on your computer and allow an analysis of your use of the website by us. The collected information (e.g., IP address, geographic location, browser type, duration of visit, and pages accessed) is evaluated by Hubspot on behalf of us to generate reports about your visit and the pages visited.

For example, if you download documents or call up special offers, Hubspot will also be able to record your visits to our website personally via your additional information (including your name / e-mail address) and, if necessary, provide you with targeted information on topics that you prefer.          
When you visit our website without any use of the features offered, there is no use of Hubspot.

For more information about how Hubspot works, refer to Hubspot Inc.'s Privacy Policy at: http://legal.hubspot.com/de/privacy-policy

2. Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. f DSGVO.

3. Hubspot is used exclusively to optimize our marketing activities and thus to increase the efficiency and user-friendliness of our website. The use of Hubspot is just to analyze the interests of the website user and to offer this a specially tailored to his interests representation of our website. This in turn increases the user-friendliness of our website. This is also our legitimate interest within the meaning of Art. 6 para. 1 f DSGVO.

4. If you generally do not want to be registered by Hubspot, you can prevent the storage of cookies at any time by your browser settings.

XII. Contact form and e-mail contact

1. On our website a contact form is available, which can be used for the electronic contact as well as for the agreement of an appointment or a presentation. If a user realizes this option, the data entered in the input mask will be transmitted to us and saved. These data are:

- Name of contact person

- Company

- E-Mail uand postal address

- Optionally, a phone number can also be specified.                                                                                                                                                                                
For the processing of the data in the context of the sending process your consent is obtained and referred to this privacy statement.                               
During the sending process further personal data, in particular the IP address of the user, are collected and stored on our part.

Alternatively, you can contact us via the e-mail address provided on the website. In this case, the user's personal data transmitted by e-mail will be stored.                                                                                                                                                                                                                                                               
In connection with the contact via e-mail or contact form, there is no disclosure of the data to third parties. The data will be used exclusively to process the conversation or to agree on an appointment or presentation.

2. Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. a GDPR.

The legal basis for the processing of the data transmitted in the course of sending an e-mail or sending the contact form is Art. 6 para. 1 lit. f DSGVO. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.

3. The processing of the personal data from the respective input mask serves us only for the processing of the contact or the agreement of an appointment or a presentation. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.           
The other personal data processed during the sending process, in particular the IP address of the user, serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data from the respective input form of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended or the appointment or presentation agreement has been concluded. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

The additional personal data collected during the sending process will be deleted immediately.                                                                                                  
The user has the possibility at any time to revoke his consent to the processing of the personal data. If the user contacts us by e-mail, he may object to the storage of his personal data at any time. In such a case, the conversation can not continue. All personal data stored in the course of contacting will be deleted in this case.

XIII. Live-Chat

1. We offer on our website the possibility to use a live chat. In that regard, it is necessary that the user gives his name and his e-mail address. These data are transmitted to us and stored on our part. A transfer of the data to third parties does not take place.

During the sending process of each message further personal data, in particular the IP address of the user, are collected and stored by us.

For the processing of the data, your consent is obtained as part of the sending of the first message and reference is made to this Privacy Policy.

2. Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. a GDPR. The legal basis for the processing of the data transmitted in the course of sending the respective message is Art. 6 para. 1 lit. f DSGVO.

3. The purpose of the data processing is the performance of the live chat that you have started and, ultimately, the answering of your questions or suggestions in connection with our website. The other personal data processed during the sending process, in particular the IP address of the user, serve to prevent misuse of the input mask and to ensure the security of our information technology systems.

4. The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data from the live chat, this is the case when the conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

The additional personal data collected during the sending process will be deleted immediately.

The user has the possibility at any time to revoke his consent to the processing of the personal data. In such a case, the conversation can not continue. All personal data stored in the course of contacting will be deleted in this case.

XIV. Order form, white papers and webinars

1. On our website we offer the possibility to test some of our software solutions free of charge for 30 days, to download whitepapers for free and to book webinars. In order to use one of these offers, it is necessary to enter your company, name, position, telephone number and e-mail address in the appropriate field and then click on the "Submit" or "Subscribe" button. click.

For the processing of the data in the context of the sending process your consent is obtained and referred to this privacy statement.

A transfer of the data does not take place. The information collected on our part is processed solely for the provision of the ordered software, the whitepaper or the booking of the webinar as well as for our own marketing purposes.

During the sending process further personal data, in particular the IP address of the user, are collected and stored on our part.

2. Legal basis for the processing of the data is in the presence of the consent of the user Art. 6 para. 1 lit. a GDPR. The legal basis for the use of personal data for marketing purposes is also Art. 6 para. 1 lit. f DSGVO. The legal basis for the data collected during the mailing process is Art. 6 para. 1 lit. f DSGVO. Since the collection of data in each case for the fulfillment of a contract or for the implementation of pre-contractual measures is required, the legal basis is also Art. 6 para. 1 lit. b DSGVO.

3. The processing of the personal data from the input mask is to provide the software you have booked, the whitepaper or the order and participation in the Webinar and for your own marketing purposes. The purpose of data processing is thus the fulfillment of a contract or the implementation of pre-contractual measures for the use of our services. The use of the data for marketing purposes serves the purpose of informing the user about further products and services offered on our part, thereby increasing the efficiency and user-friendliness of our website as well as our products and services. This also includes our legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

The other personal data processed during the sending process, in particular the IP address of the user, serve to prevent misuse of the input mask and to ensure the security of our information technology systems. This is also our legitimate interest within the meaning of Art. 6 para. 1 f DSGVO.

4. The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data needed to book our free software, this is the case when the service period of 30 days ends, the user finally renounces the further use of the software and the sales process is completed. If the user decides to use the tested software permanently, a longer storage of the data may be required. However, the user will be informed separately in this case.

The data collected in connection with the download of a whitepaper will be deleted as soon as the download and the marketing measures have been completed. The data for booking a webinar will be deleted once the webinar has been completed and the marketing efforts completed.

The additional personal data collected during the sending process will be deleted immediately.

XIII. Online application

1. On our website we have a link, among which we also offer the opportunity to apply for vacancies online. In the context of this procedure the necessary data for the application, such as name, first name, place of residence, address. Curriculum vitae, certificates, etc. collected and stored by us.

In the context of the online application the explicit consent of the user for data processing is obtained.

The data will be deleted as soon as they are no longer needed for the application process.

2. The legal basis for data processing is Art. 6 para. 1 lit. a GDPR. Since data collection is also carried out for the purpose of carrying out pre-contractual measures, Art. 6 para. 1 lit. b DSGVO Legal basis.

3. The purpose of data processing is to make the application process more effective and faster.

XIV. Comments function

1. We offer on our website the possibility to leave comments on various blog posts. To do this, the name and e-mail address must be entered in the input mask. These personal data are stored and used by us exclusively in connection with the publication of the respective comment. A passing on to third does not take place.

During the sending process further personal data, in particular the IP address of the user, are collected and stored on our part.

2. The legal basis for processing the data collected in connection with the commentary on a contribution is Art. 6 para. 1 lit. f DSGVO. The legal basis for the data collected during the mailing process is also Art. 6 para. 1 lit. f DSGVO.

3. The purpose of the processing of personal data from the input mask is exclusively for the publication of the commentary. Providing a comment function enhances the attractiveness of our website, as it allows the user to post his or her opinion or concerns or directly to the individual posts. This also includes our legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO.

The other personal data processed during the sending process, in particular the IP address of the user, serve to prevent misuse of the input mask and to ensure the security of our information technology systems. This is also our legitimate interest within the meaning of Art. 6 para. 1 f DSGVO.

4. The data will be deleted as soon as it is no longer necessary for the purpose of its collection. This is the case if the comment is taken offline or if you delete the comment yourself.

The additional personal data collected during the sending process will be deleted immediately.

XV. Newsletter shipping

1. Furthermore, every user of our website has the option of subscribing to our newsletter by entering his e-mail address in the form provided, selecting the type of information required and clicking on the "Submit" button.

The data provided by the user are stored on our part and used exclusively to send the newsletter to the selected topic. A transfer of the data to third parties does not take place.

In addition, in the course of the newsletter registration, an explicit consent of the user is obtained.

The data will be deleted as soon as the user unsubscribes from the newsletter or retrieves his consent form.

2. The legal basis for data processing is Art. 6 para. 1 lit. a GDPR.

3. The purpose of the data processing lies in the comprehensive information of the user on the topics chosen by him and thus also serves to simplify the use of our website.

XVI. Booking a Seminar

1. On our website we also offer the possibility to book individual seminars for a fee. In order to make such a booking, it is necessary to enter your contact details in the appropriate input mask. These data are:

- First an Last Name 

- E-mail address

- Phone number 

- Postal address

The data processing takes place insofar exclusively for the purpose of processing the order. A transfer of the data to third parties does not take place.

If you choose direct debit, payment by PayPal or credit card as the payment method, you will still need to provide your bank details or other payment details. Your payment details will be forwarded to our bank or PayPal to process the payment.

At the time of sending the order, the following data will also be stored:

- IP address of the user

- Date

- Time of order

2. The legal basis for data processing in the course of ordering an article offered in the webshop is Art. 6 para. 1 lit. b DSGVO, since the collection and storage is necessary for entering into and executing a contractual relationship or for carrying out pre-contractual measures. The same applies to the specification of your payment data and their transfer to PayPal or our bank.

The legal basis for the personal data processed in the course of sending the order form is Art. 6 para. 1 f DSGVO.

3. The purpose of the collection of data from the order form is the execution or preparation of a contractual relationship.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. This is also our legitimate interest within the meaning of Art. 6 para. 1 f DSGVO.

4. The data will be deleted as soon as it is no longer necessary to achieve the purpose of its processing. This is the case for the fulfillment of a contract or the implementation of pre-contractual measures if the data is no longer required for the execution of the contract. Even after the contract has been executed, there may be a need to store personal data in order to comply with contractual or legal obligations. As a user, you have the option to change the stored data at any time. If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion or modification of the data is only possible, unless contractual or legal obligations preclude deletion or modification.

XVII. Information about rights of data subjects

If personal data is processed by you, you are a victim in the sense of the GDPR and you have the following rights towards the person responsible:

1. Right to information

You may request confirmation as to whether personal information concerning you is being processed by us.

If such processing is available, you can request information via the following information:

(1) the purposes for which the personal data are processed;

(2) the categories of personal data that are processed;

(3) the recipients or the categories of recipients to whom the personal data relating to you have been or will be disclosed;

(4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;

(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;

(6) the existence of a right of appeal to a supervisory authority;

(7) all available information on the source of the data if the personal data is not collected from the data subject;

(8) the existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and - at least in these cases - meaningful information about the logic involved, and the scope and intended impact of such processing on the data subject.

You have the right to request information about whether the personal data relating to you are transferred to a third country or to an international organization. In this connection, you can request the appropriate guarantees in accordance with. Art. 46 GDPR in connection with the transfer.

2. Right to rectification

You have a right to rectification and / or completion to the controller, if the personal data you process is incorrect or incomplete. The responsible person must make the correction without delay.

3. Recht to restriction of processing

You may request the restriction of the processing of your personal data under the following conditions:

(1) if you contest the accuracy of your personal information for a period of time that enables the controller to verify the accuracy of your personal information;n;

(2) the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data;

(3) the controller no longer requires personal data for the purposes of processing, but you need them for the purposes of asserting, exercising or defending legal claims, or

(4) if you objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the person responsible prevail over your reasons.

If the processing of personal data concerning you has been restricted, this data may only be used with your consent or for the purposes of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest Union or a Member State.

If the limitation of the processing after the o.g. If conditions are restricted, you will be informed by the person in charge before the restriction is lifted.

4. Right to delete

a) Deletion obligations

You may require the controller to delete your personal information without delay, and the controller is required to delete that data immediately if one of the following is true:

(1) Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.

(2) You revoke your consent to the processing gem. Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. DSGVO and there is no other legal basis for processing.

(3) You gem gem. Art. 21 para. 1 DSGVO objection to the processing and there are no prior justifiable reasons for the processing, or you lay gem. Art. 21 para. 2 DSGVO Opposition to processing.

(4) Your personal data has been processed unlawfully.

(5) The deletion of personal data concerning you is required to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.

(6) The personal data concerning you were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

b) Information to third parties

If the person in charge has made the personal data concerning you public and is acc. Article 17 (1) of the GDPR, it shall take appropriate measures, including technical means, to inform data controllers who process the personal data that you have been identified as being affected, taking into account available technology and implementation costs Persons requesting deletion of all links to such personal data or of copies or replications of such personal data.

c) Exceptions

The right to erasure does not exist if the processing is necessary

(1) to exercise the right to freedom of expression and information;

(2) to fulfill a legal obligation required by the law of the Union or of the Member States to which the controller is subject, or to carry out a task of public interest or in the exercise of official authority conferred on the controller;

(3) for reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) GDPR;

(4) or archival purposes of public interest, scientific or historical research purposes or for statistical purposes acc. Article 89 (1) GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of that processing, or

(5) to assert, exercise or defend legal claims.

5. Recht to information

If you have the right of rectification, erasure or restriction of processing to the controller, he / she is obliged to notify all recipients to whom your personal data have been disclosed of this correction or deletion of the data or restriction of processing, unless: this proves to be impossible or involves a disproportionate effort.

You have a right to the person responsible to be informed about these recipients.

6. Right to data portability

You have the right to receive personally identifiable information you provide to the controller in a structured, common and machine-readable format. You also have the right to transfer this information to another person without hindrance by the controller to whom the personal data has been provided, provided that

(1) the processing on a consent acc. Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a DSGVO or on a contract acc. Art. 6 para. 1 lit. b DSGVO is based and

(2) the processing is done using automated procedures.

In exercising this right, you also have the right to obtain that your personal data relating to you are transmitted directly from one person to another, insofar as this is technically feasible. Freedoms and rights of other persons may not be affected.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the controller.

7. Right of objection

You have the right at any time, for reasons that arise from your particular situation, against the processing of your personal data, which pursuant to Art. 6 para. 1 lit. e or f DSGVO takes an objection; this also applies to profiling based on these provisions.

The controller will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

Regardless of Directive 2002/58 / EC, you have the option, in the context of the use of information society services, of exercising your right to opt-out by means of automated procedures that use technical specifications.

You also have the right, for reasons arising from your particular situation, to object to the processing of your personal data concerning you for scientific or historical research purposes or for statistical purposes under Article 89 (1) of the GDPR Unless the processing is necessary to fulfill a public interest task.

8. Right to revoke the data protection consent declaration

You have the right to revoke your data protection declaration at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

9. Automated decision on an individual basis including profiling 

You have the right not to be subjected to a decision based solely on automated processing - including profiling - that will have legal effect or similarly affect you in a similar manner. This does not apply if the decision

(1) is required for the conclusion or performance of a contract between you and the controller,

(2) is permissible on the basis of Union or Member State legislation to which the controller is subject and where such legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or

(3) with your express consent.

However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g and reasonable measures have been taken to protect the rights and freedoms and your legitimate interests.

With regard to the cases referred to in (1) and (3), the person responsible shall take appropriate measures to uphold the rights and freedoms and their legitimate interests, including at least the right to obtain the intervention of a person by the controller, to express his / her own position and heard on challenge of the decision.

10. Reight to complain to a supervisory authority 

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of its place of residence, employment or the place of the alleged infringement, if you believe that the processing of the personal data concerning you is against the DSGVO violates.

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.