Data protection
I am very happy about your interest in my site. Data protection is particularly important to me. Use of the website is generally possible without providing any personal data. If a person concerned wants to use special services from me via my website, However, processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, I generally get the consent of the data subject.
The processing of personal data, for example the name, the address, Email address or phone number of a data subject, always takes place in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to Sandra Zuerlein. With this privacy policy I would like to inform the public about Art, The scope and purpose of the data collected by us, inform used and processed personal data. Furthermore, data subjects are informed about their rights by means of this data protection declaration.
Sandra Zuerlein, as the controller, has implemented numerous technical and organizational measures, to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to do so, personal data also in alternative ways, for example by phone, to send to me.
1. Definitions
Sandra Zuerlein's data protection declaration is based on the terminology, by the European directives- and regulators when adopting the General Data Protection Regulation (DS-GVO) were used. Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
In this data protection declaration, we use the following terms, among others:
a) personal data
Personal data is all information, referring to an identified or identifiable natural person (hereinafter referred to as "data subject") Respectively. A natural person is considered to be identifiable, the directly or indirectly, in particular by assigning an identifier such as a name, to an identification number, to location data, to an online identifier or to one or more special features, the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, can be identified.
b) affected person
Affected person is every identified or identifiable natural person, whose personal data are processed by the controller.
c) processing
Processing is any process carried out with or without the help of automated processes or any such series of processes in connection with personal data such as collection, the grasping, the organization, organizing, the storage, the adjustment or change, the reading, querying, the usage, disclosure by transmission, Dissemination or other form of delivery, the match or link, the restriction, the deletion or the annihilation.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim, restrict their future processing.
e) Profiling
Profiling is any type of automated processing of personal data, that is, that this personal data is used, about certain personal aspects, that refer to a natural person, to rate, in particular, about aspects related to work performance, economic situation, health, personal preferences, Interests, reliability, behavior, Analyze or predict the location or change of location of this natural person.
f) Pseudonymisierung
Pseudonymization is the processing of personal data in one way, to which the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures, that ensure, that the personal data are not assigned to an identified or identifiable natural person.
g) Controller or controller
The person responsible or responsible for processing is the natural or legal person, authority, Facility or other body, who alone or together with others decides on the purposes and means of processing personal data. Are the purposes and means of this processing prescribed by Union law or the law of the Member States, for example, the controller or the specific criteria for naming them can be provided in accordance with Union law or the law of the member states.
h) Processors
The processor is a natural or legal person, authority, Facility or other body, the personal data processed on behalf of the person responsible.
i) receiver
The recipient is a natural or legal person, authority, Facility or other body, the personal data are disclosed, independently of, whether it is a third party or not. Authorities, who may receive personal data as part of a specific investigation mandate under Union law or the law of the Member States, however, are not considered recipients.
j) Third
Third party is a natural or legal person, authority, Institution or other body other than the data subject, the person responsible, the processor and the people, which are authorized under the direct responsibility of the person responsible or the processor, to process the personal data.
k) consent
Consent is any declaration of intent made by the data subject voluntarily for the specific case in an informed manner and unequivocally in the form of a declaration or another clear confirming action, with which the data subject gives an understanding, that they consent to the processing of their personal data.
2. Name and address of the controller
Responsible in the sense of the general data protection regulation, other data protection laws applicable in the member states of the European Union and other provisions with data protection character is:
Sandra Zuerlein
Ahornweg 1
55442 Stromberg
Germany
Tel.: 01736501632
E-mail: sandra_zuerlein@web.de
Website: sandrazuerlein.de
3. Cookies
The websites of Sandra Zuerlein use cookies. Cookies are text files, which are stored and stored on a computer system via an Internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string, Which internet pages and servers can be assigned to the specific internet browser, in which the cookie was saved. This enables the websites and servers visited, the individual browser of the data subject from other internet browsers, that contain other cookies, to distinguish. A specific internet browser can be recognized and identified using the unique cookie ID.
By using cookies, Sandra Zuerlein can provide users of this website with more user-friendly services, that would not be possible without the cookie setting.
A cookie can be used to optimize the information and offers on our website in the interests of the user. Cookies enable us, As already mentioned, to recognize the users of our website. The purpose of this recognition is, to make it easier for users to use our website. The user of a website, which uses cookies, For example, you do not have to enter your access data every time you visit the website, because this is done by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping cart in the online shop. The online shop remembers the items, that a customer has placed in the virtual shopping cart, via a cookie.
The data subject can prevent the setting of cookies by our website at any time by making the appropriate setting in the internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time using an Internet browser or other software programs. This is possible in all common internet browsers. The person concerned deactivates the setting of cookies in the internet browser used, Under certain circumstances, not all functions of our website can be used to their full extent.
4. Collection of general data and information
The website of Sandra Zuerlein collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the log files of the server. The can be recorded (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website, from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, which are controlled via an accessing system on our website, (5) the date and time of access to the website, (6) an internet protocol address (IP Address), (7) the Internet service provider of the accessing system and (8) other similar data and information, which serve to avert danger in the event of attacks on our information technology systems.
When using this general data and information, Sandra Zuerlein does not draw any conclusions about the person concerned. Rather, this information is needed, one (1) deliver the content of our website correctly, (2) optimize the content of our website and the advertising for it, (3) to guarantee the permanent functionality of our information technology systems and the technology of our website and (4) to provide law enforcement agencies with the information necessary for law enforcement in the event of a cyber attack. This anonymously collected data and information is therefore evaluated statistically by Sandra Zuerlein and also with the aim, to increase data protection and data security in our company, to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
5. Subscribe to our newsletter
On the website of Sandra Zuerlein, users are given the opportunity, to subscribe to our company's newsletter. Which personal data are transmitted to the data controller when the newsletter is ordered, results from the input mask used for this.
Sandra Zuerlein informs her customers and business partners about the company's offers at regular intervals by means of a newsletter. The newsletter of our company can generally only be received by the person concerned, if (1) the data subject has a valid email address and (2) the data subject registers for the newsletter. For legal reasons, a confirmation email will be sent to the email address entered by the data subject for the first time for sending the newsletter in a double opt-in procedure. This confirmation email is used for verification, whether the owner of the email address as the person concerned has authorized the receipt of the newsletter.
When registering for the newsletter, we also save those from the Internet service provider (ISP) assigned IP address of the computer system used by the person concerned at the time of registration as well as the date and time of registration. The collection of this data is required, to the(possible) To be able to understand the misuse of the email address of a data subject at a later point in time and therefore serves to provide legal protection for the controller.
The personal data collected when you register for the newsletter will only be used to send our newsletter. Subscribers to the newsletter could also be informed by email, if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes in the technical circumstances. The personal data collected as part of the newsletter service is not passed on to third parties. The person concerned can cancel the subscription to our newsletter at any time. Consent to the storage of personal data, which the person concerned has given us for sending the newsletter, can be revoked at any time. For the purpose of withdrawing consent, there is a corresponding link in every newsletter. There is also the possibility, to unsubscribe from the newsletter at any time directly on the website of the controller or to inform the controller in another way.
6. Newsletter-Tracking
Sandra Zuerlein's newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic, which is embedded in such emails, which are sent in HTML format, to enable log file recording and log file analysis. This enables a statistical evaluation of the success or failure of online marketing campaigns to be carried out. Sandra Zuerlein can see from the embedded tracking pixel, whether and when an email was opened by a data subject and which links in the email were accessed by the data subject.
Such personal data collected via the tracking pixels contained in the newsletters, are saved and evaluated by the controller, to optimize the sending of newsletters and to adapt the content of future newsletters even better to the interests of the person concerned. This personal data will not be passed on to third parties. Affected people are entitled at any time, the related one, to withdraw consent given via the double opt-in procedure. After revocation, this personal data will be deleted by the controller. Unsubscribing from receiving the newsletter automatically interprets Sandra Zuerlein as a revocation.
7. Comment function in the blog on the website
Sandra Zuerlein offers users on a blog, which is on the website of the controller, the possibility, leave individual comments on individual blog posts. A blog is a website, usually a publicly accessible portal, in which one or more people, called bloggers or web bloggers, Post articles or write down thoughts in so-called blog posts. The blog posts can usually be commented on by third parties.
If a person concerned leaves a comment on the blog published on this website, In addition to the comments left by the data subject, information about the time when the comment was entered and the user name chosen by the data subject (Pseudonym) saved and published. Furthermore, the Internet service provider (ISP) The IP address assigned to the data subject is also logged. The IP address is saved for security reasons and just in case, that the data subject violates the rights of third parties by posting a comment or posts illegal content. This personal data is therefore stored in the own interest of the person responsible for processing, so that he could possibly exculpate himself in the event of an infringement. The personal data collected is not passed on to third parties, unless such disclosure is required by law or serves to defend the data controller.
8. Subscription to comments in the blog on the website
The comments made on Sandra Zuerlein's blog can in principle be subscribed to by third parties. In particular, there is the possibility, that a commentator subscribes to the comments following a comment on a particular blog post.
If a data subject chooses the option, Subscribe to comments, the controller sends an automatic confirmation email, to check using the double opt-in procedure, whether the owner of the email address provided has opted for this option. The option to subscribe to comments can be terminated at any time.
9. Routine deletion and blocking of personal data
The controller processes and stores personal data of the data subject only for the period, which is necessary to achieve the storage purpose or if this is required by the European guidelines- and regulators or other legislators in laws or regulations, which the controller is subject to, was provided.
If the storage purpose is omitted or one of the European directives is running- and prescriber or another competent legislator prescribed retention period, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
10. Rights of the data subject
a) Right to confirmation
Every data subject has this from the European guidelines- and regulators granted right, to request confirmation from the controller, whether personal data concerning you are processed. A data subject would like to exercise this right of confirmation, it can contact an employee of the controller at any time.
b) Right to information
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, to receive free of charge information about the personal data stored about him and a copy of this information from the controller at any time. Furthermore, the European guidelines- and the legislator granted the data subject information about the following information:
the processing purposes
the categories of personal data, that are processed
the recipients or categories of recipients, to whom the personal data have been or are still being disclosed, especially for recipients in third countries or international organizations
if possible the planned duration, for which the personal data are stored, or, if this is not possible, the criteria for determining this duration
the existence of a right to correction or deletion of the personal data relating to them or to restriction of processing by the person responsible or a right to object to this processing
the right to lodge a complaint with a supervisory authority
if the personal data is not collected from the data subject: All available information about the origin of the data
the existence of automated decision making including profiling in accordance with the article 22 Paragraph 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject
The data subject also has the right to information about this, whether personal data has been transferred to a third country or to an international organization. If so, the data subject also has the right, Receive information about the appropriate guarantees in connection with the transmission.
A data subject would like to exercise this right to information, it can contact an employee of the controller at any time.
c) Right to rectification
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, to request the immediate correction of incorrect personal data concerning you. The data subject also has the right, considering the purposes of processing, to request the completion of incomplete personal data - also by means of a supplementary statement.
A data subject would like to exercise this right to correction, it can contact an employee of the controller at any time.
d) Right to cancellation (Right to be forgotten)
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, to request from the responsible person, that the personal data concerning them will be deleted immediately, if one of the following reasons applies and if the processing is not necessary:
The personal data was collected for such purposes or processed in some other way, for which they are no longer necessary.
The data subject withdraws their consent, on which the processing according to Art. 6 Abs. 1 Letter a GDPR or Art. 9 Abs. 2 Letter a GDPR was based, and there is no other legal basis for the processing.
In accordance with Art. 21 Abs. 1 GDPR to object to processing, and there are no overriding legitimate reasons for the processing, or the data subject submits in accordance with Art. 21 Abs. 2 GDPR to object to processing.
The personal data was processed illegally.
The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the member states, to which the person responsible is subject.
The personal data were collected in relation to information society services offered in accordance with Art. 8 Abs. 1 GDPR raised.
If one of the above reasons applies and a data subject deletes personal data, that are stored at Sandra Zuerlein, want to initiate, it can contact an employee of the controller at any time. The employee Sandra Zuerlein will do the job, that the request for deletion will be complied with immediately.
Has the personal data been made public by Sandra Zuerlein and is our company as the person responsible according to Art. 17 Abs. 1 GDPR obliged to delete personal data, This is how Sandra Zuerlein takes appropriate measures, taking into account the available technology and the implementation costs, also of a technical nature, other people responsible for data processing, which process the published personal data, to inform about it, that the data subject has asked these other persons responsible for data processing to delete all links to this personal data or copies or replications of this personal data, as far as processing is not necessary. The employee of Sandra Zuerlein will arrange the necessary in individual cases.
e) Right to restriction of processing
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, to request the controller to restrict processing, if one of the following conditions is met:
The data subject disputes the accuracy of the personal data, for a duration, that enables the person responsible, check the accuracy of the personal data.
The processing is unlawful, the data subject refuses to delete the personal data and instead requests that the use of the personal data be restricted.
The controller no longer needs the personal data for the purposes of processing, however, the data subject needs them to assert them, Exercise or defend legal claims.
The data subject has objected to processing in accordance with. Art. 21 Abs. 1 GDPR filed and it is not yet certain, whether the legitimate reasons of the person responsible outweigh those of the data subject.
If one of the above conditions is met and a data subject has the restriction of personal data, that are stored at Sandra Zuerlein, want to request, it can contact an employee of the controller at any time. The employee Sandra Zuerlein will arrange for the processing to be restricted.
f) Right to data portability
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, the personal data concerning them, which have been made available to a person responsible by the data subject, in a structured, to get common and machine-readable format. She also has the right, this data to another controller without hindrance from the controller, to whom the personal data has been provided, to transmit, if the processing is based on consent in accordance with Art. 6 Abs. 1 Letter a GDPR or Art. 9 Abs. 2 Letter a GDPR or on a contract in accordance with Art. 6 Abs. 1 Letter b GDPR is based and the processing is carried out using automated processes, unless the processing is necessary for the performance of a task, which is in the public interest or in the exercise of official authority, which has been transferred to the person responsible.
Furthermore, when exercising their right to data portability in accordance with Art. 20 Abs. 1 GDPR the right, to achieve, that the personal data is transferred directly from one controller to another controller, as far as this is technically feasible and provided that this does not affect the rights and freedoms of other people.
To assert the right to data portability, the data subject can contact an employee of Sandra Zuerlein at any time.
g) Right to object
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, for reasons, that arise from their particular situation, at any time against the processing of personal data concerning you, which, based on Art. 6 Abs. 1 Letters e or f GDPR, To file an objection. This also applies to profiling based on these provisions.
Sandra Zuerlein no longer processes the personal data in the event of an objection, unless, we can demonstrate compelling reasons worthy of protection for the processing, the interests, The rights and freedoms of the data subject predominate, or the processing serves to assert, Exercise or defend legal claims.
Processes Sandra Zuerlein personal data, to do direct mail, so the person concerned has the right, object to the processing of personal data for the purpose of such advertising at any time. This also applies to profiling, as far as it is connected with such direct mail. If the data subject objects to Sandra Zuerlein for processing for direct marketing purposes, so Sandra Zuerlein will no longer process the personal data for these purposes.
The data subject also has the right, for reasons, that arise from their particular situation, against the processing of personal data concerning them, that at Sandra Zuerlein for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Abs. 1 GDPR take place, To file an objection, unless, Such processing is necessary to fulfill a task in the public interest.
In order to exercise the right to object, the data subject can contact any Sandra Zuerlein employee or another employee directly. The data subject is also free to do so, related to the use of information society services, regardless of Directive 2002/58 / EC, exercise your right to object using automated procedures, where technical specifications are used.
h) Automated decisions in individual cases including profiling
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, not to be subjected to a decision based solely on automated processing - including profiling, which has legal effect or similarly significantly affects it, provided the decision (1) is not required for the conclusion or performance of a contract between the data subject and the person responsible, or (2) due to Union or Member State legislation, to which the person responsible is subject, is permissible and these legal provisions contain appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject or (3) with the express consent of the data subject.
Is the decision (1) required for the conclusion or performance of a contract between the data subject and the controller or (2) it takes place with the express consent of the data subject, Sandra Zuerlein takes appropriate measures, to protect the rights and freedoms as well as the legitimate interests of the data subject, including at least the right to have the person responsible intervene, heard your own point of view and contested the decision.
The data subject would like to assert rights in relation to automated decisions, it can contact an employee of the controller at any time.
i) Right to withdraw consent under data protection law
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, revoke your consent to the processing of personal data at any time.
If the data subject wishes to exercise their right to withdraw consent, it can contact an employee of the controller at any time.
11. Data protection regulations for the application and use of affilinet
The data controller has integrated components of affilinet on this website. Affilinet is a German affiliate network, which offers affiliate marketing.
Affiliate marketing is an internet-based form of distribution, which it commercial website operators, the so-called merchants or advertisers, enables, advertising, mostly via click- or sale commissions are paid, on third party websites, so with sales partners, which are also called affiliates or publishers, fade in. The merchant provides an advertising medium via the affiliate network, that is, an advertising banner or other suitable means of internet advertising, to disposal, which are subsequently integrated by an affiliate on their own website or via other channels, such as keyword advertising or email marketing, be advertised.
Affilinet is operated by affilinet GmbH, Sapporobogen 6-8, 80637 Munich, Germany.
Affilinet places a cookie on the information technology system of the data subject. What cookies are, has already been explained above. The Affilinet tracking cookie does not store any personal data. Only the affiliate's identification number is saved, that is, the partner mediating the potential customer, as well as the order number of the visitor to a website and the advertising material clicked. The purpose of storing this data is to process commission payments between a merchant and the affiliate, which via the affiliate network, also Affilinet, be handled.
The person concerned can set cookies through our website, as already shown above, Prevent at any time by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. This setting would also prevent the Internet browser used, Affilinet places a cookie on the data subject's information technology system. In addition, cookies already set by Affilinet can be deleted at any time via an internet browser or other software programs.
Affilinet's applicable data protection regulations can be found at https://www.affili.net/de/footeritem/datenschutz can be accessed.
12. Data protection regulations for the application and use of Facebook
The controller has integrated components of the Facebook company on this website. Facebook is a social network.
A social network is a social meeting point operated on the Internet, an online community, that users usually have, communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the internet community, provide personal or company-related information. Facebook enables users of the social network to create private profiles, among other things, uploading photos and networking via friend requests.
Facebook is operated by Facebook, Inc., 1 Hacker Way, Menlo Park, THAT 94025, USA. Is responsible for the processing of personal data, if a data subject lives outside of the United States or Canada, die Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a Facebook component (Facebook-Plug-In) was integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Facebook component, download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale = de_DE can be retrieved. Facebook receives knowledge of this as part of this technical process, Which specific subpage of our website is visited by the data subject.
If the person concerned is logged into Facebook at the same time, Facebook recognizes each time the data subject accesses our website and for the entire duration of their stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the person concerned. If the person concerned clicks one of the Facebook buttons integrated on our website, for example the "Like" button, or make a comment on the person concerned, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.
Facebook always receives information about this via the Facebook component, that the person concerned has visited our website, if the person concerned is logged in to Facebook at the same time as accessing our website; this takes place independently, whether the person concerned clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, can prevent the transmission, that she logs out of her Facebook account before accessing our website.
The data policy published by Facebook, the under https://de-de.facebook.com/about/privacy/ is available, provides information about the survey, Processing and use of personal data by Facebook. It also explains, Which setting options Facebook offers to protect the privacy of the data subject. Different applications are also available, that make it possible, suppress data transmission to Facebook. Such applications can be used by the data subject, to suppress data transmission to Facebook.
13. Data protection provisions on the use and use of functions of the Amazon partner program
The data controller has integrated Amazon components on this website as a participant in the Amazon partner program. The Amazon components were designed by Amazon with the aim, Customers via advertisements on different websites of the Amazon group, especially on Amazon.co.uk, Local.Amazon.co.uk, Amazon.de, BuyVIP.com, Amazon.fr, Amazon.it and Amazon.es. Mediate BuyVIP.com against payment of a commission. The controller can generate advertising revenue by using the Amazon components.
The operating company of these Amazon components is Amazon EU S.à.r.l, 5 Plaetis Street, L-2338 Luxembourg, Luxembourg.
Amazon places a cookie on the data subject's information technology system. What cookies are, has already been explained above. Each time you access one of the individual pages of this website, which is operated by the controller and on which an Amazon component has been integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Amazon component, To transmit data to Amazon for the purpose of online advertising and the settlement of commissions. As part of this technical process, Amazon gains knowledge of personal data, that serve Amazon, trace the origin of orders received by Amazon and subsequently enable commission billing. Among other things, Amazon can understand, that the person concerned has clicked on a partner link on our website.
The person concerned can set cookies through our website, as already shown above, Prevent at any time by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. This setting would also prevent the Internet browser used, that Amazon places a cookie on the data subject's information technology system. In addition, cookies already set by Amazon can be deleted at any time via an internet browser or other software programs.
Further information and the applicable data protection regulations of Amazon can be found at https://www.amazon.de/gp/help/customer/display.html?nodeId = 3312401.
14. Data protection regulations for the application and use of Google+
The controller has integrated the Google+ button as a component on this website. Google+ is a so-called social network. A social network is a social meeting point operated on the Internet, an online community, that users usually have, communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the internet community, provide personal or company-related information. Google+ allows users of the social network, among other things, to create private profiles, uploading photos and networking via friend requests.
Google+ is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, THAT 94043-1351, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a Google+ button has been integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Google+ button, download a representation of the corresponding Google+ button from Google. Google is made aware of this as part of this technical process, Which specific subpage of our website is visited by the data subject. More detailed information about Google+ is available at https://developers.google.com/+/ available.
If the person concerned is logged into Google+ at the same time, Google recognizes each time the data subject accesses our website and for the entire duration of their stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Google+ button and assigned by Google to the respective Google+ account of the person concerned.
If the person concerned clicks one of the Google + buttons integrated on our website and thus makes a Google + 1 recommendation, Google assigns this information to the personal Google+ user account of the data subject and stores this personal data. Google saves the data subject's Google +1 recommendation and makes it publicly available in accordance with the conditions accepted by the data subject. A Google +1 recommendation given by the data subject on this website will subsequently be used together with other personal data, such as the name of the Google +1 account used by the person concerned and the photo stored in this in other Google services, for example the search engine results of the Google search engine, the data subject's Google account or elsewhere, for example on websites or in connection with advertisements, saved and processed. Google is also able, to link the visit to this website with other personal data stored by Google. Google also records this personal information with the purpose, to improve or optimize the various Google services.
Google always receives information about this via the Google+ button, that the person concerned has visited our website, if the person concerned is logged into Google+ at the same time as accessing our website; this takes place independently, whether the person concerned clicks the Google+ button or not.
If the data subject does not want the transfer of personal data to Google, can prevent such a transmission, that she logs out of her Google+ account before visiting our website.
Further information and the applicable data protection regulations of Google can be found at https://www.google.de/intl/de/policies/privacy/ can be accessed. Further information from Google on the Google +1 button can be found at https://developers.google.com/+/web/buttons-policy.
15. Data protection regulations for the application and use of Instagram
The controller has integrated components of the Instagram service on this website. Instagram is a service, which is to be qualified as an audiovisual platform and enables users to share photos and videos and also to disseminate such data in other social networks.
Instagram is operated by Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, THAT, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which an Instagram component (Insta-Button) was integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Instagram component, download a representation of the relevant component from Instagram. Instagram receives knowledge of this as part of this technical process, Which specific subpage of our website is visited by the data subject.
If the person concerned is logged into Instagram at the same time, Instagram recognizes each time the data subject accesses our website and for the entire duration of their stay on our website, which specific subpage the data subject visits. This information is collected by the Instagram component and assigned to the respective Instagram account of the data subject by Instagram. If the person concerned clicks one of the Instagram buttons integrated on our website, the data and information transmitted in this way are assigned to the personal Instagram user account of the data subject and saved and processed by Instagram.
Instagram always receives information about this via the Instagram component, that the person concerned has visited our website, if the person concerned is logged into Instagram at the same time as accessing our website; this takes place independently, whether the person concerned clicks on the Instagram component or not. If the data subject does not want this information to be transmitted to Instagram in this way, can prevent the transmission, that she logs out of her Instagram account before visiting our website.
Further information and the applicable data protection regulations of Instagram can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.
16. Data protection regulations for the application and use of Shariff
The controller has integrated the Shariff component on this website. The Shariff component provides social media buttons, that are compliant with data protection. Shariff wurde für die deutsche Computerzeitschrift c't entwickelt und wird über die GitHub, Inc. published.
The component is developed by GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, THAT 94107, USA.
The button solutions provided by the social networks usually already transmit personal data to the respective social network, when a user visits a website, in which a social media button has been integrated. By using the Shariff component, personal data will only be transmitted to social networks, when the visitor of a website actively presses one of the social media buttons. Weitere Informationen zur Shariff-Komponente werden von der Computerzeitschrift c't unter http://www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-c-t-Shariff-ist-im-Einsatz-2470103.html available. The use of the Shariff component has the purpose, to protect the personal data of visitors to our website and to enable us at the same time, integrate a button solution for social networks on this website.
Further information and the applicable data protection regulations of GitHub can be found at https://help.github.com/articles/github-privacy-policy/.
17. Data protection regulations for the application and use of Tumblr
The controller has integrated Tumblr components on this website. Tumblr is a platform, that enables users, create and run a blog. A blog is a website, usually a publicly accessible portal, in which one or more people, called bloggers or webloggers, Post articles or write down thoughts in so-called blog posts. In a blog on Tumblr, the user can, for example, texts, photos, Publish links and videos and distribute them in digital space. Tumblr users can also add content from other websites to their own blog.
Tumblr is operated by Tumblr, Inc., 35 East 21st St, Ground Floor, New York, NEW 10010, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a Tumblr component (Tumblr-Button) was integrated, the Internet browser on the data subject's information technology system is automatically triggered by the respective Tumblr component, download a representation of the corresponding Tumblr component from Tumblr. Further information on the Tumblr buttons is available at https://www.tumblr.com/buttons available. Tumblr becomes aware of this as part of this technical process, Which specific subpage of our website is visited by the data subject. The purpose of integrating the Tumblr component is, To enable our users to redistribute the content of this website, to make this website known in the digital world and to increase our visitor numbers.
If the person concerned is logged into Tumblr at the same time, Tumblr recognizes each time the data subject accesses our website and for the entire duration of their stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Tumblr component and assigned to the respective Tumblr account of the person concerned by Tumblr. If the person concerned clicks one of the Tumblr buttons integrated on our website, the data and information transmitted with it are assigned to the personal Tumblr user account of the data subject and saved and processed by Tumblr.
Tumblr always receives information about this via the Tumblr component, that the person concerned has visited our website, if the person concerned is logged into Tumblr at the same time as accessing our website; this takes place independently, whether the person clicks on the Tumblr component or not. If the data subject does not want this information to be transmitted to Tumblr, can prevent the transmission, that she logs out of her Tumblr account before visiting our website.
The applicable data protection regulations of Tumblr are at https://www.tumblr.com/policy/en/privacy available.
18. Data protection regulations for the application and use of Twitter
The controller has integrated Twitter components on this website. Twitter is a multilingual, publicly accessible microblogging service, on which the users use so-called tweets, so short messages, the on 280 Characters are limited, publish and distribute. These short messages are for everyone, therefore also available for people who are not registered on Twitter. The tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users, that follow a user's tweets. Twitter also enables hashtags, Links or retweets to address a wide audience.
Twitter is operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, THAT 94103, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a Twitter component (Twitter-Button) was integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Twitter component, download a representation of the relevant Twitter component from Twitter. Further information on the Twitter buttons can be found at https://about.twitter.com/de/resources/buttons available. Twitter receives knowledge of this as part of this technical process, Which specific subpage of our website is visited by the data subject. The purpose of integrating the Twitter component is, To enable our users to redistribute the content of this website, to make this website known in the digital world and to increase our visitor numbers.
If the person concerned is logged into Twitter at the same time, Twitter recognizes the data subject each time our website is accessed and for the entire duration of their stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the person concerned. If the person concerned clicks one of the Twitter buttons integrated on our website, the data and information transmitted in this way are assigned to the personal Twitter user account of the data subject and saved and processed by Twitter.
Twitter always receives information about this via the Twitter component, that the person concerned has visited our website, if the person concerned is logged in to Twitter at the same time as accessing our website; this takes place independently, whether the person concerned clicks on the Twitter component or not. If the data subject does not want this information to be transmitted to Twitter in this way, can prevent the transmission, that she logs out of her Twitter account before accessing our website.
The applicable data protection regulations of Twitter are at https://twitter.com/privacy?lang = de available.
19. Data protection regulations for the application and use of YouTube
The controller has integrated YouTube components on this website. YouTube is an internet video portal, that video publishers can post video clips for free and other users can also view them free of charge, Evaluation and commenting on this enables. YouTube allows the publication of all types of videos, which is why both complete film- and television programs, but also music videos, Trailers or videos made by users themselves can be called up via the Internet portal.
YouTube is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, THAT 94066, USA. Die YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, THAT 94043-1351, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a YouTube component (YouTube-Video) was integrated, the internet browser on the information technology system of the data subject is automatically triggered by the respective YouTube component, download a representation of the corresponding YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/ can be accessed. YouTube and Google become aware of this as part of this technical process, Which specific subpage of our website is visited by the data subject.
If the person concerned is logged into YouTube at the same time, YouTube recognizes by calling up a subpage, which contains a YouTube video, which specific subpage of our website the data subject visits. This information is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.
YouTube and Google always receive information about this via the YouTube component, that the person concerned has visited our website, if the person concerned is logged in to YouTube at the same time as accessing our website; this takes place independently, whether the person clicks on a YouTube video or not. If the data subject does not want this information to be transmitted to YouTube and Google, can prevent the transmission, that she logs out of her YouTube account before accessing our website.
The privacy policy published by YouTube, the under https://www.google.de/intl/de/policies/privacy/ are available, provide information about the survey, Processing and use of personal data by YouTube and Google.
20. Legal basis for processing
Art. 6 I lit. a GDPR serves our company as the legal basis for processing operations, where we obtain consent for a specific processing purpose. Is the processing of personal data to fulfill a contract, whose contracting party is the data subject, required, as is the case, for example, with processing operations, which are necessary for the delivery of goods or the provision of any other service or consideration, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services. Our company is subject to a legal obligation which requires the processing of personal data, such as to fulfill tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data may become necessary, to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were injured and then his name, his age, his health insurance data or other vital information to a doctor, a hospital or other third party would have to be passed on. Then the processing would be based on Art. 6 I lit. d DS-GVO beruhen. Ultimately, processing operations could be based on Art. 6 I lit. f GDPR are based. Processing operations are based on this legal basis, that are not covered by any of the aforementioned legal bases, if the processing is necessary to protect a legitimate interest of our company or a third party, provided the interests, The fundamental rights and freedoms of the person concerned do not prevail. Such processing operations are particularly permitted to us, because they were specifically mentioned by the European legislator. In this respect, he took the view, that a legitimate interest could be assumed, if the person concerned is a customer of the person responsible (Recital 47 sentence 2 DS-GVO).
21. Legitimate interests in processing, pursued by the controller or a third party
The processing of personal data is based on articles 6 I lit. f GDPR is our legitimate interest in carrying out our business for the benefit of all our employees and our shareholders.
22. Duration, for which the personal data are stored
The criterion for the duration of the storage of personal data is the respective legal retention period. After the deadline, the relevant data will be routinely deleted, if they are no longer required to fulfill the contract or initiate a contract.
23. Legal or contractual regulations for the provision of personal data; Necessity for the conclusion of the contract; Obligation of the data subject, to provide the personal data; possible consequences of not providing
We'll tell you about it, that the provision of personal data is partly required by law (z.B. Tax regulations) or also from contractual regulations (z.B. Information about the contractual partner) can result. Sometimes it may be necessary to conclude a contract, that a data subject provides us with personal data, which subsequently have to be processed by us. For example, the data subject is obliged to provide us with personal data, when our company signs a contract with her. Failure to provide personal data would result, that the contract with the person concerned could not be concluded. Before the data subject provides personal data, the data subject must contact one of our employees. Our employee will inform the person concerned about this on a case-by-case basis, whether the provision of personal data is required by law or contract or is required for the conclusion of the contract, whether there is an obligation, to provide the personal data, and the consequences of not providing personal data.
24. Existing automated decision making
As a responsible company, we do not use automatic decision-making or profiling.
This data protection declaration was created by the data protection declaration generator of the DGD Deutsche Gesellschaft für Datenschutz GmbH, die als Externer Datenschutzbeauftragter Mittelfranken tätig ist, in Kooperation mit den Datenschutz Anwälten der Kanzlei WILDE BEUGER SOLMECKE | Lawyers created.
I am very happy about your interest in my site. Data protection is particularly important to me. Use of the website is generally possible without providing any personal data. If a person concerned wants to use special services from me via my website, However, processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, I generally get the consent of the data subject.
The processing of personal data, for example the name, the address, Email address or phone number of a data subject, always takes place in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to Sandra Zuerlein. With this privacy policy I would like to inform the public about Art, The scope and purpose of the data collected by us, inform used and processed personal data. Furthermore, data subjects are informed about their rights by means of this data protection declaration.
Sandra Zuerlein, as the controller, has implemented numerous technical and organizational measures, to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to do so, personal data also in alternative ways, for example by phone, to send to me.
1. Definitions
Sandra Zuerlein's data protection declaration is based on the terminology, by the European directives- and regulators when adopting the General Data Protection Regulation (DS-GVO) were used. Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
In this data protection declaration, we use the following terms, among others:
a) personal data
Personal data is all information, referring to an identified or identifiable natural person (hereinafter referred to as "data subject") Respectively. A natural person is considered to be identifiable, the directly or indirectly, in particular by assigning an identifier such as a name, to an identification number, to location data, to an online identifier or to one or more special features, the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, can be identified.
b) affected person
Affected person is every identified or identifiable natural person, whose personal data are processed by the controller.
c) processing
Processing is any process carried out with or without the help of automated processes or any such series of processes in connection with personal data such as collection, the grasping, the organization, organizing, the storage, the adjustment or change, the reading, querying, the usage, disclosure by transmission, Dissemination or other form of delivery, the match or link, the restriction, the deletion or the annihilation.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim, restrict their future processing.
e) Profiling
Profiling is any type of automated processing of personal data, that is, that this personal data is used, about certain personal aspects, that refer to a natural person, to rate, in particular, about aspects related to work performance, economic situation, health, personal preferences, Interests, reliability, behavior, Analyze or predict the location or change of location of this natural person.
f) Pseudonymisierung
Pseudonymization is the processing of personal data in one way, to which the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures, that ensure, that the personal data are not assigned to an identified or identifiable natural person.
g) Controller or controller
The person responsible or responsible for processing is the natural or legal person, authority, Facility or other body, who alone or together with others decides on the purposes and means of processing personal data. Are the purposes and means of this processing prescribed by Union law or the law of the Member States, for example, the controller or the specific criteria for naming them can be provided in accordance with Union law or the law of the member states.
h) Processors
The processor is a natural or legal person, authority, Facility or other body, the personal data processed on behalf of the person responsible.
i) receiver
The recipient is a natural or legal person, authority, Facility or other body, the personal data are disclosed, independently of, whether it is a third party or not. Authorities, who may receive personal data as part of a specific investigation mandate under Union law or the law of the Member States, however, are not considered recipients.
j) Third
Third party is a natural or legal person, authority, Institution or other body other than the data subject, the person responsible, the processor and the people, which are authorized under the direct responsibility of the person responsible or the processor, to process the personal data.
k) consent
Consent is any declaration of intent made by the data subject voluntarily for the specific case in an informed manner and unequivocally in the form of a declaration or another clear confirming action, with which the data subject gives an understanding, that they consent to the processing of their personal data.
2. Name and address of the controller
Responsible in the sense of the general data protection regulation, other data protection laws applicable in the member states of the European Union and other provisions with data protection character is:
Sandra Zuerlein
Ahornweg 1
55442 Stromberg
Germany
Tel.: 01736501632
E-mail: sandra_zuerlein@web.de
Website: sandrazuerlein.de
3. Cookies
The websites of Sandra Zuerlein use cookies. Cookies are text files, which are stored and stored on a computer system via an Internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string, Which internet pages and servers can be assigned to the specific internet browser, in which the cookie was saved. This enables the websites and servers visited, the individual browser of the data subject from other internet browsers, that contain other cookies, to distinguish. A specific internet browser can be recognized and identified using the unique cookie ID.
By using cookies, Sandra Zuerlein can provide users of this website with more user-friendly services, that would not be possible without the cookie setting.
A cookie can be used to optimize the information and offers on our website in the interests of the user. Cookies enable us, As already mentioned, to recognize the users of our website. The purpose of this recognition is, to make it easier for users to use our website. The user of a website, which uses cookies, For example, you do not have to enter your access data every time you visit the website, because this is done by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping cart in the online shop. The online shop remembers the items, that a customer has placed in the virtual shopping cart, via a cookie.
The data subject can prevent the setting of cookies by our website at any time by making the appropriate setting in the internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time using an Internet browser or other software programs. This is possible in all common internet browsers. The person concerned deactivates the setting of cookies in the internet browser used, Under certain circumstances, not all functions of our website can be used to their full extent.
4. Collection of general data and information
The website of Sandra Zuerlein collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the log files of the server. The can be recorded (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website, from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, which are controlled via an accessing system on our website, (5) the date and time of access to the website, (6) an internet protocol address (IP Address), (7) the Internet service provider of the accessing system and (8) other similar data and information, which serve to avert danger in the event of attacks on our information technology systems.
When using this general data and information, Sandra Zuerlein does not draw any conclusions about the person concerned. Rather, this information is needed, one (1) deliver the content of our website correctly, (2) optimize the content of our website and the advertising for it, (3) to guarantee the permanent functionality of our information technology systems and the technology of our website and (4) to provide law enforcement agencies with the information necessary for law enforcement in the event of a cyber attack. This anonymously collected data and information is therefore evaluated statistically by Sandra Zuerlein and also with the aim, to increase data protection and data security in our company, to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
5. Subscribe to our newsletter
On the website of Sandra Zuerlein, users are given the opportunity, to subscribe to our company's newsletter. Which personal data are transmitted to the data controller when the newsletter is ordered, results from the input mask used for this.
Sandra Zuerlein informs her customers and business partners about the company's offers at regular intervals by means of a newsletter. The newsletter of our company can generally only be received by the person concerned, if (1) the data subject has a valid email address and (2) the data subject registers for the newsletter. For legal reasons, a confirmation email will be sent to the email address entered by the data subject for the first time for sending the newsletter in a double opt-in procedure. This confirmation email is used for verification, whether the owner of the email address as the person concerned has authorized the receipt of the newsletter.
When registering for the newsletter, we also save those from the Internet service provider (ISP) assigned IP address of the computer system used by the person concerned at the time of registration as well as the date and time of registration. The collection of this data is required, to the(possible) To be able to understand the misuse of the email address of a data subject at a later point in time and therefore serves to provide legal protection for the controller.
The personal data collected when you register for the newsletter will only be used to send our newsletter. Subscribers to the newsletter could also be informed by email, if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes in the technical circumstances. The personal data collected as part of the newsletter service is not passed on to third parties. The person concerned can cancel the subscription to our newsletter at any time. Consent to the storage of personal data, which the person concerned has given us for sending the newsletter, can be revoked at any time. For the purpose of withdrawing consent, there is a corresponding link in every newsletter. There is also the possibility, to unsubscribe from the newsletter at any time directly on the website of the controller or to inform the controller in another way.
6. Newsletter-Tracking
Sandra Zuerlein's newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic, which is embedded in such emails, which are sent in HTML format, to enable log file recording and log file analysis. This enables a statistical evaluation of the success or failure of online marketing campaigns to be carried out. Sandra Zuerlein can see from the embedded tracking pixel, whether and when an email was opened by a data subject and which links in the email were accessed by the data subject.
Such personal data collected via the tracking pixels contained in the newsletters, are saved and evaluated by the controller, to optimize the sending of newsletters and to adapt the content of future newsletters even better to the interests of the person concerned. This personal data will not be passed on to third parties. Affected people are entitled at any time, the related one, to withdraw consent given via the double opt-in procedure. After revocation, this personal data will be deleted by the controller. Unsubscribing from receiving the newsletter automatically interprets Sandra Zuerlein as a revocation.
7. Comment function in the blog on the website
Sandra Zuerlein offers users on a blog, which is on the website of the controller, the possibility, leave individual comments on individual blog posts. A blog is a website, usually a publicly accessible portal, in which one or more people, called bloggers or web bloggers, Post articles or write down thoughts in so-called blog posts. The blog posts can usually be commented on by third parties.
If a person concerned leaves a comment on the blog published on this website, In addition to the comments left by the data subject, information about the time when the comment was entered and the user name chosen by the data subject (Pseudonym) saved and published. Furthermore, the Internet service provider (ISP) The IP address assigned to the data subject is also logged. The IP address is saved for security reasons and just in case, that the data subject violates the rights of third parties by posting a comment or posts illegal content. This personal data is therefore stored in the own interest of the person responsible for processing, so that he could possibly exculpate himself in the event of an infringement. The personal data collected is not passed on to third parties, unless such disclosure is required by law or serves to defend the data controller.
8. Subscription to comments in the blog on the website
The comments made on Sandra Zuerlein's blog can in principle be subscribed to by third parties. In particular, there is the possibility, that a commentator subscribes to the comments following a comment on a particular blog post.
If a data subject chooses the option, Subscribe to comments, the controller sends an automatic confirmation email, to check using the double opt-in procedure, whether the owner of the email address provided has opted for this option. The option to subscribe to comments can be terminated at any time.
9. Routine deletion and blocking of personal data
The controller processes and stores personal data of the data subject only for the period, which is necessary to achieve the storage purpose or if this is required by the European guidelines- and regulators or other legislators in laws or regulations, which the controller is subject to, was provided.
If the storage purpose is omitted or one of the European directives is running- and prescriber or another competent legislator prescribed retention period, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
10. Rights of the data subject
a) Right to confirmation
Every data subject has this from the European guidelines- and regulators granted right, to request confirmation from the controller, whether personal data concerning you are processed. A data subject would like to exercise this right of confirmation, it can contact an employee of the controller at any time.
b) Right to information
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, to receive free of charge information about the personal data stored about him and a copy of this information from the controller at any time. Furthermore, the European guidelines- and the legislator granted the data subject information about the following information:
the processing purposes
the categories of personal data, that are processed
the recipients or categories of recipients, to whom the personal data have been or are still being disclosed, especially for recipients in third countries or international organizations
if possible the planned duration, for which the personal data are stored, or, if this is not possible, the criteria for determining this duration
the existence of a right to correction or deletion of the personal data relating to them or to restriction of processing by the person responsible or a right to object to this processing
the right to lodge a complaint with a supervisory authority
if the personal data is not collected from the data subject: All available information about the origin of the data
the existence of automated decision making including profiling in accordance with the article 22 Paragraph 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject
The data subject also has the right to information about this, whether personal data has been transferred to a third country or to an international organization. If so, the data subject also has the right, Receive information about the appropriate guarantees in connection with the transmission.
A data subject would like to exercise this right to information, it can contact an employee of the controller at any time.
c) Right to rectification
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, to request the immediate correction of incorrect personal data concerning you. The data subject also has the right, considering the purposes of processing, to request the completion of incomplete personal data - also by means of a supplementary statement.
A data subject would like to exercise this right to correction, it can contact an employee of the controller at any time.
d) Right to cancellation (Right to be forgotten)
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, to request from the responsible person, that the personal data concerning them will be deleted immediately, if one of the following reasons applies and if the processing is not necessary:
The personal data was collected for such purposes or processed in some other way, for which they are no longer necessary.
The data subject withdraws their consent, on which the processing according to Art. 6 Abs. 1 Letter a GDPR or Art. 9 Abs. 2 Letter a GDPR was based, and there is no other legal basis for the processing.
In accordance with Art. 21 Abs. 1 GDPR to object to processing, and there are no overriding legitimate reasons for the processing, or the data subject submits in accordance with Art. 21 Abs. 2 GDPR to object to processing.
The personal data was processed illegally.
The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the member states, to which the person responsible is subject.
The personal data were collected in relation to information society services offered in accordance with Art. 8 Abs. 1 GDPR raised.
If one of the above reasons applies and a data subject deletes personal data, that are stored at Sandra Zuerlein, want to initiate, it can contact an employee of the controller at any time. The employee Sandra Zuerlein will do the job, that the request for deletion will be complied with immediately.
Has the personal data been made public by Sandra Zuerlein and is our company as the person responsible according to Art. 17 Abs. 1 GDPR obliged to delete personal data, This is how Sandra Zuerlein takes appropriate measures, taking into account the available technology and the implementation costs, also of a technical nature, other people responsible for data processing, which process the published personal data, to inform about it, that the data subject has asked these other persons responsible for data processing to delete all links to this personal data or copies or replications of this personal data, as far as processing is not necessary. The employee of Sandra Zuerlein will arrange the necessary in individual cases.
e) Right to restriction of processing
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, to request the controller to restrict processing, if one of the following conditions is met:
The data subject disputes the accuracy of the personal data, for a duration, that enables the person responsible, check the accuracy of the personal data.
The processing is unlawful, the data subject refuses to delete the personal data and instead requests that the use of the personal data be restricted.
The controller no longer needs the personal data for the purposes of processing, however, the data subject needs them to assert them, Exercise or defend legal claims.
The data subject has objected to processing in accordance with. Art. 21 Abs. 1 GDPR filed and it is not yet certain, whether the legitimate reasons of the person responsible outweigh those of the data subject.
If one of the above conditions is met and a data subject has the restriction of personal data, that are stored at Sandra Zuerlein, want to request, it can contact an employee of the controller at any time. The employee Sandra Zuerlein will arrange for the processing to be restricted.
f) Right to data portability
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, the personal data concerning them, which have been made available to a person responsible by the data subject, in a structured, to get common and machine-readable format. She also has the right, this data to another controller without hindrance from the controller, to whom the personal data has been provided, to transmit, if the processing is based on consent in accordance with Art. 6 Abs. 1 Letter a GDPR or Art. 9 Abs. 2 Letter a GDPR or on a contract in accordance with Art. 6 Abs. 1 Letter b GDPR is based and the processing is carried out using automated processes, unless the processing is necessary for the performance of a task, which is in the public interest or in the exercise of official authority, which has been transferred to the person responsible.
Furthermore, when exercising their right to data portability in accordance with Art. 20 Abs. 1 GDPR the right, to achieve, that the personal data is transferred directly from one controller to another controller, as far as this is technically feasible and provided that this does not affect the rights and freedoms of other people.
To assert the right to data portability, the data subject can contact an employee of Sandra Zuerlein at any time.
g) Right to object
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, for reasons, that arise from their particular situation, at any time against the processing of personal data concerning you, which, based on Art. 6 Abs. 1 Letters e or f GDPR, To file an objection. This also applies to profiling based on these provisions.
Sandra Zuerlein no longer processes the personal data in the event of an objection, unless, we can demonstrate compelling reasons worthy of protection for the processing, the interests, The rights and freedoms of the data subject predominate, or the processing serves to assert, Exercise or defend legal claims.
Processes Sandra Zuerlein personal data, to do direct mail, so the person concerned has the right, object to the processing of personal data for the purpose of such advertising at any time. This also applies to profiling, as far as it is connected with such direct mail. If the data subject objects to Sandra Zuerlein for processing for direct marketing purposes, so Sandra Zuerlein will no longer process the personal data for these purposes.
The data subject also has the right, for reasons, that arise from their particular situation, against the processing of personal data concerning them, that at Sandra Zuerlein for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Abs. 1 GDPR take place, To file an objection, unless, Such processing is necessary to fulfill a task in the public interest.
In order to exercise the right to object, the data subject can contact any Sandra Zuerlein employee or another employee directly. The data subject is also free to do so, related to the use of information society services, regardless of Directive 2002/58 / EC, exercise your right to object using automated procedures, where technical specifications are used.
h) Automated decisions in individual cases including profiling
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, not to be subjected to a decision based solely on automated processing - including profiling, which has legal effect or similarly significantly affects it, provided the decision (1) is not required for the conclusion or performance of a contract between the data subject and the person responsible, or (2) due to Union or Member State legislation, to which the person responsible is subject, is permissible and these legal provisions contain appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject or (3) with the express consent of the data subject.
Is the decision (1) required for the conclusion or performance of a contract between the data subject and the controller or (2) it takes place with the express consent of the data subject, Sandra Zuerlein takes appropriate measures, to protect the rights and freedoms as well as the legitimate interests of the data subject, including at least the right to have the person responsible intervene, heard your own point of view and contested the decision.
The data subject would like to assert rights in relation to automated decisions, it can contact an employee of the controller at any time.
i) Right to withdraw consent under data protection law
Every person affected by the processing of personal data has this from the European guidelines- and legislators granted right, revoke your consent to the processing of personal data at any time.
If the data subject wishes to exercise their right to withdraw consent, it can contact an employee of the controller at any time.
11. Data protection regulations for the application and use of affilinet
The data controller has integrated components of affilinet on this website. Affilinet is a German affiliate network, which offers affiliate marketing.
Affiliate marketing is an internet-based form of distribution, which it commercial website operators, the so-called merchants or advertisers, enables, advertising, mostly via click- or sale commissions are paid, on third party websites, so with sales partners, which are also called affiliates or publishers, fade in. The merchant provides an advertising medium via the affiliate network, that is, an advertising banner or other suitable means of internet advertising, to disposal, which are subsequently integrated by an affiliate on their own website or via other channels, such as keyword advertising or email marketing, be advertised.
Affilinet is operated by affilinet GmbH, Sapporobogen 6-8, 80637 Munich, Germany.
Affilinet places a cookie on the information technology system of the data subject. What cookies are, has already been explained above. The Affilinet tracking cookie does not store any personal data. Only the affiliate's identification number is saved, that is, the partner mediating the potential customer, as well as the order number of the visitor to a website and the advertising material clicked. The purpose of storing this data is to process commission payments between a merchant and the affiliate, which via the affiliate network, also Affilinet, be handled.
The person concerned can set cookies through our website, as already shown above, Prevent at any time by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. This setting would also prevent the Internet browser used, Affilinet places a cookie on the data subject's information technology system. In addition, cookies already set by Affilinet can be deleted at any time via an internet browser or other software programs.
Affilinet's applicable data protection regulations can be found at https://www.affili.net/de/footeritem/datenschutz can be accessed.
12. Data protection regulations for the application and use of Facebook
The controller has integrated components of the Facebook company on this website. Facebook is a social network.
A social network is a social meeting point operated on the Internet, an online community, that users usually have, communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the internet community, provide personal or company-related information. Facebook enables users of the social network to create private profiles, among other things, uploading photos and networking via friend requests.
Facebook is operated by Facebook, Inc., 1 Hacker Way, Menlo Park, THAT 94025, USA. Is responsible for the processing of personal data, if a data subject lives outside of the United States or Canada, die Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a Facebook component (Facebook-Plug-In) was integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Facebook component, download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale = de_DE can be retrieved. Facebook receives knowledge of this as part of this technical process, Which specific subpage of our website is visited by the data subject.
If the person concerned is logged into Facebook at the same time, Facebook recognizes each time the data subject accesses our website and for the entire duration of their stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the person concerned. If the person concerned clicks one of the Facebook buttons integrated on our website, for example the "Like" button, or make a comment on the person concerned, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.
Facebook always receives information about this via the Facebook component, that the person concerned has visited our website, if the person concerned is logged in to Facebook at the same time as accessing our website; this takes place independently, whether the person concerned clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, can prevent the transmission, that she logs out of her Facebook account before accessing our website.
The data policy published by Facebook, the under https://de-de.facebook.com/about/privacy/ is available, provides information about the survey, Processing and use of personal data by Facebook. It also explains, Which setting options Facebook offers to protect the privacy of the data subject. Different applications are also available, that make it possible, suppress data transmission to Facebook. Such applications can be used by the data subject, to suppress data transmission to Facebook.
13. Data protection provisions on the use and use of functions of the Amazon partner program
The data controller has integrated Amazon components on this website as a participant in the Amazon partner program. The Amazon components were designed by Amazon with the aim, Customers via advertisements on different websites of the Amazon group, especially on Amazon.co.uk, Local.Amazon.co.uk, Amazon.de, BuyVIP.com, Amazon.fr, Amazon.it and Amazon.es. Mediate BuyVIP.com against payment of a commission. The controller can generate advertising revenue by using the Amazon components.
The operating company of these Amazon components is Amazon EU S.à.r.l, 5 Plaetis Street, L-2338 Luxembourg, Luxembourg.
Amazon places a cookie on the data subject's information technology system. What cookies are, has already been explained above. Each time you access one of the individual pages of this website, which is operated by the controller and on which an Amazon component has been integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Amazon component, To transmit data to Amazon for the purpose of online advertising and the settlement of commissions. As part of this technical process, Amazon gains knowledge of personal data, that serve Amazon, trace the origin of orders received by Amazon and subsequently enable commission billing. Among other things, Amazon can understand, that the person concerned has clicked on a partner link on our website.
The person concerned can set cookies through our website, as already shown above, Prevent at any time by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. This setting would also prevent the Internet browser used, that Amazon places a cookie on the data subject's information technology system. In addition, cookies already set by Amazon can be deleted at any time via an internet browser or other software programs.
Further information and the applicable data protection regulations of Amazon can be found at https://www.amazon.de/gp/help/customer/display.html?nodeId = 3312401.
14. Data protection regulations for the application and use of Google+
The controller has integrated the Google+ button as a component on this website. Google+ is a so-called social network. A social network is a social meeting point operated on the Internet, an online community, that users usually have, communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the internet community, provide personal or company-related information. Google+ allows users of the social network, among other things, to create private profiles, uploading photos and networking via friend requests.
Google+ is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, THAT 94043-1351, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a Google+ button has been integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Google+ button, download a representation of the corresponding Google+ button from Google. Google is made aware of this as part of this technical process, Which specific subpage of our website is visited by the data subject. More detailed information about Google+ is available at https://developers.google.com/+/ available.
If the person concerned is logged into Google+ at the same time, Google recognizes each time the data subject accesses our website and for the entire duration of their stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Google+ button and assigned by Google to the respective Google+ account of the person concerned.
If the person concerned clicks one of the Google + buttons integrated on our website and thus makes a Google + 1 recommendation, Google assigns this information to the personal Google+ user account of the data subject and stores this personal data. Google saves the data subject's Google +1 recommendation and makes it publicly available in accordance with the conditions accepted by the data subject. A Google +1 recommendation given by the data subject on this website will subsequently be used together with other personal data, such as the name of the Google +1 account used by the person concerned and the photo stored in this in other Google services, for example the search engine results of the Google search engine, the data subject's Google account or elsewhere, for example on websites or in connection with advertisements, saved and processed. Google is also able, to link the visit to this website with other personal data stored by Google. Google also records this personal information with the purpose, to improve or optimize the various Google services.
Google always receives information about this via the Google+ button, that the person concerned has visited our website, if the person concerned is logged into Google+ at the same time as accessing our website; this takes place independently, whether the person concerned clicks the Google+ button or not.
If the data subject does not want the transfer of personal data to Google, can prevent such a transmission, that she logs out of her Google+ account before visiting our website.
Further information and the applicable data protection regulations of Google can be found at https://www.google.de/intl/de/policies/privacy/ can be accessed. Further information from Google on the Google +1 button can be found at https://developers.google.com/+/web/buttons-policy.
15. Data protection regulations for the application and use of Instagram
The controller has integrated components of the Instagram service on this website. Instagram is a service, which is to be qualified as an audiovisual platform and enables users to share photos and videos and also to disseminate such data in other social networks.
Instagram is operated by Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, THAT, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which an Instagram component (Insta-Button) was integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Instagram component, download a representation of the relevant component from Instagram. Instagram receives knowledge of this as part of this technical process, Which specific subpage of our website is visited by the data subject.
If the person concerned is logged into Instagram at the same time, Instagram recognizes each time the data subject accesses our website and for the entire duration of their stay on our website, which specific subpage the data subject visits. This information is collected by the Instagram component and assigned to the respective Instagram account of the data subject by Instagram. If the person concerned clicks one of the Instagram buttons integrated on our website, the data and information transmitted in this way are assigned to the personal Instagram user account of the data subject and saved and processed by Instagram.
Instagram always receives information about this via the Instagram component, that the person concerned has visited our website, if the person concerned is logged into Instagram at the same time as accessing our website; this takes place independently, whether the person concerned clicks on the Instagram component or not. If the data subject does not want this information to be transmitted to Instagram in this way, can prevent the transmission, that she logs out of her Instagram account before visiting our website.
Further information and the applicable data protection regulations of Instagram can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.
16. Data protection regulations for the application and use of Shariff
The controller has integrated the Shariff component on this website. The Shariff component provides social media buttons, that are compliant with data protection. Shariff wurde für die deutsche Computerzeitschrift c't entwickelt und wird über die GitHub, Inc. published.
The component is developed by GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, THAT 94107, USA.
The button solutions provided by the social networks usually already transmit personal data to the respective social network, when a user visits a website, in which a social media button has been integrated. By using the Shariff component, personal data will only be transmitted to social networks, when the visitor of a website actively presses one of the social media buttons. Weitere Informationen zur Shariff-Komponente werden von der Computerzeitschrift c't unter http://www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-c-t-Shariff-ist-im-Einsatz-2470103.html available. The use of the Shariff component has the purpose, to protect the personal data of visitors to our website and to enable us at the same time, integrate a button solution for social networks on this website.
Further information and the applicable data protection regulations of GitHub can be found at https://help.github.com/articles/github-privacy-policy/.
17. Data protection regulations for the application and use of Tumblr
The controller has integrated Tumblr components on this website. Tumblr is a platform, that enables users, create and run a blog. A blog is a website, usually a publicly accessible portal, in which one or more people, called bloggers or webloggers, Post articles or write down thoughts in so-called blog posts. In a blog on Tumblr, the user can, for example, texts, photos, Publish links and videos and distribute them in digital space. Tumblr users can also add content from other websites to their own blog.
Tumblr is operated by Tumblr, Inc., 35 East 21st St, Ground Floor, New York, NEW 10010, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a Tumblr component (Tumblr-Button) was integrated, the Internet browser on the data subject's information technology system is automatically triggered by the respective Tumblr component, download a representation of the corresponding Tumblr component from Tumblr. Further information on the Tumblr buttons is available at https://www.tumblr.com/buttons available. Tumblr becomes aware of this as part of this technical process, Which specific subpage of our website is visited by the data subject. The purpose of integrating the Tumblr component is, To enable our users to redistribute the content of this website, to make this website known in the digital world and to increase our visitor numbers.
If the person concerned is logged into Tumblr at the same time, Tumblr recognizes each time the data subject accesses our website and for the entire duration of their stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Tumblr component and assigned to the respective Tumblr account of the person concerned by Tumblr. If the person concerned clicks one of the Tumblr buttons integrated on our website, the data and information transmitted with it are assigned to the personal Tumblr user account of the data subject and saved and processed by Tumblr.
Tumblr always receives information about this via the Tumblr component, that the person concerned has visited our website, if the person concerned is logged into Tumblr at the same time as accessing our website; this takes place independently, whether the person clicks on the Tumblr component or not. If the data subject does not want this information to be transmitted to Tumblr, can prevent the transmission, that she logs out of her Tumblr account before visiting our website.
The applicable data protection regulations of Tumblr are at https://www.tumblr.com/policy/en/privacy available.
18. Data protection regulations for the application and use of Twitter
The controller has integrated Twitter components on this website. Twitter is a multilingual, publicly accessible microblogging service, on which the users use so-called tweets, so short messages, the on 280 Characters are limited, publish and distribute. These short messages are for everyone, therefore also available for people who are not registered on Twitter. The tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users, that follow a user's tweets. Twitter also enables hashtags, Links or retweets to address a wide audience.
Twitter is operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, THAT 94103, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a Twitter component (Twitter-Button) was integrated, the internet browser on the data subject's information technology system is automatically triggered by the respective Twitter component, download a representation of the relevant Twitter component from Twitter. Further information on the Twitter buttons can be found at https://about.twitter.com/de/resources/buttons available. Twitter receives knowledge of this as part of this technical process, Which specific subpage of our website is visited by the data subject. The purpose of integrating the Twitter component is, To enable our users to redistribute the content of this website, to make this website known in the digital world and to increase our visitor numbers.
If the person concerned is logged into Twitter at the same time, Twitter recognizes the data subject each time our website is accessed and for the entire duration of their stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the person concerned. If the person concerned clicks one of the Twitter buttons integrated on our website, the data and information transmitted in this way are assigned to the personal Twitter user account of the data subject and saved and processed by Twitter.
Twitter always receives information about this via the Twitter component, that the person concerned has visited our website, if the person concerned is logged in to Twitter at the same time as accessing our website; this takes place independently, whether the person concerned clicks on the Twitter component or not. If the data subject does not want this information to be transmitted to Twitter in this way, can prevent the transmission, that she logs out of her Twitter account before accessing our website.
The applicable data protection regulations of Twitter are at https://twitter.com/privacy?lang = de available.
19. Data protection regulations for the application and use of YouTube
The controller has integrated YouTube components on this website. YouTube is an internet video portal, that video publishers can post video clips for free and other users can also view them free of charge, Evaluation and commenting on this enables. YouTube allows the publication of all types of videos, which is why both complete film- and television programs, but also music videos, Trailers or videos made by users themselves can be called up via the Internet portal.
YouTube is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, THAT 94066, USA. Die YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, THAT 94043-1351, USA.
Every time you visit one of the individual pages of this website, which is operated by the controller and on which a YouTube component (YouTube-Video) was integrated, the internet browser on the information technology system of the data subject is automatically triggered by the respective YouTube component, download a representation of the corresponding YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/ can be accessed. YouTube and Google become aware of this as part of this technical process, Which specific subpage of our website is visited by the data subject.
If the person concerned is logged into YouTube at the same time, YouTube recognizes by calling up a subpage, which contains a YouTube video, which specific subpage of our website the data subject visits. This information is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.
YouTube and Google always receive information about this via the YouTube component, that the person concerned has visited our website, if the person concerned is logged in to YouTube at the same time as accessing our website; this takes place independently, whether the person clicks on a YouTube video or not. If the data subject does not want this information to be transmitted to YouTube and Google, can prevent the transmission, that she logs out of her YouTube account before accessing our website.
The privacy policy published by YouTube, the under https://www.google.de/intl/de/policies/privacy/ are available, provide information about the survey, Processing and use of personal data by YouTube and Google.
20. Legal basis for processing
Art. 6 I lit. a GDPR serves our company as the legal basis for processing operations, where we obtain consent for a specific processing purpose. Is the processing of personal data to fulfill a contract, whose contracting party is the data subject, required, as is the case, for example, with processing operations, which are necessary for the delivery of goods or the provision of any other service or consideration, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services. Our company is subject to a legal obligation which requires the processing of personal data, such as to fulfill tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data may become necessary, to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were injured and then his name, his age, his health insurance data or other vital information to a doctor, a hospital or other third party would have to be passed on. Then the processing would be based on Art. 6 I lit. d DS-GVO beruhen. Ultimately, processing operations could be based on Art. 6 I lit. f GDPR are based. Processing operations are based on this legal basis, that are not covered by any of the aforementioned legal bases, if the processing is necessary to protect a legitimate interest of our company or a third party, provided the interests, The fundamental rights and freedoms of the person concerned do not prevail. Such processing operations are particularly permitted to us, because they were specifically mentioned by the European legislator. In this respect, he took the view, that a legitimate interest could be assumed, if the person concerned is a customer of the person responsible (Recital 47 sentence 2 DS-GVO).
21. Legitimate interests in processing, pursued by the controller or a third party
The processing of personal data is based on articles 6 I lit. f GDPR is our legitimate interest in carrying out our business for the benefit of all our employees and our shareholders.
22. Duration, for which the personal data are stored
The criterion for the duration of the storage of personal data is the respective legal retention period. After the deadline, the relevant data will be routinely deleted, if they are no longer required to fulfill the contract or initiate a contract.
23. Legal or contractual regulations for the provision of personal data; Necessity for the conclusion of the contract; Obligation of the data subject, to provide the personal data; possible consequences of not providing
We'll tell you about it, that the provision of personal data is partly required by law (z.B. Tax regulations) or also from contractual regulations (z.B. Information about the contractual partner) can result. Sometimes it may be necessary to conclude a contract, that a data subject provides us with personal data, which subsequently have to be processed by us. For example, the data subject is obliged to provide us with personal data, when our company signs a contract with her. Failure to provide personal data would result, that the contract with the person concerned could not be concluded. Before the data subject provides personal data, the data subject must contact one of our employees. Our employee will inform the person concerned about this on a case-by-case basis, whether the provision of personal data is required by law or contract or is required for the conclusion of the contract, whether there is an obligation, to provide the personal data, and the consequences of not providing personal data.
24. Existing automated decision making
As a responsible company, we do not use automatic decision-making or profiling.
This data protection declaration was created by the data protection declaration generator of the DGD Deutsche Gesellschaft für Datenschutz GmbH, die als Externer Datenschutzbeauftragter Mittelfranken tätig ist, in Kooperation mit den Datenschutz Anwälten der Kanzlei WILDE BEUGER SOLMECKE | Lawyers created.