Name and Address of the Controller
Controller in terms of the General Data Protection Regulation and other national privacy laws of the member states of the European Union as well as further privacy provisions is:
20459 Hamburg, Germany
E-Mail: [email protected]
Name and Address of the Privacy Officer
Privacy Officer of the Controller is:
Deutsche Datenschutz Consult GmbH
22769 Hamburg Germany
Telephone: +49 40 228 60 70 0
Email: [email protected]
When visiting our website, we log the following data transmitted by your browser:
- IP address
- Time and date of your request
- Requested content
- Access status / http status code
These data will be saved to a log file. Your IP address is anonymized within a day.
Legal basis for the temporary processing of your data and for saving the log files is art. 6 sec. 1 lit. f GDPR.
Saving the IP address for the duration of your session is required for delivering the website to your system. Delivery of the website also constitutes our legitimate interest for the purpose of which your IP address and connected data is processed.
The data we are saving to logs is processed for evaluating our offerings, optimizing our website appearance and to defend us against cyber threats. The logged data will not be combined with other data sources and will not be used for marketing purposes.
The aforementioned purposes constitute our legitimate interests in terms of art. 6 sec. 1 lit. f GDPR.
The data is deleted when it is no longer of use for the purposes they have been collected for. With respect to data collected for delivering the website this is the case when the session expires. Data saved to log files will be deleted within seven days.
Whenever you communicate with us via email, we will collect, save and process your name, your email address and any contents of such communication. The personal data will be processed for the performance of a contract with you or the legal entity you represent, or, at your request, in order to take steps to enter into a contract.
Processing of your personal data as contact for a legal entity we communicate with is commonly based upon GDPR Art. 6 (I) lit. f, whereas our legitimate interest consists of building up and taking care of business relationships. In specific cases processing may also be based upon GDPR Art. 6 (I) lit. a to the extent you gave us your consent for contacting you and/or communicating with you.
We may disclose your personal data if and insofar this
(a) is necessary for compliance with legal obligations according to GDPR Art. 6 (I) lit. c,
(b) is necessary for our and our customers‘ legitimate interests to provide/receive efficient and economic performance, or
(c) takes place within the scope of the consent provided by you following GDPR Art. 6 (I) lit. a, Art. 7.
Your personal data will generally be stored only as long as they are required for conducting the correspondence. Aside from this, we are legally obliged to store business correspondence for a period of six years. In that respect, our storage of your personal data takes place in order to comply with our legal obligations following GDPR Art. 6 (I) lit. c. Upon expiry of the statutory period of record keeping your personal data will be deleted, unless further storage is required for managing the business relationship or performance of a contract.
Right of Access
You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed. Upon request we gladly inform you in writing about which personal data are being processed by us, including their origin, any recipients of your personal data as well as the purpose of processing.
Right to object
Where we process your personal data for direct marketing purposes, you may object to our processing and we will immediately cease processing for this purpose. Where we process your personal data on the basis of our legitimate interests, you may object to the processing on grounds relating to you or your particular situation. We will then only continue processing if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if we require the personal data for the establishment, exercise or defence of legal claims.
Right to rectification
You have the right to obtain from us rectification of personal data concerning you to the extent we save such data and provided it is inaccurate.
Right to restriction of processing
You have the right, under the preconditions of art. 18 sec. 1 GDPR (for example if the accuracy of the data is disputed or the processing is unlawful), to obtain from us restriction of processing, which means that we may only process your personal data subject to such restriction under the preconditions of art. 18 sec. 2 GDPR (for example with your consent or for the exercise or defence of legal claims).
Right to erasure
You have the right to obtain from us the erasure of your personal data under the preconditions of art. 17 sec. 1 lit. a-f GDPR (for example if the personal data is no longer needed or processing is unlawful) unless exceptions following art. 17 sec. 3 lit. a-e GDPR apply (for example if there are legal obligations to process the personal data).
Right to data portability
You have the right to receive from us your personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us.
Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, if you feel our processing of your personal data is unlawful.
IT Security Notice
For our website we make use of ssl encryption (secure socket layer) with the highest encryption level supported by your browser. Usually this will be 256-bit encryption. If your browser doesn’t support this, our website falls back to 128-bit technology. Most browsers show encryption status by displaying a closed lock icon next to the URL or in the status bar.
We have implemented appropriate technical and organisational measures to protect the integrity, confidentiality and availability of your personal data. The measures we have implemented are being continuously improved and updated according to the progress of technological development.
No automated Decision-Making
While using our services, you are not subject to any exclusively automatic decision-making process – including profiling – that takes legal effect or affects you significantly in any similar manner.