Data Protection Statement
This data protection statement clarifies the type, scope and purpose of
the processing of personal data (hereinafter referred to as "data")
within our online service and the associated websites, functions and
contents, as well as in external online venues, such as our social media
profiles (hereinafter jointly referred to as "online service"). With
regard to the terms used, such as "processing" or "controller", we refer
you to the definitions in Art. 4 of the General Data Protection
Person in charge
Dr. Ralf Schlüter
Types of data processed
User data (for example, names, addresses).
Contact data (e.g., e-mail, telephone numbers).
Content data (e.g., text entries, photographs, videos).
Usage data (e.g., websites visited, interest in content, access times).
Metadata/communications data (e.g., device information, IP addresses).
Categories of data subjects
Visitors and users of the online service (hereinafter referred to
collectively as "users").
Purpose of processing
Provision of the online service, its functions and contents.
Answering contact requests and communicating with users.
"Personal data" means any information relating to an identified or
identifiable natural person (hereinafter "data subject"); a natural
person who can be identified, directly or indirectly, in particular by
reference to an identifier such as a name, an identification number,
location data, online identifier (e.g. a cookie) or to one or more
specific characteristics which express the physical, physiological,
genetic, mental, economic, cultural or social identity of that natural
person, is regarded as identifiable.
"Processing" means any operation or set of operations, carried out with
or without the aid of automated processes, relating to personal data.
The term is broad and covers practically every type of handling of data.
The "controller" is the natural or legal person, public authority,
agency or other body which, alone or jointly with others, determines the
purposes and means of the processing of personal data.
Applicable legal bases
In accordance with Art. 13 GDPR, we inform you about the legal basis of
our data processing. If the legal basis is not mentioned in the data
protection statement, the following applies: The legal basis for
obtaining consent is Art. 6, para. 1, letter a and Art. 7 GDPR; the
legal basis for processing data in order to provide our services and
carry out contractual measures, as well as answer inquiries, is Art. 6,
para. 1, letter b GDPR; the legal basis for processing data in order to
fulfil our legal obligations is Art. 6, para. 1, letter c GDPR; and the
legal basis for processing data in order to safeguard our legitimate
interests is Art. 6, para. 1, letter f GDPR. In the event that vital
interests of the data subject or another natural person make processing
of personal data necessary, Art. 6, para. 1, letter d GDPR serves as the
Cooperation with contract processors and
Insofar as we disclose data to other persons and companies (contract
processors or third parties) within the scope of our data processing,
transfer the data to them or otherwise grant them access to the data,
this shall only take place on the basis of a statutory authorization
(e.g. if a transfer of the data to third parties, such as payment
service providers, is required for the performance of the contract
pursuant to Art. 6, para. 1, letter b GDPR ), if you have consented to
this, if a legal obligation provides for this or on the basis of our
legitimate interests (e.g. when using agents, web hosting services,
If we commission third parties with the processing of data on the basis
of a so-called "order processing contract", this is done on the basis of
Art. 28 GDPR.
Transfers to third countries
If we process data in a third country (i.e. outside the European Union
(EU) or the European Economic Area (EEA)) or if this is done in the
context of the use of third-party services or disclosure or transfer of
data to third parties, this will only occur if it is done to fulfil our
(pre)contractual obligations, on the basis of your consent, on the basis
of a legal obligation or on the basis of our legitimate interests.
Subject to statutory or contractual authorization, we process the data
or allow the data to be processed in a third country only if the special
requirements of Art. 44 ff. of the GDPR are met. This means that the
processing takes place, for example, on the basis of special guarantees,
such as the officially recognized determination of a data protection
level corresponding to that of the EU (e.g. for the USA by virtue of the
"Privacy Shield") or compliance with officially recognized special
contractual obligations (so-called "standard contractual clauses").
Rights of data subjects
You have the right to request confirmation as to whether data
concerning you is being processed and to obtain access to thisdata
and to receive further information and a copy of the data in accordance
with Art. 15 GDPR.
In accordance with Art. 16 GDPR, you have the right to request the
completion of incomplete data concerning you or the rectification of
incorrect data concerning you.
Pursuant to Art. 17 GDPR, you have the right to request that data
concerning you be erased without undue delay or, alternatively, to
request that the processing of the data be restricted pursuant to Art.
In accordance with Art. 20 GDPR, you have the right to request the
receipt of the data concerning you, which you have provided to us, and
the right to transmit it to other controllers.
Pursuant to Art. 77 GDPR, you also have the right to lodge a complaint
with the competent supervisory authority.
Right of withdrawal
Pursuant to Art. 7, para. 3 GDPR, you have the right to withdraw
consent granted. This withdrawal of consent is effective going forward
(but has no retroactive effect).
Right to object
In accordance with Art. 21 GDPR, you may object at any time to the
future processing of the data concerning you. In particular, you may
object to the processing of your data for the purposes of direct
Cookies and right to object in the case of
"Cookies" are small files that are stored on the user's computer.
Different data can be stored within the cookies. A cookie is primarily
used to store information about a user (or about the device on which the
cookie is stored) during or after the user's visit to a website.
Temporary cookies, or "session cookies" or "transient cookies", are
cookies that are deleted after a user leaves a website and closes his or
her browser. The content of a shopping basket in an online shop or a
login status, for example, can be stored in such a cookie. Cookies that
remain stored even after the browser is closed are referred to as
"permanent" or "persistent". For example, the login status can be saved
if users visit it after several days. The interests of the users that
are used for audience measurement or marketing purposes can also be
stored in such a cookie. "Third party cookies" are cookies that are
provided by providers other than the controller who operates the website
(otherwise, if they are only the latter's cookies, they are referred to
as "first party cookies").
We may use temporary and permanent cookies and explain this in our data
If users do not wish cookies to be stored on their computer, they are
asked to deactivate the corresponding option in the system settings of
their browser. Stored cookies can be deleted in the system settings of
your browser. The exclusion of cookies can lead to functional
restrictions in the use of this website.
can be raised for a large number of services, especially in the case of
tracking, via the US website
the EU website
In addition, cookies can be saved by deactivating them in the browser
settings. Please note that in this case it is possible that not all
functions of this website can be used.
Deletion of data
The data processed by us will be erased or its processing restricted in
accordance with Art. 17 and Art. 18 GDPR. Unless expressly specified in
this data protection statement, the data stored by us will be erased as
soon as it is no longer required for its intended purpose and there are
no legal obligations to retain it. If the data is not deleted because it
is required for other and legally permissible purposes, its processing
will be restricted. This means that the data will be sealed off and not
processed for other purposes. This applies, for example, to data that
must be stored due to the requirements of commercial law or tax law.
According to statutory provisions in Germany, data is stored, in
particular, for 6 years in accordance with § 257, para. 1 HGB [= the
German Commercial Code] (commercial books, inventories, opening balance
sheets, annual financial statements, commercial letters, accounting
records, etc.) and for 10 years in accordance with § 147, para. 1 AO [=
the German Tax Code] (books, records, management reports, accounting
records, commercial and business letters, documents relevant for
The hosting services used by us serve to provide the following
services: Infrastructure and platform services, computing capacity,
storage space and database services, security services and technical
maintenance services, which we use for the purpose of operating this
We and/or our hosting provider process user data, contact data, content
data, contract data, usage data, metadata and communications data of
customers, interested parties and visitors to this online service on the
basis of our legitimate interests in the efficient and secure provision
of this online service pursuant to Art. 6, para. 1, letter f GDPR in
combination with Art. 28 GDPR (conclusion of an order processing
Collection of access data and log files
On the basis of our legitimate interests in the sense of Art. 6, para.
1, letter f GDPR, we and/or our hosting provider collect data on each
instance of access to the server on which this service is located
(so-called server log files). The access data includes the name of the
website accessed, file, date and time of access, amount of data
transferred, notification of successful access, browser type and
version, the user's operating system, referrer URL (the previously
visited page), IP address and the requesting provider.
Log file information is only stored anonymously, and it is deleted when
no longer needed. Data, the further storage of which is necessary in
order to serve as evidence, is excluded from deletion until the incident
in question has been definitively clarified.
Adapted by the website owner; version as of: 14
Created with Datenschutz-Generator.de by Dr. Thomas Schwenke,
Attorney at Law