Privacy Policy
for the processing of data in the course of using our website and the processing of data when using our website
Basic information about data processing
As a website operator, we take the protection of your personal data very seriously. We process personal data collected during your membership and when you visit our website both confidentially and in compliance with applicable data protection regulations. We do not publish your data or provide your data to third parties without authorisation.
Where personal data is processed for a given procedure, a simple reference to a provision indicates the legal basis for the data processing.
I. Scope of data protection
Data protection covers personal data. Personal data means information relating to an identified or identifiable natural person.
Unless clear from this document or other circumstances, we are not able to identify you.
Where we obtain the consent of the data subject for processing operations on personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) is the legal basis for the processing of the personal data.
When processing personal data that is required for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR is the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.
Where processing of personal data is necessary for compliance with a legal obligation to which the Association is subject, Article 6(1)(c) GDPR is the legal basis.
If the vital interests of the data subject or another natural person make processing of personal data necessary, Article 6(1)(d) GDPR is the legal basis.
If processing is necessary to safeguard a legitimate interest of the Association or a third party and the interests, fundamental rights and freedoms of data subject do not override that legitimate interest, Article 6(1)(f) GDPR is the legal basis for processing.
The personal data of the data subject are deleted or blocked, as soon as the purpose of storage no longer applies. Data may also be stored if required by European or national law in regulations, laws or other rules under EU law, to which the data controller is subject. The data are also blocked or deleted when a retention period prescribed by the above laws expires, unless it is necessary to continue to store the data for the conclusion or performance of a contract.
II. Collection, use and storage of data when you visit our website II. – Our web server
I.1. Our web server
It is possible to use our website without providing personal data. Below we describe what data is collected during a visit to our website, the extent of processing and the purpose for which we use the data. Your personal data is processed in accordance with the provisions of the General Data Protection Regulation (hereafter: GDPR) and the German Federal Data Protection Act (hereafter: BDSG).
If you use the website for information purposes only, i.e. if you do not register on our website or send information to us in any other way, we only collect the personal data that the browser on your device automatically transfers to our website server. This information is stored in a log file for a limited period of time. The following data that is required for technical purposes to display our website on your browser (legal basis for storage in this case is Article 6(1)(f) GDPR) is stored without any intervention by you, until it is deleted automatically:
– Date and time of your visit to our website
– The pages on our website that you have visited and how much time you have spent on each page
– Access status/HTTP status code
– The amount of data that has been transferred
– The web browser you were using
– Language and version of your browser software
– The operating system and interface you were using
– The domain name of your internet service provider
– The website from which you reached our website
The data collected when you visit our website is used for the following purposes:
– to establish a connection with the website;
– to ensure our website is convenient to use;
– to assess the security and stability of our systems;
– for other administrative purposes.
Use of your IP address:
When you visit our website, we receive your full IP address from your computer. We can only transfer the data for our website to you so that you can view the website if we have your IP address (Article 6(1)(b) and (f) GDPR). Your IP address has to be processed and temporarily stored by the system in order to send the website to your computer. Your IP address may need to be stored for the duration of the session for this purpose, and is then deleted. As you have requested the website, this is in our shared legitimate interest. Your full IP address is not stored except to transfer the data you have requested.
You do not have a right to object, as these operations are essential to operate the website. Please do not visit our website if you wish to object to this. Your personal data is only used for the stated purposes and to the extent required to achieve those purposes. We never use these data to obtain information about your identity.
We only provide personal data to government bodies and authorities in accordance with mandatory national law or if disclosure is necessary for legal proceedings or law enforcement in the event of attacks on our network infrastructure. Data is not disclosed to third parties for other purposes.
III. Third-party services
I.2. Role of the Google web server
I.2.a. General information about using Google services on our website
Our website uses plugins from Google, which are Google services. These services are operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you access a page on our website that contains a Google plugin, your browser establishes a direct connection with the Google server. The content of the plugin is sent directly to your browser and integrated into the page. Integration of the plugin means that Google is informed that your browser has accessed the applicable page of our website, even if you do not have a Google user account or are not logged in. This information (including your IP address) is sent directly from your browser to the Google server, which may also be located in the USA (see details about Google Analytics below), and it must be assumed that the data is also stored on the server. These data processing operations are carried out pursuant to Article 6(1)(f) GDPR to maintain, improve and develop (new) Google services, to provide personalised services including content and ads from Google, to detect, prevent and combat fraud, abuse, security risks and technical problems at Google. Google describes the use of the data on the basis of legitimate interests as follows: The data is processed for such purposes as:
- Providing, maintaining, and improving our services to meet the needs of our users
- Developing new products and features that are useful for our users
- Understanding how people use our services to ensure and improve the performance of our services
- Customizing our services to provide you with a better user experience
- Marketing to inform users about our services
- Providing advertising to make many of our services freely available for users
- Detecting, preventing, or otherwise addressing fraud, abuse, security, or technical issues with our services
- Protecting against harm to the rights, property or safety of Google, our users, or the public as required or permitted by law
- Performing research that improves our services for our users and benefits the public
- Fulfilling obligations to our partners like developers and rights holders
- Enforcing legal claims, including investigation of potential violations of applicable Terms of Service
Google shares the data with Google’s affiliates and with other third parties for legal reasons. Google has signed up to the EU-US Privacy Shield agreement, so that the applicable adequacy decision of the EU Commission is the legal basis for the data processing in the USA and should guarantee compliance with the level of the protection of data applicable in the EU. Please see Google’s Privacy Policy for the purpose and scope of data collection and the further processing and use of data by Google, as well as your rights and the settings you can use to protect your privacy: https://policies.google.com/privacy?hl=en
If you do not want Google to link the data collected on our website to your Google account, you must log out of Google before you visit our website.
I.2.b. Google Analytics
We use Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), to analyse the use of our website for internal purposes. We use the service on the basis of Article 6(1)(f) GDPR. We use these tracking methods in order to design our website to meet demand and to continuously improve our website. We also use these methods to record use of our website statistically and to evaluate use our website for the purpose of optimisation. These interests are legitimate interests under the above provision. Google Analytics uses cookies, which are text files that are stored on your computer and are used to analyse your use of the website. The information generated by the cookie about your use of the website, such as:
• Browser type/version
• Operating system used
• Referrer URL (the page you visited before our website)
• Time of the server request
is usually sent to a Google server in the United States and stored there. However, we only use Google Analytics with IP anonymisation. The IP address sent by your browser for Google Analytics is not combined with other Google data. We have also added the “anonymizeIP” code for Google Analytics on this website. This guarantees that your IP address is masked within the European Union or in other parties to the Agreement on the European Economic Area, so that your full IP address is only processed within the EU to exchange the data between your browser and Google, but your IP address is not transferred or stored outside the EU. All stored data is therefore anonymous. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. Your IP address is processed briefly by Google to generate website statistics to serve our legitimate interest in improving our website.
Objecting to the collection of data
You can prevent cookies being saved by changing your browser settings to reject cookies. However, please note that, by doing so, you may not be able to use all the features of this website without limitations.
You can also prevent the data generated by the cookie about your use of the website (including your IP address) from being passed to Google and being processed by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
You can also reject the collectino of your data by Google Analytics by clicking on the following link: Disable Google Analytics. This will set an opt-out cookie, which prevents your data being collected on subsequent visits to our website.
For more information about data protection for Google Analytics, see the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en). Only authorised persons have access to this anonymised data.
Processing of data by a processor on our behalf
We have entered into a contract with Google to process data on our behalf and we fully apply the strict requirements of the German data protection authorities when using Google Analytics.
Google Analytics demographics
This website uses the Google Analytics “Demographics” feature. Demographics can be used to create reports that contain details of the age, gender and interests of visitors to our website. This data comes from interest-based advertising by Google and from user data provided by third-party providers. This data cannot be associated with a specific person. You can disable this feature at any time by changing the ad settings in your Google account or you can generally prevent your data being collected by Google Analytics by following the procedure descirbed under “Objecting to the collection of data”.
I.2.c. Google reCAPTCHA
The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
We use the Google reCAPTCHA service (hereafter “reCAPTCHA”) for forms to check whether an actual person, such as you as a visitor, or undesirable automated hacking software is attempting to use the form. This is for the purpose of IT security and we have a legitimate interest in maintaining our services and preventing incorrect information in our databases (Article 6(1)(b) and (f) GDPR).
We are not informed by Google what reCATPCHA you will see, but Google does send us a message indicating whether the reCATPCHA was likely solved by an actual person.
Google uses the information that you provide in order to solve the reCAPTCHA – which is not personal data – to improve its image analysis algorithms. reCAPTCHA analyses the behaviour of the website visitors on the basis of various characteristics for this purpose. This analysis starts automatically, as soon as the website visitor accesses the website. For the analysis, reCAPTCHA evaluates various pieces of information (e.g. IP address, how long the visitor has been on the website and the mouse movements made by the user). The data collected during analysis is forwarded to Google.
Analysis by the reCAPTCHA service runs entirely in the background. Visitors are not informed that analysis is taking place. Data processing in this case is carried out on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its site from abusive automated web-crawling and spam. For more information about Google reCAPTCHA and Google’s Privacy Policy, please see the following links:
https://www.google.com/intl/en/policies/privacy/ und https://www.google.com/recaptcha/intro/android.html.
IV. Cookies when you visit our website
Cookies are stored on your computer when you use our website, in addition to the above data. Cookies are small text files that are stored on your hard disk for the browser you are using and that provide the website that creates the cookie (in this case, us) with certain information. When you visit our website again or continue your visit, the web server can access this information again. Cookies now not only are direct cookies for your web browser, but are also created e.g. for Flash animations or advanced HTML storage techniques (HTML5 Storage and Local Shared Objects). Cookies do not damage your device, cannot run programs, do not contain Trojans or other malware and cannot infect your computer with viruses. They are used to make our website generally more user-friendly and effective. The cookie stores information that is related to the specific device you are using. However, this does not mean that we can identify you directly. The legal basis for the use of cookies is Article 6(1)(f) GDPR. For example, we use session cookies to identify that you have already visited individual pages on our website. Session cookies are deleted automatically when you leave our website.
We divide cookies into the following categories:
Type A – Essential cookies
These cookies are required for websites and their features to work properly. It is not possible to provide the user-specific features described below without these cookies.
Type B – Functional cookes
These cookies makes it possible to improve the user experience and performance of websites and to provide various features. For example, information to identify your shopping cart or your comparison list can be stored in functional cookies.
Type C – Performance cookies
These cookies collect information about how you use websites. Performance cookies help us e.g. to identify particularly popular areas of our website. This means that we can tailor the content of our website to your specific needs and therefore improve what we provide for you. Some of the data collected by these cookies are not personal, some of the data are personal. For more information about how this information is collected and analysed, see the other sections of our Privacy Policy.
Type D – Opt-out cookies
Opt-out cookies are cookies created by websites in your browser folder to block the website from creating more cookies in the future. The opt-out cookie tells the website not to install third-party cookies or other cookies on your browser or adserver. This keeps third-party ad providers from tracking your preferred sites, if you visit multiple sites within their network. It is essentially a declaration that you do not want to be confronted with targeted advertising or profiling or otherwise have any of your actions tracked. We have to set an opt-out cookie, as we have no other way of recognising you again in the future. This is necessary for technical reasons in order to implement your objection. Opt-out cookies are site-specific. You can only block cookies from specific servers and cookies from other servers are not blocked. This means that they are not a general tool to block cookies from the websites you visit.
Google Analytics, as used by us, sets the following cookies:
|
Cookie name |
Description of the purpose of the cookie |
Expiration time – how long the cookie is stored |
Type |
Legal basis |
Typical values, if possible |
Specific ways to object |
|
_ga |
Used to distinguish users |
2 years |
C |
Article 6(1)(f) GDPR |
– |
See above under the section on Google Analytics |
|
_gid |
Used to distinguish users |
24 hours |
C |
Article 6(1)(f) GDPR |
– |
See above under the section on Google Analytics |
|
_gat |
Used to throttle request rate |
1 minute |
C |
Article 6(1)(f) GDPR |
– |
See above under the section on Google Analytics |
|
ga-disable-UA-67794578-1 |
Used to disable Google Analytics |
2 years |
D |
Article 6(1)(f) GDPR |
true |
See above under the section on Google Analytics |
We also distinguish between the following types of cookies we use, the scope and function of which are described below:
– Transient Cookies (see a)
– Persisent Cookies (see b).
a) Transient cookies are automatically deleted when you close your browser. These include session cookies in particular. Session cookies store a session ID, which is associated with the various requests made by your browser in the same session. This means that we can recognise your computer when you return to the website. Session cookies are deleted when you log out or when you close your browser.
b) Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete cookies at any time via your browser’s security settings.
Most browsers accept cookies automatically. You can configure your browser settings according to your preferences and reject e.g. third-party cookies or all cookies on your device by selecting the appropriate browser settings. You can delete cookies that have already been created on your device at any time. For the most common PC/notebook browsers, see the following links for the steps to follow:
MOZILLA FIREFOX, Link: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
GOOGLE CHROME, Link: https://support.google.com/accounts/answer/61416?hl=en
MICROSOFT INTERNET EXPLORER, Link: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies#ie=ie-11
APPLE SAFARI, Link: https://support.apple.com/kb/PH19214?locale=en_GB
See the manual for your browser or from your device manufacturer for information about how deleting cookies works on your device.
Please note that you may not be able to use all the features of this website if you disable cookies.
We also use cookies to identify you when you come back to the website, if you have an account with us. Otherwise, you have to log in again.
Use of external links
Our webpages may contain links to third-party websites − operated by providers who are not associated with us. These include e.g. forwarding links for social networks such as Facebook (Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA), Twitter, Google+, Youtube, LinkedIN, Xing, and Viadeo. You can identify links on our website from the applicable logo. Once you click on the link, we have no more influence over the collection, storage or processing of any personal data transferred to the third party by clicking on the link (such as the IP address or URL of the page with the link), because we naturally have no control over the actions of third parties. We cannot accept any responsibility for the processing of such personal data by third parties.
V. Youtube
JaveScript code from YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA (hereafter “Youtube”) is loaded on our site. We use YouTube as the provider for embedded video on our website. If you have JavaScript enabled on your browser and have not installed a JavaScript blocker, your browser may send personal data to YouTube. We do not know what data
YouTube links to the data it receives or the purposes for which YouTube uses such data. YouTube is part of Google. Google has signed up to the EU-US Privacy Shield. For further information, see Youtube’s Privacy Policy (http://www.google.de/intl/en/policies/privacy). To prevent JavaScript code from YouTube running at all, you can install a JavaScript blocker (e.g. www.noscript.net or www.ghostery.com).
VI. Contact form
If you have any questions, you can contact us via our contact form. A valid email address is required for us to be able to respond to your request. You may voluntarily provide other information, but it is not required. Your consent to use of the data for this purpose is obtained when you use the form and you are also referred to this Privacy Policy.
When you use the contact form, the information you enter is sent to us and stored. We use the information collected in this way exclusively to communicate and reply to your request and, if the request relates to a contract or a contract comes about following contact, we also use this information to initiate and manage the contract (Article 6(1)(a), (b) and (f) GDPR). If you are already one of our members or become a member in the future, we may collect, store, modify and transfer the data to establish, perform or end the contract without requiring your consent (Article 6(1)(b) GDPR) and as long as we are permitted to do so by law. In other cases, i.e. while there is still no contract, we do not store your data for longer than 4 weeks and you have a right to object to the processing of the data transferred to us with your consent via the contact form, with effect for the future. You can exercise your right to object by sending a message, using the contact details in our Legal Notice. If you want to contact us by email, please note that the content of unencrypted emails can be viewed by third parties. We therefore recommend sending confidential information in encrypted format or by post.
VII. Login area
We process and store email addresses and passwords so that our members can use the login area. The data are not deleted. Members have access for the duration of membership. After membership has ended, the login data are deleted.
The data are processed and stored to ensure access to member information is limited, via technical measures (Article 6(1)(b) GDPR).
VIII. SSL or TLS encryption
For security reasons and to protect the transfer of confidential content, such as queries that you send to us as the site operator, our website uses SSL (Secure Sockets Layer) or TLS encryption in combination with the highest level of encryption supported by your browser. This is normally 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can recognise an encrypted connection by the fact that the address in the address bar of your browser (Firefox, Google Chrome etc.) changes from “http://” to “https://” and from the lock icon in the address bar. If SSL or TLS encryption is enabled, the data you transfer to us is protected and cannot be read by third parties.
We have taken both technical and organisational measures to ensure that protection is as comprehensive as possible. However, please note that data transferred over the internet (e.g. when communicating by email) is never completely secure, so that we cannot guarantee that your data is completely protected from access by third parties. For this reason, you can also send us your personal data by other methods, such as phone or post. It is also your responsibility to check that the personal data we hold about you is accurate and up-to-date.
IX. Web hosting
We use 1&1 (Elgendorfer Str. 57, 56401 Montabaur) as web hoster to provide our services. For this purpose, we as data controller have signed a contract with the processor for data processing on our behalf, in accordance with Article 28 GDPR. This involves sending information to 1&1 servers. More information is provided in the 1&1 Privacy Policy.
X. Registration for seminars and workshops
You can register on our website to take part in a seminar or workshop. For this purpose, we require the following personal data:
– First name and last name
– Address
– Email address
– Phone number
– If applicable, company name or name of practice
By registering for one of our seminars, you consent to the above personal data being processed.
XI. Your rights to access, rectification, blocking, erasure, completion, restriction and data portability
As data subject, you have various rights relating to the personal data processed by the Association. We provide information about these rights below:
You will receive access to the personal data concerning you that we store free of charge without stating any reasons. Your legal rights include the right to have data concerning you that we store blocked, rectified or deleted. You also have the right to have incomplete data completed and, in the cases provided for by law, to request that the processing of your data is restricted. You then also have the right to data portability, where we have specified Article 6(1)(a) or (b) GDPR in this Policy as the legal basis for data processing and the processing is carried out by automated means.
Your specific rights are as follows:
1. Right of access
You have the right to request confirmation as to whether or not we are processing personal data concerning you.
If such processing is taking place, you may request the following information from the data controller:
(1) the purposes for which the personal data is processed;
(2) the categories of personal data that are processed;
(3) the recipients or categories of recipients to whom the personal data concerning you has been disclosed or will be disclosed in the future;
(4) the planned duration of storage of the personal data concerning you or, if specific details cannot be provided in this regard, the criteria for determining the duration of storage;
(5) the existence of a right to rectification or erasure of the personal data concerning you, of a right to restriction of the processing by the data controllers or of a right to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information about the origin of the data, if the persona data has not been collected from the data subject;
(8) the existence of any automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether or not your personal data will be transferred to a third country or to an international organisation. In this regard, you may request to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.
1. Right to rectification
You have a right to rectification and/or completion of your data by the data controller, if the processed personal data concerning you is incorrect or incomplete. The data controller must carry out rectification immediately.
2. Right to restriction of processing
You may request the restriction of the processing of personal data concerning you, where one of the following applies:
(1) you dispute the accuracy of your personal data for a period which enables the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you request restriction of use of the personal data rather than erasure;
(3) the data controller no longer needs the personal data for the purposes of the processing, but needs them in order to assert, exercise or defend legal claims; or
(4) you have objected to the processing pursuant to Article 21(1) GDPR and is has not yet been determined whether the data controller’s legitimate interests override your reasons.
Where processing of your personal data has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If processing has been restricted under the above conditions, you shall be informed by the controller before the restriction of processing is lifted.
3. Right to erasure
a) Obligation to erase data
You have the right to request from the controller that your personal data are erased without undue delay and the controller has the obligation to erase such personal data without undue delay where one of the following grounds applies:
(1) your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(2) you withdraw your consent on which the processing is based according to Article 6(1)(a) or Article 9(2)(a) GDPR, and where there is no other legal ground for the processing;
(3) you object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR;
(4) your personal data have been unlawfully processed;
(5) your personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
(6) your personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
a) Transfer of personal data to third parties
Where the controller has made your personal data public and is obliged pursuant to Article 17(1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
b) Exceptions
The right to erasure does not apply to the extent that processing is necessary:
(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health in accordance with Article 9(2)(h) and (i) as well as Article 9(3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR in so far as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5) for the establishment, exercise or defence of legal claims.
4. Right to be informed
If you have exercised your right for the controller to rectify, erase or restrict the processing of your data, the controller must communicate such rectification or erasure of the data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
You have the right to be informed by the controller about those recipients.
5. Right to data portability
You have the right to receive your personal data, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right for those data to be transmitted to another controller without hindrance from the controller to which the personal data have been provided, where:
(1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or a contract pursuant to Article 6(1)(b) GDPR and (2) the processing is carried out by automated means.
In exercising this right, you also have the right to have your personal data transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. General information about your right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.
We will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you have the option of exercising your right to object by automated means using technical specifications.
8. Right to withdraw consent under data protection law
You have the right to withdraw your consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:
(1) is necessary for entering into, or performance of, a contract between you and the data controller;
(2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and your legitimate interests; or
(3) is based on your explicit consent.
However, such decisions must not be based on special categories of personal data referred to in Article 9(1), unless point (a) or (g) of Article 9(2) applies and suitable measures to safeguard yours rights and freedoms and your legitimate interests are in place.
In the cases under (1) and (3), the data controller implements suitable measures to safeguard your rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
XII. Links to websites of other providers
Our webpages may contain links to third-party websites − operated by third parties not associated with us, e.g. forwarding links for social networks such as Facebook (Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA), Twitter, Google+, Youtube, LinkedIN, Xing, and Viadeo. You can identify links on our website from the applicable logo. Once you click on the link, we have no more influence over the collection, storage or processing of any personal data transferred to the third party by clicking on the link (such as the IP address or URL of the page with the link), because we naturally have no control over the actions of third parties. We cannot accept any responsibility for the processing of such personal data by third parties.
XIII. Data protection officer, complaints, data controller
You can contact the supervisory authority with complaints relating to data protection. Without prejudice to any other administrative or judicial remedy, you also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.
We are the data controller, i.e. we are the operator of this website, as per the Legal Notice.
XIV. Your questions and future changes to the Privacy Policy
If you have further questions about data protection and how we process your personal data, you are welcome to contact us at any time. Please note that data protection regulations and approaches to data processing may change at any time. It is therefore advisable to stay up-to-date with changes to the law and data protection in practice.
It may be necessary to change this Privacy Policy as we further develop our website and service or following changes to statutory or official requirements. You can access and print out the current version of our Privacy Policy at any time on our website.
This is the currently valid Privacy Policy, dated 25 May 2018.