DATA PROTECTION DECLARATION
§ 1 Information about the collection of personal data
(1) In the following, we provide you with information about the collection of personal data when using our online offer and the associated websites, functions and content as well as external online presences (hereinafter collectively referred to as "Online Offer"). With regard to the terminology used, e.g. “Processing” or “Controller”, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Personal data are all data that can be related to you personally, e.g. B.
- Inventory data (e.g., names, addresses).
- Contact details (e.g., email, telephone numbers).
- Content data (e.g., text input, photographs, videos).
- Usage data (e.g., websites visited, interest in content, access times).
- Meta / communication data (e.g., device information, IP addresses).
Visitors and users of the Online Offer are affected by the processing (hereinafter also collectively referred to as "Users").
Unless otherwise stated below, processing is carried out for the following purposes:
- Providing the Online Offer, its functions and content.
- Answering contact inquiries and communicating with Users.
- Safety measures.
- Range measurement / marketing
(2) Controller according to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is
Tel: + 49 171 6464857
Mail: firstname.lastname@example.org (see imprint).
(3) Insofar as we disclose or transmit data to other persons and companies (Processors or Third Parties) as part of our processing or otherwise grant them access to the data, this will only be done on the basis of a statutory permission (e.g. if the transmission of data to Third Parties, such as payment service providers, in accordance with Art. 6 Para. 1 b GDPR is necessary for the fulfilment of the contract), if you have consented to such, if a legal obligation requires such or if such is done based on our legitimate interests (e.g. when using agents, web hosts (Wix .com Ltd, 40 Nemal Tel Aviv St., Tel Aviv, Israel, www.wix.com), CRM providers, etc.). If we commission third parties to process data, such will be done based on a so-called "Processing Contract" in accordance with Art. 28 GDPR.
(4) If data is transferred to a third country for processing (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done as part of the usage of third-party services or disclosure / transmission of data to third parties, this will only be done for the fulfilment of our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 ff. GDPR are met, i.e. if the processing takes place e.g. on the basis of special guarantees, such as the officially recognized determination by the EU that a data protection level corresponding to the EU is given (e.g. for the USA through the "Privacy Shield" or for Israel) or if compliance with officially recognized special contractual obligations (so-called "standard contractual clauses") is ensured.
(5) The data processed by us is deleted in accordance with Art. 17 and 18 GDPR or its processing is restricted. Unless expressly stated in this Data Protection Declaration, data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention requirements. We check every two years at the latest whether the necessity of storage still exists. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies e.g. for data that must be kept on the basis of obligations arising from commercial or tax law.
§ 2 Your rights
(1) You have the following rights with regard to your personal data:
- Right to information according to Art. 15 GDPR,
- Right to correction or deletion according to Art. 16 & 17 GDPR,
- Right to restrict the processing according to Art. 18 GDPR,
- Right to object to processing in accordance with Art. 21 GDPR,
- Right to data portability according to Art. 20 GDPR.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. Among other things, you can contact the competent authority at your place of residence or the location of the alleged violation as well as the location of our headquarters.
§ 3 Collection of personal data when you visit our website
If you only use the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we can collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 Para. 1 S. 1 lit. GMO):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status / HTTP status code
- amount of data transferred in each case
- Website from which the request comes
- Operating system and its surface
- Language and version of the browser software.
(2) On the one hand, cookies are used to make the use of our offer more pleasant for you. We use so-called transient cookies (especially session cookies) to recognize whether you have already visited individual pages of our website. These are automatically deleted after logging out or closing the browser.
In addition, we also use persistent cookies to optimize user-friendliness, which are stored on your device for a specific period of time. If you visit our site again to use our services, the cookie automatically recognize that you have already been with us as well as which entries and settings you have made so that you do not have to enter them again.
(4) The data processed by cookies are necessary for the purposes of our legitimate interests as well as those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.
§ 5 Objection against or revocation of the processing of your data / direct marketing
If you have given your consent to the processing of your data, you can revoke it at any time. Once you have declared a revocation, it affects the admissibility of processing your personal data.
If we base the processing of your personal data on a balance of interests, you can object to the processing. This is especially the case, if the processing is not necessary to fulfil a contract with you, which we will highlight in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or explain to you our compelling reasons worthy of protection, on the basis of which we will continue the processing.
Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us about your objection to advertising using the following contact details: email@example.com
§ 6 Establishment of contact
(1) When contacting us (e.g. via a contact-form, email, telephone or via social media), the information provided by the User for processing the contact request and processing it will be processed in accordance with Art. 6 Para. 1 lit.f GDPR based on our legitimate interests in answering your contact request. If the query is done to conclude a contract with us, then an additional legal basis for the processing is Art. 6 Para. 1 lit. b) GDPR.
(2) If you have given your consent, we can also use the contact details you provided to regularly inform us about our range of services outside of the contact request. In this case, the data will be processed in accordance with Art. 6 Para. 1 lit. a GDPR. Your consent to this can be withdrawn at any time without incurring any costs other than the transmission costs according to the basic tariff.
(3) We delete the data collected in this way if it is no longer needed. We check the necessity every two years at the latest. The statutory archiving obligations also apply.
(4) You have the right to object (see § 6).
§ 7 Google Fonts
(1) We use Google Fonts from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA for the uniform display of fonts. When a page is called up, the User's browser loads the required web fonts into their own browser cache in order to display texts and fonts correctly. For this purpose, the User's browser must establish connections to the Google servers. This gives Google knowledge that our website has been accessed by the User's IP address.
(2) The integration of Google Fonts is necessary to design our website in line with the needed requirements. This constitutes our interest in data processing in accordance with Art. 6 Para. 1 lit f) GDPR (legitimate interest of us as Controller).
§ 8 Google Ads Conversion
(1) We use Google Ads (formerly Google Adwords) to draw attention to our offers with the help of advertising material (so-called Google Ads) on external websites. In relation to the data from the advertising campaigns, we can determine how successful the individual advertising measures are. Our interest in doing so is to show you ads that are of interest to you, to make our website more interesting for you and to achieve a fair calculation of advertising costs.
(2) These advertising materials are delivered by Google via so-called "ad servers". For this purpose, we use ad server cookies, through which certain parameters for measuring success, such as the display of ads or clicks by Users, can be measured. If you access our website via a Google ad, Google Ads stores a cookie on your PC. These cookies usually lose their validity after 30 days and should not be used to identify you personally. For this cookie, the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (ensuring that the User does not wants to be addressed more) are stored.
(3) These cookies enable Google to recognize your internet browser. If a User visits certain pages of a Google Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the User clicked on the ad and was redirected to this page. A different cookie is assigned to each Google Ads customer. Cookies cannot therefore be tracked via the websites of Google Ads customers. We ourselves do not collect and process any personal data in the advertising measures mentioned. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material, in particular we cannot identify the Users based on this information.
(4) Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge: By integrating Google Ads Conversion, Google receives the information that you accessed the corresponding part of our website or clicked on one of our ads. If you are registered with a Google service, Google can assign this information to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will establish and store your IP address.
(5) You can prevent participation in this tracking process in various ways: a) by setting your browser software accordingly, especially by suppressing third-party cookies which means that you will not receive any advertisements from third-party providers; b) by deactivating the cookies for conversion tracking, which you can do by change the settings of your browser so that cookies from the domain "www.googleadservices.com" are blocked, https://www.google.de/settings/ads, while this setting is deleted when you delete your cookies; c) by deactivating the interest-based advertisements of the providers that are part of the self-regulation campaign "About Ads" via the link http://www.aboutads.info/choices, while this setting is deleted if you delete your cookies; d) by permanent deactivation in the browsers of Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.
(6) The legal basis for the processing of your data is Art. 6 Para. 1 S. 1 lit. f GDPR. Further information on data protection at Google can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
§ 9 Social Media
(1) We maintain profiles on the social media pages of LinkedIN and Xing. When you visit our profile on the social media sites mentioned, personal data is stored by the providers of the social media sites (for US providers in the USA).
(2) We have no influence on the data and data processing processes that are collected by the social media pages when you visit our profiles. We are also not aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the data collected by the social media sites.
(3) The social media site store the data collected about you as a usage profile and uses it for the purposes of advertising, market research and / or the needs-based design of its offers. Such an evaluation is carried out in particular (also for Users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact the relevant social media sites to exercise this right. Via the social media profiles, we offer you the opportunity to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a User. The legal basis for using the social media profile is Art. 6 Para. 1 S. 1 lit. f GDPR.
(4) The data is passed on regardless of whether you have an account with the social media site and are logged to such. If you are logged in to the social media service, your data collected will be assigned directly to your existing account on the social media site. If you act on our website via the social media page (e.g. via the like button), the social media page also stores this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before visiting our social media profile, as such avoids an assignment to your profile on the social media site.
(5) Further information on the purpose and scope of data collection and its processing by the social media pages can be found in the data protection declarations of the providers of the social media pages, which are stated below. You can also find further information on your rights as well as on setting options to protect your privacy:
a) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
b) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy#
§ 10. Data security
Our website uses the common SSL procedure (Secure Socket Layer) in connection with the highest encryption level, that of your browser supports. As a rule, this is a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can identify whether a page of our website is transmitted in encrypted form by checking if a closed key or lock symbol is displayed in the status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
§ 11. Topicality of and changes to this data protection declaration
This is the latest version of the data protection declaration with status as per April 2019
Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time from our website at www.pmdesigningprocess.com.