.

Privacy Policy of General Data Protection Regulation (GDPR)

 

  1. General information

  2. Name and address of the controller

  3. General information concerning data processing

    1. Scope of the processing of personal data

    2. Legal basis for the processing of personal data

    3. Data erasure and storage period

    4. SSL and TLS encryption

  4. Provision of the website and creation of log files

    1. Description and scope of data processing

    2. Legal basis for data processing

    3. Purpose of data processing

    4. Storage period

    5. Option to object and remove

  5. Use of cookies

    1. Description and scope of data processing

    2. Legal basis for data processing

    3. Purpose of data processing

    4. Storage period

    5. Option to object and remove

  6. Contact form and email contact

    1. Description and scope of data processing

    2. Legal basis for data processing

    3. Purpose of data processing

    4. Storage period

    5. Option to object and remove

  7. Analysis by Google Analytics

    1. Scope of data processing

    2. Legal basis for data processing

    3. Purpose of data processing

    4. Storage period

    5. Option to object and remove

  8. Analysis by Facebook Pixel

    1. Scope of data processing

    2. Legal basis for data processing

    3. Purpose of data processing

    4. Storage period

    5. Option to object and remove

  9. Analysis by LinkedIn Insight Tag

    1. Scope of data processing

    2. Legal basis for data processing

    3. Purpose of data processing

    4. Storage period

    5. Option to object and remove

  10. Social media plugins

    1. Facebook plugins ("Like" and "Share" buttons)

    2. LinkedIn plugin

    3. XING plugin

  11. Other tools

    1. Google web fonts

    2. Google Maps

  12. Rights of the data subject

    1. Right of access

    2. Right to rectification

    3. Right to restriction of processing

    4. Right to erasure

    5. Right to notification

    6. Right to data portability

    7. Right to object

    8. Right to withdraw consent to data processing

    9. Automated individual decision-making, including profiling

    10. Right to lodge a complaint with a supervisory authority

  13. Amendments to this Privacy Policy

  1. General information


    The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory provisions concerning data protection, as well as this Privacy Policy.
     

    Various pieces of personal data are collected when you use this website. Personal data means data that can be used to identify you personally. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this takes place.
     

    Please be aware that the transmission of data over the internet (e.g. when communicating by email) may be subject to security gaps. It is not possible to fully protect data against access by third parties.

  2. Name and address of the controller


    The controller within the meaning of the EU General Data Protection Regulation and other national data protection laws of the Members States, as well as other provisions of data protection law, is:

    Boris Kasper – Progress Professionals
    General Manager: Dipl.-Psych. Boris Kasper
    Övelgönne 4 c
    22605 Hamburg
    Germany
    Tel: +49 (0) 40/ 88302158
    Fax: +49 (0) 40/ 88302158
    Email: mail@boriskasper.de
    Website: www.boriskasper.de

  3. General information concerning data processing

    1. Scope of the processing of personal data

      As a rule, we only process the our users’ personal data to the extent necessary to provide a functioning website, as well as our content and services. The personal data of our users is normally processed only with a user's consent. An exception applies in those cases where it is not possible for practical reasons to obtain prior consent and the processing of data is permitted by statutory provisions.

    2. Legal basis for the processing of personal data

      To the extent that we obtain the consent of the data subject for processing operations involving personal date, the legal basis is Article 6(1)(a) of the EU General Data Protection Regulation (GDPR).
      Where the processing of personal data is necessary for the performance of a contract to which the data subject is party, the legal basis is Article 6(1)(b) GDPR. This also applies to processing operations that are necessary in order to take steps prior to entering into a contract.
      Where the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, the legal basis is Article 6(1)(c) GDPR.
      Where the processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person, the legal basis is Article 6(1)(d) GDPR.
      Where the processing of personal data is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, the legal basis for the processing is Article 6(1)(f) GDPR.

    3. Data erasure and storage period

      The data subject’s personal data is erased or blocked once the purpose for storage no longer exists. Personal data may also be stored if this was specified by European Union or national law in regulations, statutes, or other provisions to which the controller is subject. Data is also blocked or erased when a storage period specified by the aforementioned laws expires, unless it is necessary to continue to store the data for conclusion or performance of a contract.

    4. SSL and TLS encryption

      For security reasons, and in order to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator, this website uses SSL and TLS encryption. You can tell that a connection is encrypted when the display in your browser’s address bar changes from "http://" to "https://", as well as by the lock icon in your browser's status bar.
       

      If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

  4. Provision of the website and creation of log files

    1. Description and scope of data processing

      Each time our website is accessed, the provider of the website automatically collects and stores data and information from the system of the accessing computer, which is transmitted to us by the browser being used.

      The following data is collected in this regard:
      (1) Information about the type of browser and the version being used
      (2) The user's operating system
      (3) The user’s internet service provider
      (4) Date and time of day of access
      (5) Websites from which the user’s system reached our website (referrers)
      (6) Websites that the user’s system accesses from our website
      (7) IP address
       

      The data is likewise stored in the log files of our system.
      This data is not combined with other data sources.

      For reasons of technical security, particularly to ward off attempted attacks on our web server, this data may be stored by us temporarily. It is not possible for us to draw inferences about individual persons based on this data. After not more than seven days, the data is anonymised by shortening the IP address at the domain level, meaning that it is no longer possible to draw a connection to the specific user. This data is not analysed in any way, other than for statistical purposes in anonymised form. This data is not combined with data from other data sources.

    2. Legal basis for data processing

      The legal basis for the processing of data is Article 6(1)(b) and (f) GDPR.

    3. Purpose of data processing

      Temporary storage of the IP address by the system is necessary in order to make it possible to deliver the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
      These purposes also constitute our legitimate interest in data processing under Article 6(1)(f) GDPR.

    4. Storage period

      The data is erased once it is no longer needed for fulfilling the purpose for which they were collected. If data is collected in order to provide the website, this is the case when the relevant session has ended.

    5. Option to object and remove

      The collection of data to provide the website and the storage of data in log files are essential for operation of the website. Accordingly, the user has no option to object.

  5. Use of cookies

    1. Description and scope of data processing

      Our website uses cookies. Cookies are text files that are stored in the web browser or by the web browser on the user's computer system. If a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a character string that makes it possible to uniquely identify the browser the next time the website is accessed.
      We use cookies in order to design our website in a manner that is more user-friendly. Some elements of our website require that the accessing browser can also be identified after accessing a different page.


      The following data is stored and transmitted in the cookies:
      (1) Language settings
      (2) Accessing device (desktop/mobile)
      (3) Browser used
      (4) Operating system being used
      (5) Access location (country/region/city)


      We also use cookies on our website, which enable us to analyse the surfing behaviour of our users.

      In this way, the following data may be transmitted:
      (1) Search terms entered
      (2) Frequency of page accesses


      The user data collected in this way is pseudonymised by technical means. Therefore, it is no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of users.
      When our website is accessed, users are notified by an info banner about the use of cookies for analysis purposes and are referred to this Privacy Policy. In this connection, users are also notified about how they can prevent the storage of cookies by adjusting their browser settings.

    2. Legal basis for data processing

      The legal basis for the processing of personal data using cookies is Article 6(1)(f) GDPR.

    3. Purpose of data processing

      The purpose for using technically necessary cookies is to simplify the use of websites for users. It may not be possible to offer some features of our website without the use of cookies. For these features, it is necessary that the browser can be recognised also after accessing a different page.
       

      We require cookies for the following applications:
      (1) Acceptance of language settings


      The user data collected by technically necessary cookies are not used to create user profiles.
      Analysis cookies are used for the purpose of improving the quality of our website and its content. Through analysis cookies, we learn how the website is being used, and in this way, we can continuously optimise our offer.
      These purposes also constitute our legitimate interest in the processing of personal data under Article 6(1)(f) GDPR.


      Cookies that are necessary in order to carry out the electronic communication process or to provide certain features that you desire (e.g. login, contact form) are stored on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in the storage of cookies for the purpose of the technically flawless, optimised provision of its services.

    4. Storage period

      Cookies are stored on the user's computer and transmitted from it to our website. Therefore, you as user also have full control over the use of cookies. You can configure your web browser in such a way that you are notified about the placement of cookies so as to permit them only on a case-by-case basis, to accept them in certain cases, or to block them generally. Cookies that have already been stored may be deleted at any time. This may also be accomplished automatically. If cookies for our website are deactivated, it may be the case that some website features will no longer be usable to the full extent.

    5. Option to object and remove

      Cookies are stored on the user's computer and transmitted from it to our website. Therefore, you as user also have full control over the use of cookies. You can configure your web browser in such a way that you are notified about the placement of cookies so as to permit them only on a case-by-case basis, to accept them in certain cases, or to block them generally. Cookies that have already been stored may be deleted at any time. This may also be accomplished automatically. If cookies for our website are deactivated, it may be the case that some website features will no longer be usable to the full extent.
       

      Moreover, most browsers offer a “Do Not Track” function that enables you to stop being tracked by websites. If this feature is activated, the browser notifies advertising networks, websites and applications that you do not wish to be tracked for the purposes of behaviour-based advertising and the like. Information and instructions about how to use this feature for the browser that you are using are available at the following links:
       

      Google Chrome:
      https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=en-GB

      Mozilla Firefox:
      https://www.mozilla.org/de/firefox/dnt/

      Internet Explorer:
      https://support.microsoft.com/de-de/help/17288/windows-internet-explorer-11-use-do-not-track

      Opera:
      http://help.opera.com/Windows/12.10/de/notrack.html

       

  6. Concact form and email contact

    1. Description and scope of data processing

      Our website provides a form that can be used for contacting us electronically. If a user makes use of this option, the data entered in the form is transmitted to us and stored.
       

      The contact form data consists of:
      (1) Title of the seminar
      (2) Email address
      (3) Name
      (4) Phone number

      At the time the message is sent, the following data is also stored:
      (5) Data and time of registration
       

      As part of the sending operation, your consent is obtained for the processing of data, and reference is made to this Privacy Policy.
      In the alternative, it is possible to contact us using the provided email address. In this case, the user's personal data that is transmitted with the email is stored.
      No data is disclosed to third parties in this regard. The data is used solely for processing the conversation.

    2. Legal basis for data processing

      If we have the user's consent, the legal basis for the processing of data is Article 6(1)(a) GDPR.
      The legal basis for the processing of data that is transmitted in the course of sending an email is Article 6(1)(f) GDPR. If the email contact is directed at the conclusion of a contract, then in addition, the legal basis for the processing is Article 6(1)(b) GDPR.

    3. Purpose of data processing

      We use the personal data entered in the form solely for processing the contact made by the user. If we are contacted by email, this also constitutes the requisite legitimate interest in the processing of data.
      We use the other personal data processed during the sending operation in order to prevent misuse of the contact form and to ensure the security of our IT systems.

    4. Storage period

      We retain the data you enter in the contact form until you request that it be erased, until you withdraw your consent, or until the purpose for data storage no longer exists. For personal data that was entered in the contract form and for that which was sent by email, this is then the case when the respective conversation with the user has ended. The conversation is considered to have ended when it is apparent from the circumstances that the matter in question has been definitively resolved.
      Personal data additionally collected during the sending operation is erased after not more than seven days.
      Mandatory statutory provisions, including retention periods, remain unaffected.

    5. Option to object and remove

      The user may at any time withdraw their consent to the processing of personal data. If the user contacts us by email, they may at any time object to the storage of their personal data. In such case, the conversation may not be continued. If you would like to withdraw your consent and object to storage, please contact the controller.
      The withdrawal of consent does affect the lawfulness of data processing operations based on consent before its withdrawal.
      In such case, all personal data that was stored in the course of making contact is erased.

  7. Analysis by Google Analytics

    1. Scope of the processing of personal data

      On our website, we use Google Analytics for the purpose of analysing the surfing behaviour of our users. The software places a cookie on the user’s computer (regarding cookies, please see the description above).
       

      If individual pages of our website are accessed, the following data are stored:
      (1) Two bytes of the IP address of the user's accessing system
      (2) The accessed website
      (3) The website from which the user reached the accessed website (referrer)
      (4) The subpages that are accessed from the accessed website
      (5) How long the website is viewed
      (6) How often the website is accessed
       

      On the basis of our legitimate interest (i.e. interest in the analysis, optimisation, and economic operation of our website within the meaning of Article 6(1)(f) GDPR), we use Google Analytics, a web analysis service of Google Inc. ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
      Google Analytics uses cookies. These are text files that are stored on your computer and facilitate an analysis of your use of the website. The information generated by the cookie about your use of this website is normally transferred to a Google server in the U.S. and stored there.
       

      Google has submitted itself to the Privacy Shield agreement concluded between the European Union and the U.S. and has obtained certification. As a result, Google undertakes to comply with the standards and requirements of European data protection law. For further information, please see the entry at:
      https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active


      Google uses this information on our behalf in order to analyse the use of our website, to compile reports about the activities on this website, and to provide us with other services associated with the use of this website and internet use. In doing so, pseudononymous usage profiles of users may be created from the processed data.
      The IP address transferred from your browser in connection with Google Analytics is not combined with other Google data.

      IP anonymisation
      We have activated the IP anonymisation feature on this website. As a result, your IP address is first shortened by Google within the Member States of the European Union or in other Contracting States of the Agreement on the European Economic Area before being transmitted to the U.S. Only in exceptional cases is the full IP address transferred to a Google server in the U.S. and shortened there.

      Browser plugin
      You can prevent the storage of cookies by configuring your browser software accordingly. However, please be aware that in such case you may not be able to use all features of this website to their full extent. In addition, you can prevent the collection and processing by Google of the data generated by the cookie relating to your use of the website (including your IP address) by downloading and installing the browser plugin available at: http://tools.google.com/dlpage/gaoptout?hl=de.

      Processing carried out on our behalf
      We have concluded a contract with Google for processing on our behalf. In this regard, we have fully implemented the strict requirements of the German data protection authorities in connection with the use of Google Analytics.
       

      You can find further information about data use by Google and configuration and objection options in Google’s privacy policy (https://support.google.com/analytics/answer/6004245?hl=de), as well as at https://policies.google.com/technologies/ads, and in the settings for displaying advertising that is served by Google (https://adssettings.google.com/authenticated).

    2. Legal basis of the processing of personal data

      The legal basis for the processing of personal data of users is Article 6(1)(f) GDPR.

    3. Purpose of data processing

      The processing of personal data of users enables us to analyse the surfing behaviour of our users. By analysing the acquired data, we can compile information about the use of individual components of our website. This helps us to continuously improve our website and make it more user friendly. These purposes also constitute our legitimate interest in the processing of data under Article 6(1)(f) GDPR. By anonymising the IP address, sufficient regard is paid to the interest of users in protecting their personal data.

    4. Storage period

      The data is erased once it is no longer needed for our recording purposes. For us, this is the case after 14 months.

    5. Option to object and remove

      Cookies are stored on the user's computer and transmitted from it to our website. Therefore, you as user also have full control over the use of cookies. You can deactivate or restrict the transfer by cookies by adjusting the settings in your web browser. Cookies that have already been stored may be deleted at any time. This may also be accomplished automatically. If cookies for our website are deactivated, it may be the case that some website features will no longer be usable to the full extent.
      You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be placed that prevents the collection of your data when visiting this website in the future: Deactivating Google Analytics.

  8. Analysis by Facebook Pixel

    1. Scope of the processing of personal data

      On our website, we use Facebook Pixel, a service of Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA (hereinafter, “Facebook”). Facebook Pixel enables Facebook to display advertisements on Facebook, known as “Facebook ads”, only to those Facebook users who visited our website and, in particular, showed interest in our online offer. Facebook Pixel also makes it possible to verify whether a user was redirected to our website after clicking on our Facebook ads. Facebook Pixel uses, inter alia, cookies, which are small text files that are stored locally in the cache of your web browser on your end device. If you are logged in to your Facebook user account, the visit to our website is noted in your user account. The data collected about you are anonymous to us, meaning that we cannot draw any inferences from them as to the identity of users. However, this data may be linked by Facebook with your user account there. If you have a user account with Facebook and are logged in, Facebook can assign the visit to your user account.

      Facebook has submitted itself to the Privacy Shield agreement concluded between the European Union and the U.S. and has obtained certification. As a result, Facebook undertakes to comply with the standards and requirements of European data protection law. For further information, please see the entry at:
      https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

      Information by Facebook:
      Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

      You can find further information by Facebook about data protection at:
      https://www.facebook.com/about/privacy.

      You can find information about Facebook Pixel at:
      https://www.facebook.com/business/help/651294705016616.

    2. Legal basis for the processing of personal data

      If you have consented to the storage of Facebook Pixel, this is done on the basis of Article 6(1)(a) GDPR.

    3. Purpose of data processing

      We use Facebook Pixel for marketing and optimisation purposes, including to place advertisements with Facebook that are relevant and interesting to you, and in this way to improve our website, to design in a way that is more interesting to you as user, and to avoid annoying advertisements.

    4. Storage period

      The stored data are erased or anonymised by Facebook after 90 days.

    5. Option to object and remove

      You can object to the aforementioned collection by Facebook Pixel and to the use of your data to display Facebook ads. You can configure the relevant settings regarding the type of advertising displayed to you on Facebook at:
      https://www.facebook.com/settings?tab=ads.

      Please be aware that these settings are deleted if you delete your cookies. In addition, you can deactivate cookies used to measure reach and for advertising purposes at:
      http://optout.networkadvertising.org/
      http://www.aboutads.info/choices
      http://www.youronlinechoices.com/uk/your-ad-choices/

      Please be aware that the settings are also deleted if you delete your cookies.

  9. Analysis by LinkedIn Insight Tag

    1. Scope of the processing of personal data

      We use the LinkedIn Insight conversion tool of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, which enables us to obtain information about the use of our website and to present advertising content to you on other websites that is tailored to your interests. For this purpose, a cookie with a validity of 120 days is placed in your browser, which enables LinkedIn to recognise you when you visit a website.

      LinkedIn uses this data in order to create anonymous reports for us about advertising activities, as well as information about how you interact with our website.

      For more information about data protection at LinkedIn, please visit:
      https://www.linkedin.com/legal/privacy-policy#choices-oblig

    2. Legal basis for the processing of personal data

      If you have consented to the storage of the LinkedIn Insight Tag, this is done on the basis of Article 6(1)(a) GDPR.

    3. Purpose of data processing

      We use the LinkedIn Insight conversion tool for marketing and optimisation purposes, including to place advertisements with LinkedIn that are relevant and interesting to you, and in this way to improve our website, to design in a way that is more interesting to you as user, and to avoid annoying advertisements.

    4. Storage period

      The stored data is anonymised within seven days, and the anonymised data is erased within 120 days.

    5. Option to object and remove

      You can deactivate the LinkedIn Insight conversion tool, as well as interest-based advertising, at:
      https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

      If you are a member of LinkedIn, click on the button “Opt Out on LinkedIn”. Other visitors should click on the button “Opt Out”.

      You can deactivate tracking by the LinkedIn Insight Tag at:
      https://caala.de?optout=socialmedia

  10. Social media plugins

    1. Facebook plugins ("Like" and "Share" buttons)

      Integrated on our website are plugins of the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognise Facebook plugins by the Facebook logo or the “Like” button on our website. An overview of Facebook plugins is available at:
      https://developers.facebook.com/docs/plugins/.
       

      If you visit our website, the plugin establishes a direct connection between your browser and the Facebook server. In this way, Facebook receives information that you visited our site with your IP address. If you click on Facebook “Like” button while logged in to your Facebook account, you can link the content of our website to your Facebook profile. In this way, Facebook can assign the visit to our website to your user account. Please be advised that as the provider of the website, we receive no knowledge about the content of the transmitted data or about their use by Facebook. You can find further information about this in Facebook's Privacy Policy at:
      https://de-de.facebook.com/policy.php.

      If you do not wish to allow Facebook to assign the visit to our website to your Facebook user account, please log out of your Facebook user account.

    2. LinkedIn plugin

      Our website uses the features of the network LinkedIn. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

      Each time one of our pages is accessed that includes LinkedIn features, a connection is established with LinkedIn servers. LinkedIn is notified that you visited our website with your IP address. If you click on the LinkedIn “Recommend” button and are logged in to your account with LinkedIn, LinkedIn can assign your visit to our website to you and your user account. Please be advised that as the provider of the website, we receive no knowledge about the content of the transmitted data or about their use by LinkedIn.

      You can find further information about this in LinkedIn's Privacy Policy at:
      https://www.linkedin.com/legal/privacy-policy.

    3. XING plugin

      Our website uses the features of the network XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.

      Each time one of our pages is accessed that includes XING features, a connection is established with XING servers. No personal data are stored in this regard as far as we know. In particular, IP addresses are not stored, and usage behaviour is not analysed.

      You can find further information about data protection and the XING “Share” button in XING's Privacy Policy at:
      https://www.xing.com/app/share?op=data_protection.

  11. Other tools

    1. Google web fonts

      For the purpose of uniformly displaying fonts, this website uses what are known as “web fonts”, which are provided by Google. When a website is accessed, your browser loads the required web fonts into your browser cache in order to correctly display text and fonts.

      For this purpose, the browser you are using must establish a connection to Google servers. As a result, Google learns that our website was accessed from your IP address. Google Web Fonts are used in the interest of displaying our website in a uniform, attractive manner. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR.

      If your browser does not support web fonts, a standard font is used by your computer.

      Further information about Google web fonts is available at:
      https://developers.google.com/fonts/faq and in Google's privacy policy at:
      https://www.google.com/policies/privacy/.

    2. Google Maps

      This site uses the map service Google Maps by means of an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

      In order to use the features of Google Maps, it is necessary to store your IP address. This information is normally transferred to a Google server in the US and stored there. The provider of this site has no influence over this data transfer.

      Google Maps is used in the interest of displaying our website in an attractive manner and to make it easier to find the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR.

      More information about the treatment of user data can be found in Google's privacy policy at:
      https://www.google.de/intl/de/policies/privacy/.

  12. Rights of the data subject


    If your personal data is processed, you are a data subject within the meaning of the GDPR, and you are entitled to the following rights with regard to the controller:

    1. Right of access

      You may obtain from the controller confirmation as to whether or not personal data concerning you is being processed by us.

      If such processing is taking place, you are entitled to access to the following information:
      (1) the purposes for which personal data is processed;
      (2) the categories of personal data concerned;
      (3) the recipients or categories of recipient to whom the personal data concerning you has been or will be disclosed;
      (4) the envisaged period for which the personal data concerning you will be stored, or, if specific information about this is not possible, the criteria used to determine the storage period;
      (5) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing;
      (6) the right to lodge a complaint with a supervisory authority;
      (7) where the personal data is not collected from the data subject, any available information as to their source.

      You have the right to obtain information about whether personal data concerning you are transferred to a third country or to an international organisation. In this regard, you may request to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.

    2. Right to rectification

      You have the right to obtain from the controller the rectification of inaccurate personal data concerning you and to have incomplete personal data concerning you completed. The controller must carry out the rectification without undue delay.

    3. Right to restriction of processing

      You may obtain restriction of the processing of personal data concerning you where one of the following applies:
      (1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
      (2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
      (3) the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; or
      (4) you have objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override your grounds.

      Where processing of personal data concerning you has been restricted, such personal data may, with the exception of storage, be processed only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
      If processing was restricted in accordance with one of the aforementioned preconditions, you must be informed by the controller before the restriction of processing is lifted.

    4. Right to erasure

      1. Obligation to erase

        You may obtain from the controller the erasure of personal data concerning you without undue delay and the controller has the obligation to erase this data without undue delay where one of the following grounds applies:

        (1) The personal data concerning you is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
        (2) You withdraw your consent on which the processing is based according to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and where there is no other legal ground for the processing.
        (3) You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR.
        (4) The personal data concerning you have been unlawfully processed.
        (5) The personal data concerning you have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
        (6) The personal data concerning you have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
         

      2. Obligation to inform third parties
        Where the controller has made your personal data public and is obliged pursuant to Article 17(1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, must take reasonable steps, including technical measures, to inform other controllers that are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, this personal data.
         

      3. Exceptions
        There is no right to erasure to the extent that processing is necessary:
        (1) for exercising the right of freedom of expression and information;
        (2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
        (3) for reasons of public interest in the area of public health in accordance with Article 9(2)(h) and (i) GDPR as well as Article 9(3) GDPR;
        (4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR in so far as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
        (5) for the establishment, exercise or defence of legal claims.

    5. Right to notification

      If you have asserted against the controller the right to rectification, erasure, or restriction of processing, it is obligated to communicate such rectification or erasure of data or restriction of processing to each recipient to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.
      You have the right to be informed by the controller about those recipients.

    6. Right to data portability

      You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
      (1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR; and
      (2) the processing is carried out by automated means.
       

      In exercising this right, you furthermore have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.
      The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

    7. Right to object

      You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR, including profiling based on those provisions.
      The controller may no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
      Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
      Where you object to processing for direct marketing purposes, the personal data concerning you may no longer be processed for such purposes.
      In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

    8. Right to withdraw consent to data processing

      You have the right to withdraw your consent to data processing at any time. The withdrawal of consent does affect the lawfulness of processing based on consent before its withdrawal.

    9. Automated individual decision-making, including profiling

      You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

      This does not apply if the decision:
      (1) is necessary for entering into, or performance of, a contract between you and the controller;
      (2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
      (3) is based on your explicit consent.

      However, such decisions may not be based on special categories of personal data referred to in Article 9(1) GDPR, unless Article 9(2)(a) or (g) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.

      With respect to the cases referred to (1) and (3), the controller must implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

    10. Right to lodge a complaint with a supervisory authority

      Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

      The supervisory authority with which the complaint has been lodged must inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.

  13. Amendments to this Privacy Policy


    We reserve the ability to amend this Privacy Policy in order to adapt it to changed legal situations or in the case of changes to the service or data processing. However, this only applies with respect to declarations concerning data processing. If your consent is necessary, or if parts of this Privacy Policy contain arrangements that apply to the contractual relationship with you, the amendments are made only with your approval.

    We ask that you regularly review the content of this Privacy Policy.

 

BACK TO PAGE

This website uses cookies
We use cookies to show content and personalise ads, offer functions for social media and to analyse traffic on our website. In addition, we give information on your use of our site to our partners for social media, advertising and analysis. It is possible that our partners will collect this information together with further data that you have provided to them or that you have collected in your use of services. You give permission for our use of cookies, if you continue to use the website.Privacy Policy and options to object