Privacy statement in accordance with GDPR
It is important to the operators of this website to safeguard the privacy of your personal data. All of your personal data will be kept confidential as prescribed by law and this privacy statement.
1. Information concerning the gathering of personal data and your rights in this regard
1.1 In this section, we provide information concerning the gathering of personal data while you are using our website. Personal data constitutes all data that relates to you personally such as your name, address and email addresses, as well any actions you take while visiting our website.
1.2 The legally responsible parties under Article 4(7) of the European General Data Protection Regulation (GDPR) are Ms. Dr. Jutta Kreiter (Rabenhorst 21, D-22391 Hamburg, Germany) and Ms. Dr. Sibylle Schmidt (Untere Hausbreite 22, D-80939 Munich, Germany), firstname.lastname@example.org. You can contact our external data privacy officer Andrea Schweizer at +49-89-9280850, email@example.com or per post (Schneckenburgerstr. 22 D-81675 Munich, Germany).
1.3 If you contact us via a contact form or by email, the data you provide for this purpose (i.e. your email address, and possibly your name and phone number) will be stored in our system so as to enable us to respond to your message (the legal basis is Article 6(1)(f) GDPR). We will delete all such data as soon as storing it becomes unnecessary; or we will limit the extent to which such data is processed in the event it is subject to statutory archiving requirements.
1.4 Your rights
Under EU law, you have the following legal rights concerning your personal data:
- Right to access information (Article 15 GDPR),
- Right to rectification (Article 16 GDPR),
- Right to erasure (‘right to be forgotten’) (Article 17 GDPR),
- Right to restriction of processing (Article 18 GDPR),
- The right to data portability (Article 20 GDPR),
- The right to raise objections to the processing of your data (Article 21 GDPR),
You furthermore have the right to lodge a complaint with data-privacy authorities concerning the processing of your personal data by us.
2. Gathering of personal data when you visit our website solely for the purpose of obtaining information
2.1 If you use our website solely for informational purposes (i.e. if you do not register on the site and/or convey any other information), we will only gather the personal information your browser conveys to our server. If you wish to view one or more pages on our website, the following data may be gathered that we need for technical reasons in order to display our web pages for you, ensure the stability and security of our website, and improve our website (the legal basis is Article 6(1)(f) GDPR):
- Your IP address
- The date and time of your query
- The time zone difference relative to GMT
- The actual pages that you visited
- Access status/HTTP status code
- Amount of data transferred
- The website from which you navigated to our website
- Operating system and its interface
- Browser language and version
2.2 In addition to the aforementioned data, when you use our website cookies will be stored on your computer. Cookies are small text files that are stored on your hard drive by via browser and that allow specific information flows to the entity that creates the cookie (us in this case). Cookies do not have the capacity to run any software or to infect your computer with viruses. Their sole purpose is to make a given website more user friendly and efficient.
a) Our website uses the types of cookies listed below, and whose scope and functionality are described in the following:
- Transient cookies (see “b” below)
- Persistent cookies (see “c” below).
b) Transient cookies, which are deleted automatically when you close your browser, mainly comprise session cookies. These cookies store session IDs that allow various queries from your browser to be assigned to a given session, so that your computer will be recognized in the event you pay a return visit to our website. Session cookies are deleted when you log out or close your browser.
c) Persistent cookies are deleted automatically after a set amount of time, which can vary from one cookie to another. You can delete such cookies at will, using your browser’s security settings.
d) You can configure your browser’s settings to suit your individual preferences. For example, you can block third party cookies or all cookies. However, if you do this, you may not be able to use certain functions on our website.
3. Objecting to, or revoking the right to, processing of your personal data
3.1 If you have granted permission to have your personal data processed, you are entitled to revoke this right at any time. Such a revocation will impact the allowability of processing your data, once you have submitted the revocation in question to us for the future.
3.2 If we justify the processing of your personal data on the ground of the statutory principle known as “legitimate interest” (Article 6(1)(f) GDPR) you are entitled to object to such processing by sending an email to firstname.lastname@example.org. This scenario comes into play when the data processing in question is not necessary in order to perform a contract that we have concluded with you.
3.3 You are also entitled to object, at any time, to the processing of your personal data for promotional or data analysis purposes. You can lodge the objection to the use of your data for promotional purposes, by sending an email to email@example.com.
4. Relaying data to third parties
We sometimes have occasion to use outside providers who process data for us (Article 28 GDPR) (a) who are carefully vetted by us; (b) to whom we issue contracts that comply with the relevant laws; (c) who are contractually obligated to follow our instructions; and (d) who are monitored on a regular basis. These outside providers include (without limitation) our email provider and our website hosting provider. These providers are not allowed to relay any data to third parties, and are only permitted to relay data to persons who are fulfilling the relevant contract as processors, subject to our authorization in all cases.
5. Technical and organizational measures for data security
We carry out technical measures for data security purposes, and particularly for the purpose of protecting your personal data.
We reserve the right to make changes in this document, insofar as allowed by law.
Last updated: May 2018
Copyright: Lachenmann in Koreng/Lachenmann, Formularhandbuch Datenschutzrecht, 2. Auflage 2018, revised and updated by Andrea Schweizer, Kanzlei Prof. Schweizer Rechtsanwaltsgesellschaft mbH, Schneckenburgerstr. 22 D-81675 Munich, Germany