Privacy Policy

Scope

We take the protection of your data very seriously. We therefore comply with data protection regulations and take precautions to ensure the confidentiality and security of your data.

We would like to point out that data transmission via the Internet (e.g. by e-mail) can be subject to security gaps and that complete protection against access by third parties is not possible.

In the following we inform you about the collection and processing of personal data by our company. This data protection declaration, imprint, disclaimer and disclaimer are to be regarded as part of the internet publication which you were referred from.

This data protection declaration applies to the websites of our companies mentioned in 1.1, outside our website only to the extent that we have influence on the processing and are therefore ourselves responsible for this processing.

If sections or individual terms of this statement are not legal or correct, the content or validity of the other parts remain uninfluenced by this fact.

We reserve the right to adapt this data protection declaration to current case law or changed framework conditions without additional reference and explanations. Please therefore take regular note of this data protection declaration.

1. Contact details

1.1 Name and address of the person responsible

This privacy policy applies to the websites of the following companies:

  • schubwerk GmbH

The respective responsible person in the sense of the DSGVO and other national data protection laws as well as in the sense of §§5,6 TMG is named in the respective imprint: Imprint schubwerk GmbH

1.2 Contact details of the data protection officer

You can reach the data protection officer of the responsible person at:

Business school graduate Herbert Eidloth
Amselweg 24
96361 Steinbach am Wald
Telephone: 06123 5030-503

E-Mail: info@schubwerk.de

2. General information on data processing

Scope of the processing of personal data

We collect and use personal user data only to the extent necessary. The collection and use of personal data of our users takes place regularly only with the consent of the user. An exception applies in cases in which

  1. prior consent cannot be obtained for factual reasons
  2. the processing of data is permitted or required by law
  3. the collection of data is necessary for the provision, operation or guarantee of the security and confidentiality of the Website
  4. there is a suspicion of misuse of the website.

Purpose of processing

Except as otherwise stated in this privacy policy, we collect personal information only to the extent necessary to provide the website and to ensure the confidentiality, integrity and availability of the data processing facilities or to take legal action against any improper and/or criminal use. We reserve the right to transfer personal data to a legal adviser or law enforcement agency in the event of improper/criminal use.

Legal bases

Insofar as we obtain the consent of the data subject for the processing of personal data, these are based on article 6 paragraph 1a GDPR.

The processing of personal data necessary for the implementation of pre-contractual measures or for the performance of a contract to which the data subject is a party is based on article 6 paragraph 1b GDPR as the legal basis.

If the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, this processing is based on article 6 paragraph 1c GDPR.

Processing operations necessary to safeguard the legitimate interests of our company or a third party, in which the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first-mentioned interest, are carried out in accordance with article 6 paragraph 1f GDPR.

Data erasure and storage duration

Personal data of the person concerned will be deleted as soon as the purpose of storage no longer applies and there is no legal storage and warranty period to which the person responsible is subject that prevents deletion, unless further storage is necessary for the conclusion of a contract or the performance of contracts with the person concerned.

We assume that the contents of contact forms or e-mail messages are relevant to our business. They must therefore be treated like business letters, i.e. they are subject to statutory retention periods. We archive incoming and outgoing e-mails as well as messages transmitted via a contact form in an electronic archive.

Private communication using company e-mail addresses is not desired.

Please note that we do not distinguish between private and business communication. This means that if you send private mails to a company mail address, these will be treated as business-relevant communication. If you nevertheless send private messages to a company e-mail address, you are aware of this situation and accept that there is no claim against our company for delivery or measures for data backup, recovery or deletion of such messages from data backups or archives.

3. Provision of the website

3.1 Data collection

Each time our website is accessed, the website operator or our own data processing system automatically collects information about the computer system of the accessing computer. The following information is collected:

  1. information about the browser type and the version used
  2. the operating system of the user
  3. the internet service provider of the user
  4. the IP address used by the user
  5. date and time of access
  6. the website from which the user’s system accessed our website
  7. the website accessed by the user’s system via our website.

If there is no justified suspicion of abusive or criminal use, our company does not assign the collected data to a specific user.

Purpose of processing

The temporary storage of the IP address is necessary to enable delivery of the website to the user’s computer. The other information mentioned above is stored in order to ensure the functionality of the website, to optimise the website and to guarantee the security of our information technology systems or to take legal action against any improper and/or criminal use.

Legal basis of the processing

The legal basis for the storage of the above information is article 6 paragraph 1f GDPR, whereby our legitimate interest corresponds to the purpose of processing.

Storage period

The information is deleted when it is no longer required for the purpose of its collection. As a rule, automatically collected data is stored for a period of 180 days and then automatically deleted.

Right of objection

The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Any objection to this processing cannot be taken into account.

3.2 Use of cookies

We use cookies on our websites.

Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user visits a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

When our website is accessed, the user is informed about the use of cookies. In this context, there is also a reference to this data privacy policy. By continuing to use our website, the user gives his consent to the processing of the personal data used in this context.

The data is not assigned to a specific user. The data will not be used for advertising purposes.

Legal basis of the processing

The processing operations associated with the use of cookies are based on your consent in accordance with article 6 paragraph 1a GDPR.

If you have consented to this processing, further processing will take place on the basis of article 6 paragraph 1f GDPR, whereby we have a legitimate interest in a user-friendly provision of the website.

Purpose of processing

The purpose of the cookies we use is to simplify the use of our website for the user. For some functions of our website (e.g. also for the consideration of your objection against the use of tracking tools) it is necessary that the browser is recognized even after a page change.

Storage period, objection and removal possibilities

We use session cookies to make our website more user-friendly. Session cookies are deleted when your browser session is terminated.

You can deactivate or restrict the storage and transmission of cookies by changing your browser settings. Cookies that have already been saved can be deleted. Please refer to your browser’s operating instructions for the procedure.

If cookies are deactivated for our website, it is possible that not all functions can be used to their full extent. In addition, an objection (e.g. against the use of tracking tools) cannot be registered or must be reissued the next time you visit our website.

4. Contacting

4.1 Newsletter

If we offer you the opportunity to subscribe to a free newsletter, then we will ask for the following data when you register for the newsletter or collect it automatically:

  1. email address
  2. time of login
  3. time of confirmation

For the processing of your data within the scope of the registration process your consent is obtained by means of double-opt-in and reference is made to this data protection declaration.

The data entered by you will be processed for the dispatch of the newsletter, to guarantee processing security and, in the case of justified suspicion, to uncover and prosecute misuse.

Purpose of processing

The purpose of collecting the user’s e-mail address is to send the newsletter and manage subscribers. We record the registration process in order to fulfil legal obligations to provide evidence.

Legal basis

The legal basis for the processing of data by the user after registration for the newsletter is the user’s consent pursuant to article 6 paragraph 1a GDPR and §7 paragraph 2 no. 3 or paragraph 3 Unfair Competition Act.

The registration process is logged in accordance with article 6 paragraph 1c GDPR in order to be able to comply with legally required accountability and verification obligations.

Storage period

Your data will be stored as long as the newsletter subscription is active for you.

Right of objection

The subscription of the newsletter can be cancelled by the person concerned at any time. For this purpose there is a corresponding link in every newsletter.

4.2 Contact form, e-mail contact

On our internet pages we offer you the possibility to get in contact with us. For this purpose we provide you with contact forms. If you would like to use this opportunity to contact us, we collect the following data:

  1. name, first name
  2. email address
  3. your message
  4. your telephone number, if you would like to arrange a callback by telephone (in this case, please give your consent to contact by activating the corresponding checkbox).

If necessary, your IP address as well as the date and time of transmission will also be saved when data is transmitted via a contact form in order to be able to take action against abusive or criminal use.

The data transmitted by you in the contact forms are transmitted in encrypted form (transport encryption).

Alternatively, we offer you the possibility of contacting us via the use of the e-mail addresses provided. In this case we store the personal data of the user transmitted with the mail.

Please note that there is a risk of unauthorised access when using electronic communication channels.

Personal data will not be transmitted to third parties for their advertising or marketing purposes. However, we reserve the right to transfer such data to a legal adviser or to prosecution authorities in the event of improper or criminal use. If necessary, a transfer will take place between the iMi companies mentioned in 1.1 in order to process your request in the best possible way.

Purpose of processing

The processing of personal data from an input mask serves to process your request or to communicate with you. If you contact us by e-mail, this is also your legitimate interest in the processing.

The other personal data processed during the sending process (IP address, date…) serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

Legal basis of the processing

  1. Your consent to the processing of the transmitted data in accordance with article 6 paragraph 1a GDPR.
  2. Our legitimate interest pursuant to article 6 paragraph 1f GDPR is to communicate with you in a trouble-free and legally compliant manner.
  3. If the establishment of contact is aimed at the initiation, conclusion or execution of a contract, the processing is based on article 6 paragraph 1b GDPR.

Storage period

Your data will be deleted as soon as they are no longer required for the purpose of their collection. For personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified and that a further conversation is not necessary/desired.

If communication contents are subject to legal storage or warranty periods, they will be deleted at the earliest after these periods have expired.

The additional personal data collected during the sending process will be deleted after a period of 180 days at the latest.

Right of objection

The user has the possibility to revoke his consent to the processing of his personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

You can send your objection by e-mail to: info@schubwerk.de

4.3 Application documents

Thank you for your interest in our company. The transmission of documents via the Internet entails the risk of unauthorized access.

We therefore offer you the opportunity to upload your application documents via our website and send them to us. The transmission takes place using a secure connection (transport encryption). Please note that your data will be forwarded to us via a computer centre. For the successful transmission process, the processing by the computer center is technically imperative.

If you do not wish to use the option offered to encrypt your application documents, your attachments will be transmitted in unencrypted form. In this case, your attachments can theoretically be viewed and modified by unauthorised third parties.

If your application documents are to be sent by e-mail, please use only the e-mail box provided at info@schubwerk.de, as this is the only way we can ensure that your application is treated confidentially and taken into account in the selection process.

Within our company, only the personnel department and the employees involved in the applicant selection process have access to the application documents you have submitted.

If we are unable to offer you a suitable position, we will delete your application documents after 6 months at the latest.

In order to optimize the personnel selection process, we store the following information about applicants in an application history:

  1. name, first name
  2. date of birth
  3. email address
  4. date of application
  5. job applied for

In some cases, we may wish to offer applicants alternative job opportunities. For this purpose, we store your application documents in a pool of applicants after consultation with and written consent from you, or forward them to iMi companies mentioned in section 1.1.

Purpose of processing

We process the data you provide us with in order to carry out the applicant selection procedure. The data is stored in the applicant pool in order to submit alternative job offers to interesting applicants.

Storage in the applicant history serves to optimize the personnel selection process.

Legal basis

The legal basis for the processing of your data in the selection procedure and for the storage in the applicant pool is article 6 paragraph 1a GDPR (existence of consent) and article 26 paragraph 1 Federal Data Protection Act-new (decision on the establishment of an employment relationship). You give us your consent to data processing by submitting your application documents.

The storage of your data in the applicant history is based on article 6 paragraph 1f GDPR (justified interest). The justified interest lies in an efficient execution of the application procedure and the avoidance of additional expenditure for the renewed processing of applications which are not promising.

Storage period

If you agree to your application documents being stored in the applicant pool, they will be deleted from the applicant pool after a maximum of 5 years.

In the applicant history we store your data for a period of 2 years.

Right of objection

If you do not agree to your application documents being forwarded within the iMi companies mentioned in section 1.1, please inform us of this when you send us your documents. In this case, we may not be able to consider your application in the relevant applicant selection procedure.

You will be informed about the storage of your application documents in an applicant pool in a letter of rejection in addition to the information in this data protection declaration. You will then have the opportunity to object to the storage at any time with effect for the future. In the event of revocation, we will delete your data from the applicant pool.

Please send your objection to: hr@iMi.de

Unfortunately, we cannot consider an objection to the storage of the above data in the application history.

The processing of your data by the computer centre within the framework of the transmission process is technically necessary. An objection to this processing cannot be considered.

5. Data from children

Persons under the age of 16 (children) should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request any personal data from children and young people.

If data from children are to be transmitted, we can only process such data if there is a verifiable consent of a parent or guardian. If we do not have such consent and the fact that personal data comes from a child is identifiable, we delete this data.

6. Web analytics and links to third-party providers

External links (third party providers)
Our online offer contains links that refer to the pages of third parties (e.g. route planners). When using these offers, you will be forwarded to the provider’s pages.
We have no influence on the content and design of these Internet offers and the data processing carried out there. This data protection declaration does not apply to data processing on the part of third parties. Please inform yourself on these pages about the data protection declaration applicable there.

6.1. Google Maps
This website uses Google Maps to display maps and to create directions. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, 25 USA.
By using this website, you consent to the collection, processing and use of data by Google, its agents or third parties about you, whether automatically collected or submitted.
The terms of use for Google Maps can be found here: http://www.google.com/intl/de_de/help/terms_maps.html
You can view the Google Maps privacy policy here: http://www.google.de/intl/de/policies/privacy/

Web analysis

Purpose of processing
We use various analysis tools and process the data obtained about the use of our website in order to optimise our own website and make it more customer-friendly. In addition, we use the knowledge gained in the implementation of customer projects. When evaluating this data, we do not establish any personal references or pass on personal data to third parties.

With regard to the processing by the providers of the analysis tools, please note the following information.

Legal basis
The data processing by our company is based on article 6 paragraph 1f GDPR, whereby the legitimate interest corresponds to the stated processing purpose.

6.2 Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States.

However, if IP anonymization is enabled on this website, Google will previously truncate your IP address within member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to and truncated by Google on servers in the United States. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator.

According to Google, the IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and Google from processing this data by downloading and installing the browser plug-in available under the following link:

http://tools.google.com/dlpage/gaoptout?hl=de

As an alternative to the browser plug-in or within browsers on mobile devices, please click the following link to set an opt-out cookie that will prevent Google Analytics from collecting cookies from this site in the future (this opt-out cookie only works in this browser and only for this domain, delete your cookies in this browser, you must click this link again):
Disable Google Analytics

It is pointed out that this website uses Google Analytics with the extension “_anonymizeIp()” and therefore IP addresses are only processed in abbreviated form in order to exclude direct personal references.

6.3 Googletagmanager.com:

Java-Script code of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google) is downloaded from our site.

If you have activated Java-Script in your browser and have not installed a Java-Script blocker, your browser may transmit personal data to Google. We do not know what data Google links to the data received and for what purposes Google uses this data.

You can install a Java-Script blocker to prevent Google from executing the Java-Script code as a whole (i.e. www.noscript.net).

6.4 Hotjar

This website uses Hotjar, an analysis software of Hotjar Ltd. („Hotjar“) (http://www.hotjar.com, Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta, Europe).

With Hotjar it is possible to measure and evaluate the usage behaviour (clicks, mouse movements, scroll heights, etc.) on our website. The information generated by “tracking code” and “cookie” about your visit to our website is transmitted to and stored on the Hotjar servers in Ireland. The tracking code collects the following information:

Device dependent data

The following information can be recorded by your device and browser:

  1. the IP address of your device (collected and stored in an anonymous format)
  2. your e-mail address including your first and last name, if you have provided it to us via our website.
  3. screen size of your device
  4. device type and browser information
  5. geographical position (country only)the preferred language to display our website
  6. user interactions
  7. mouse events (movement, position and clicks)
  8. keystrokes

The following data is automatically generated by our servers when Hotjar is used

  1. related domain
  2. visited pagesn
  3. geographical position (country only)
  4. the preferred language to display our website
  5. date and time when the website was accessed

Hotjar will use this information to evaluate your use of our website, to compile reports on use, as well as other services relating to website use and Internet evaluation of the website. Hotjar also uses third-party services such as Google Analytics and Optimizely to provide services. These third party companies may store information that your browser sends when you visit the website, such as cookies or IP requests. For more information on how Google Analytics and Optimizely store and use data, please refer to their respective privacy statements.

The cookies Hotjar uses have a different “lifetime”; some last up to 365 days, some only last during your current visit.

Hotjar offers every user the possibility to prevent the use of the Hotjar tool by means of a “Do Not Track Header”, so that no data about the visit of the respective website is recorded. This is a setting that all common browsers support in current versions. Your browser sends a request to Hotjar to deactivate the tracking of the respective user. If you use our websites with different browsers/computers, you must set up the “Do Not Track Header” separately for each of these browsers/computers.

Detailed instructions with information about your browser can be found at :
https://www.hotjar.com/opt-out

More information about Hotjar Ltd. and the Hotjar tool can be found at:
https://www.hotjar.com

The privacy policy of Hotjar Ltd. can be found at:
https://www.hotjar.com/privacy

If you continue to use this website, you consent to the processing of your personal data by Hotjar and its third parties as described above in accordance with their privacy policies.

6.5 matelso

On our page Java-Script Code of the company matelso GmbH, Heilbronner Str. 150, 70191 Stuttgart, Germany (matelso) is downloaded. If you have activated Java-Script in your browser and have not installed a Java-Script blocker, your browser may transmit personal data to matelso. We do not know which data matelso links to the received data and for which purposes matelso uses this data.

Further information on this can be found in matelso’s data protection declaration: https://www.matelso.de/w/de-de/datenschutz.aspx .

To prevent the execution of Java-Script code from matelso altogether, you can install a Java-Script-Blocker (i.e. www.noscript.net or www.ghostery.com).

6.6 Virtual Website Optimizer (VWO)

We use Visual Website Optimizer, a web analytics service from Wingify, Inc. (“VWO”). It is a web analytics service from Wingify, 14th Floor, KLJ Tower North, Netaji Subhash Place, Pitam Pura, Delhi 110034, India.

VWO is used to test the usability of certain pages. In the process, anonymous measurements of user behaviour are collected. We have no way of assigning these anonymous measurements to your person, for example by assigning your IP address or by other means. In order to obtain meaningful test results, so-called cookies are also used, i.e. the program uses the function provided by your browser to temporarily store information and access it later. If the cookies do not expire at the end of the session, they are available for a maximum of 100 days (further details can be found here: https://vwo.com/knowledge/cookies-used-by-vwo/).

You can delete cookies from your browser at any time. In addition, the following link gives you the opportunity to withdraw from participation in the tests altogether: https://vwo.com/opt-out/.

Further information on data protection can be found here: https://vwo.com/terms-conditions/.

7. Use of social media plug-ins

7.1 Facebook

On our pages are plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, integrated. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our page. An overview of the Facebook plugins can be found here: http://developers.facebook.com/docs/plugins/.

When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our site with your IP address.

If you click the Facebook “Like” button while logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate visiting our pages with your user account. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the data transmitted or its use by Facebook.

If you do not want Facebook to be able to assign visits to our pages to your Facebook user account, please log out of your Facebook user account.

For more information, please see Facebook’s privacy policy at

http://de-de.facebook.com/policy.php.

7.2 Xing

Java-Script Code of the company XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany (hereinafter: XING) is downloaded onto our site.

If you have activated Java Script in your browser and have not installed a Java Script blocker, your browser may transmit personal data to XING. We have no influence on what data XING links to the data received and for what purposes XING uses this data. To prevent XING from executing Java Script Code as a whole, you can install a Java Script Blocker (i.e. www.noscript.net).

Information on data protection on the part of the provider of the Xing Share button is available under the following link: https://www.xing.com/app/share?op=data_protection.

7.3 YouTube

Our website uses plugins from the YouTube site operated by Google. The site is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

When you visit one of our pages equipped with a YouTube plug-in, a connection is established to YouTube’s servers.

This will tell the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, you can allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

You can find more information about the handling of user data in YouTube’s privacy policy: https://www.google.de/intl/de/policies/privacy

8. Rights of the person concerned

According to the GDPR, as the party concerned you have the following rights towards the person responsible:

8.1 Right to information

You may ask the data controller to confirm whether personal data concerning you will be processed.

In the event of such processing, you may request the controller to provide you with the following information:

  1. the purposes for which the personal data will be processed;
  2. the categories of personal data to be processed;
  3. the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
  4. the planned duration of the retention of the personal data concerning you or, if it is not possible to provide specific information in this regard, the criteria for determining the retention period;
  5. the existence of a right to rectify or erase personal data concerning you, a right to limit the processing by the controller or a right to object to such processing;
  6. the existence of a right of appeal to a supervisory authority;
  7. all available information on the origin of the data, if the personal data are not collected from the data subject;
  8. the existence of automated decision-making, including profiling, in accordance with article 22, paragraphs 1 and 4 of the GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to article 46 GDPR in connection with the transfer.

8.2 Right to rectification

You have the right to have your personal data corrected and/or completed by the data controller if the personal data processed concerning you is inaccurate or incomplete. The data controller must carry out the rectification immediately.

8.3 Right to limitation of processing

Under the following conditions, you may request that the processing of your personal data be restricted:

  •  if you dispute the accuracy of the personal data concerning you for a period of time which allows the data controller to verify the accuracy of the personal data;
  • the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
  • the responsible person no longer needs the personal data for the purposes of the processing, but you need them to assert, exercise or defend legal claims, or
  • if you have lodged an objection against the processing pursuant to article 21 (1) GDPR and it has not yet been established whether the justified reasons of the data controller outweigh your reasons.

If the processing of personal data concerning you has been restricted, such data may only be processed – apart from its storage – with your consent or for the purpose of asserting, exercising or defending legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State.

If the processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

8.4 Right to deletion

You can request the responsible person to delete the personal data concerning you immediately. The person responsible is obliged to delete this data immediately if one of the following reasons applies:

  1. The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
  2. You revoke the consent on which the processing was based pursuant to article 6 paragraph 1a or article 9 paragraph 2a GDPR and there is no other legal basis for the processing.
  3. You object to the processing pursuant to article 21 paragraph 1 DGDPR and there are no overriding legitimate reasons for the processing, or you object to the processing pursuant to article 21 paragraph 2 GDPR.
  4. The personal data concerning you have been processed unlawfully.
  5. The deletion of your personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.
  6. The personal data relating to you have been collected in relation to information society services offered pursuant to article 8 paragraph 1 DSGVO.

8.5 Right to information

If you have exercised your right to rectify, cancel or limit the processing of your personal data against the controller, the latter is obliged to notify all recipients to whom the personal data concerning you have been disclosed of such rectification, cancellation or limitation, unless this proves impossible or involves a disproportionate effort.

You have the right to be informed of such recipients by the data controller.

8.6 Right to data transferability

You have the right to receive the personal data concerning you that you have provided to the responsible person in a structured, common and machine-readable format. In addition, you have the right to communicate these data to another data controller without being hindered by the controller to whom the personal data was provided, provided that

  • the processing is based on a consent pursuant to Art.6 para.1a DSGVO or Art.9 para.2a DSGVO or on a contract pursuant to Art.6 para.1b DSGVO and
  • processing is carried out using automated procedures.

In exercising this right, you also have the right to request that the personal data concerning you be transmitted directly by one responsible person to another responsible person, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.

8.7 Automated decision in individual cases including profiling

You have the right not to be subject to any decision based solely on automated processing, including profiling, that has any legal effect on you or similarly significantly affects you. This does not apply if the decision

  • is necessary for the conclusion or performance of a contract between you and the person responsible,
  • is authorised by legislation of the Union or of the Member States to which the person responsible is subject and contains adequate measures to safeguard your rights and freedoms and your legitimate interests, or
  • with your explicit consent.

However, these decisions may not be based on special categories of personal data pursuant to article 9 paragraph 1 GDPR, unless article 9 paragraph 2a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

With regard to the cases mentioned in (1) and (3), the person responsible shall take appropriate measures to protect the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the person responsible, to state his own position and to challenge the decision.

8.8 Right of objection

You have the right, for reasons related to your particular situation, to object at any time to the processing of personal data concerning you carried out pursuant to article 6 paragraph 1e or f GDPR, including profiling based on these provisions.

The controller will no longer process the personal data relating to you unless he can prove compelling grounds for processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is connected with such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.

You have the possibility to exercise your right of objection through automated procedures using technical specifications in connection with the use of Information Society services, notwithstanding Directive 2002/58/EC.

8.9 Right to revoke the declaration of consent under data protection law

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of your consent does not affect the legality of the processing carried out on the basis of your consent until you revoke it.

The revocation of consent must be as simple as the granting of consent.

8.10 Right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of your residence, place of work or place of presumed infringement, if you consider that the processing of your personal data is in breach of the GDPR.

The supervisory authority to which the complaint was submitted will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under article 78 DSGVO.

The contact details of the supervisory authority responsible for the company are as follows:

The Hessian Data Protection Commissioner
Street address:

Gustav-Stresemann-Ring 1
65189 Wiesbaden

Postal address:
Postfach 31 63
65021 Wiesbaden

Telephone: 06 11/140 80
Telefax: 06 11/14 08-900E-Mail: poststelle@datenschutz.hessen.de
Homepage: http://www.datenschutz.hessen.de

9. Other legal notices

9.1 Liability for contents

According to §7 paragraph 1 of the German Telemedia Act (TMG), we are responsible for our own content on these pages according to the general laws. According to §§ 8 to 10 of the German Telemedia Act (TMG), however, we are not obliged to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity.

Obligations to remove or block the use of information in accordance with general laws remain unaffected by this. However, liability in this respect is only possible from the point in time at which we become aware of a concrete violation of the law.

As soon as we become aware of such infringements, we will remove the content immediately.

9.2 Links

Insofar as we use links to external content, these were checked for possible violations of the law at the time of linking. Illegal contents were not recognisable at the time of linking. A permanent control of the contents of the linked pages is not reasonable without concrete evidence of an infringement. If we become aware of any legal infringements, we will remove such links immediately.

Insofar as our online offer contains links to contents and offers of other providers, we have no influence on whether these providers comply with the data protection regulations. Please inform yourself about the data protection declaration of a provider before you follow such a link or disclose information on the linked pages.

10. Abbreviations

GDPR – General Data Protection Regulation

TMG – German Telemedia Act

11. Changes to our privacy policy

We reserve the right to adapt this privacy policy to current technical and legal developments. Therefore, when you visit our website again, please inform yourself about the contents of the current privacy policy.

The last change was made: 04/2018