Data privacy statement
Thank you for visiting our website. We would like to inform you about how we handle your data in accordance with Article 13 of the General Data Protection Regulation ("GDPR").
The controller who is responsible for the collection and processing of data as described in this Data Privacy Statement is the person or unit specified in the website credits.
Storing of IP address
We will store the IP address transmitted by your web browser for a period of seven days solely for the purpose of being able to detect, limit and eliminate any attacks that target our website. After seven days, we will delete your IP address. This is based on Art. 6(1) sentence 1 letter f GDPR.
When you visit our website, our web server will temporarily store usage data in the form of protocols – for statistical purposes – to improve the quality of our web pages. These data sets consist of:
• the page from where the file is requested;
• the name of the file;
• date and time of the request;
• the data volume transmitted;
• the access status (file transferred, file not found, etc.);
• the description of the type of web browser used;
• the IP address of the requesting computer, abbreviated in such a way that it can no longer be related to any specific person.
This protocol data will only be stored in anonymised form.
For the purposes of data processing pursuant to Art. 28 GDPR, we may transmit your data to service providers who assist us in the operation of our website and the associ-ated processes. These service providers may be hosting providers or web analysis pro-viders, for example. Our service providers are strictly bound by our instructions and the corresponding contractual obligations.
Transmission to third parties outside the EU/EEA
We do not transmit personal data to third countries outside the EU.
We use both permanent and session cookies on our website. Any processing is carried out in accordance with Art. 6(1) sentence 1 letter f GDPR and with the purpose of ena-bling and optimising user experience and to adjust the visuals of our website.
In order to protect your data to the greatest extent possible from any unauthorised access, we take both technical and organisational measures. We use encryption pro-cesses on our web pages. All of your data that is transmitted via the internet from your computer to our server and vice versa is transmitted with the use of TLS encryption. Some browsers indicate that encryption is being used by displaying a closed lock sym-bol and using "https://" at the beginning of the address line.
Your rights as a user
The GDPR gives you, as a website user, certain rights with regard to the processing of your personal data.
1. Right to access (Art. 15 GDPR):
You have the right to obtain confirmation as to whether or not your personal data is being processed and, if that is the case, to access both this personal data and the information specified in Art. 15 GDPR.
2. Right to rectification and erasure (Art. 16 and 17 GDPR):
If it is inaccurate, you have the right to request the rectification of your personal data without undue delay, and to request incomplete personal data to be completed.
You also have the right to request the erasure of your personal data without undue delay if one of the reasons specified in Art. 17 GDPR applies, e.g. if the data is no longer necessary in relation to the purposes for which it was collected or processed.
3. Right to restriction of processing (Art. 18 GDPR):
You have the right to request restriction of processing if one of the requirements speci-fied in Art. 18 GDPR has been met, e.g. if you have objected to processing pursuant to Art. 21 GDPR or pending the verification as to whether our legitimate interests override yours as the data subject.
4. Right to data portability (Art. 20 GDPR):
In certain cases specified in Art. 20 GDPR, you have the right to receive your personal data in a structured, commonly used and machine-readable format, and/or to request the transmission of this data to a third party.
5. Right to object (Art. 21 GDPR):
You have the right to object, at any time, on grounds relating to your particular situation, to the processing of your personal data if your data is collected on the basis of Art. 6(1) sentence 1 letter f GDPR (processing is necessary for the pur-poses of legitimate interests) or Art. 6(1) sentence 1 letter e GDPR (processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority). In any such cases, we will no longer process your personal data, unless we can prove that we have compelling legitimate grounds for the processing of your data which override your interests, rights and freedoms, or the processing is required for the establishment, exercise or defence of legal claims.
6. Right to lodge a complaint with a supervisory authority
Art. 77 GDPR gives you the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes data protection laws. You can exercise this right of complaint, in particular, before a supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement
Contact details of Data Protection Officer
Please do not hesitate to contact our company Data Protection Officer for further in-formation or if you have suggestions concerning data protection:
Dr. Uwe Schläger
datenschutz nord GmbH
28217 Bremen E-Mail: officedatenschutz-nordde