The most important thing in a nutshell:
- The use of my website is basically possible without any indication of personal data. If you wish to make use of a service via my website, however, it may be necessary to process personal data.
- If the processing of personal data is necessary and there is no legal basis for such processing, this will not take place without consent.
- Personal data, for example the name, address, e-mail address or telephone number of a person concerned, will always be processed in accordance with the Basic Data Protection Regulation (DSGVO) and in accordance with the applicable country-specific data protection regulations.
- This website was created on the basis of CMS WordPress. WordPress uses so-called session cookies. If you wish to use this website without cookies, please deactivate cookies in your browser settings.
- This website has an SSL certificate. SSL encryption is used to prevent third party users from reading or manipulating data during transmission.
- This website collects anonymous visitor statistics to optimise content, security and user-friendliness. This data is stored for a maximum of 30 days, after which it is automatically deleted. Automated profiling does not take place. Which data can be stored, you find → here.
... and now in detail
By means of this data protection declaration, I would like to inform you about the type, scope and purpose of the personal data collected, used and processed by me. As the person responsible for this website, I have implemented numerous technical and organisational measures to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions can in principle have security gaps, so that absolute protection cannot be guaranteed. For this reason, each person concerned is free to transmit personal data to me by alternative means, such as telephone. You will find my contact details in the imprint.
This privacy statement is based on the terms used by the European Directive and Regulation Makers in the adoption of the Basic Data Protection Regulation (DSGVO). This privacy statement is intended to be easy to read and understand for visitors to my website. In order to guarantee this, I would like to explain the terms used in advance.
a) Personal Data
Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). A natural person shall be considered identifiable if he can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics expressing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
b) Person concerned
Person concerned means any identified or identifiable natural person whose personal data are processed by the responsible person.
Processing means any operation or set of operations which is carried out with or without the aid of automated processes and which relates to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or association, qualification, erasure or destruction.
d) Limitation of processing
Limitation of processing is the marking of stored personal data with the aim of limiting their future processing.
Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or movement of that natural person.
Pseudonymisation means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the provision of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data are not attributed to an identified or identifiable natural person.
g) Responsible Person for the processing
Responsible Person for the processing is a natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or controllers may be designated in accordance with Union law or with the law of the Member States on the basis of specific criteria.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
The recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not that person is a third party. However, authorities which may receive personal data in the course of a specific investigation task under Union law or the law of the Member States shall not be considered as recipients.
j) Third Party
Third party means any natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.
A consent is any voluntary, informed and unequivocal expression of the data subject's intention to consent to the particular case, in the form of a statement or other unambiguous confirmatory act by which the data subject indicates his or her consent to the processing of his or her personal data.
2. Name and address of the responsible person
Responsible person in the sense of the data protection basic regulation, other data protection laws valid in the member states of the European Union and other regulations with data protection-juridical character is on this website:
Tel.: +49 (0)30 92100520
Please use the → contactform
A cookie can be used to optimise the information and offers on this website in the user's interests. Cookies enable this site, as mentioned above, to recognize users. The purpose of this recognition is to make it easier for users to use a website. The person concerned can prevent cookies from being set by this website at any time by means of an appropriate setting in the Internet browser used and thus permanently oppose the setting of cookies.
Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of this website may be fully usable under certain circumstances.
4. Possibility to contact us via the website
Due to legal regulations, this website contains information that enables quick electronic contact and direct communication with me, which also includes a general address of the so-called electronic mail (e-mail address). If a person concerned contacts me by e-mail or via a contact form, the personal data transmitted by the person concerned is automatically stored. Such personal data transmitted voluntarily by a data subject to the data controller will be stored for the purposes of processing or contacting the data subject. This personal data will not be passed on to third parties.
5. Routinely deleting and blocking personal data
The data controller shall process and store the data subject's personal data only for the period of time necessary to achieve the storage purpose or where provided for by the European directive and regulation maker or another legislator in laws or regulations to which the data controller is subject.
If the storage purpose no longer applies or if a storage period prescribed by the European directive and regulation giver or another competent legislator expires, the personal data shall be blocked or deleted routinely and in accordance with the statutory provisions.
6. Collection of general data and information
This website collects a series of general data and information each time it is accessed by a data subject or an automated system. These general data and information are stored in the log files of the server. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses this website (so-called referrer), (4) the sub-sites which are accessed via an accessing system on this website can be recorded, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information used to avert danger in the event of attacks on information technology systems.
When using this general data and information, I, as the operator of this website, do not draw any conclusions about the person concerned. This information is required to (1) correctly deliver the content of this website, (2) optimize the content and advertising of this website, (3) ensure the long-term functionality of my information technology systems and the technology of my website, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack. This anonymously collected data and information is therefore evaluated statistically on the one hand and with the aim of increasing the data protection and data security of this website on the other, in order to ultimately ensure an optimum level of protection for the personal data processed by me. The anonymous data of the server log files are stored separately from all personal data provided by the person concerned for a maximum of 30 days.
This website has integrated the Shariff component. The Shariff component provides social media buttons that comply with data protection regulations. Shariff was developed for the German computer magazine c't and is published by GitHub, Inc.
GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, CA 94107, USA.
Usually, the button solutions provided by the social networks already transfer personal data to the respective social network when a user visits a website in which a social media button has been integrated. By using the Shariff component, personal data is only transferred to social networks if the visitor to a website actively presses one of the social media buttons. Further information on the Shariff component can be found in the computer magazine c't at http://www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-c-t-Shariff-ist-im-Einsatz-2470103.html . The use of the Shariff component has the purpose of protecting the personal data of visitors to this website and at the same time enabling us to integrate a button solution for social networks on this website.
9. Legal basis for the processing
Art. 6 I lit. a DS-GVO serves me as a legal basis for processing operations in which I obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries or services. If I am subject to a legal obligation requiring the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of my person or a third party, provided that the interests, fundamental rights and fundamental freedoms of the data subject do not predominate. Such processing operations are permitted to me in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the data controller (recital 47 sentence 2 DS-GVO).
10. Legitimate interests in the processing pursued by the controller or by a third party
If the processing of personal data is based on Article 6 I lit. f DS-GVO, my legitimate interest is the conduct of my business.
11. Duration for which the personal data will be stored
The criterion for the duration of the storage of personal data is the respective legal retention period. After this period has expired, the corresponding data will be routinely deleted unless they are no longer required for the fulfilment or initiation of the contract.
12. Legal or contractual provisions governing the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing the data
I hereby inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may result from contractual regulations (e.g. information on the contractual partner). For example, the person concerned is obliged to provide me with personal data if I conclude a contract with them. Failure to provide personal data would mean that the contract could not be concluded with the data subject. Before the data subject provides personal data, the data subject must contact me personally. I will inform the data subject on a case-by-case basis whether the provision of personal data is required by law or contract or is necessary for the conclusion of a contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.
13. Existence of an automated decision making process
As a responsible website operator, I do not use automatic decision making or profiling.
This privacy statement was created by the Privacy Statement Generator of DGD Deutsche Gesellschaft für Datenschutz GmbH, which acts as External Data Protection Officer Schweinfurt, in cooperation with Anwalt für Datenschutzrecht Christian Solmecke.
© Thomas Klingberg