- Personal Data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific factors.
- Process or Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
2. Data Controller
Data controller for this Website pursuant to Article 4 no. 7 GDPR is Bettina Hüfner, Oberlindau 85, 60323 Frankfurt am Main, Germany, telephone: +49 69 – 71 91 88 67, e-mail: firstname.lastname@example.org.
3. Processing of your Data when Using my Website for Informational Purposes
When you visit my Website, the web servers collect and store data temporarily in so-called „log files“. These are internet traffic data that your browser transfers to the server automatically. Log files only contain Personal Data on a limited scale. The Processed data includes information about:
- your IP-address
- your end user device (type, name, ID)
- your browser (type/version)
- your operating system (including language settings)
- time and date of your server enquiry
- content of your requests (which file has been accessed)
- HTTP status code of your request
- the referral webpage (referrer-URL)
- websites accessed from your device through my Website.
I use this data to enable you to use my Website (e.g. to adapt my Website to the needs of your end user device).
The legal basis for this Processing is Article 6 para. 1 sentence 1 lit. b GDPR, because I require the automatically Processed data to ensure the efficient usability of my Website.
In addition, this data is collected for reasons of system safety and security.
The legal basis for this Processing is Article 6 para. 1 sentence 1 lit. f GDPR, as the Processing serves my legitimate interest to ensure the protection of my systems and servers as well as the stability, safety and security of the Website.
As far as the Processing is based on my legitimate interests, you have the right to object, on grounds relating to your particular situation, at any time to this kind of Processing. To exercise this right, you can contact me at any time using the contact details provided in Section 2.
The log files are retained for a period of seven (7) days and will be properly erased afterwards, unless longer retention is required or justified by law.
4. Communication with me
If you contact me by e-mail via the Website, I will store your e-mail address as well as information from your e-mail (e.g. contact data or the content of your request).
The legal basis for this Processing is Article 6 para. 1 sentence 1 lit. b GDPR. The Processing serves to handle your request and any follow-up requests.
5. Sharing of Personal Data with Third Parties
5.1 In compliance with applicable data protection provisions, I may use third-party data processors (Article 28 GDPR) acting on my behalf and providing services in connection with my Website (e.g. host providers) and may disclose your Personal Data to such external processors. The data transfer is always based on data processing agreements. My data processors will only use your Personal Data to the extent necessary to perform their specific tasks. They are contractually obliged to Process your Personal Data only on my behalf and in accordance with my instructions.
In particular, your Personal Data will be disclosed for the above-mentioned purposes to the following third-party as a data processor:
- Host-Provider Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany.
5.2 In case I am legally authorised or obliged (for instance due to applicable law or a judicial or an official order), I may disclose your Personal Data.
6. Data Security
I have appropriate security measures in place to protect your Personal Data from loss, misuse and alteration. My security policies and privacy policies are regularly reviewed and improved, if necessary. In addition, only authorized employees have access to Personal Data. Although I cannot warrant or guarantee that Personal Data will never be lost, misused, or altered, I will do everything in my power to prevent this.
Please note that data transmission via the internet can involve security gaps. I cannot guarantee the security of the data submitted via my Website during the transmission over the internet. This happens at your own risk.
For security reasons and to protect the transmission of confidential content such as enquiries which you send to me as operator of the Website, this Website uses SSL- respectively TLS-encryption. You can recognize an encrypted connection from the fact that the browser’s address line switches from „http://“ to „https://“ and from the padlock symbol in your browser line. When the SSL or TLS encryption is activated, the data you transfer to me cannot be read by third parties.
7. Storage of Your Personal Data
If you contact me by e-mail, I will delete your request as soon as I have finished processing your request.
If longer storage is required or justified by law (in particular due to retention periods under commercial law), I will only delete your personal data upon expiry of this period.
8. Your Rights under the GDPR
In particular, but without limitation, you may have the following rights under GDPR:
- Right of access: At any time, you have the right to obtain confirmation from me as to whether or not I Process Personal Data about you and, if so, you also have the right to obtain access to your Personal Data stored by me. To exercise this right you can contact me at any time using the contact details provided in Section 2.
- Right to rectification of your Personal Data: If I Process Personal Data about you, I endeavour to ensure by implementing suitable measures that the Personal Data is accurate and up-to-date for the purposes for which the Personal Data was collected. If the Personal Data about you is inaccurate or incomplete, you have the right to obtain the rectification of such data. To exercise this right you can contact me at any time using the contact details provided in Section 2.
- Right to erasure of Personal Data or right to restriction of Processing: You may have the right to obtain the erasure of your Personal Data or the restriction of Processing of your Personal Data. To exercise this right you can contact me at any time using the contact details provided in Section 2.
- Right to data portability: You may have the right to receive the Personal Data concerning you and which you have provided to me in a structured, commonly used and machine-readable format or to transmit those data to another controller. To exercise this right you can contact me at any time using the contact details provided in Section 2.
- Right to object: You have the right to object to the Processing of your Personal Data at any time, if I Process your Personal Data in order to pursue my legitimate interest and if there are grounds relating to your particular situation. To exercise this right you can contact me at any time using the contact details provided in Section 2.
- Right to withdraw a consent: As far as my Processing is based on a consent (pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR), you may withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of Processing based on the consent before its withdrawal. To exercise this right you can contact me at any time using the contact details provided in Section 2.
- Right to lodge a complaint with supervisory authority: You have the right to lodge a complaint with a data protection supervisory authority located in the European Union.