Data Privacy

Welcome to our websites. Below, you will find some information on how we handle your data pursuant to Article 13 of the EU General Data Protection Regulation (GDPR).

Data controller
Responsibility for the collection and processing of data described below lies with the individual(s) named under ‘Company details’.

Usage data
When you visit our websites, so-called usage data is temporarily stored on our web server for statistical purposes as a log in order to improve the quality of our websites. This data record consists of

• name and address of the content requested,
• date and time of the request,
• the data volume transmitted,
• the access status (content transmitted, content not found),
• a description of the web browser and operating system used,
• the referral link indicating from which page the user reached our page,
• the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.

These log data is evaluated strictly anonymously.

Data security
We take technical and organisational measures to protect your data as comprehensively as possible from unauthorised access. We use an encryption process on our websites. Your data is transmitted from your computer to our server and vice versa via the Internet by means of TLS encryption. You can be assured of this by the fact that the lock symbol in the status bar of your browser is closed and the address line starts with https://

Required cookies
We use cookies on our websites, which are necessary for the use of our web pages.

Cookies are small text files which can be stored and read on your end device. A distinction is made between session cookies, which are deleted again as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking or advertising purposes.

Some of these cookies contain only information about certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security and operation of the site.

We use these cookies on the basis of Article 6 Section 1 para 1(f) of the EU General Data Protection Regulation (DSGVO).

You can set your browser so that it informs you about the placement of cookies. This makes the use of cookies transparent for you. By means of the corresponding browser setting, you can also delete cookies at any time and prevent the setting of new cookies. Please note that, in this case, our web pages may not be displayed optimally and that some functions may no longer be technically available.

Google Analytics
We use the web analysis tool ‘Google Analytics’ to tailor the design of our websites to your needs. Google Analytics creates usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your device and read by us. This allows us to recognize and count recurring visitors.

In the context of the Google Analytics service, Google Ireland Limited assists us as a data processor in accordance with Article 28 of the GDPR. Data processing may also occur by Google outside the EU or EEA (especially in the USA). Adequate data protection is ensured concerning Google due to the adequacy decision (EU-U.S. Data Privacy Framework). Furthermore, Google commits to using standard contractual clauses with additional subprocessors.

Data processing is based on your consent in accordance with Article 6(1)(a) of the GDPR, provided you have given your consent through our banner. You can revoke your consent at any time via our banner.

Regarding the integration of Google Fonts, we recommend locally embedding them (not requesting them from Google via IP transmission). The reference to Google Fonts in the consent banner under ‘Functional’ can then also be removed. If Google Fonts are to continue not being locally embedded, a brief passage in the privacy policy would also be necessary, for example:

We use Google Fonts from Google Ireland Limited. Google Fonts allows us to use external fonts on our website, ensuring a consistent display on all devices. For this purpose, Google processes server log files. In the context of this service, Google assists us as a data processor in accordance with Article 28 of the GDPR. Data processing may also occur by Google outside the EU or EEA (especially in the USA). Adequate data protection is ensured concerning Google due to the adequacy decision (EU-U.S. Data Privacy Framework). Furthermore, Google commits to using standard contractual clauses with additional subprocessors. We use Google Fonts based on your consent in accordance with Article 6(1)(a) of the GDPR, provided you have given this consent through our banner. You can revoke your consent at any time via our banner.

Your rights as a data subject
Whenever your personal data is processed, the GDPR grants you certain rights as a data subject:

Right of access by the data subject (Article 15 GDPR):

You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information listed in detail in Article 15 GDPR.

Right to rectification (Article 16 GDPR)

You have the right to obtain from the controller without undue delay the rectification and, if applicable, completion of inaccurate data concerning yourself.

Right to erasure (Article 17 GDPR)

You have the right to obtain from the controller the erasure of personal data concerning yourself without undue delay where one of the grounds listed in detail in Article 17 GDPR applies.

Right to restriction of processing (Article 18 GDPR):

You have the right to obtain from the controller restriction of processing where one of the preconditions listed in Article 18 GDPR applies, e.g. if you objected to the processing, for a period enabling the controller to carry out a respective verification.

Right to data portability (Article 20 GDPR):

In certain cases listed in detail in Article 20 GDPR, you have the right to receive the personal data concerning yourself in a structured, commonly used and machine-readable format and have the right to demand transmission of this data to a third party.

Right of withdrawal (Article 7 GDPR)

If the processing of data is based on your consent, you are entitled under Article 7 Section 3 GDPR to revoke your consent to the use of your personal data at any time. Please note that the revocation only takes effect for the future. Any type of data processing that took place before the revocation is not affected.

Right to object (Article 21 GDPR)

If data are processed on the basis of Article 6 Section 1 para 1(f) GDPR (Data processing to safeguard legitimate interests) or on the basis of Article 6 Section 1 para 1(e) GDPR (Data processing in the public interest or in the exercise of official authority), you are entitled to object to the processing at any time for reasons arising from your particular situation. In this case, we will no longer process the personal data unless there are demonstrably compelling reasons for the processing which outweigh the interests, rights and freedoms of the data subject, or unless the processing serves to assert, exercise or defend legal claims.

Right to lodge a complaint with a supervisory authority (Article 77 GDPR)

Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of data concerning you is in breach of data protection legislation. The right to lodge a complaint may be exercised in particular before a regulatory authority in the member state of your residence or workplace, or in the place where the alleged breach occurred.

Assertion of your rights

Unless otherwise described above, please contact the office named in the ‘Legal’ section (Impressum) to assert your data protection rights.

Contact details of the Data Security Officer
Our external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:

datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Web: www.datenschutz-nord-gruppe.de
E-Mail: office@datenschutz-nord.de

If you contact our data protection officer, please also state the responsible office named in the ‘Legal’ section (Impressum).

Real Cookie Banner

To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/.

The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.