DATA PRIVACY
DATA PRIVACY
Privacy policy
1. RESPONSIBLE PARTY AND YOUR RIGHTS AS THE DATA SUBJECT
Data protection is of a particularly high priority for me.
The processing of personal data, such as your name, address, e-mail address, or telephone number shall always be in line with the EU-General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to me.
I try to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed.
1.1 TERMS USED
This privacy policy is based on the terms used by the European legislator for the adoption of the GDPR. The privacy policy should be legible and understandable for the general public, as well as my customers and business partners. To ensure this, I would like to first explain some of the key terminology used:
• Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Data subject
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
• Processing
• Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Data subject
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
• Processing
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• Responsible party or controller or controller responsible for the processing
Responsible party or controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
• Processor
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
• Recipient
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
• Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
• Consent
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Responsible party or controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
• Processor
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
• Recipient
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
• Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
• Consent
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
1.2 RESPONSIBLE PARTY
Responsible party pursuant to data protection laws, in particular the GDPR, is:
Christian Nebauer
Auzingerstr. 7a
D-85540 Haar / München
mail@nebauer.de
1.3 YOUR RIGHTS AS THE DATA SUBJECT
You can exercise the following rights at any time using my contact details above:
• Information on your data stored by me and the processing thereof (Art. 15 GDPR),
• Rectification of inaccurate personal data (Art. 16 GDPR),
• Deletion of your data stored by me (Art. 17 GDPR),
• Restriction of the data processing, provided that I may not delete your data due to legal obligations (Art. 18 GDPR),
• Objection to the processing of your data with me (Art. 21 GDPR) and
• Data portability, provide that you have consented to the data processing or have entered into a contract with me (Art. 20 GDPR).
• Information on your data stored by me and the processing thereof (Art. 15 GDPR),
• Rectification of inaccurate personal data (Art. 16 GDPR),
• Deletion of your data stored by me (Art. 17 GDPR),
• Restriction of the data processing, provided that I may not delete your data due to legal obligations (Art. 18 GDPR),
• Objection to the processing of your data with me (Art. 21 GDPR) and
• Data portability, provide that you have consented to the data processing or have entered into a contract with me (Art. 20 GDPR).
If you have given me consent, you may withdraw it at any time, which will remain in effect in the future.
You can contact a supervisory authority with a complaint at any time, e.g. the supervisory authority of the state of your residence or the authority that oversees me as the responsible party. You’ll find a list of supervisory authorities (for the non-public area) with their respective addresses at:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
2. DATA COLLECTION ON THIS WEBSITE
2.1 COOKIES
TYPE AND PURPOSE OF THE PROCESSING
This Website uses cookies. Cookies are text files that are stored in a computer system via an Internet browser. Through the use of cookies, I am able to provide the users of this website with more user-friendly services that would not be possible without the cookie setting.
LEGAL BASIS
The processing occurs according to Art. 6 Para. 1 (f) GDPR, based on our legitimate interest in improving the stability and functionality of this website.
RECIPIENTS
Recipients of the data may be technical service providers, who work on the operation and maintenance of this website as the processor.
MANDATORY OR REQUIRED PROVISION
The provision of the aforementioned personal data is neither legally nor contractually mandatory. Without Cookies, however, not all functions of this website may be entirely usable.
The processing occurs according to Art. 6 Para. 1 (f) GDPR, based on our legitimate interest in improving the stability and functionality of this website.
RECIPIENTS
Recipients of the data may be technical service providers, who work on the operation and maintenance of this website as the processor.
MANDATORY OR REQUIRED PROVISION
The provision of the aforementioned personal data is neither legally nor contractually mandatory. Without Cookies, however, not all functions of this website may be entirely usable.
RETENTION PERIOD AND REVOCATION OF CONSENT
You may, at any time, prevent the setting of cookies through this website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers.
You may, at any time, prevent the setting of cookies through this website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers.
2.2 COLLECTION OF GENERAL INFORMATIONEN
TYPE AND PURPOSE OF THE PROCESSING
When you access this website – i.e. if you do not register or submit information – information of a general nature will be collected automatically. This information (server log files) contains the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address and the like. It is processed in particular for the following purposes:
• Ensuring an unproblematic website connection
• Ensuring seamless use of this website
• Analysis of system security and stability as well as
• For additional administrative purposes.
• Ensuring an unproblematic website connection
• Ensuring seamless use of this website
• Analysis of system security and stability as well as
• For additional administrative purposes.
I do not
use your data to draw conclusions about your person. If necessary, this type of information will be statistically analysed to optimise my website and its underlying technology.
LEGAL BASISThe processing occurs according to Art. 6 Para. 1 (f) GDPR, based on my legitimate interest in improving the stability and functionality of this website.
RECIPIENTS
Recipients of the data may be technical service providers, who work on the operation and maintenance of this website as the processor.
Recipients of the data may be technical service providers, who work on the operation and maintenance of this website as the processor.
RETENTION PERIOD
The data will be deleted as soon as they are no longer required for the reason they were collected. This is generally the case, after the respective session has ended, for data that are used to make this website available.
The data will be deleted as soon as they are no longer required for the reason they were collected. This is generally the case, after the respective session has ended, for data that are used to make this website available.
MANDATORY OR REQUIRED PROVISION
The provision of the aforementioned personal data is neither legally nor contractually mandatory. Without the IP address however, the service and functionality of this website are not guaranteed. Furthermore, individual services can be unavailable or limited. For this reason, an objection is excluded.
2.3 CONTACT FORM
TYPE AND PURPOSE OF THE PROCESSING
LEGAL BASIS
The processing of the data entered in the contact form occurs on the basis of a legitimate interest (Art. 6 Para. 1 (f) GDPR). By providing the contact form, I want to make it easy for you to contact me. The information you enter will be used to process the inquiry and saved for possible follow-up questions. If you contact me to request an offer, the processing of the information provided in the contact form will occur in order to implement pre-contractual measures (Art. 6 Para. 1 (b) GDPR).
RECIPIENTS
Recipients of the data may be processors.
RETENTION PERIOD
The data you enter are used for individual communication with you. A valid e-mail address and your name are required for this communication, which serves to organize your inquiry and the respective subsequent reply. Providing additional information is optional.
LEGAL BASIS
The processing of the data entered in the contact form occurs on the basis of a legitimate interest (Art. 6 Para. 1 (f) GDPR). By providing the contact form, I want to make it easy for you to contact me. The information you enter will be used to process the inquiry and saved for possible follow-up questions. If you contact me to request an offer, the processing of the information provided in the contact form will occur in order to implement pre-contractual measures (Art. 6 Para. 1 (b) GDPR).
RECIPIENTS
Recipients of the data may be processors.
RETENTION PERIOD
The data will be deleted no later than 6 months after processing the inquiry.
Provided that we enter into a contract, the statutory retention periods in the German Commercial Code (Handelsgesetzbuch) will be applicable and I will delete your data according to the respective stipulated deadlines.
MANDATORY OR REQUIRED PROVISION
The provision of your personal data is voluntary. However, I can only process your inquiry if you provide me with your name, e-mail address and the reason for your inquiry.
3. PLUGINS UND TOOLS
3.1 GOOGLE WEB FONTS
TYPE AND PURPOSE OF THE PROCESSING
LEGAL BASIS
Your consent is the legal basis for the integration of Google Web Fonts and the associated data transfer to Google (Art. 6 Para. 1 (a) GDPR).
RETENTION PERIOD
MANDATORY OR REQUIRED PROVISION
In order to present my content correctly and graphically appealing across all browsers, I use ‘Google Web Fonts’ from Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereinafter ‘Google’) to display fonts on this website.
LEGAL BASIS
Your consent is the legal basis for the integration of Google Web Fonts and the associated data transfer to Google (Art. 6 Para. 1 (a) GDPR).
RECIPIENTS
The use of script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible – but currently also unclear whether and to what end – that the operator, in this case Google, will collect data.
RETENTION PERIOD
I do not collect any personal data via the integration of Google Web Fonts.
You’ll find additional information on Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.
THIRD COUNTRY TRANSFER
Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield; Further information to the EU-U.S. Privacy Shield can be found here: https://www.privacyshield.gov/EU-US-Framework.
Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield; Further information to the EU-U.S. Privacy Shield can be found here: https://www.privacyshield.gov/EU-US-Framework.
The provision of your personal data is neither legally nor contractually required. However, the correct presentation of content may not be possible by using standard fonts.
REVOCATION OF CONSENT
The programming language JavaScript is regularly used to display content. Thus, you can opt out of the data processing by disabling JavaScript execution in your browser or by installing a JavaScript blocker. Please note that this may result in functional limitations on this website.
3.2 LINKEDIN
TYPE AND PURPOSE OF THE PROCESSING
LEGAL BASIS
RECIPIENTS
RETENTION PERIOD
I do not collect any personal data via the provision of the plug-ins on this website.
MANDATORY OR REQUIRED PROVISION
The usage of the plus-in on this website is voluntary.
I provided a plug-in of the LinkedIn Corporation on this website. LinkedIn is a web-based social network that enables users with existing business contacts to connect and to make new (business) contacts.
The provision of the LinkedIn plug-in on this website occurs on the basis of a legitimate interest (Art. 6 Para. 1 (f) GDPR). By providing the plug-in, I want to make it easy for you to contact me.
RECIPIENTS
Recipient of the data is the LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA.
You’ll find additional information regarding LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy.
RETENTION PERIOD
I do not collect any personal data via the provision of the plug-ins on this website.
MANDATORY OR REQUIRED PROVISION
The usage of the plus-in on this website is voluntary.
3.3 XING
TYPE AND PURPOSE OF THE PROCESSING
I provided a plug-in of the XING SE on this website. XING is a web-based social network that enables users with existing business contacts to connect and to make new (business) contacts.
LEGAL BASIS
The provision of the XING plug-in on this website occurs on the basis of a legitimate interest (Art. 6 Para. 1 (f) GDPR). By providing the plug-in, I want to make it easy for you to contact me.
RECIPIENTS
Recipient of the data is the XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
RETENTION PERIOD
I do not collect any personal data via the provision of the plug-ins on this website.
MANDATORY OR REQUIRED PROVISION
The usage of the plus-in on this website is voluntary.
I provided a plug-in of the XING SE on this website. XING is a web-based social network that enables users with existing business contacts to connect and to make new (business) contacts.
LEGAL BASIS
The provision of the XING plug-in on this website occurs on the basis of a legitimate interest (Art. 6 Para. 1 (f) GDPR). By providing the plug-in, I want to make it easy for you to contact me.
RECIPIENTS
Recipient of the data is the XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
You’ll find additional information regarding XING's privacy policy at: https://www.xing.com/privacy
RETENTION PERIOD
I do not collect any personal data via the provision of the plug-ins on this website.
MANDATORY OR REQUIRED PROVISION
The usage of the plus-in on this website is voluntary.
4. SSL ENCRYPTION
To protect the security of your data during transmission, I use state-of-the-art encryption methods (such as SSL) via HTTPS.
5. REVISION OF THE PRIVACY POLICY
I reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to my services in the privacy policy, e.g. when introducing new services. Your next visit will be subject to the new privacy policy.
6. QUESTIONS FOR THE DATA PROTECTION OFFICER
If you have any questions pertaining to data protection, please send me an e-mail
7. MISCELLANEOUS
The privacy policy was created via the activeMind AG privacy policy generator (Version: #2018-09-24). In addition by using the Privacy Policy Generator of the German Association for Data Protection that was developed in cooperation with Privacy Lawyers from WILDE BEUGER SOLMECKE, Cologne.
8. VALIDITY AND CHANGES TO THE PRIVACY POLICY
This privacy policy is currently valid and dated from September 2019.