Privacy Policy
1. An overview of data protection
General information
The following information will provide you with an easy to
navigate overview of what will happen with your personal data
when you visit this website. The term “personal data” comprises
all data that can be used to personally identify you. For
detailed information about the subject matter of data
protection, please consult our Data Protection Declaration,
which we have included beneath this copy.
Data recording on this website
Who is the responsible
party for the recording of data on this website (i.e. the
“controller”)?
The data on this website is processed by the operator of the
website, whose contact information is available under section
“Information Required by Law” on this website.
How do we
record your data?
We collect your data as a result of your sharing of your data
with us. This may, for instance be information you enter into
our contact form.
Other data shall be recorded by our IT systems automatically or
after you consent to its recording during your website visit.
This data comprises primarily technical information (e.g. web
browser, operating system or time the site was accessed). This
information is recorded automatically when you access this
website.
What are the purposes we use your data
for?
A portion of the information is generated to guarantee the error
free provision of the website. Other data may be used to analyze
your user patterns.
What rights do you have as far as
your information is concerned?
You have the right to receive information about the source,
recipients and purposes of your archived personal data at any
time without having to pay a fee for such disclosures. You also
have the right to demand that your data are rectified or
eradicated. If you have consented to data processing, you have
the option to revoke this consent at any time, which shall
affect all future data processing. Moreover, you have the right
to demand that the processing of your data be restricted under
certain circumstances. Furthermore, you have the right to log a
complaint with the competent supervising agency.
Please do not hesitate to contact us at any time under the
address disclosed in section “Information Required by Law” on
this website if you have questions about this or any other data
protection related issues.
2. General information and mandatory information
Data protection
The operators of this website and its pages take the protection
of your personal data very seriously. Hence, we handle your
personal data as confidential information and in compliance with
the statutory data protection regulations and this Data
Protection Declaration.
Whenever you use this website, a variety of personal information
will be collected. Personal data comprises data that can be used
to personally identify you. This Data Protection Declaration
explains which data we collect as well as the purposes we use
this data for. It also explains how, and for which purpose the
information is collected.
We herewith advise you that the transmission of data via the
Internet (i.e. through e-mail communications) may be prone to
security gaps. It is not possible to completely protect data
against third-party access.
Information about the responsible party (referred to as the
“controller” in the GDPR)
The data processing controller on this website is:
David Paz
Hans-Baldung-Grien-Weg 7,
76149 Karlsruhe
E-mail: hi@davidmpaz.de
The controller is the natural person or legal entity that
single-handedly or jointly with others makes decisions as to the
purposes of and resources for the processing of personal data
(e.g. names, e-mail addresses, etc.).
Storage duration
Unless a more specific storage period has been specified in this
privacy policy, your personal data will remain with us until the
purpose for which it was collected no longer applies. If you
assert a justified request for deletion or revoke your consent
to data processing, your data will be deleted, unless we have
other legally permissible reasons for storing your personal data
(e.g. tax or commercial law retention periods); in the latter
case, the deletion will take place after these reasons cease to
apply.
Information on data transfer to the USA
Our website uses, in particular, tools from companies based in
the USA. When these tools are active, your personal information
may be transferred to the US servers of these companies. We must
point out that the USA is not a safe third country within the
meaning of EU data protection law. US companies are required to
release personal data to security authorities without you as the
data subject being able to take legal action against this. The
possibility cannot therefore be excluded that US authorities
(e.g. secret services) may process, evaluate and permanently
store your data on US servers for monitoring purposes. We have
no influence over these processing activities.
Revocation of your consent to the processing of data
A wide range of data processing transactions are possible only
subject to your express consent. You can also revoke at any time
any consent you have already given us. This shall be without
prejudice to the lawfulness of any data collection that occurred
prior to your revocation.
Right to object to the collection of data in special cases;
right to object to direct advertising (Art. 21 GDPR)
IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6 SECT.
1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO
THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING
FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING
BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON
WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA
PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO
LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A
POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE
PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS
AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE
CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION
PURSUANT TO ART. 21 SECT. 1 GDPR).
IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN
DIRECT ADVERTISING, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO
THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES
OF SUCH ADVERTISING. THIS ALSO APPLIES TO PROFILING TO THE
EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF
YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE
USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART.
21 SECT. 2 GDPR).
Right to log a complaint with the competent supervisory
agency
In the event of violations of the GDPR, data subjects are
entitled to log a complaint with a supervisory agency, in
particular in the member state where they usually maintain their
domicile, place of work or at the place where the alleged
violation occurred. The right to log a complaint is in effect
regardless of any other administrative or court proceedings
available as legal recourses.
Right to data portability
You have the right to demand that we hand over any data we
automatically process on the basis of your consent or in order
to fulfil a contract be handed over to you or a third party in a
commonly used, machine readable format. If you should demand the
direct transfer of the data to another controller, this will be
done only if it is technically feasible.
SSL and/or TLS encryption
For security reasons and to protect the transmission of
confidential content, such as purchase orders or inquiries you
submit to us as the website operator, this website uses either
an SSL or a TLS encryption program. You can recognize an
encrypted connection by checking whether the address line of the
browser switches from “http://” to “https://” and also by the
appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to
us cannot be read by third parties.
Information about, rectification and eradication of data
Within the scope of the applicable statutory provisions, you have
the right to at any time demand information about your archived
personal data, their source and recipients as well as the
purpose of the processing of your data. You may also have a
right to have your data rectified or eradicated. If you have
questions about this subject matter or any other questions about
personal data, please do not hesitate to contact us at any time
at the address provided in section “Information Required by
Law.”
Right to demand processing restrictions
You have the right to demand the imposition of restrictions as
far as the processing of your personal data is concerned. To do
so, you may contact us at any time at the address provided in
section “Information Required by Law.” The right to demand
restriction of processing applies in the following cases:
- In the event that you should dispute the correctness of your
data archived by us, we will usually need some time to
verify this claim. During the time that this investigation
is ongoing, you have the right to demand that we restrict
the processing of your personal data.
- If the processing of your personal data was/is conducted in
an unlawful manner, you have the option to demand the
restriction of the processing of your data in lieu of
demanding the eradication of this data.
- If we do not need your personal data any longer and you need
it to exercise, defend or claim legal entitlements, you have
the right to demand the restriction of the processing of
your personal data instead of its eradication.
- If you have raised an objection pursuant to Art. 21 Sect. 1
GDPR, your rights and our rights will have to be weighed
against each other. As long as it has not been determined
whose interests prevail, you have the right to demand a
restriction of the processing of your personal data.
If you have restricted the processing of your personal data,
these data – with the exception of their archiving – may be
processed only subject to your consent or to claim, exercise or
defend legal entitlements or to protect the rights of other
natural persons or legal entities or for important public
interest reasons cited by the European Union or a member state
of the EU.
Rejection of unsolicited e-mails
We herewith object to the use of contact information published in
conjunction with the mandatory information to be provided in
section “Information Required by Law” to send us promotional and
information material that we have not expressly requested. The
operators of this website and its pages reserve the express
right to take legal action in the event of the unsolicited
sending of promotional information, for instance via SPAM
messages.
3. Recording of data on this website
Request by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your request,
including all resulting personal data (name, request) will be
stored and processed by us for the purpose of processing your
request. We do not pass these data on without your consent.
These data are processed on the basis of Art. 6 Sect. 1 lit. b
GDPR if your inquiry is related to the fulfillment of a contract
or is required for the performance of pre-contractual measures.
In all other cases, the data are processed on the basis of our
legitimate interest in the effective handling of inquiries
submitted to us (Art. 6 Sect. 1 lit. f GDPR) or on the basis of
your consent (Art. 6 Sect. 1 lit. a GDPR) if it has been
obtained.
The data sent by you to us via contact requests remain with us
until you request us to delete, revoke your consent to the
storage or the purpose for the data storage lapses (e.g. after
completion of your request). Mandatory statutory provisions - in
particular statutory retention periods - remain unaffected.
4. Plug-ins and Tools
Google Web Fonts (local embedding)
This website uses so-called Web Fonts provided by Google to
ensure the uniform use of fonts on this site. These Google fonts
are locally installed so that a connection to Google’s servers
will not be established in conjunction with this
application.
For more information on Google Web Fonts, please follow this
link:
https://developers.google.com/fonts/faq
and consult Google’s Data Privacy Declaration under:
https://policies.google.com/privacy?hl=en
.
Font Awesome (local embedding)
This website uses Font Awesome to ensure the uniform use of fonts
on this site. Font Awesome is locally installed so that a
connection to Fonticons, Inc.’s servers will not be established
in conjunction with this application.
For more information on Font Awesome, please and consult the Data
Privacy Declaration for Font Awesome under:
https://fontawesome.com/privacy
.
5. Online-based Audio and Video Conferences (Conference
tools)
Data processing
We use online conference tools, among other things, for
communication with our customers. The tools we use are listed in
detail below. If you communicate with us by video or audio
conference using the Internet, your personal data will be
collected and processed by the provider of the respective
conference tool and by us. The conferencing tools collect all
information that you provide/access to use the tools (email
address and/or your phone number). Furthermore, the conference
tools process the duration of the conference, start and end
(time) of participation in the conference, number of
participants and other “context information” related to the
communication process (metadata).
Furthermore, the provider of the tool processes all the technical
data required for the processing of the online communication.
This includes, in particular, IP addresses, MAC addresses,
device IDs, device type, operating system type and version,
client version, camera type, microphone or loudspeaker and the
type of connection.
Should content be exchanged, uploaded or otherwise made available
within the tool, it is also stored on the servers of the tool
provider. Such content includes, but is not limited to, cloud
recordings, chat/ instant messages, voicemail uploaded photos
and videos, files, whiteboards and other information shared
while using the service.
Please note that we do not have complete influence on the data
processing procedures of the tools used. Our possibilities are
largely determined by the corporate policy of the respective
provider. Further information on data processing by the
conference tools can be found in the data protection
declarations of the tools used, and which we have listed below
this text.
Purpose and legal bases
The conference tools are used to communicate with prospective or
existing contractual partners or to offer certain services to
our customers (Art. 6 para. 1 sentence 1 lit. b GDPR).
Furthermore, the use of the tools serves to generally simplify
and accelerate communication with us or our company (legitimate
interest in the meaning of Art. 6 para. 1 lit. f GDPR). Insofar
as consent has been requested, the tools in question will be
used on the basis of this consent; the consent may be revoked at
any time with effect from that date.
Duration of
storage
Data collected directly by us via the video and conference tools
will be deleted from our systems immediately after you request
us to delete it, revoke your consent to storage, or the reason
for storing the data no longer applies. Stored cookies remain on
your end device until you delete them. Mandatory legal retention
periods remain unaffected.
We have no influence on the duration of storage of your data that
is stored by the operators of the conference tools for their own
purposes. For details, please contact directly the operators of
the conference tools.
Conference tools used
We employ the following conference tools:
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Corporation,
One Microsoft Way, Redmond, WA 98052-6399, USA. For details on
data processing, please refer to the Microsoft Teams privacy
policy:
https://privacy.microsoft.com/en-us/privacystatement
.
Execution of a contract data processing agreement
We have entered into a contract data processing agreement with
the provider of Microsoft Teams and implement the strict
provisions of the German data protection agencies to the fullest
when using Microsoft Teams.
Source:
eRecht24
