PX Logo Trapez_Schutzraum_oben
Linkedin Instagram
Kontakt

Datenschutz – Englisch

PRIVACY POLICY

WE TAKE DATA PROTECTION SERIOUSLY

This Privacy Policy (together with the other documents referred to in it) describes what personal data we collect from you and how we process it. In the event of any ambiguity or conflict between different translations, the German version of the Privacy Policy shall prevail.

 

I. RESPONSIBLE BODY

Responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is the:

PROSPER X GmbH
Hamburger Straße 273A
38114 Braunschweig

Phone: +49 531 390 783-0
E-mail: datenschutz@prosper-x.de

If you wish to object to the collection, processing and use of your data by PROSPER X GmbH in accordance with these data protection provisions as a whole or for individual measures, you can change these directly via your cookie settings. You can also send your objection by e-mail to the above address.

The data protection coordinator of the controller is

Nils Schuster
PROSPER X GmbH
Hamburger Str. 273a
38114 Braunschweig
E-mail:  datenschutz@prosper-x.de

 

II. GENERAL INFORMATION ON DATA PROCESSING

WHY WE USE DATA

Our services are constantly being improved and made more attractive. Only if we know which parts of our website are visited most frequently and for the longest time can we optimise the content of our website in line with your requirements and wishes. If you entrust us with personal information, PROSPER X GmbH will only use it to the extent necessary for the technical administration of the websites, for customer administration, for product surveys and for marketing. The better we understand your wishes, the faster you will find the information you require on our website.

INFORMATION ON THE COLLECTION OF PERSONAL DATA

Personal data is data about your person. This includes your name, your address and your e-mail address. If you only use our website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to the site server (so-called “server log files”). However, only the minimum setting must be selected in the cookie window on your first visit. Data that you have released for our analysis is only collected in anonymised form and forwarded to analysis services. You can also define the selection of service providers yourself.

When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Date and time of the request
  • Name of the requested file
  • Source/reference from which you reached the page
  • Access status (file transferred, file not found, etc.)
  • Web browser and operating system used
  • Complete IP address of the requesting computer
  • Amount of data transferred

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of unlawful use.

DATA ERASURE AND STORAGE DURATION

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

SSL OR TLS ENCRYPTION

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

 

III. HOSTING AND CONTENT DELIVERY NETWORKS (CDN)

We host the content of our website with the following provider:

MITTWALD

We host our website with Mittwald. The provider is Mittwald CM Service GmbH & Co KG, Königsberger Straße 4-6, 32339 Espelkamp (hereinafter: Mittwald).

Details can be found in Mittwald’s privacy policy: https://www.mittwald.de/datenschutz.

The use of Mittwald is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Order processing

We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract prescribed by data protection law, which guarantees that the provider will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

 

CLOUDFLARE

We use the “Cloudflare” service. The provider is Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA (hereinafter referred to as “Cloudflare”).

Cloudflare offers a globally distributed content delivery network with DNS. Technically, the information transfer between your browser and our website is routed via Cloudflare’s network. This enables Cloudflare to analyse the data traffic between your browser and our website and to act as a filter between our servers and potentially malicious data traffic from the Internet. Cloudflare may also use cookies or other technologies to recognise Internet users, but these are used solely for the purpose described here.

The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.cloudflare.com/privacypolicy/.

Further information on security and data protection at Cloudflare can be found here: https://www.cloudflare.com/privacypolicy/.

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

AMAZON WEB SERVICES

We use the system of the following provider to host our website and display the page content: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA All data collected on our website is processed on the provider’s servers.

We have concluded an order processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

AWS CLOUDFRONT

We use a content delivery network from the following provider: Amazon Web Services, Inc, 410 Terry Avenue North, Seattle, WA 98109, USA This service enables us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers. The processing is carried out to protect our legitimate interest in improving the stability and functionality of our website in accordance with Art. 6 para. 1 lit. f GDPR.

We have concluded an order processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

 

IV. USE OF COOKIES AND THIRD-PARTY SERVICES

COOKIES

In order to make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. Some of these cookies are automatically deleted after you close your browser (so-called “session cookies”), while others remain on your device for longer and enable page settings to be saved (so-called “persistent cookies”). In the latter case, you can find the storage period in the cookie settings overview of your web browser.

If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the execution of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in the case of consent given or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit

The legal basis for the use of cookies is the legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

Of course, you can also visit our website without accepting cookies. If you do not want your computer to be recognised on your next visit, you can also reject the use of cookies by changing the settings in your browser to “Reject cookies”. The respective procedure can be found in the operating instructions of your respective browser. However, if you refuse the use of cookies, this may restrict the use of some areas of our website.

BORLABS COOKIE

Our website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg (hereinafter referred to as Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.

The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at
https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

You can customise your consent to cookies here.

CONTACT FORM

Personal data is collected when you contact us (e.g. via contact form or email). Which data is collected when a contact form is used can be seen from the respective contact form.

This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after final processing of your enquiry. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

ENQUIRY BY E-MAIL, TELEPHONE OR FAX

If you contact us by e-mail, telephone or fax, your enquiry including all personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

 

ONLINE JOB APPLICATION

We use the onlyfy e-recruiting system (New Work SE, Am Strandkai 1, 20457 Hamburg) to fill vacancies. PROSPER X GmbH acts under joint responsibility with New Work SE in accordance with Art. 26 GDPR. onlyfy uses cookies when you interact with the job adverts. Further information on the use of data by onlyfy and objection options can be found here: https://onlyfy.com/de/datenschutz

GOOGLE WEB FONTS

This site uses so-called web fonts provided by Google for the standardised display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/

KUNUNU

We have a profile on kununu (part of XING). The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

You can recognise the XING plugins and kununu links by the XING logo and kununu links on our site. When you visit our pages, a direct connection is established between your browser and the XING server via the kununu plugin. XING thereby receives the information that you have visited our site with your IP address. If you click on the kununu logo while you are logged into your XING account, you can link the content of our pages to your XING profile. This allows XING to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by XING. A direct connection between your browser and the kununu server (belonging to XING) is established via the kununu links. kununu thereby receives the information that you have visited our site with your IP address. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by kununu.

If you do not want kununu to be able to associate your visit to our pages with your kununu user account, please log out of your kununu user account. Further information on data protection and the knunu share button can be found in the Xing/kununu privacy policy at https://www.xing.com/app/share?op=data_protection

Details on how they handle your personal data can be found in the XING/kununu privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

 

V. WEB ANALYSIS SERVICES

GOOGLE ANALYTICS 4

This website uses Google Analytics 4, a web analysis service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), which enables your use of our website to be analysed.

By default, Google Analytics 4 does not use cookies when you visit the website unless you expressly consent to cookies. Instead, information about your usage behaviour is collected and processed by so-called pings (small data packets that are sent to the host of an end device). The scope of this information also includes your IP address, which, however, is shortened by Google by the last digits in order to exclude any direct personal reference.

The information is transferred to Google servers and processed there. Transmission to Google LLC, based in the USA, is also possible.

Google uses the information collected on our behalf to analyse your use of the website, to compile reports on website activity for us and to provide other services relating to website activity and internet usage. The abbreviated IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. The data collected in the context of the use of Google Analytics 4

Data is stored for a period of two months and then deleted.

All of the processing described above, including the transmission of data by “pings” and the possible setting of Google Analytics cookies, will only take place if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR.

Without your consent, Google Analytics 4 will not be used during your visit to our website. You can revoke your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service using the “cookie consent tool” provided on the website. We have concluded a data processing agreement with Google that ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.

Further legal information on Google Analytics 4 can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites

Demographic characteristics

Google Analytics 4 uses the special function “demographic characteristics” and can use it to create statistics that make statements about the age, gender and interests of site visitors. This is done by analysing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the data collected cannot be assigned to a specific person and is deleted after being stored for a period of two months.

Google Signals

As an extension to Google Analytics 4, Google Signals can be used on this website to generate cross-device reports. If you have activated personalised ads and have linked your devices to your Google account, Google can analyse your usage behaviour across devices and create database models, including for cross-device conversions, subject to your consent to the use of Google Analytics in accordance with Art. 6 para. 1 lit. a GDPR. We do not receive any personal data from Google, only statistics. If you want to stop the cross-device analysis, you can deactivate the “Personalised advertising” function in the settings of your Google account. To do this, follow the instructions on this page:

https://support.google.com/ads/answer/2662922?hl=de Further information on Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de

UserIDs

As an extension to Google Analytics 4, the “UserIDs” function can be used on this website. If you have consented to the use of Google Analytics 4 in accordance with Art. 6 para. 1 lit. a GDPR, have set up an account on this website and log in with this account on different devices, your activities, including conversions, can be analysed across devices.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

FACEBOOK PIXEL

This website uses Facebook’s visitor action pixel to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

This allows the behaviour of site visitors to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimised.

The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy. This enables Facebook to place adverts on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

LINKEDIN INSIGHT TAG

This website uses retargeting technology from the following provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

This makes it possible to target visitors to our website with personalised, interest-based advertising who have already shown an interest in our shop and our products. The advertising material is displayed on the basis of a cookie-based analysis of previous and current user behaviour, but no personal data is stored. In the case of retargeting technology, a cookie is stored on your computer or mobile device.

to collect pseudonymised data about your interests in order to adapt advertising to the information stored. These cookies are small text files that are stored on your computer or mobile device. They are used to display adverts that are highly likely to match your product and information interests.

All processing described above, in particular the setting of cookies for reading information on the terminal device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, retargeting technology will not be used during your visit to the website. You can revoke your consent at any time with effect for the future.

To exercise your cancellation, please deactivate this service in the “cookie consent tool” provided on the website.

GOOGLE TAG MANAGER

This website uses the “Google Tag Manager”, a service of the following provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”).

Google Tag Manager provides a technical basis for bundling various web applications, including tracking and analysis services, and calibrating, controlling and linking them to conditions via a standardised user interface. Google Tag Manager itself does not store or read any information on user devices. The service also does not carry out any independent data analyses. However, Google Tag Manager transmits your IP address to Google when you access a page and may store it there. It may also be transmitted to servers of Google LLC. in the USA is possible.

This processing will only be carried out if you have given us your express consent in accordance with Art. 6 para. 1 lit. a GDPR. Without this consent, Google Tag Manager will not be used during your visit to our website. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the “cookie consent tool” provided on the website. We have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties.

For data transfers to the USA, the provider has signed up to the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

GOOGLE ADS

The website operator uses Google Ads. Google Ads is an online advertising programme of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display adverts in the Google search engine or on third-party websites when the user enters certain search terms in Google (keyword targeting). Furthermore, targeted adverts can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analysing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

MATOMO

This website uses a web analysis service from the following provider: InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”)To protect site visitors, Matomo uses a so-called “config_id” to enable various analyses of site usage within a short time window of up to 24 hours. The site’s “config_id” is a randomly set, time-limited hash of a limited set of the visitor’s settings and attributes. The config_id or config hash is a string that is calculated for a visitor based on their operating system, browser, browser plugins, IP address and browser language. Matomo does not use device fingerprinting and uses an anonymised IP address of the website visitor to create the “config_id”.

If the information processed in this way includes personal user data, the processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes. To object to the future processing of your visitor data, we provide you with a separate objection option on our website.

If data collected using Matomo technology (including your pseudonymised IP address) is transferred to Matomo servers in New Zealand and processed for usage analysis purposes, we hereby inform you that the European Commission has issued a so-called adequacy decision for New Zealand, which certifies compliance with European data protection standards for international data transfers.

If data is also transferred to the provider’s server and the web analysis service is not installed locally on our server, we have concluded an order processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.

 

VI. TOOLS & PLUGINS

GOOGLE RECAPTCHA

On this website, we use the CAPTCHA service of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland Data may also be transmitted to: Google LLC, USA. The provider uses “Google Fonts”, i.e. fonts downloaded from the Internet by Google, for the visual design of the Captcha window. No information other than that already transmitted to Google via the ReCaptcha functionality will be processed.

The service checks whether an entry is made by a natural person or abusively by machine and automated processing, and blocks spam, DDoS attacks and similar automated malicious access. In order to ensure that an action is carried out by a human and not by an automated bot, the provider collects the IP address of the end device used, identification data of the browser and operating system type used as well as the date and duration of the visit and transmits these to the provider’s servers for evaluation.
 The legal basis is our legitimate interest in determining individual responsibility on the Internet and the prevention of misuse and spam in accordance with Art. 6 para. 1 lit. f GDPR.

We have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties.

 

VII. NEWSLETTER

If you subscribe to our company’s newsletter, the data in the respective input mask will be transmitted to the controller. Subscription to our newsletter takes place in a so-called double opt-in procedure. This means that after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no-one can register with other people’s email addresses. When registering for the newsletter, the user’s IP address and the date and time of registration are stored. This serves to prevent misuse of the services or the e-mail address of the person concerned. The data is not passed on to third parties. An exception is made if there is a legal obligation to pass on the data. The data is used exclusively for sending the newsletter. Subscription to the newsletter can be cancelled by the data subject at any time. Consent to the storage of personal data can also be revoked at any time. There is a corresponding link in every newsletter for this purpose. The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a) GDPR if the user has given consent. The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG.

USE OF RAPIDMAIL

Description and purpose: We use rapidmail to send newsletters. The provider is rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg, Germany. Among other things, rapidmail is used to organise and analyse the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter is stored on rapidmail’s servers in Germany. If you do not wish to be analysed by rapidmail, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. For the purpose of analysis, the emails sent with rapidmail contain a so-called tracking pixel, which connects to the rapidmail servers when the email is opened. In this way, it can be determined whether a newsletter message has been opened. We can also use rapidmail to determine whether and which links in the newsletter message have been clicked on. Optionally, links in the email can be set as tracking links, with which your clicks can be counted.

Legal basis: The legal basis for data processing is Art. 6 para. 1 lit. a) GDPR.

Recipient: The recipient of the data is rapidmail GmbH.

Transfer to third countries: Data is not transferred to third countries.

Duration: The data stored by us as part of your consent for the purpose of the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from both our servers and the servers of rapidmail after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

Revocation option: You have the option to revoke your consent to data processing at any time with effect for the future. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

Further data protection information: For more information, please refer to rapidmail’s data security information at: https://www.rapidmail.de/datensicherheit. For more information on rapidmail’s analysis functions, please see the following link: https://www.rapidmail.de/wissen-und-hilfe

 

VIII. DATA PROTECTION DECLARATION FOR OUR SOCIAL MEDIA PRESENCE

SOCIAL MEDIA ELEMENTS WITH SHARIFF

We maintain online presences within social networks in order to communicate with the customers, interested parties and users active there and to be able to inform them about our services. In this context, only simple links and social media buttons that do not establish a connection to the respective network when the page is loaded are used on our website. For this purpose, we use the “c’t Shariff” solution, which provides data protection-compliant social media buttons.

This distinguishes the “Share” buttons used here from the widely used social media plugins, which transmit data to the social networks as soon as the page is loaded, without the button having to be clicked. In contrast, a Shariff button only establishes direct contact between the social network and the visitor when the latter actively clicks on the share button. Shariff thus prevents users from leaving a digital trail on every page they visit, thereby improving data protection. Further information on c’t Shariff can be found at https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html.

Additional information on the processing of data within the respective social networks can be found in our privacy policy for social media.

 

IX. SAFETY

We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working for us are obliged to comply with the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our data protection declarations are constantly being revised. Please ensure that you have the latest version.

RIGHTS OF DATA SUBJECTS

You have the right to information, correction, deletion or restriction of the processing of your stored data, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.

Right to information:
You can request information from us as to whether and to what extent we process your data.

Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to cancellation:
You can demand that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate erasure, e.g. in the case of statutory retention obligations.
Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely, provided that there is no legal or statutory retention obligation to the contrary.

Right to restriction of processing:
You can request that we restrict the processing of your data if

  • you contest the accuracy of the data, for a period enabling us to verify the accuracy of the data.
  •  the processing of the data is unlawful, but you refuse to have it erased and instead request that the use of the data be restricted,
  • we no longer need the data for the intended purpose, but you still need this data for the assertion or defence of legal claims, or
  • you have objected to the processing of the data.

Right to data portability:
You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transmit this data to another controller without hindrance from us, provided that

  • we process this data on the basis of a consent given and revocable by you or for the fulfilment of a contract between us, and
  • this processing is carried out using automated procedures.

If technically feasible, you can request that we transfer your data directly to another controller.

Right of objection:
If we process your data on the basis of a legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims. You can object to the processing of your data for the purpose of direct advertising at any time without giving reasons.

Right of appeal:
If you are of the opinion that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert one of these rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

 

X. CHANGES TO THIS PRIVACY POLICY

We reserve the right to change our privacy policy if this should be necessary due to new technologies. Please ensure that you have the latest version. If fundamental changes are made to this privacy policy, we will announce these on our website.

All interested parties and visitors to our website can contact us regarding data protection issues at:

Mr Christian Volkmer
Projekt 29 GmbH & Co KG
Ostengasse 14
93047 Regensburg

Phone: 0941 2986930
Fax: 0941 29869316
E-mail: anfragen@projekt29.de
Internet: www.projekt29.de