Controller

The controller within the meaning of the General Data Protection Regulation, other data protection acts applicable in the EU member states and other data protection law provisions is:

AUTHADA GmbH
Julius-Reiber-Straße 15A
64293 Darmstadt

Darmstadt District Court
HRB 94377
VAT ID DE815570916
Managing Director: Jörg Jessen, Andreas Plies

The protection of your data is our concern

We are delighted about your interest in our company and our products or services and would like you to feel safe when you visit your websites also as regards the protection of your personal data. We take the protection of your personal data very seriously. The observance of the provisions of the General Data Protection Regulation and the BDSG (new) is a matter for us.

We would like you to know when we collect what data and how we use them. We have taken technical and organisational measures that ensure that the regulations on data protection are observed both by us and by external service providers commissioned by us.

Personal Data

Personal data are information on your identity. This includes, for instance, details such as name, address, telephone number, e-mail address. This information is at all times processed in compliance with the requirements of the General Data Protection Regulation as well as other data law protection regulations applicable to our company.

As a rule, it is not necessary for the use of our websites that you disclose personal data. In certain cases, however, it may be necessary to process personal data, for instance to provide services requested by you.

The same applies, for instance, for the sending of information material and ordered goods or for the answering of individual questions. Where necessary, we inform you accordingly.

If no legal basis exists for a processing of these personal data, we obtain a corresponding approval from you.

In addition, we only save and process data that you provide us with voluntarily and where applicable, data that we collect automatically when you visit our websites (e.g. your IP address and the names of the pages accessed by you, of the browser used by you and your operating system, date and time of the access, search engines used, names of files downloaded).

If you use services, only such data are collected as a rule that we need to provide the services. If we request further data, this is voluntary information. Personal data is processed solely for the fulfilment of the queried service and to maintain own legitimate business interests.

Purpose of the personal data

We use the personal data provided by you to answer your enquiry, process your orders or provide you with access to certain information or offerings.

It goes without saying that we respect your decision, if you do not wish to provide us with your personal data to support our customer relationship (in particular for direct marketing or for market research purposes). We will not sell your personal data to third parties or market them otherwise.

Purpose-linked use

We will only collect, process and use the personal data provided by you online for the purposes reported to you. Any disclosure of your personal data to third parties will not take place without your express consent.

The collection of personal data and their transmission to state institutions and authorities authorised to receive information only takes place within the framework of the relevant laws or if we are obligated to do so under a court order. Our employees and the services providers commissioned by us are obligated to observe secrecy and comply with the provisions of the General Data Protection Regulation.

Data that are automatically collected when visiting our websites

When using our websites, for organisational and technical reasons, the following data are stored: the names of the pages accessed by you, of the browser used by you and your operating system, date and time of the access, search engines used, names of files downloaded and your IP address.

The collected information is used to correctly deliver the contents of our websites. In addition, these technical data are assessed on an anonymous basis and for statistical purposes only in order to continuously optimise our website and to design our internet offerings even more attractively as well as provide law-enforcement authorities with the information required for prosecution in the event of a cyber attack. Conclusions on individual persons cannot be made.

Contact options via the website

Due to legal regulations, our website contains information that allows contacting us quickly and a more direct communication with us. This includes the indication of an e-mail address and, where applicable, a contact form.

If you contact us by e-mail or via a contact form, the personal data sent by you is automatically saved. These data, sent by you to us on a voluntary basis, are saved for the purposes of processing your concern or a making corresponding contact. They are not disclosed to third parties.

Deletion and blocking of personal data

We process personal data of data subjects only for as long as required to achieve the underlying purpose or for as long as this was intended by legal regulations, which apply to our company. If the purpose of the storage no longer applies or if a legal storage period specifies, personal data are deleted in accordance with the legal regulations. Unless we are legally obligated to store these data. In these cases, the data are blocked.

 

Rights of data subjects

To exercise each of the rights specified below, you can contact our data protection officer directly or any other employee.

Right to information

You can obtain information and a copy of the personal data saved about you and processed by us at any time.

This right to information includes information on the processing purposes, the categories of personal data that is processed, recipients or categories of recipients to whom the personal data were or are still to be disclosed, if possible the planned duration, for which the personal are stored, or if not possible, the criteria for the definition of this duration, the existence of the right to correction or deletion of the personal data relating to you or to restriction of the processing by us or an objection to this processing, the existence of a right to complain with a supervisory authority as well as, if the data were not collected with you, all available information on the origin of the data and the existence of an automatic decision-making process including profiling in accordance with Article 22(1 and 4) GDPR and - at least in these cases - meaningful information on the logic involved as well as the bearing and the desired effects of such a processing.

Furthermore, you have the right to request information about whether your personal data were sent to a third country or an international organisation and what suitable guarantees exist for the transmission.

Right to correction

Furthermore, you have the right to request the immediate correction of personal data relating to you. In addition, in consideration of the purposes of processing, you have the right to request completion of incomplete personal data.

Right to deletion

You have the right to request that the data about you saved by us are deleted immediately if one of the following reasons is given: The personal data were collected for such purposes or processed in such a way for which they are no longer required; you withdraw your consent on which the processing under Article 6(1a) GDPR or Article 9(2) GDPR was based; you file an objection under Article 21(1) GDPR against the processing and no overriding legitimate interests are given for the processing, or you file an objection under Article 21(2) GDPR against the processing; the personal data were unlawfully processed; the deletion of the personal data is required to fulfil a legal obligation under union law or the law of the member states which applies to us; the personal data were collected in relation to offered services of the information company under Article 8(1).

Right to restriction of processing

You have the right to request that the processing of your personal data is limited if one of the following requirements is given; The correctness of the personal data is contested by you, and this for a duration that enables us to verify the correctness of the personal data; the processing is unlawful and you reject the deletion of personal data and instead request the use of the personal data; we no longer require the personal data for the purposes of processing, but you require the claiming, exercising or defence of legal claims or you have filed objections to the processing under Article 21(1) for as not as long as it is not clear whether the legitimate interests of our company outweigh yours.

Right to data transmission

You may receive handover of the data relating to you, which you provided us with, in a common and machine-legible format at any time. You also have the right to send these data to another controller without restriction by us if the processing is based on consent under Article 6(1a) GDPR or Article 9(2a) GDPR or on an agreement in accordance with Article 6(1b) GDPR and the processing takes place with the use of automatic procedures if the processing is not necessary for the execution of a task, which is performed in the public interest or in exercising public powers assigned to us.

Furthermore, you may request that the personal data stored by you be sent directly by us to another controller, if this is technically feasible and the rights and freedoms of other persons are thereby not affected.

Right to objection

For reasons that arise from your particular situation, you have the right to object to the processing of personal data relating to you, which takes place under Article 6(1e or f) GDPR, at any time. This also applies to any profiling based on these provisions.

In the event of an objection, we no longer process the personal data, unless we can prove protected reasons for the processing, which outweigh your interests, rights and freedoms or the processing serves the claiming, exercising or defence of legal claims.

If we process personal data to conduct direct advertising, you have the right to file an objection against the processing of personal data relating to you for the purposes of advertising at any time; this also applies for the profiling insofar as it is connected to such direct advertising. If you file an objection with us to the processing for the purposes of direct advertising, the personal data are no longer processes for these purposes.

For reasons that arise from your particular situation, you have the right to object to the processing of personal data relating to you, which is carried out for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1) GDPR, unless such a processing is required to fulfil a task that is in the public interest.

It is at your discretion to exercise your right of objection using automatic methods in connection with the use of services of the information company and irrespective of Directive 2002/58/EC during which technical specifications are used.

Right to withdrawal

You may withdraw granted consent to the processing of your personal data with effect for the future.

Right to confirmation

You have the right to request confirmation whether personal data relating to you are processed.

 

Automatic decision-making

As a responsible company, we refrain from conducting an automatic decision-making or profiling.

Period of archiving

Personal data are deleted on expiry of the statutory archiving period, unless they are required for contract fulfilment or contract initiation.

Legal basis of the processing

If you have given us your consent to process your personal data for a certain purpose, the processing is carried out on the basis of Article 6(1a) GDPR, If such a processing is necessary to fulfil an agreement with you or to initiate such, the processing is based on Article 6(1b) GDPR. In some cases, e.g. to fulfil tax law obligations, we may be subject to a legal obligation to process personal data. The legal basis of this in such cases is Article 6(1c) GDPR. In rare cases, processing can also take place to protect vital interests of yours or another private individual. In this exceptional case, the processing takes place under Article 6(1d) GPDR. Finally, processing may also be based on Article 6(1f) GDPR. This is the case if the processing is performed to protect an interest that is legitimate for our company or a third party if your interests, basic rights and basic freedoms do not take precedence. Such a legitimate interest can be already be assumed if you are a customer of ours. If the processing of the personal data is based on Article 6(1f) GDPR, out legitimate interest is the conducting of our business activities.

Provision of personal data

The provision of personal data is partly prescribed by law or agreement. For this reason, for instance to conclude an agreement, it may be necessary for you to provide us with your personal data that must be processed by us. For instance, you are obligated to provide personal data in order to conclude an agreement. Any non-provision would result in it not being possible to conclude the agreement.

Before providing personal data, you may also contact our data protection officer. He will inform you whether the provision of personal data is prescribed by law or agreement in the individual case and what consequences any non-provision of these data would have.

Security

We, as the controller responsible for processing, have taken technical and organisational measures to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees and all persons involved in data processing undertake to observe the general data protection regulation and other data protection-relevant laws as well as on the confidential handling of personal data.

In the event of the collection and processing of personal data, the information is transferred in an encrypted form to prevent abuse of the data by third parties. Our protection measures are being consistent revised in accordance with the technical development.

Nevertheless, internet-based transmission may have security loopholes as a rule, for which reason absolute protection cannot be guaranteed.

Amendments or our data protection provisions

We reserve the right to amend our security and data protection measures if this becomes necessary due to the technical development. In this case, we will also adjust our notes on data protection accordingly. Please therefore note the relevant current version of our data protection statement.

Links

If you use external links that are offered within the framework of our website pages, this data protection statement does not extend to these links. Insofar as we offer links, we guarantee that no violations against applicable law were identifiable on the linked website pages at the time of placing the links. However, we have no influence on the observance of the data protection and security provisions by other providers. For that reason, please seek information on the internet pages of the other provides also via the data protection statements provided there.

The use of services and content of third parties always requires that the providers of thus content (hereinafter referred to as “third-party providers”) note the IP address of the users. Without the IP address of the user, you cannot send the content to the browser of the relevant user. The IP address is therefore responsible for the presentation of this content. We endeavour to use only such content whose relevant provider use the IP address merely to deliver the content. However, we have no influence if the third-party providers save the IP address for statistical purposes, for instance. Insofar as we know, we inform the users of this.

Cookies

If you visit our website pages, it may be the case that we store information in the form of a cookie on your computer. Cookies are small text files that are sent by web server to your browser and are stored on the hard disk of your computer.

In doing so, apart from the internet protocol address, no personal data of the user are stored. This information is used to recognise you on your next visit to our website pages, use your preferred language and to make navigation easier for you. Cookies enable us, for instance, to adjust a website page to your interests or to save your password so that you do not have to enter it every time you visit.

If goes without saying that you can also view our website pages without cookies. If you do want us to recognise your computer, you can prevent the storage of cookies on your hard disk by selecting “do not accept cookies” in your browser settings. Cookies already used can also be deleted via your browser. Please refer to the instructions of your browser manufacturer to learn how this works in detail. If you do not accept cookies, however, the functions of our offering may be restricted.

Newsletter

Mit den nachfolgenden Hinweisen informieren wir Sie über die Inhalte unseres Newsletters sowie über das Anmelde-, Versand- und das statistische Auswertungsverfahren und klären Sie über Ihre Widerspruchsrechte auf. Indem Sie unseren Newsletter abonnieren, erklären Sie sich mit dem Empfang und den beschriebenen Verfahren einverstanden.

Inhalt des Newsletters: Wir versenden Newsletter, E-Mails und weitere elektronische Benachrichtigungen mit werblichen Informationen (nachfolgend „Newsletter“) nur mit der Einwilligung der Empfänger oder einer gesetzlichen Erlaubnis. Sofern im Rahmen einer Anmeldung zum Newsletter dessen Inhalte konkret umschrieben werden, sind sie für die Einwilligung der Nutzer maßgeblich. Im Übrigen enthalten unsere Newsletter Informationen zu unseren Leistungen und uns.

Double-Opt-In und Protokollierung: Die Anmeldung zu unserem Newsletter erfolgt in einem sogenannten Double-Opt-In-Verfahren. D.h. Sie erhalten nach der Anmeldung eine E-Mail, in der Sie um die Bestätigung Ihrer Anmeldung gebeten werden. Diese Bestätigung ist notwendig, damit sich niemand mit fremden E-Mailadressen anmelden kann. Die Anmeldungen zum Newsletter werden protokolliert, um den Anmeldeprozess entsprechend den rechtlichen Anforderungen nachweisen zu können. Hierzu gehört die Speicherung des Anmelde- und des Bestätigungszeitpunkts als auch der IP-Adresse. Ebenso werden die Änderungen Ihrer bei dem Versanddienstleister gespeicherten Daten protokolliert.

Anmeldedaten: Um sich für den Newsletter anzumelden reicht es aus, wenn Sie Ihre E-Mailadresse angeben. Optional bitten wir Sie, zwecks persönlicher Ansprache im Newsletter einen Namen anzugeben.

Der Versand des Newsletters und die mit ihm verbundene Erfolgsmessung erfolgen auf Grundlage einer Einwilligung der Empfänger gem. Art. 6 Abs. 1 lit. a, Art. 7 DSGVO i.V.m § 7 Abs. 2 Nr. 3 UWG oder falls eine Einwilligung nicht erforderlich ist, auf Grundlage unserer berechtigten Interessen am Direktmarketing gem. Art. 6 Abs. 1 lt. f. DSGVO i.V.m. § 7 Abs. 3 UWG.

Die Protokollierung des Anmeldeverfahrens erfolgt auf Grundlage unserer berechtigten Interessen gem. Art. 6 Abs. 1 lit. f DSGVO. Unser Interesse richtet sich auf den Einsatz eines nutzerfreundlichen sowie sicheren Newslettersystems, das sowohl unseren geschäftlichen Interessen dient als auch den Erwartungen der Nutzer entspricht und uns ferner den Nachweis von Einwilligungen erlaubt.

Erfolgsmessung: Die Newsletter enthalten einen sogenannten „web-beacon“, d.h. eine pixelgroße Datei, die beim Öffnen des Newsletters von unserem Server bzw. von dem Server unseres Versanddienstleisters abgerufen wird. Im Rahmen dieses Abrufs werden zunächst technische Informationen wie Informationen zum Browser und Ihrem System als auch Ihre IP-Adresse und Zeitpunkt des Abrufs erhoben.

Diese Informationen werden zur technischen Verbesserung der Services anhand der technischen Daten oder der Zielgruppen und ihres Leseverhaltens anhand derer Abruforte (die mit Hilfe der IP-Adresse bestimmbar sind) oder der Zugriffszeiten genutzt. Zu den statistischen Erhebungen gehört ebenfalls die Feststellung, ob die Newsletter geöffnet werden, wann sie geöffnet werden und welche Links geklickt werden. Diese Informationen können aus technischen Gründen zwar den einzelnen Newsletterempfängern zugeordnet werden. Es ist jedoch weder unser Bestreben noch das unseres Versanddienstleisters, einzelne Nutzer zu beobachten. Die Auswertungen dienen uns viel mehr dazu, die Lesegewohnheiten unserer Nutzer zu erkennen und unsere Inhalte auf sie anzupassen oder unterschiedliche Inhalte entsprechend den Interessen unserer Nutzer zu versenden.

Kündigung/Widerruf: Sie können den Empfang unseres Newsletters jederzeit kündigen, d.h. Ihre Einwilligungen widerrufen. Einen Link zur Kündigung des Newsletters finden Sie am Ende eines jeden Newsletters. Wir können die ausgetragenen E-Mailadressen bis zu drei Jahren auf Grundlage unserer berechtigten Interessen speichern, bevor wir sie löschen, um eine ehemals gegebene Einwilligung nachweisen zu können. Die Verarbeitung dieser Daten wird auf den Zweck einer möglichen Abwehr von Ansprüchen beschränkt. Ein individueller Löschungsantrag ist jederzeit möglich, sofern zugleich das ehemalige Bestehen einer Einwilligung bestätigt wird.

Versanddienstleister Newsletter2Go

Der Versand der Newsletter erfolgt mittels des Versanddienstleisters Newsletter2Go GmbH, Köpenicker Str. 126, 10179 Berlin, Deutschland. Die Datenschutzbestimmungen des Versanddienstleisters können Sie hier einsehen: https://www.newsletter2go.de/datenschutz/. Der Versanddienstleister wird auf Grundlage unserer berechtigten Interessen gem. Art. 6 Abs. 1 lit. f. DSGVO und eines Auftragsverarbeitungsvertrages gem. Art. 28 Abs. 3 S. 1 DSGVO eingesetzt.

Der Versanddienstleister kann die Daten der Empfänger in pseudonymer Form, d.h. ohne Zuordnung zu einem Nutzer, zur Optimierung oder Verbesserung der eigenen Services nutzen, z.B. zur technischen Optimierung des Versandes und der Darstellung der Newsletter oder für statistische Zwecke verwenden. Der Versanddienstleister nutzt die Daten unserer Newsletterempfänger jedoch nicht, um diese selbst anzuschreiben oder um die Daten an Dritte weiterzugeben.

Server log files

The provider of the pages collects and stores information automatically in the so-called server log files, which your browser sends us automatically. This is:

  • Browsertyp/ Browserversion
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request

These data cannot be allocated to specific persons. These data are not merged with other data sources. We reserve the right to check these data subsequently if we learn of specific indications for an unlawful use.

Social networks

AUTHADA GmbH is only liable in the event of intent or gross negligence. We are not in a position to check or permanently monitor the conduct of social network services (e.g. Facebook, Twitter, google+, YouTube, XING, LinkedIn and Pinterest).

Data protection officer

The contact details of our data protection officer are:

Mr Mario Arndt, DEUDAT GmbH
Zehntenhofstraße 5b
65201 Wiesbaden

Tel: +49 611 950008 - 32
Fax: +49 611 950008 - 5932
eMail: datenschutz@authada.de

Our data protection officer is available to you at any time for questions and suggestions regarding data protection.

Competent data protection authority

You have the possibility to contact the above data protection officer or data protection authority. The competent data protection authority in our case is:

Der Hessische Datenschutzbeauftragte
Postfach 31 63
65021 Wiesbaden

Gustav-Stresemann-Ring 1
65189 Wiesbaden

Tel. 0611/1408-0
Fax 0611/1408-611

 

Mai 2018