Privacy Policy

Introduction and Overview

We have drafted this privacy policy (version 12.02.2023-112407259) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (hereinafter referred to as "data") we, as the controller – and our processors (e.g., providers) – process, will process in the future, and what lawful options you have. The terms used are meant to be gender-neutral. In short, we provide comprehensive information about the data we process about you.

Privacy statements usually sound very technical and use legal jargon. However, this privacy policy aims to describe the most important things as simply and transparently as possible. To promote transparency, technical terms are explained in a reader-friendly manner, links to further information are provided, and graphics are used. We thereby inform in clear and simple language that we only process personal data when there is a corresponding legal basis for it. This is certainly not possible if one gives as concise, unclear, and legal-technical explanations as are often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative, and perhaps there is information you did not know before. If you still have questions, we ask you to follow the below-mentioned responsible entity in the imprint, follow the existing links, and view additional information on third-party sites. Our contact information can, of course, also be found in the imprint.

Scope

This privacy policy applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (processors). By personal data, we mean information as defined in Art. 4 No. 1 DSGVO, such as name, email address, and postal address of a person. Processing personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:

  • All online presences (websites, online shops) we operate
  • Social media appearances and email communication
  • Mobile apps for smartphones and other devices

In short, the privacy policy applies to all areas where personal data is processed in the company via the mentioned channels in a structured manner. If we enter into legal relations with you outside these channels, we will inform you separately if necessary.

Legal Bases

In der folgenden Datenschutzerklärung geben wir Ihnen transparente Informationen zu den rechtlichen Grundsätzen und Vorschriften, also den Rechtsgrundlagen der Datenschutz-Grundverordnung, die uns ermöglichen, personenbezogene Daten zu verarbeiten.
Was das EU-Recht betrifft, beziehen wir uns auf die VERORDNUNG (EU) 2016/679 DES EUROPÄISCHEN PARLAMENTS UND DES RATES vom 27. April 2016. Diese Datenschutz-Grundverordnung der EU können Sie selbstverständlich online auf EUR-Lex, dem Zugang zum EU-Recht, unter https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=celex%3A32016R0679 nachlesen.

We process your data only if at least one of the following conditions applies:

  1. Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of your data entered in a contact form.
  2. Contract (Article 6 (1) (b) GDPR): We process your data to fulfill a contract or pre-contractual obligations with you. For example, if we enter into a purchase contract with you, we need personal information in advance.
  3. Legal obligation (Article 6 (1) (c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
  4. Legitimate interests (Article 6 (1) (f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. We need to process certain data to operate our website securely and economically efficiently. This processing is thus a legitimate interest.

Other conditions such as the performance of tasks carried out in the public interest or in the exercise of official authority, as well as the protection of vital interests, do not usually occur with us. Insofar as such a legal basis should be relevant, it will be indicated in the appropriate place.

In addition to the EU regulation, national laws also apply:

  • In Austria, this is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data (Data Protection Act), DSG for short.
  • In Germany, the Federal Data Protection Act, BDSG for short, applies.

If other regional or national laws apply, we will inform you in the following sections.

Contact Details of the Responsible Person

Sollten Sie Fragen zum Datenschutz oder zur Verarbeitung personenbezogener Daten haben, finden Sie nachfolgend die Kontaktdaten der verantwortlichen Person bzw. Stelle:
Josef Leschanz-Knapp
Rosenberggasse 6/1/2
8010 Graz, Österreich

E-Mail: josef@leschanz-knapp.com
Phone +43 316 321633
Imprint https://www.leschanz-knapp.com/impressum/

Retention Period

It is a general criterion for us that we only store personal data as long as it is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as the reason for data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased, for example, for accounting purposes.

If you wish to have your data deleted or revoke your consent to data processing, the data will be deleted as quickly as possible, provided there is no obligation to store it.

We will inform you about the specific duration of each data processing below, if we have further information.

Rights According to the General Data Protection Regulation (GDPR)

In accordance with Articles 13, 14 GDPR, we inform you about the following rights you have to ensure fair and transparent processing of data:

  • Sie haben laut Artikel 15 DSGVO ein Auskunftsrecht darüber, ob wir Daten von Ihnen verarbeiten. Sollte das zutreffen, haben Sie Recht darauf eine Kopie der Daten zu erhalten und die folgenden Informationen zu erfahren:
    • zu welchem Zweck wir die Verarbeitung durchführen;
    • die Kategorien, also die Arten von Daten, die verarbeitet werden;
    • wer diese Daten erhält und wenn die Daten an Drittländer übermittelt werden, wie die Sicherheit garantiert werden kann;
    • wie lange die Daten gespeichert werden;
    • das Bestehen des Rechts auf Berichtigung, Löschung oder Einschränkung der Verarbeitung und dem Widerspruchsrecht gegen die Verarbeitung;
    • dass Sie sich bei einer Aufsichtsbehörde beschweren können (Links zu diesen Behörden finden Sie weiter unten);
    • die Herkunft der Daten, wenn wir sie nicht bei Ihnen erhoben haben;
    • ob Profiling durchgeführt wird, ob also Daten automatisch ausgewertet werden, um zu einem persönlichen Profil von Ihnen zu gelangen.
  • According to Article 16 GDPR, you have the right to rectification, meaning we must correct the data if you find errors.
  • According to Article 17 GDPR, you have the right to erasure ("right to be forgotten"), which specifically means you may request the deletion of your data.
  • According to Article 18 GDPR, you have the right to restriction of processing, meaning we may only store the data but not use it further.
  • According to Article 20 GDPR, you have the right to data portability, meaning we must provide your data in a common format upon request.
  • Sie haben laut Artikel 21 DSGVO ein Widerspruchsrecht, welches nach Durchsetzung eine Änderung der Verarbeitung mit sich bringt.
    • Wenn die Verarbeitung Ihrer Daten auf Artikel 6 Abs. 1 lit. e (öffentliches Interesse, Ausübung öffentlicher Gewalt) oder Artikel 6 Abs. 1 lit. f (berechtigtes Interesse) basiert, können Sie gegen die Verarbeitung Widerspruch einlegen. Wir prüfen danach so rasch wie möglich, ob wir diesem Widerspruch rechtlich nachkommen können.
    • Werden Daten verwendet, um Direktwerbung zu betreiben, können Sie jederzeit gegen diese Art der Datenverarbeitung widersprechen. Wir dürfen Ihre Daten danach nicht mehr für Direktmarketing verwenden.
    • Werden Daten verwendet, um Profiling zu betreiben, können Sie jederzeit gegen diese Art der Datenverarbeitung widersprechen. Wir dürfen Ihre Daten danach nicht mehr für Profiling verwenden.
  • According to Article 22 GDPR, under certain circumstances, you have the right not to be subject to a decision based solely on automated processing, including profiling.
  • According to Article 77 GDPR, you have the right to lodge a complaint. This means you can complain to the data protection authority at any time if you believe that the processing of personal data relating to you infringes the GDPR.

In short: You have rights – do not hesitate to contact the listed responsible entity with us!

If you believe that the processing of your data violates data protection law or that your data protection claims have been infringed in any other way, you can lodge a complaint with the supervisory authority. For Austria, this is the Data Protection Authority, which you can find at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). For our company, the following local data protection authority is responsible:

Austria Data Protection Authority

Head Mag. Dr. Andrea Jelinek
adrdress
Barichgasse 40-42, 1030 Wien
phone
+43 1 52 152-0
e-mail
dsb@dsb.gv.at
Website:
https://www.dsb.gv.at/

Data Processing Security

To protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. By doing so, we make it as difficult as possible within our capabilities for third parties to infer personal information from our data.

Article 25 GDPR discusses "Data protection through technology design and through data protection-friendly default settings", meaning that one should always consider security in both software (e.g., forms) and hardware (e.g., access to the server room) and implement appropriate measures. Below, we will discuss specific measures if necessary.

TLS Encryption with HTTPS

TLS, encryption, and HTTPS may sound very technical, and they are. We use HTTPS (Hypertext Transfer Protocol Secure, meaning "secure hypertext transfer protocol") to transmit data securely over the Internet. This means that the complete transmission of all data from your browser to our web server is secure – no one can "listen in".

By doing this, we have introduced an additional layer of security and meet the data protection through technology design (Article 25(1) GDPR). Through the use of TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data. You can recognize the use of this security measure in data transmission by the small lock icon in the upper left corner of the browser, to the left of the Internet address (e.g., example.com) and the use of the https scheme (instead of http) as part of our Internet address. If you would like to know more about encryption, we recommend searching Google for "Hypertext Transfer Protocol Secure wiki" to find good links to further information.

Communication

Communication Summary
Affected Parties: Everyone who communicates with us via telephone, email, or online form Processed Data: For example, telephone number, name, email address, data entered in forms. More details can be found for each type of contact used Purpose: Handling communication with customers, business partners, etc. Retention Period: Duration of the business case and legal requirements Legal Basis: Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (contract), Art. 6(1)(f) GDPR (legitimate interests)

When you contact us and communicate via telephone, email, or an online form, personal data may be processed.

The data are processed for the handling and processing of your inquiry and the related business transaction. The data are stored for as long as necessary for these purposes or as required by law.

Affected Persons

All individuals seeking contact with us through the communication channels we provide are affected by the mentioned processes.

Phone

When you call us, the call data are pseudonymized and stored on the respective end device and by the telecommunications provider used. In addition, data such as name and telephone number may be sent by email afterwards and stored for answering inquiries. The data are deleted as soon as the business case has been concluded and legal requirements permit.

E-Mail

When you communicate with us by email, data may be stored on the respective end device (computer, laptop, smartphone, etc.) and data storage on the email server occurs. The data are deleted as soon as the business case has been concluded and legal requirements permit.

Online Formulare

When you communicate with us using an online form, data are stored on our web server and may be forwarded to an email address of ours. The data are deleted as soon as the business case has been concluded and legal requirements permit.

Legal Bases

The processing of data is based on the following legal bases:

  • Art. 6(1)(a) GDPR (Consent): You give us consent to store your data and to use it further for purposes related to the business case;
  • Art. 6(1)(b) GDPR (Contract): There is a necessity for the fulfillment of a contract with you or a processor, such as the telephone provider, or we need to process the data for pre-contractual activities, such as the preparation of an offer;
  • Art. 6(1)(f) GDPR (Legitimate Interests): We aim to operate customer inquiries and business communication within a professional framework. For this, certain technical facilities such as email programs, exchange servers, and mobile operators are necessary to be able to operate communication efficiently.

Cookies

Cookies Summary
Affected Parties: Visitors of the website Purpose: Depends on the specific cookie. More details can be found below or with the software manufacturer that sets the cookie. Processed Data: Depends on the specific cookie used. More details can be found below or with the software manufacturer that sets the cookie. Retention Period: Depends on the specific cookie, can vary from hours to years Legal Basis: Art. 6(1)(a) GDPR (Consent), Art. 6(1)(f) GDPR (Legitimate Interests)

Was sind Cookies?

Cookies are small text files stored on your browser when you visit websites, serving as user-specific data storage.

As you navigate the internet using browsers like Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge, these websites often save cookies to improve your browsing experience.

Cookies store certain user data, such as language preferences or personal page settings. When you revisit our site, your browser sends back the "user-related" information to our site. Thanks to cookies, our website recognizes you and offers you the settings you are accustomed to. Depending on the browser, each cookie may have its own file, while in others, like Firefox, all cookies are stored in a single file.

Cookies speichern gewisse Nutzerdaten von Ihnen, wie beispielsweise Sprache oder persönliche Seiteneinstellungen. Wenn Sie unsere Seite wieder aufrufen, übermittelt Ihr Browser die „userbezogenen“ Informationen an unsere Seite zurück. Dank der Cookies weiß unsere Website, wer Sie sind und bietet Ihnen die Einstellung, die Sie gewohnt sind. In einigen Browsern hat jedes Cookie eine eigene Datei, in anderen wie beispielsweise Firefox sind alle Cookies in einer einzigen Datei gespeichert.

This interaction allows for a seamless web experience, where the web browser, such as Chrome, requests a webpage and receives a cookie from the server. The browser then uses this cookie for subsequent page requests, enhancing your browsing efficiency and personalization.

HTTP Cookie Interaktion zwischen Browser und Webserver

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans, or other "malware". Cookies also cannot access information on your PC.

For example, cookie data might look like this:

Name: _ga Value: GA1.2.1326744211.152112407259-9 Purpose: Differentiation of website visitors Expiry: after 2 years

Browsers should support at least:

  • At least 4096 bytes per cookie
  • At least 50 cookies per domain
  • At least 3000 cookies in total

Cookie Types:

The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point, we would like to briefly explain the different types of HTTP cookies.

A distinction can be made between 4 types of cookies:

Essential Cookies: Necessary to ensure basic functions of the website. For example, these cookies are required when a user puts a product in their shopping cart, then continues browsing on other pages, and later goes to checkout. These cookies ensure that the shopping cart is not deleted, even if the user closes their browser window.

Functional Cookies: Collect information about user behavior and whether the user receives any error messages. Additionally, these cookies measure loading times and how the website behaves in different browsers.

Targeting Cookies: These cookies improve user friendliness. For example, entered locations, font sizes, or form data are saved.

Advertising Cookies: Also known as targeting cookies. They are used to deliver individually adapted advertising to the user. This can be very practical but also very annoying.

Typically, you will be asked upon your first visit to a website which types of cookies you wish to allow. And, of course, this decision is also stored in a cookie.

If you want to learn more about cookies and do not shy away from technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments by the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".

Purpose of Processing via Cookies:

The purpose ultimately depends on the specific cookie. More details can be found below or with the software manufacturer that sets the cookie.

Data Processed by Cookies:

Cookies are small helpers for many different tasks. Unfortunately, it's not possible to generalize which data are stored in cookies, but we will inform you about the processed or stored data in the following privacy policy.

Cookie Storage Duration:

The storage duration depends on the specific cookie and will be specified further below. Some cookies are deleted after less than an hour, while others can remain stored on a computer for several years.

You also have control over the storage duration. You can manually delete all cookies at any time via your browser settings (see also below "Right to Object"). Furthermore, cookies based on consent are deleted at the latest after you revoke your consent, although the legality of the storage until then remains unaffected.

Right to Object – How Can I Delete Cookies?

Whether and how you use cookies is up to you. Regardless of which service or website the cookies come from, you always have the option to delete, disable, or partially allow cookies. For example, you can block third-party cookies but allow all other cookies.

If you want to find out which cookies have been stored in your browser, or if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Deleting, enabling, and managing cookies in Chrome

Safari: Managing cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Deleting and managing cookies

Microsoft Edge: Deleting and managing cookies

If you fundamentally do not want cookies, you can configure your browser to always inform you when a cookie is set. This way, you can decide for each individual cookie whether you allow it or not. The procedure varies depending on the browser. It's best to search for instructions on Google with the search term "delete cookies Chrome" or "disable cookies Chrome" in the case of a Chrome browser.

Legal basis

Since 2009, the so-called "Cookie Policies" have been in place. These stipulate that storing cookies requires consent (Article 6(1)(a) GDPR) from you. Within EU countries, however, there are still very different reactions to these policies. In Austria, however, this directive was implemented in § 96(3) of the Telecommunications Act (TKG). In Germany, the cookie policies were not implemented as national law. Instead, this directive was largely implemented in § 15(3) of the Telemedia Act (TMG).

For strictly necessary cookies, even without consent, there are legitimate interests (Article 6(1)(f) GDPR) which are in most cases of economic nature. We aim to provide visitors to the website with a pleasant user experience, and for this, certain cookies are often absolutely necessary.

As far as non-essential cookies are used, this only happens with your consent. The legal basis in this regard is Article 6(1)(a) GDPR.

In the following sections, you will be informed in more detail about the use of cookies, if the deployed software uses cookies.

Web hosting introduction

Webhosting Summary
Affected: Visitors of the website 🤝 Purpose: Professional hosting of the website and securing its operation 📓 Processed data: IP address, time of website visit, browser used, and other data. More details can be found below or with the respective web hosting provider. 📅 Storage duration: Depends on the provider, but usually 2 weeks ⚖️ Legal bases: Art. 6(1)(f) GDPR (Legitimate interests)

Waht is webhosting?

When you visit websites nowadays, certain information – including personal data – is automatically created and stored, just as on this website. This data should be processed as sparingly as possible and only with good reason. By website, we mean the entirety of all webpages on a domain, i.e., everything from the home page to the very last subpage (like this one). By domain, we mean examples like example.de or sampleexample.com.

If you want to view a website on a computer, tablet, or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. We briefly refer to it as a browser or web browser.

To display the website, the browser must connect to another computer where the website's code is stored: the web server. Operating a web server is a complicated and demanding task, which is why it is usually undertaken by professional providers, the hosts. These hosts offer web hosting and thus ensure the reliable and error-free storage of website data. That's a lot of technical terms, but please stick with it, it gets even better!

When the browser on your computer (desktop, laptop, tablet, or smartphone) establishes a connection, and during the data transfer to and from the web server, there may be processing of personal data. On one hand, your computer stores data; on the other hand, the web server also needs to store data for a while to ensure proper operation.

A picture is worth a thousand words, so the following illustration is provided to demonstrate the interaction between the browser, the Internet, and the hosting provider.

Browser und Webserver

WHY DO WE PROCESS PERSONAL DATA?

The purposes of data processing are:

  1. Professional hosting of the website and securing its operation
  2. To maintain operational and IT security
  3. Anonymous evaluation of access behavior to improve our offerings and, if necessary, for law enforcement or pursuit of claims

Data Processed by Cookies:

Even as you visit our website right now, our web server, which is the computer on which this webpage is stored, typically automatically stores data such as:

  • The complete Internet address (URL) of the accessed webpage
  • Browser and browser version (e.g., Chrome 87)
  • The operating system used (e.g., Windows 10)
  • The address (URL) of the previously visited page (Referrer URL) (e.g., https://www.beispielquellsite.de/vondabinichgekommen/)
  • The hostname and IP address of the device from which access is made (e.g., COMPUTERNAME and 194.23.43.121)
  • Date and time
  • in files, the so-called web server log files

HOW LONG IS DATA STORED?

Typically, the data mentioned above are stored for two weeks and then automatically deleted. We do not share this data, but we cannot exclude the possibility that this data might be accessed by authorities in the case of illegal behavior.

Kurz gesagt: In short: Your visit is logged by our provider (the company that runs our website on special computers (servers)), but we do not share your data without consent!

Legal basis

The legality of the processing of personal data in the context of web hosting results from Art. 6 (1) (f) GDPR (Protection of legitimate interests), as the use of professional hosting with a provider is necessary to securely and user-friendly present the company on the Internet and to be able to pursue any attacks and demands arising from this.

Typically, there is a contract for processing on behalf between us and the hosting provider in accordance with Art. 28 GDPR, which ensures compliance with data protection and guarantees data security.

World4You Privacy Policy

We use World4You for our website, among others, a web hosting provider. The service provider is the Austrian company World4You Internet Services GmbH, Hafenstraße 35, 4020 Linz, Austria.

You can learn more about the data processed by the use of World4You in the privacy policy at https://www.world4you.com/de/unternehmen/datenschutzerklaerung.html.

Explanation of Used Terms

We always strive to make our privacy policy as clear and understandable as possible. Especially with technical and legal topics, this is not always entirely simple. It often makes sense to use legal terms (such as personal data) or certain technical expressions (such as cookies, IP address). However, we do not want to use these without explanation. Below you will find an alphabetical list of important terms used that we may not have sufficiently addressed in the previous privacy policy. If these terms are taken from the GDPR and are definitions, we will also cite the GDPR texts here and, if necessary, add our own explanations.

Processor

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term:

"Processor" means a natural or legal person, authority, agency, or other body which processes personal data on behalf of the controller;

Explanation: As a company and website owner, we are responsible for all the data we process from you. In addition to the controller, there can also be so-called processors. This includes any company or person who processes personal data on our behalf. Processors can thus, besides service providers like tax advisors, also include hosting or cloud providers, payment or newsletter providers, or large companies such as Google or Microsoft.

Consent

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term:

"Consent" of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

Explanation: Personal data are all those data that can identify you as a person. These are typically data such as: Explanation: Typically, for websites, such consent is obtained via a cookie consent tool. You're probably familiar with this. Whenever you visit a website for the first time, you're usually asked via a banner if you consent to the processing of your data. Often, you can also make individual settings, deciding for yourself which data processing you allow and which you do not. If you do not consent, no personal data about you can be processed. In principle, consent can also be given in writing, not just via a tool.

Personal Data

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term:

"personal data" means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Explanation: Personal data are all those data that can identify you as a person. These are typically data such as: Personenbezogene Daten sind also all jene Daten, die Sie als Person identifizieren können. Das sind in der Regel Daten wie etwa:

  • name
  • address
  • e-mail
  • Postal address
  • phone
  • date of birth
  • Identification numbers such as social security number, tax identification number, passport number, or student number
  • Bank details like account number, credit information, account balances, and more.

According to the European Court of Justice (ECJ), your IP address also counts as personal data. IT experts can determine at least the approximate location of your device based on your IP address and, subsequently, identify you as the connection owner. Therefore, storing an IP address also requires a legal basis under the GDPR. There are also so-called "special categories" of personal data that are particularly sensitive. These include:

  • Racial and ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data, such as data derived from blood or saliva samples
  • Biometric data (information on physical, physiological, or behavioral characteristics that can identify a person)
    Gesundheitsdaten
  • Data concerning a person's sex life or sexual orientation

Profiling

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term:

"profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements;

Explanation: Profiling involves collecting various pieces of information about a person to learn more about them. In the web domain, profiling is often used for advertising purposes or credit checks. Web or advertising analytics programs, for example, collect data about your behavior and interests on a website. This results in a specific user profile, which can then be used to target advertising to a specific audience.

 

Controller

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term:

"controller" means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

Explanation: In our case, we are responsible for the processing of your personal data and thus are the “controller”. When we pass collected data to other service providers for processing, these are “processors”. An “order processing contract (AVV)” must be signed for this.

 

Processing

Definition according to Article 4 of the GDPR

For the purposes of this Regulation, the term:

"processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Note: When we refer to processing in our privacy policy, we mean any type of data processing. This includes, as mentioned above in the original GDPR explanation, not just the collection but also the storage and processing of data.

All texts are copyrighted.

Source: Created with the Privacy Policy Generator by AdSimple

English