Privacy policy
Intro
Thank you for your interest in KIT-Gründerschmiede.
Data protection has a particularly high priority for us as operators of this site. We take the protection of your personal data very seriously.
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.
The use of the website is generally possible without any indication of personal data. However, if a data subject wants to use special services via our website, processing of personal data could become necessary. If processing of personal data is necessary and if there is no legal basis for such processing, we will generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation, and in accordance with the country-specific data protection regulations applicable to the website.
By means of this data protection declaration, we would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, by means of this data protection declaration, data subjects are informed about the rights to which they are entitled.
As the controller, the KIT-Gründerschmiede has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can always be subject to security vulnerabilities, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.
1. Data collection on this website
The data protection declaration of the KIT-Gründerschmiede is based on the terms used by the European Data Protection Supervisor when adopting the General Data Protection Regulation (DS-GVO). Our data protection declaration is intended to be easy to read and understand.
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find his contact details in section 2 of this privacy policy.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This can be, for example, data that you enter in a contact form.
Other data is collected automatically or after your consent when you visit the website by our IT systems. This is mainly technical data (e.g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances.
Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time.
Analysis tools and third-party tools
When visiting this website, your surfing behavior may be statistically analyzed. This is done primarily with so-called analysis programs.
Detailed information on these analysis programs can be found in the following privacy policy.
2. Responsible person
The responsible party according to Art. 4 para. 7 DS-GVO is the:
Karlsruhe Institute of Technology (KIT)
Kaiserstrasse 12
76131 Karlsruhe
Germany
Phone: +49 721 608-0
Fax: +49 721 608-44290
E-mail: info@kit.edu
KIT is a public corporation. It is represented by the President Prof. Dr. Holger Hanselka.
3. Data protection officer
You can reach our data protection officer at datenschutzbeauftragter@kit edu or the postal address with the addition “Die Datenschutzbeauftragte”.
Any data subject may contact our data protection officer directly at any time with any questions or suggestions regarding data protection.
4. Hosting
External hosting
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a website.
The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).
Our hoster will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data.
We use the following hoster:
Mittwald CM Service GmbH & Co. KG
Königsberger Street 4-6
32339 Espelkamp
Phone: +49-5772-293-100
Fax: +49-5772-293-333
HRA: 6640, AG Bad Oeynhausen
VAT ID No: DE814773217
(Conclusion of a contract for order processing)
5. Cookies
Our website uses so-called “cookies”. Cookies are small text files that are stored on a computer system via an Internet browser.
Numerous Internet pages and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
Cookies cannot execute programs or transfer viruses to your computer. They are used to make the Internet offer as a whole more user-friendly and effective, especially faster. A distinction is made between session cookies (transient cookies) and permanent (persistent) cookies.
Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close your browser.
We only use session cookies. We do not use persistent cookies or flash cookies.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, permanently exclude the acceptance of cookies for certain cases or in general, as well as activate the automatic deletion of cookies when closing the browser. Furthermore, cookies that have already been set can be deleted at any time via other software programs When cookies are deactivated, the functionality of our website may be limited.
Essential
Essential cookies enable basic functionality and are required for the website to function properly.
Borlabs cookie
Name Borlabs Cookie
Provider Owner of this website
Purpose Stores visitor preferences selected in the cookie box by Borlabs Cookie.
Cookie Name borlabs-cookie
Cookie lifetime 1 year
Adobe Typekit
Name Adobe Typekit
Provider Adobe
Purpose Used to load fonts from Adobe
Privacy policy https://www.adobe.com/de/privacy/policies/adobe-fonts.html
Statistics
Statistics cookies collect information anonymously. This information helps us understand how our visitors use our website.
Matomo
Name Matomo
Provider KIT Gründerschmiede
Purpose Cookie from Matomo for website analytics. Generates statistical data about how the visitor uses the website.
Privacy policy https://kit-gruenderschmiede.de/datenschutz/
Cookie Name _pk_*.*
Cookie duration 13 months
6. Collection of general personal data and information
In the case of merely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server according to the settings you have made (server log files). To view our website, we collect the data that is technically necessary for this purpose and to ensure stability and security in accordance with Art. 6 (1) p. 1 lit. f DS-GVO:
- Anonymized IP address
- Internet service provider of the user
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Websites from which the user’s system accesses our website
- Websites from which the user’s system accesses our website
- Browser data (type, language, version)
- Operating system and its interface
The data is stored in so-called log files. The IP address is anonymized before being stored in the server log files. This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.
7. Matomo
We use “Matomo” on our website for the statistical evaluation of the surfing behavior of our users. We would like to further improve the website and adapt it even more to the needs of the users.
Matomo is an open source tool for web analysis. Matomo does not transmit any data to servers that are outside the control of KIT. Matomo is deactivated when you visit our website. Matomo does not collect session data without your consent.
Matomo uses so-called cookies. These are text files that are stored on your computer and enable the BPA to analyze the use of its website. For this purpose, the information on usage obtained by the cookie is transmitted to the BPA’s server and stored so that usage behavior can be evaluated. Your IP address is immediately anonymized; thus, you remain anonymous as a user. The information generated by the cookie about your use of this website will not be disclosed to third parties.
8. Newsletter
If you would like to receive the newsletter offered on our website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties. We use the so-called double-opt-in procedure for registration, i.e. your registration is only completed when you have previously confirmed your registration via a confirmation e-mail sent to you for this purpose by clicking on the link contained therein. If your confirmation is not received within 48 hours, your registration will be automatically deleted from our database.
The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after unsubscribing from the newsletter or after the purpose has ceased to exist. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO.
After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist, if necessary, in order to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
We use the email marketing platform “Sendinblue” to manage our newsletter subscriptions. This is a service of the German company Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin. The newsletter service also provides us with helpful analytics, among other things. This means that when we send out a newsletter, we learn, among other things, whether and when the newsletter was opened by you. Also whether and on which link you click in the newsletter is recognized and recorded by the software. This information helps us to adapt our services to your wishes and concerns and to continuously optimize them.
For more information about data processing, please refer to the company’s privacy policy at https://de.sendinblue.com/legal/privacypolicy and to the information page https://de.sendinblue.com/informationen-newsletter-empfaenger/.
9. Contact form
If you send us inquiries via the contact form, the information you provide in the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (A) DSGVO) if this has been requested.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.
Inquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested.
The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after your request has been processed).
Mandatory legal provisions – in particular legal retention periods – remain unaffected.
10. Routine deletion and blocking of personal data.
The controller processes and stores personal data of the data subject only for the period of time necessary to achieve the purpose of storage or insofar as this has been provided for by the European Directive and Regulation or other legislator in laws or regulations to which the controller is subject.
If the storage purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Maker or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
11. Your rights
You have the following rights with respect to us regarding the personal data concerning you:
- Right to information
- Right to correction or deletion
- Right to restriction of processing
- Right to object to processing
- Right to data portability
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg.
Home address: Königstraße 10a, 70173 Stuttgart, Germany
Postal address: Postfach 10 29 32, 70025 Stuttgart, Germany
Phone: 0711/615541-0
Fax: 0711/615541-15
E-mail: poststelle@lfdi.bwl.de
In the case of obviously unfounded or excessive requests, we may charge an appropriate fee. Otherwise, the information will be provided free of charge (Art. 12 (5) DS-GVO).
In the event of reasonable doubt as to the identity of the person asserting the foregoing rights, we may request additional information necessary to confirm the identity (Art. 12(6) DS-GVO).
12. SSL Encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL encryption is activated, the data that you transmit to us can generally not be read by third parties. SSL or TLS encryption
13. Plugins and tools
YouTube
This website embeds videos of the website YouTube. The operator of the website is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our websites on which YouTube is embedded, a connection to the YouTube servers is established. In doing so, the YouTube server is informed which of our pages you have visited.
Furthermore, YouTube may store various cookies on your terminal device or use comparable technologies for recognition (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience, and prevent fraud attempts.
If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used in the interest of an appealing presentation of our online offers.
This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. If a corresponding consent was requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.
Further information on the handling of user data can be found in YouTube’s privacy policy at: https://policies.google.com/privacy?hl=de.
Google Maps
We use Google Maps on our website from the company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
Google Maps allows us to better show you locations and thus adapt our service to your needs. By using Google Maps, data is transmitted to Google and stored on Google servers. Here we will now go into more detail about what Google Maps is, why we use this Google service, what data is stored and how you can prevent this.
What is Google Maps?
Google Maps is an internet map service provided by Google. With Google Maps, you can search for exact locations of cities, landmarks, accommodations or businesses online via a PC, tablet or app. If companies are represented on Google My Business, other information about the company is displayed in addition to the location. To show how to get there, map sections of a location can be embedded in a website using HTML code. Google Maps shows the earth’s surface as a street map or as an aerial or satellite image. Thanks to the Street View images and the high-quality satellite images, very accurate representations are possible.
Why do we use Google Maps on our website?
All our efforts on this site are aimed at providing you with a useful and meaningful time on our website. By integrating Google Maps we can provide you with the most important information about various locations. You can see at a glance where we are located. The directions always show you the best or fastest way to us. You can get the directions for routes by car, by public transport, on foot or by bike. For us, the provision of Google Maps is part of our customer service.
What data is stored by Google Maps?
In order for Google Maps to fully provide their service, the company must record and store data from you. This includes, among other things, the search terms entered, your IP address and also the latitude or longitude coordinates. If you use the route planner function, the start address entered is also stored. However, this data storage happens on the websites of Google Maps. We can only inform you about this, but have no influence. Since we have integrated Google Maps into our website, Google sets at least one cookie (name: NID) in your browser. This cookie stores data about your user behavior. Google uses this data primarily to optimize its own services and to provide individual, personalized advertising for you.
The following cookie is set in your browser due to the integration of Google Maps:
Name: NID
Wert: 188=h26c1Ktha7fCQTx8rXgLyATyITJ311241192-5
Purpose: NID is used by Google to customize ads to your Google search. With the help of the cookie, Google “remembers” your most frequently entered search queries or your previous interaction with ads. This way, you will always get tailored ads. The cookie contains a unique ID that Google uses to collect your personal preferences for advertising purposes.
Expiration date: after 6 months
Note: We cannot guarantee completeness in the details of the stored data. Especially when using cookies, changes can never be excluded. In order to identify the cookie NID, a separate test page was created, where only Google Maps was integrated.
How long and where is the data stored?
Google servers are located in data centers all over the world. However, most servers are located in America. For this reason, your data is also increasingly stored in the USA. Here you can read exactly where the Google data centers are located: https://www.google.com/about/datacenters/inside/locations/?hl=de.
Google distributes the data on different data carriers. This means that the data can be retrieved more quickly and is better protected against any attempts at manipulation. Each data center also has special emergency programs. For example, if there are problems with Google’s hardware or a natural disaster cripples the servers, the data will pretty much remain protected anyway.
Google stores some data for a set period of time. For other data, Google only offers the option to delete it manually. Furthermore, the company also anonymizes information (such as advertising data) in server logs by deleting part of the IP address and cookie information after 9 and 18 months, respectively.
How can I delete my data or prevent data storage?
With the automatic location and activity data deletion feature introduced in 2019, location and web/app activity information will be stored for either 3 or 18 months, depending on your decision, and then deleted. In addition, you can also manually delete this data from your history at any time via your Google account. If you want to completely prevent your location tracking, you need to pause the “Web and App Activity” section in Google Account. Click “Data and personalization” and then click the “Activity setting” option. Here you can turn the activities on or off.
In your browser, you can further disable, delete or manage individual cookies. Depending on which browser you use, this always works slightly differently. The following instructions show how to manage cookies in your browser:
Chrome: Delete, enable and manage cookies in Chrome.
Safari: Manage cookies and website data with Safari.
Firefox: Delete cookies to remove data that websites have placed on your computer
Internet Explorer: delete and manage cookies
Microsoft Edge: delete and manage cookies
If you generally don’t want cookies, you can set your browser to notify you whenever a cookie is about to be set. This way, you can decide for each individual cookie whether you allow it or not.
Google is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. For more information, please visit https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI. If you want to learn more about Google’s data processing, we recommend that you read the company’s in-house privacy policy at https://policies.google.com/privacy?hl=de.
Google Maps is used in the interest of an appealing presentation of our online offers and of making it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Further details can be found here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs.
More information on the handling of user data can be found in Google’s privacy policy:
https://policies.google.com/privacy?hl=de.
This website has integrated components of the company Facebook. Facebook is a social network.
The operating company of Facebook is Facebook, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. The controller of personal data, if a data subject lives outside the USA or Canada, is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time one of the individual pages of this website operated by the data controller is called up and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the information technology system of the data subject is automatically caused by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com can be retrieved. Within the scope of this technical procedure, Facebook receives information about which specific subpage of our website is visited by the data subject.
If the data subject is logged in to Facebook at the same time, Facebook recognizes which specific subpage of our website the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject activates one of the Facebook buttons integrated on our website, for example the “Like” button, or if the data subject posts a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.
Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is simultaneously logged into Facebook at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, he or she can prevent the transmission by logging out of his or her Facebook account before accessing our website.
The data policy published by Facebook, which can be found at https://de-de.facebook.com/abo… provides information on the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook, for example the Facebook Blocker from the provider Webgraph, which can be obtained at http://webgraph.com/resources/… can be procured. Such applications can be used by the data subject to suppress data transmission to Facebook.
This website has integrated components of the LinkedIn Corporation. LinkedIn is currently the largest platform for business contacts and one of the most visited websites in the world.
The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For data protection issues outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.
With each individual call-up of our website that is equipped with a LinkedIn component (LinkedIn plug-in), this component causes the browser used by the data subject to download a corresponding representation of the component from LinkedIn. Further information on the LinkedIn plug-ins can be found at https://developer.linkedin.com… can be retrieved. As part of this technical procedure, LinkedIn receives knowledge of which specific sub-page of our website is visited by the data subject.
If the data subject is logged in to LinkedIn at the same time, LinkedIn recognizes which specific sub-page of our website the data subject is visiting with each call-up of our website by the data subject and for the entire duration of the respective stay on our website. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject activates a LinkedIn button integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.
LinkedIn always receives information via the LinkedIn component that the data subject has visited our website if the data subject is simultaneously logged into LinkedIn at the time of calling up our website; this takes place regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be transmitted to LinkedIn, he or she can prevent the transmission by logging out of his or her LinkedIn account before accessing our website.
LinkedIn offers at https://www.linkedin.com/psett… the possibility to unsubscribe from email messages, SMS messages and targeted ads as well as to manage ad settings. LinkedIn further uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may set cookies. Such cookies can be rejected at https://www.linkedin.com/legal… to be rejected. The applicable privacy policy of LinkedIn is available at https://www.linkedin.com/legal… accessible. LinkedIn’s cookie policy is available at https://www.linkedin.com/legal…. retrievable.
14. Legal basis of the processing
Article 6 I lit. a DS-GVO serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for a delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data might become necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d DS-GVO. Finally, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47, Sentence 2 DS-GVO).
15. Duration of data retention
The criterion for the duration of the storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data is routinely deleted, provided that it is no longer required for the performance of the contract or the initiation of the contract.
16. Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-provision
We inform you that the provision of personal data is sometimes required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before providing personal data by the data subject, the data subject must contact our data protection officer. Our data protection officer will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.
17. Existence of automated decision-making
As a responsible company, we do not use automated decision-making or profiling.
Source reference:
Excerpts of this privacy policy are from:
https://www.e-recht24.de/muster-datenschutzerklaerung.html
All texts are protected by copyright.