Skip to main content

Data Privacy Policy

We, VISUALYS GmbH (hereinafter referred to as VISUALYS), are delighted that you are interested in our company and our website. We attach the utmost importance to the protection of your privacy and therefore always make every effort to process all personal data in accordance with the currently applicable data protection laws.

Review the Privacy Policy for Customers

To the privacy policy for video conferencing systems

If you should need further clarifications related to data protection/privacy or have questions about data protection/privacy at VISUALYS, please do not hesitate to contact our data protection officer.

How to contact the data protection officer:

Phone: +49 6722 9965-810

E-Mail: robert@visualys.net

In order to protect your privacy, VISUALYS has implemented the following policies:

Google Analytics

Whenever you visit our websites, an anonymized version of the IP address of your Internet service provider, the website from which you are transferred to visit us along with the web pages you visit on our sites as well as the date and duration of your site visit are stored by us. Hence, it is not possible to trace you as a person and we use the data received exclusively for statistical purposes.

We use Google Analytics to record this data. This is a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies,” which are text files that are stored on your computer and that make it possible to analyze the use of our website by you. On our websites, the Google Analytics code has been extended with the tag “gat._anonymize I p ();.” It ensures the anonymized recording of IP addresses (this solution is called “IP masking”).

The IP address transferred in conjunction with Google Analytics by your browser is not merged with other Google data. You also have the option to prevent the archiving of cookies by adjusting the settings of your browser software making pertinent. However, we have to emphasize that in this case you may not be able to use all of the functions of this website to their fullest extent. Moreover, you have the option to prevent the recording of the data generated by the cookie and any data related to your use of the website (incl. your IP-address) by Google as well as the processing of such data by Google by downloading and installing the following browser plug-in under the following link:

http://tools.google.com/dlpage/gaoptout?hl=en.

For more information on how Google Analytics handles user data, please see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en

HubSpot

On this website we use HubSpot for different purposes. HubSpot is a software company from the USA with a branch office in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Telephone: +353 1 5187500.

Hubspot is an integrated software solution that we use to cover different aspects of our online marketing. This includes, among others:

Email marketing, social media publishing & reporting, reporting, contact management (e.g., user segmentation & CRM), landing pages and contact forms.

Our registration service enables visitors to our website to find out more about our company, to download contents and to provide their contact information, together with further demographic information. This information, together with the contents of our website are stored on the servers of our software partner HubSpot. We can use it to make contact with visitors to our website and to determine which of our company’s services are interesting for them. All information collected by us is subject to this data privacy policy. We use all information collected exclusively for optimizing our marketing measures.

More information about the Privacy Policy can be found here.

More information about Hubspots  regarding the EU-Data Protection Regulations can be found here.

More Information about HubSpots Cookies can be found here and here.

As part of the optimization of our marketing activities, Hubspot may collect and process the following data:

  • Geographical position
  • Browser type
  • Navigation information
  • Reference URL
  • Performance data
  • Information about how often the application is used
  • Mobile apps data
  • HubSpot subscription service credentials
  • Files that are displayed on site
  • Domain names
  • Viewed pages
  • Aggregated use
  • Version of the operating system
  • Internet service provider
  • IP address
  • Device identification
  • Duration of the visit
  • Where the application was downloaded from
  • Operating system
  • Events that occur within the application
  • Access times
  • Clickstream data
  • Device model and version

We also use HubSpot’s contact forms.

The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

Data may be transferred to the USA as part of processing by Hubspot. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, Art. 49 (1)(a) GDPR can serve as a legal basis. Please note the reference to the risk of data transfer to an unsafe third-country under sub-item “7. Forms”.

Leadinfo

This website uses the service of the provider Leadinfo B.V. with its registered office in Rotterdam. This service shows us publicly available company data based on IP addresses, such as company names and addresses. The recognition of companies is based solely on IP addresses. IP addresses are not stored after use.

In addition to this recognition via IP addresses, two first-party cookies are used to obtain information on how visitors use the website (analysis). These cookies are not linked to other information and nothing is passed on to third parties.

Opposition to data collection:

If you wish to disable data collection (tracking), please click on the appropriate button at: https://www.leadinfo.com/de/opt-out/

Order data processing:

We have concluded a contract with Leadinfo for commissioned data processing and implement the data protection regulations.

Contact Leadinfo:

Leadinfo B.V.

Rivium Quadrant 141

2909 LC Capelle aan den IJssel

The Netherlands

hallo@leadinfo.com

+49 322 2109 6861

LinkedIn

We use the retargeting tool and the conversion tracking of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”). For this purpose the LinkedIn Insight Tag is incorporated into our webpage. LinkedIn uses it to collect statistical, pseudonymized data from your visit and use of our website and to provide us with the corresponding aggregated statistics based on these. In addition, this information serves to be able to show you relevant offers and recommendations specific to your interests, after you have inquired on the website about certain services, information and offers. The information in this regard is stored in a cookie. More information about Data Privacy of LinkedIn can be found here.

In this process this data will be collected and processed:

  • IP Address
  • Device information
  • Browser information
  • Referrer URL
  • Timestamp

The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want LinkedIn to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

Data may be transferred to the USA as part of processing by LinkedIn. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.

Google Ads (formerly GoogleAdwords) and Google Ads Conversion Tracking

This website uses the service “Google AdWords”. The operator of this service is the company Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. The purpose of this service is so-called conversion tracking, i.e., we can detect what happened after you clicked on our advertisements. Cookies are placed for this purpose, but they are only valid for a limited time.

The following data is collected and processed:

  • Cookie-ID
  • Visited Pages
  • IP Addresses
  • Duration of visit
  • Usage data
  • Content user is interested in
  • Clicked Ads
  • Web requests
  • Cookie information
  • Referrer URL
  • Browser language
  • Browser type

The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want Google Ads to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

As part of the processing, the data may be transferred to the following recipients besides Google Ireland Limited:

  • Google LLC.
  • Alphabet Inc.

Data may be transferred to the USA as part of processing by Google Ads. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.

YouTube

This website uses the service “YouTube” to insert videos into the page. The operator of the software necessary for this purpose is the company Google Ireland Limited Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

The integration of YouTube content is carried out in “extended privacy mode”. This ensures that YouTube does not initially store cookies on your device. As a result, YouTube no longer stores any information about visitors until you watch the video.

When you click on the video, your IP address is sent to YouTube, which tells YouTube that you have watched the video. If you are logged in to YouTube, this information is also associated with your account. This can be prevented by logging out of YouTube before viewing the video.

Accordingly, the following data can be collected and processed:

  • IP Addresses
  • Referrer URL
  • Device Information
  • Watched videos

The legal basis of the processing is your consent according to Art. 6 (1)(a) GDPR. If you do not want YouTube to collect and process the aforementioned data, you can refuse your consent or withdraw it at any time with effect for the future.

The data will be stored for as long as it is necessary for the purpose of the procession. The data will be deleted as soon as it is no longer needed for the processing purposes.

As part of the processing, the data may be transferred to the following recipients besides Google Ireland Limited:

  • Google LLC.
  • Alphabet Inc.

Data may be transferred to the USA as part of processing by YouTube. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to ensure an adequate level of security, we will obtain your consent in accordance with Art. 49 (1)(a) GDPR prior to the data processing.

Google Web Fonts

On this website the service Google Web Fonts is used. The service is provided by Google Ireland Limited Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.  Google Web Fonts enables us to load and display external fonts, so-called Google Fonts, on our website. Google Web Fonts is locally integrated on our website. This means that the fonts are not loaded from Google servers.

In the context of processing via Google Web Fonts, the following personal data is collected and processed:

  • IP address

The legal basis for this processing is Art. 6 (1)(f) GDPR — a legitimate interest. Our legitimate interest in the processing is to present the website in an attractive and user-friendly manner. Local hosting ensures that no data is transferred to Google, and no data transfer takes place.

Personal data is stored for as long as it is necessary to fulfill the purpose of processing. The data is deleted as soon as it is no longer required for the purpose.

Hotjar

We use Hotjar, with the aim of better understanding the needs of our users and to optimize our website presentation accordingly. With the assistance of Hotjar’s technology, we are able to better understand the experiences of our users (e.g. how much time do users spend on which pages, which links do they click, what they like and don’t like, etc.). This helps us to tailor our site to the feedback we receive from our users. Hotjar works with cookies and other technologies to collect information about our users’ behavior patterns and their end devices (in particular the IP address of the device [which is recorded and archived in anonymized formats only], the screen size, type of device [Unique Device Identifiers], information about the browser used, the location (country only), preferred language the website is displayed in). Hotjar stores this information in a pseudonymized user profile. Neither we nor Hotjar will use the information to identify individual users or to merge them with other data related to individual users. For more information, please consult Hotjar’s Data Protection Declaration here.

You have the option to prevent the archiving of a user profile and of information about your visit to our website by Hotjar and the setting of Hotjar tracking cookies on other websites by clicking this Opt-Out-Link

Google reCAPTCHA

We use the Google reCAPTCHA v3 service to determine whether a natural person or computer makes an entry in our contact or newsletter form. The legal basis for the use of Google reCAPTCHA is Art. 6 Para. 1 Letter f Data Protection Basic Regulation DSGVO. We have a legitimate interest in ensuring the security of our website and protecting ourselves from automated attacks.

To the best of our knowledge, Google uses the following data to determine whether you are a natural person or a computer: IP address of the device used, the website that you visit on our site and on which

Data Sharing is Voluntary

You are providing the personal data you are transmitting over the Internet (e.g. your name, address or e-mail address) on a voluntary basis. The data you share will be used to correspond with you or will be processed for the purpose for which you have provided the data to us.

If you explicitly request it, we will on occasion notify you via newsletter of interesting product and service offers. You have the option to informally unsubscribe from this service at any time.

Confidentiality

We do not share your personal data with third parties. The data you provide to us will be used by VISUALYS employees to process your inquiry. For further handling of your request, we may pass on your data to a qualified technical VISUALYS Distributor in your respective region.

Please read our comprehensive Data Protection Declaration below:

A. Data Protection Declaration in Compliance with the GDPR (General Data Protection Regulation)

I. Name and Address of the Data Controller

The Data Controller (i.e. the party responsible for the handling of the data) as defined in the General Data Protection Regulation and other domestic data privacy laws of the respective member states of the EU as well as any other data privacy related provisions is:

VISUALYS GmbH

Industriestr. 7

65366 Geisenheim

Phone: +49 (0)6722 – 99 65 20

Fax: +49 (0)6722 – 99 65 78

E-Mail: mail@visualys.net

Managing Director: Robert Wachendorff

II. Contact Information of the Data Protection Officer

Phone: +49 6722 9965-810

E-Mail: mail@visualys.net

III. General Data Processing Information

1. Scope of Personal Data Processing

Principally, we collect and use personal data of our users only if they are required for the provision of a functional website as well as for the provision of our content and services. We consistently collect and use personal data of our users only after obtaining our users’ consent. The only exceptions from this rule are cases in which it is impossible to obtain prior consent for specific reasons and the processing of such data is permitted by respective statutory provisions.

2. Legal Foundation for the Processing of Personal Data

If we obtain the consent of the Data Subject (the person whose data we collect), this occurs on the basis of Art. 6 Sect. 1 lit. a EU General Data Protection Regulation (GDPR) as the legal foundation for the processing of personal data.

When we process personal data required for the fulfillment of a contract to which the Data Subject is a party, Art. 6 Sect. 1 lit. b GDPR provides the legal foundation for such processing. This applies also to processing transactions that are necessary to perform pre-contractual actions.

If the processing of personal data should be necessary for the fulfillment of a legal obligation our company is subject to, Art. 6 Sect. 1 lit. c GDPR provides the respective legal foundation.

In the event that life sustaining interests of the Data Subject or any other natural person mandate the processing of personal data, Art. 6 Sect. 1 lit. d GDPR provides the legal basis for such actions.

If the processing of personal data is necessary to protect legitimate interests of our company or of a third party and if the fundamental interests and freedoms of the Data Subject do not outweigh the aforementioned interests, Art. 6 Sect. 1 lit. f GDPR provides the legal foundation for data processing.

3. Eradication of Data and Archiving Period

The Data Subject’s personal data shall be eradicated or blocked as soon as the purpose of archiving the data no longer exists. Data may be stored beyond this time frame if this is mandated in European or national legislation, in European Union Directives, laws or other provisions the Data Controller is subject to. A blockage or eradication of data shall also occur if one of the archiving periods set forth in the aforementioned standards expires, unless the continued archiving of the data is necessary for the execution of a contract or the fulfillment of a contract

IV. Publication of the Website and Generation of Logfiles

1. Description and Scope of the Data Processing

Every time our website is accessed on the Internet, our system automatically records data and information obtained from the computer system of the accessing computer.

In conjunction with this process, the following data is collected:

(1) Information about the type of browser and the browser version used

(2) The user’s operating system

(3) The user’s Internet service provider

(4) The user’s IP address

(5) Date and time the website was accessed

(6) Websites from which the system of the user is directed to our website

(7) Websites accessed by the user’s system via our website

These data are also archived in the logfiles of our system. This does not pertain to the user’s IP addresses or other data that make it possible to allocate the data to a user. These data are not archived along with other personal data of the user.

2. Legal Foundation for the Processing of Data

The legal foundation for the temporary storage of data is Art. 6 Sect. 1 lit. f GDPR.

3. Purpose of the Processing of Data

The temporary storage of the IP address by the system is necessary to make it possible to release the website for access to user’s computer. To be able to do this, the user’s IP address must remain archived for the duration of the user’s session.

These purposes also establish our legitimate interest in the processing of data pursuant to Art. 6 Sect. 1 lit. f GDPR.

4. Archiving Period

The data shall be eradicated as soon as they are no longer required for the attainment of the purpose of their collection. In the event that data is recorded to provide access to the website, this occurs as soon as the respective session has ended.

5. Right to Object and Elimination Option

The recording of the data for the provision of access to the website and the archiving of data in logfiles is mandatory for the operation of the website. Hence, the user does not have any option to object to such activities.

V. Use of Cookies

a) Description and Scope of the Data Processing Activities

Our website uses cookies. Cookies are text files that are stored in the web browser on the user’s computer system. If a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic sequence of characters that make it possible to clearly identify the browser the next time the website is accessed.

We use cookies to make our website more user friendly. Some elements of our website require that the accessing browser can also be identified once sites are switched.

The following data are stored and transferred in these cookies:

(1) Language settings

(2) Items in a shopping cart

(3) Log-in information

(4) Download STEP files

(5) Agreement to use cookies

On our website we also use cookies that make it possible to conduct an analysis of the browsing patterns of users.

As a result, the following data may be transmitted:

(1) Entered search terms

(2) Site access frequency

(3) Utilization of website functions

The data generated in this manner is anonymized with the assistance of technical solutions. Once this anonymous data has been generated, it impossible to allocate the data to the accessing user. The data are not archived along with our personal user data.

For information on how the storage of cookies in browser settings can be prevented, please go to the very beginning of our Data Protection Declaration and find the instructions under Anonymity.

b) Legal Foundation for the Processing of Data

The legal foundation for the processing of personal data in conjunction with the use of cookies is Art. 6 Sect. 1 lit. f GDPR.

c) Purpose of the Processing of Data

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some of our website’s functions cannot be offered in the absence of the use of cookies. To make them work, it is necessary to recognize the browser after it has switched sites/pages and returns.

We require cookies for the following applications:

(1) The shopping cart

(2) The adoption of language settings

(3) To remember search terms

The user data collected by technically necessary cookies are not used to generate user profiles.

We use analysis cookies with the aim of improving the quality and contents of our website. Analysis cookies tell us how the website is being used, which allows us to continuously optimize our presentation.

These purposes also establish our legitimate interest in the processing of personal data pursuant to Art. 6 Sect. 1 lit. f GDPR.

d) Storage Period, Objection and Elimination Options

Cookies are stored on the computer of the user and sent to our website by the user’s device. computer. Hence, you as the user have complete control over the utilization of cookies. By changing the settings of your web browser, you can deactivate the transmission of cookies completely or restrict it. Already stored cookies can be deleted at any time. An automatic deactivation option is also available. However, if cookies are deactivated for use of our website, you may not be able to use all functions of the website in their entirety.

The transmission of flash cookies cannot be prevented by changing your browser settings; however, you can do this by changing the settings of the Flash Player.

VI. Newsletter

1. Description and Scope of Data Processing

On our website, users have the option to subscribe to a free newsletter. When the user subscribes, the data generated in the entry screen is sent to us:

(1) User’s e-mail address

(2) First name

(3) Last name

(4) Company name

(5) Department

(6) Position

(7) Street address

(8) ZIP / postal code

(9) City

(10) Phone number

In addition, the following data are collected during the subscription process:

(1) IP address of the accessing computer (anonymized)

(2) Date and time of registration

In conjunction with the registration process, your consent to the processing of the data is obtained and you are directed to review this Data Protection Declaration.

If you acquire merchandise or services on our website and provide your e-mail address in conjunction with your order, it may subsequently be used by us to send a newsletter. In such cases, only direct advertising for our own, similar goods or services will be sent to you in the newsletter.

We do not share any data with third parties in connection with the data processing for the sending of newsletters. The data will be used exclusively for the sending of our newsletter.

2. Legal Foundation for the Processing of Data

The legal foundation for the processing of data after the user has subscribed to the newsletter, if user’s consent has been obtained is Art. 6 Sect. 1 lit. a GDPR.

The legal foundation for the sending of the newsletter based on the purchase of goods or services is § 7 Sect. 3 UWG.

3. Purpose of the Processing of Data

The e-mail address of the user is obtained to send the newsletter to the proper address. The collection of any other personal data in conjunction with the registration process is to prevent the misuse of our services or of the used e-mail address.

4. Archiving Period

The data shall be eradicated as soon it is no longer required to attain the purposes for which they were collected in the first place. Consequently, the user’s e-mail address will be archived as long as the newsletter subscription remains active.

5. Objection and Elimination Options

The Data Subject (user) may cancel the newsletter subscription at any time. A link that allows users to do this will be provided in every newsletter.

VII. Contact and Inquiry Forms and E-mail Contact Information

1. Description and Scope of the Data Processing

Our website offers contact and inquiry forms that can be used to contact us by electronic means. If the user should take advantage of this convenience, the data entered into the respective entry screen will be sent to us and we archive the data. These data include:

(1) User’s e-mail address

(2) First name

(3) Last name

(4) Company name

(5) Department

(6) Position

(7) Street address

(8) ZIP / postal code

(9) City

(10) Phone number

Given that we offer different contact and inquiry forms for a variety of occasion, additional content may be stored, including:

(11) Product item numbers

(12) Specific information and explanations concerning the respective transaction

At the time the message is sent, the following data will also be stored:

(1) Registration date and time

In conjunction with the sending process, we will obtain your consent to the processing of data and you will be directed to consult this Data Protection Declaration.

Alternatively, you have the option to contact us using the provided e-mail address. In this case, the personal data of the user sent in the e-mail will be stored.

In this context, no data will be shared with third parties. The data will be used exclusively to process the conversation.

2. Legal Fundamentals for the Processing of Data

The legal basis for the processing of the data if the user’s consent has been obtained is Art. 6 Sect. 1 lit. a GDPR.

The legal foundation for the processing of data sending in conjunction with an e-mail, is Art. 6 Sect. 1 lit. f GDPR. If the e-mail contact aims at entering into a contract, the additional legal basis for the processing of the data is Art. 6 Sect. 1 lit. b GDPR.

3. Purpose of the Processing of the Data

We process personal data obtained through entry screen entries solely for the handling of the contact request. If we have been contacted by a user via e-mail this also establishes the required legitimate interest in the processing of the data.

Any other personal data processed in conjunction with the e-mail sending process is used to prevent the misuse of the contact form and to ensure the security of our information technology systems.

4. Archiving Period

The data shall be eradicated as soon it is no longer required to attain the purposes for which they were collected in the first place. For data obtained from the entry screen of the contact form and those sent via e-mail, this occurs when the respective conversation with the user has ended. The conversation has ended once we can determine from the circumstances that the related subject matter has definitely been resolved.

Any additional data collected during the sending process shall be deleted no later than seven days after their collection.

5. Objection and Elimination Options

The user has the option to at any time informally revoke the consent given for the processing of personal data. If the user contacts us via e-mail, the user may object to the archiving of any personal data at any time. In such a case, it will not be possible to continue the conversation.

All personal data that has been archived in conjunction with the initiation of contact will be deleted in this case.

VIII. Rights of the Data Subject

If any of your personal data is being processed by anyone, you are classified as a “Data Subject” pursuant to the GDPR and as such, you have the following rights that must be respected by the Data Controller:

1. The Right to Information

You have the option to demand a confirmation from the Data Controller as to whether personal data related with you are being processed by us.

If any such processing does take place, you may demand information from the Data Controller about the following facts:

(1) The purposes for which the personal data are being processed;

(2) The categories of personal data that are being processed;

(3) The recipients and/or the categories of recipients to whom the data related to you has been disclosed or will be disclosed in the future;

(4) The archiving period for the personal data related to you or, if concrete information about the duration cannot be provided, the criteria for the setting of the archiving period;

(5) The fact that you have the right to have the personal data affiliated with you rectified or eradicated, the right to restrict the processing of your data by the Data Controller and a right to object to the processing of your personal data;

(6) The fact that you have the right to log a complaint with a supervisory/regulatory agency;

(7) All available information about the origins/source of the data if the personal data has not been collected from the Data Subject;

(8) The existence of an automated decision-making tool, including profiling, pursuant to Art. 22 Sect. 1 and 4 GDPR and – at least in cases where this applies – meaningful information about the logic involved and the scope of the former as well as the desired effects of this type of processing for the Data Subject.

You have the right to demand information as to whether the personal data affiliated with you is transmitted to a country outside of the European Union and the European Economic Area or to an international organization. In this context, you have the right to demand that the appropriate guarantees in place pursuant to Art. 46 GDPR in connection with the transfer are disclosed to you.

2. Right to Rectification

You are entitled to rectification and/or completion by the Data Controller if the personal data affiliated with you that has been processed is incorrect or incomplete. The Data Controller must make the corrections immediately.

3. Right to Restriction of the Processing of Data

Under the following provisions you have the right to demand the restriction of the processing of the personal data affiliated with you:

(1) If you are disputing the correctness of the personal data affiliated with you for a time period that allows the Data Controller to check the correctness of the personal data;

(2) If the processing of the data is illegal and you refuse to have the personal data deleted and instead demand the restriction of the use of the personal data affiliated with you;

(3) If the Data Controller no longer needs the personal data for processing purposes and you need it for the claiming, exercising or defense of legal entitlements or

(4) If you have filed an objection against the processing of the data pursuant to Art. 21 Sect. 1 GDPR and it is not yet definite whether the grounds of the Data Controller outweigh your grounds.

If the processing of the personal data affiliated with you has been restricted, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of another natural or legal person or based on grounds of important public interest of the European Union or one of its member states.

If the restriction of data processing has been imposed in compliance with the above conditions, you will be notified by the Data Controller before the restriction is lifted.

4. Right to Eradication (Deletion)

a) Mandatory Eradication

You have the right to demand that the Data Controller promptly eradicates the personal data affiliated with you and the Data Controller must promptly eradicate the data if one of the following grounds has materialized:

(1) The personal data affiliated with you are no longer required for the purposes for which they were collected or processed in any other way.

(2) You are revoking your consent based on which the processing of the data was based pursuant to Art. 6 Sect. 1 lit. a or Art. 9 Sect. 2 lit. a GDPR; and there is no other legal foundation for the processing of these data.

(3) You are objecting to the processing of these data pursuant to Art. 21 Sect. 1 GDPR and there are no other prioritized grounds for the processing of the former or you are objecting to the processing pursuant to Art. 21 Sect. 2 GDPR.

(4) The personal data affiliated with you were unlawfully processed.

(5) The eradication of the personal data affiliated with you is necessary to fulfill al legal obligation based on European Union law or the laws of any of the member states of the EU the Data Controller is governed by.

(6)  The personal data affiliated with you were collected in reference to services offered by the information society pursuant to Art. 8 Sect. 1 GDPR.

b) Information Shared with Third Parties

If the Data Controller has published the personal data affiliated with you and if the Data Controller must eradicate these data pursuant to Art. 17 Sect. 1 GDPR, the Data Controller, taking into account the available technology and the cost of implementation, shall take reasonable precautions, including those that are technical in nature, to notify those responsible for the processing of the personal data that you as the Data Subject have demanded the deletion of all links to said personal data or of copies or reproductions of these personal data.

c) Exceptions

The right to eradication does not exist if the processing of the data is necessary

(1) To exercise the right of free speech and information;

(2) To meet a legal obligation that places the processing of the data under the laws of the European Union or of member states the Data Controller is governed by or if the data are required to perform a task that is in the interest of the public or that is being performed on behalf of public authorities and has been assigned to the Data Controller;

(3) On grounds of public interest within the scope of public health pursuant to Art. 9 Sect. 2 lit. h and i as well as Art. 9 Sect. 3 GDPR;

(4) For archiving purpose that are in the public interest, for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 Sect. 1 GDPR, if the law mentioned in Section a) is anticipated to make the attainment of the goals of this processing impossible or if it is expected to seriously impair it, or

(5) For the claiming, exercising and defense of legal entitlements.

5. Right to be Notified

If you have exercised your right to rectification, eradication or restriction of processing vis-à-vis the Data Controller, the Data Controller must notify all recipients to whom the personal data affiliated with you has been disclosed, of this rectification, eradication or of the restriction of processing, unless this proves to be impossible or is affiliated with disproportionate expenditures.

You are entitled to receive information about these recipients from the Data Controller.

6. Right to Data Portability

You have the right to receive the personal data affiliated with you that you have provided to the Data Controller, in a structured, commonly used and machine readable format. Moreover, you have the right to have this data transferred to another data controller without any obstacles caused by the Data Controller to whom you have made your personal data available, provided

(1) The processing was based on consent pursuant to Art. 6 Sect. 1 lit. a GDPR or Art. 9 Sect. 2 lit. a GDPR or a contract pursuant to Art. 6 Sect. 1 lit. b GDPR

(2) Processing was performed with automated support.

When you are exercising this right you also have the right to demand that the personal data affiliated with you is directly transmitted from one data controller to another data controller, if this is technically feasible. This must not infringe upon the freedoms and rights of other individuals.

The right to data portability does not apply to the processing of personal data that is required for the performance of a task that is in the public’s interest or that is being performed in an act of public power that has been assigned to the Data Controller.

7. Right to Object

You have the right to at any time object to the processing of personal data affiliated with for reasons arising from your special situation, if this processing occurs on the grounds of Art. 6 Sect. 1 lit. e or f GDPR. This shall also apply to any profiling based on the aforementioned provisions.

As a result, the Data Controller shall no longer process the personal data affiliated with you, unless the Data Controller is in a position to prove compelling protection worthy grounds for the processing of the data that outweigh your interests, rights and freedoms or if the processing serves the claiming, exercising or defense of legal entitlements.

If the personal data affiliated with you should be processed to engage in direct advertising, you have the right to raise objections against the processing of the personal data affiliated with you for such advertising purposes at any time; this shall also apply to any profiling affiliated with such direct advertising.

If you object to processing for direct advertising purposes, the personal data affiliated with you will no longer be processed for these purposes.

You have the option to exercise your right to object in connection with the use of services of the information society – Directive 2002/58/EU notwithstanding – using automated methods for which technical specifications will be used.

8. Right to Revoke Your Data Protection Law Related Declaration of Consent

You have the right to revoke your data protection law related declaration of consent at any time. Your revocation of consent shall not affect the legitimacy of the processing of data prior to this revocation.

9. Automated Decisions in Individual Cases, Including Profiling

You have the right not to be subjected to a decision based solely on the automated processing of your data, including profiling, which becomes legally effective for you or that impairs you significantly in a similar manner. This shall not apply if the decision

(1) Is necessary for the execution or fulfillment of a contract between you and the Data Controller,

(2) Is permissible based on legal provisions of the European Union or its member states the Data Controller is governed by and if these legal provisions contain appropriate precautions to protect your rights and freedoms as well as you legitimate interests or

(3) Is made with your express consent.

Nevertheless, such decisions must not be based on special categories of personal data pursuant to Art. 9 Sect. 1 GDPR, unless Art. 9 Sect. 2 lit. a or g applies and reasonable precautions to protect your rights and freedoms as well as your legitimate interests have been made.

With regard to the cases mentioned under (1) and (3), the Data Controller shall take reasonable precautions to protect your rights and freedoms as well as your legitimate interests, which shall include at least the right to cause the intervention of a person at Data Controller’s end, on the representation of your own stance and the contestation of the decision.

10. Right to Log a Complaint with a Supervisory/Regulatory Agency

Any other administrative or in-court legal recourse notwithstanding, you have the right to log a complaint with a supervisory/regulatory agency, in particular in the EU member state where you are located, the location of your workplace or the location of the alleged violation, if you are of the opinion that the processing of the personal data affiliated with you violates the GDPR.

The supervisory/regulatory agency the complaint has been logged with shall notify the claimant of the status and the results of the complaint, including the option to take legal resource in a court of law pursuant to Art. 78 GDPR.

Close Menu