Privacy policy
We are pleased that you are visiting our website. Please find below a brief summary of how we handle your personal data in accordance with Art. 13 General Data Protection Regulation (GDPR).
Data Protection Office
The body named in the legal notice is responsible for the data processing described below.
Utilisation of data
When you visit our website temporary so-called usage data appears as a log on our web server and is analysed for statistical purposes. This assists us in improving our websites. This data record comprises:
- the name and address of the requested content,
- the date and time of the request,
- amount of data transferred,
- access status (transferred data, content not found),
- description of the web browser used and the operating system,
- referral link which indicates the page from which our page was accessed,
- IP address of the computer making the request. This is abbreviated, so that it is not possible to trace back to an individual.
The log data is only analysed anonymously.
Storage of IP address
Furthermore, we do not store any IP addresses.
Data security
We undertake technical and organisational measures in order to ensure that your data is protected from unwanted access as comprehensively as possible. Our websites are
encrypted. Your data is transferred from your computer to our server, and vice versa, via the Internet using TLS. This is generally recognised by the fact that the lock symbol in your browser’s status bar is locked and the address line begins with https://.
Necessary cookies
Cookies are used on our websites which are required for our websites to work properly.
Cookies are small text files that are stored on your end device and can be analysed. A difference is made between session cookies that are deleted as soon as you close your browser and permanent cookies that are stored after a single session is over.
We do not use these necessary cookies for the purpose of analysing and tracking your behaviour, nor do we use them for purposes of advertising.
These cookies only contain information concerning specific settings and cannot be traced back to the person in question. They may also be necessary to enable user navigation, security and implementation of the website.
These cookies are used in accordance with Art. 6 (1) f of the GDPR.
You can change the settings of your browser which will let you know which cookies have been placed. This will then make the use of cookies transparent for you. Moreover, you can delete the browser settings at any time, thereby preventing new cookies from being stored on your device. Please note, however, that this may then result in you being unable to display the contents of our websites and that some of our functions may then be no longer technically possible.
Google Maps
Map services of Google Maps, a service provided by Google LLC (USA), has been embedded into our websites but are not stored on our servers. When you call up our websites featuring embedded map services, only a search button is initially shown, so that the content of a third provider is not automatically reloaded. Consequently, the third-party provider does not receive any information.
The content of the third-party provider is only reloaded after you have clicked on the button. This then notifies the third-party provider that you have called up our page as well as providing them only with the usage data that is technically necessary in this respect. We have no influence over how the third-party provider processes the data thereby collected. By clicking on the button, you give your consent to the third-party provider to reload the content.
Details are then embedded in line with your consent based on Art. 6 (1) a of the GDPR,
insofar as you have previously given your consent by clicking on the button.
| Provider | Adequate level data protection | Revocation of consent |
|---|---|---|
| Google LLC (USA) | Data transfer based on the EU-US Data Privacy Framework (DPF) | Once you have clicked on the button, content of the third-party provider is immediately reloaded. If you do not wish this reloading to occur on other websites, please do not click the search button. |
We use the web analysis tool “Matomo” to ensure that our website works according to our needs.
Matomo creates usage profiles based on pseudonyms. This is achieved by storing permanent cookies of your end device which are then read by us, enabling us to recognise repeat visitors and count them.
Data processing takes place based on your consent in line with Art. 6 (1) a GDPR as well as Section 15 (3) 1 German Telemedia Act (TMG), insofar as you have used our banner for your consent.
You may revoke your consent at any time. To do so, please follow this link and carry out the corresponding settings via our banner.
Storage period
Where we have not explicitly mentioned the storage period, we delete personal data when it is no longer necessary for the aforementioned purposes of processing, and nothing stands in the way of deleting the data due to legal obligations to preserve records.
Other data processing companies
We forward your personal data to service providers who assist us in running our websites and all associated processes. This is done as part of order processing in accordance with Art. 28 GDPR, i.e. web hosting providers. Our service providers are contractually bound to follow our instructions.
Below are the order processing companies working with us, insofar as they have not been mentioned before in the data privacy statement. Where data is transmitted outside of the EU or the EEA in this context,
details are also given in respect of the appropriate level of data protection.
Your rights as the person in question
Where your personal data is processed, you have certain rights in line with GDPR. Your rights as the person concerned:
Right of access (Art. 15 GDPR)
You have the right to obtain confirmation as to whether or not personal data concerning yourself are being processed, and, where that is the case, access to the personal data and information that is listed in Art. 15 GDPR.
Right to rectification (Art. 16 GDPR)
You have the right, without undue delay, to have inaccurate personal data concerning yourself rectified. Where information is incomplete, you have the right to request that this is completed.
Right to erasure ‘right to be forgotten’ (Art. 17 GDPR)
You have the right to request that personal data concerning yourself be erased where one of the grounds stated in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing where one of the following applies, as stated in Art. 18 GDPR: personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
Right to data portability (Art. 20 GDPR)
In certain instances, as listed in Art. 20 GDPR, you have the right to request to receive personal data concerning yourself in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party.
Right to withdraw consent (Art. 7 GDPR)
Where the processing of personal data has been carried out based on your consent, you have the right to withdraw your consent in respect of the use of your personal data, at any time, in accordance with Art. 7 (3) GDPR. Please note that the withdrawal of consent is only effective for future use. Processing that took place before the withdrawal of consent remains in force.
Right to object (Art. 21 GDPR)
Where data is collected based on Art. 6 (1) f GDPR (data processing to uphold legitimate interests) or based on Art. 6 (1) e GDPR (data processing for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller), you have the right to object to the processing at any time on grounds concerning your special situation. We will then no longer process personal data, unless there are demonstrably compelling grounds for the processing that outweigh your interests, rights and liberties, or the processing serves to assert, exercise or defend legal claims.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR if you consider that the processing of personal data relating to yourself infringes data privacy regulations. The right to lodge a complaint can be submitted to a supervisory authority, in particular, in the Member State of your habitual residence, place of work or place of the alleged infringement.
Assertion of rights
Where nothing to the contrary has been stated above, please contact the official body stated in the ‘Legal Notice’ section to assert your rights.
Data Protection Officer contact details
Please use the following details to contact our external data protection officer, who will be pleased to provide details concerning privacy policy:
datenschutz nord GmbH Konsul-Smidt-Straße 88
28217 Bremen
Web: www.datenschutz-nord-gruppe.de
Email: office@ datenschutz-nord.de
If you contact our Data Protection Officer, please also state the responsible body which is given in the ‘Legal Notice’.