Responsibility for the data processing described below is held by the body named in the imprint.
When you visit our web pages, usage data is stored on our web server as a log for statistical purposes and evaluated to improve the quality of our web pages. This data set consists of:
- the name and address of the requested content;
- the date and time of the query;
- the amount of data transferred;
- the access status (content transferred, content not found);
- the description of the web browser and operating system used; and
- the referral link, which indicates from which page you have reached our page.
This log data is evaluated without identifying information.
To protect your data from unwanted access as comprehensively as possible, we take technical and organizational measures. We use an encryption process on our websites. Your data is transferred from your computer to our server and vice versa via the Internet using TLS encryption. In most cases you can recognize this by the appearance of the closed lock symbol in the status bar of your browser, and the prefix https:// in the address line.
Cookies are small text files that are stored on your terminal device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. We do not use these required cookies for analysis, tracking or advertising purposes.
These cookies only contain information about certain settings and do not identify a user. They may also be necessary to enable user guidance, security and implementation of the site. We use these cookies on the basis of Article 6 paragraph 1 p. 1 lit. f DSGVO.
We use web analysis tools to design our websites in line with requirements. These create usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. In addition, it is possible that we retrieve recognition features for your browser or end device (e.g. a so-called browser fingerprint or your unabbreviated IP address). In this way, we are able to recognize returning visitors and count them as such.
These usage profiles, which are created on the basis of pseudonyms, contain evaluations of the following usage parameters, among others:
- If possible, the source of the user (via search engine ads, redirection through other websites or similar);
- The duration of website use;
- The amount, sequence and names of visited pages;
- The number of sessions (sessions) on the website;
- Country, region and, if applicable, city from which the access is made;
- Functions used on the website and clicks made ("events");
- Searches performed on the website;
- Information about the used variants of the website within the scope of so-called A/B tests;
- Information about the browser, device, operating system, etc. used during access.
The data processing is based on your consent according to Article 6 paragraph 1 p. 1 lit. a DSGVO or § 15 para. 3 p. 1 TMG, if you have given your consent via our banners.
Which Third-Party Providers Do We Use in This Context?
Below we list the third-party providers with whom we work in connection with visitor measurement. If the data is processed outside the EU or EEA in this context, please note that there is a risk that authorities may access the data for security and monitoring purposes without you being informed or having the right to appeal.
|Provider||Maximum storage time||Adequate level of data protection|
|Google LLC (USA)||2 years||Third-country transfers based on the EU standard contractual clauses|
Unless we have already informed you in detail about the storage period, we delete personal data when they are no longer required for the aforementioned processing purposes and no legal retention obligations prevent deletion.
We share your data with service providers who support us in the operation of our websites and related processes as part of order processing pursuant to Article 28 of the DSGVO. These are, for example, hosting service providers. Our service providers are strictly bound by instructions to us and are contractually obligated accordingly.
|Processor||Purpose||Adequate level of data protection|
|Kernpunkt GmbH||Web hosting and support||Processing only within EU/EEA|
|Netlify Inc. (USA)||Web hosting and support||Third-country transfers based on the EU standard contractual clauses|
Your Rights as a Data Subject#
When your personal data is processed, the GDPR grants you certain rights as a data subject:
Right of Access (Article 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have a right to information about this personal data and to the information listed in detail in Article 15 of the GDPR.
Right to Rectification (Article 16 DSGVO)
You have the right to request the correction of inaccurate personal data concerning you and, if necessary, the completion of incomplete data without delay.
Right to Erasure (Article 17 DSGVO)
You have the right to request that personal data concerning you be deleted without undue delay, provided that one of the reasons listed in detail in Article 17 of the DSGVO applies.
Right to Restriction of Processing (Article 18 DSGVO)
You have the right to request the restriction of processing if one of the conditions listed in Article 18 of the DSGVO is met, e.g. if you have objected to the processing, for the duration of the review by the controller.
Right to Data Portability (Article 20 DSGVO)
In certain cases, which are listed in detail in Article 20 of the DSGVO, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.
Right of Withdrawal (Article 7 DSGVO)
If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7 (3) DSGVO. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.
Right of Objection (Article 21 DSGVO)
If data is collected on the basis of Article 6 (1) p. 1 lit. f DSGVO (data processing for the protection of legitimate interests) or on the basis of Article 6 (1) p. 1 lit. e DSGVO (data processing for the protection of public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right of Appeal to a Supervisory Authority (Article 77 Dsgvo)
Pursuant to Article 77 of the DSGVO, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data relating to you violates data protection provisions. The right of complaint may be asserted in particular before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.
Assertion of Your Rights
Unless otherwise described above, please contact the office mentioned in the imprint to assert your data protection rights.
Contact Details of the Data Protection Officer#
Our external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:
datenschutz nord GmbH
28217 Bremen (Germany)
If you contact our data protection officer, please also indicate the responsible office in the imprint.