IMPRINT

Corporate structure

Disclaimer

We are not responsible for external content linked on this site. Operators of linked pages are solely liable for their content.

Copyright

Reproduction or electronic processing without written permission is prohibited.

Responsible under press law

Michael Böhm (address as above)

---

PRIVACY NOTICE (GDPR)

Controller

The controller within the meaning of the GDPR and other national data protection laws is:

Data protection officer

External reporting channel

General data processing

Scope of processing personal data

We process personal data only as far as necessary to provide a functional website and our services. Processing usually takes place with consent unless legal permission applies.

Legal bases

Where we obtain consent for processing personal data, Art. 6(1)(a) GDPR serves as the legal basis.

Where processing is necessary for the performance of a contract or for pre-contractual measures, Art. 6(1)(b) GDPR applies.

Where processing is necessary to comply with a legal obligation, Art. 6(1)(c) GDPR applies.

Where vital interests require processing, Art. 6(1)(d) GDPR applies.

Where processing is necessary for legitimate interests and no overriding interests of the data subject exist, Art. 6(1)(f) GDPR applies.

Deletion and retention period

Personal data is deleted or blocked as soon as the purpose of storage no longer applies. Longer retention may occur if required by the European or national legislator in Union regulations, laws, or other provisions to which the controller is subject. Data is also blocked or deleted when a retention period prescribed by the cited norms expires, unless further retention of the data is necessary for the conclusion or fulfillment of a contract.

Website delivery and log files

Description and scope of data processing

Whenever you access our website, we automatically store certain technical data. This includes the IP address, browser type and version, date and time, and the website from which you reached us. IP addresses are stored in anonymized form, so personal identification is no longer possible.

Legal basis

The legal basis for temporary storage of data and log files is Art. 6(1)(f) GDPR.

Purpose of processing

Temporary storage of the IP address is necessary to deliver the website to the user's device for the duration of the session.

Log files are stored to ensure website functionality, optimize the website, and guarantee the security of our systems. The data is not evaluated for marketing purposes. These purposes also constitute our legitimate interest under Art. 6(1)(f) GDPR.

Storage duration

The data is deleted as soon as it is no longer required for the purpose for which it was collected. For website delivery, this is usually the end of the session.

When stored in log files, the data is deleted after seven days at the latest. Longer storage may occur. In that case, users' IP addresses are deleted or obfuscated (anonymized) so that the calling client can no longer be assigned.

Objection and removal option

The collection of data for website delivery and the storage of log files is essential for operating the website. Therefore, there is no option to object.

Use of cookies

Description and scope of data processing

Our website uses cookies. Cookies are text files stored in or by the web browser on the user's system. When a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables unique identification of the browser when the website is visited again.

We use cookies to make our website more user-friendly. Some elements of our website require the calling browser to be recognized even after a page change.

Legal basis

The legal basis for processing personal data using cookies is Art. 6(1)(f) GDPR.

Purpose of processing

The purpose of technically necessary cookies is to simplify website usage. Some functions cannot be offered without cookies because the browser needs to be recognized after page changes.

The user data collected by technically necessary cookies is not used to create user profiles.

These purposes also constitute our legitimate interest under Art. 6(1)(f) GDPR.

Storage duration, objection, and removal option

Cookies are stored on the user's device and transmitted to our site. Users therefore have full control over their use. Browser settings can disable or restrict cookies, and stored cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our site, not all functions may remain fully usable.

Contact form and email contact

Description and scope of data processing

Our website provides a contact form for electronic contact. If a user chooses this option, the data entered in the form is transmitted to us and stored. This data includes:

• Name
• Email
• Subject and message content

At the time the message is sent, the following data is also stored:

• The user's IP address
• Date and time of submission

The data is not passed on to third parties in this context. It is used exclusively for processing the conversation.

Legal basis

The legal basis for processing data transmitted while sending an email (contact form) is Art. 6(1)(f) GDPR. If the email contact aims at concluding a contract, the additional legal basis is Art. 6(1)(b) GDPR.

Purpose of processing

The processing of personal data from the input form serves solely to handle the contact request. In the case of email contact, this also constitutes the required legitimate interest in processing the data.

The additional personal data processed during the sending procedure serves to prevent misuse of the contact form and ensure the security of our systems.

Storage duration

The data is deleted as soon as it is no longer required for the purpose for which it was collected. For the personal data from the contact form and email communication, this is the case when the respective conversation with the user has ended. A conversation is considered ended when the circumstances indicate that the matter in question has been conclusively resolved.

The additional personal data collected during the sending process is deleted after seven days at the latest.

Objection and removal option

Users can withdraw their consent to the processing of personal data at any time. If a user contacts us by email (contact form), they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of the contact request will then be deleted.

Rights of data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-a-vis the controller:

Right of access

You may request confirmation from the controller as to whether personal data concerning you is being processed by us.

If such processing exists, you may request information from the controller about the following:

(1) the purposes for which the personal data is processed;

(2) the categories of personal data being processed;

(3) the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;

(4) the planned duration of storage of the personal data concerning you or, if specific information is not possible, the criteria used to determine that period;

(5) the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;

(6) the existence of a right to lodge a complaint with a supervisory authority;

(7) all available information about the origin of the data if the personal data was not collected from the data subject;

(8) the existence of automated decision-making, including profiling, pursuant to Art. 22(1) and (4) GDPR and, at least in such cases, meaningful information about the logic involved and the significance and envisaged consequences of such processing for the data subject. You also have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

Right to erasure

Obligation to erase

You may request from the controller that personal data concerning you be erased without undue delay, and the controller is obliged to erase such data without undue delay if one of the following reasons applies:

(1) the personal data concerning you is no longer necessary in relation to the purposes for which it was collected or otherwise processed;

(2) you withdraw your consent on which the processing was based pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR, and there is no other legal ground for the processing;

(3) you object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object pursuant to Art. 21(2) GDPR;

(4) the personal data concerning you has been unlawfully processed;

(5) erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject;

(6) the personal data concerning you has been collected in relation to the offer of information society services pursuant to Art. 8(1) GDPR.

Right to notification

If you have asserted your right to erasure against the controller, the controller is obliged to communicate this rectification, erasure, or restriction of processing to all recipients to whom the personal data concerning you has been disclosed, unless this proves impossible or involves disproportionate effort.

You have the right to be informed by the controller about those recipients.

Right to data portability

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit that data to another controller without hindrance from the controller to whom the personal data was provided, provided that

(1) the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR, and

(2) the processing is carried out by automated means. In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be adversely affected by this.

The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Right to object

You have the right, on grounds relating to your particular situation, to object at any time to processing of personal data concerning you that is based on Art. 6(1)(e) or (f) GDPR; this also applies to profiling based on those provisions.

The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

Right to withdraw your data protection consent

You have the right to withdraw your data protection consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the status and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.