imprint
Information according to the information obligation according to § 5 Telemedia Act (TMG).
Schirm & Collegen GmbH
Hainbuchenstr. 56,
13465 Berlin,
Germany
UID number: DE263438927
Register: Commercial Register
Registration number: HRB 117 446
Register court: AG Charlottenburg
Phone: 49 (0)30 398205700
Fax: 49 (0)30 398205709
E-mail:info@unternehmer-kontor.de
Managing Director
Dipl.-Verw. know.
Christopher Schirm
Contact details of the person responsible for data protection
If you have any questions about data protection, you will find the contact details of the person or body responsible below:
Schirm & Collegen GmbH,
Hainbuchenstr. 56, 13465 Berlin, Germany
EU Dispute Settlement
In accordance with the regulation on online dispute resolution in consumer matters (ODR regulation), we would like to inform you about the online dispute resolution platform (OS platform).
Consumers have the option of submitting complaints to the European Commission's online dispute resolution platform athttps://ec.europa.eu/consumers/odr/main/index.cfm?event=main.home2.show&lng=DEto judge. You will find the necessary contact details above in our imprint.
Liability for the content of this website
Liability for links on this website
Copyright Notice
If you find content on this website that violates copyright, please contact us.
Source: Created with theImprint generatorby AdSimple
Data protection
Table of Contents
- Introduction and overview
- scope of application
- legal bases
- Contact details of the person responsible
- storage duration
- Rights under the General Data Protection Regulation
- Data transfer to third countries
- security of data processing
- communication
- Order processing contract (AVV)
- cookies
- Web Hosting Introduction
- Website modular systems Introduction
- Web Analytics Introduction
- Email Marketing Introduction
Introduction and overview
We have written this data protection declaration (version 09.05.2022-322019266) in order to provide you with information in accordance with the requirements ofGeneral Data Protection Regulation (EU) 2016/679and applicable national laws to explain which personal data (data for short) we as the responsible party - and the processors commissioned by us (e.g. providers) - process, will process in the future and what legal options you have. The terms used are to be understood as gender-neutral.
In short: We inform you comprehensively about data that we process about you.
Privacy statements usually sound very technical and use legal jargon. This data protection declaration, on the other hand, is intended to describe the most important things as simply and transparently as possible. As far as transparency is conducive, technical terms are explained in a reader-friendly way, links to further information are provided and graphics are used. We are thus informing you in clear and simple language that we only process personal data in the course of our business activities if there is a corresponding legal basis. This is certainly not possible if you make the most concise, unclear and legal-technical statements possible, as they are often standard on the Internet when it comes to data protection. I hope that you find the following explanations interesting and informative and that you may find some information that you did not already know.
If you still have questions, we would like to ask you to contact the responsible person named below or in the imprint, to follow the links provided and to look at further information on third-party websites. Our contact details can of course also be found in the imprint.
scope of application
- all online presences (websites, online shops) that we operate
- Social media appearances and email communication
- mobile apps for smartphones and other devices
legal bases
In the following data protection declaration, we provide you with transparent information on the legal principles and regulations, i.e. the legal basis of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course read this EU General Data Protection Regulation online on EUR-Lex, the gateway to the EU -Right, underhttps://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex:32016R0679read.
We only process your data if at least one of the following conditions applies:
- Consent (Article 6 Paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered on a contact form.
- Contract (Article 6 Paragraph 1 lit. b GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a sales contract with you, we need personal information in advance.
- Legal obligation (Article 6 paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we process your data. For example, we are required by law to keep invoices for accounting purposes. These usually contain personal data.
- Legitimate interests (Article 6 Paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to be able to operate our website securely and economically. This processing is therefore a legitimate interest.
In addition to the EU regulation, national laws also apply:
- In Austria, this is the federal law for the protection of natural persons when processing personal data (data protection law), DSG for short.
- In Germany, the Federal Data Protection Act, BDSG for short, applies.
If other regional or national laws apply, we will inform you about them in the following sections.
Contact details of the person responsible
If you have any questions about data protection or the processing of personal data, you will find the contact details of the person or body responsible below:
Schirm & Collegen GmbH, Hainbuchenstr. 56, 13465 Berlin, Germany
storage duration
Rights under the General Data Protection Regulation
- According to Article 15 GDPR, you have a right to information as to whether we are processing your data. If this is the case, you have the right to receive a copy of the data and to be informed of the following information:
- for what purpose we carry out the processing;
- the categories, i.e. the types of data that are processed;
- who receives this data and if the data is transferred to third countries, how security can be guaranteed;
- how long the data is stored;
- the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
- that you can complain to a supervisory authority (links to these authorities can be found below);
- the origin of the data if we did not collect it from you;
- whether profiling is carried out, i.e. whether data is automatically evaluated in order to create a personal profile for you.
- According to Article 16 GDPR, you have the right to have the data corrected, which means that we have to correct data if you find any errors.
- According to Article 17 GDPR, you have the right to erasure ("right to be forgotten"), which specifically means that you can request the erasure of your data.
- According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it further.
- According to Article 19 GDPR, you have the right to data portability, which means that we can provide you with your data in a common format upon request.
- According to Article 21 GDPR, you have a right of objection, which, after enforcement, will result in a change in processing.
- If the processing of your data is based on Article 6 Paragraph 1 Letter e (public interest, exercise of official authority) or Article 6 Paragraph 1 Letter f (legitimate interest), you can object to the processing. We will then check as quickly as possible whether we can legally comply with this objection.
- If data is used to operate direct advertising, you can object to this type of data processing at any time. We may no longer use your data for direct marketing after this.
- If data is used to operate profiling, you can object to this type of data processing at any time. We may no longer use your data for profiling after this.
- According to Article 22 GDPR, you may have the right not to be subject to a decision based solely on automated processing (e.g. profiling).
- According to Article 77 GDPR, you have the right to lodge a complaint. This means that you can complain to the data protection authority at any time if you believe that the processing of personal data violates the GDPR.
In short: you have rights - do not hesitate to contact the responsible person listed above!
If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can complain to the supervisory authority. This is the data protection authority for Austria, whose website you can find athttps://www.dsb.gv.at/Find. In Germany there is a data protection officer for each federal state. For more information you can contact theFederal Commissioner for Data Protection and Freedom of Information (BfDI)turn around. The following local data protection authority is responsible for our company:
Berlin data protection authority
State Commissioner for Data Protection: Maja Smoltczyk
Address: Friedrichstrasse 219, 10969 Berlin
Telephone number: 030/138 89-0
Email address: mailbox@datenschutz-berlin.de
site:https://www.datenschutz-berlin.de/
Data transfer to third countries
security of data processing
TLS encryption with https
TLS, encryption and https all sound very technical and they are. We use HTTPS (the Hypertext Transfer Protocol Secure stands for "secure hypertext transfer protocol") to transmit data securely on the Internet.
This means that the complete transmission of all data from your browser to our web server is secured - nobody can "eavesdrop".
With this we have introduced an additional security layer and fulfill data protection through technology designArticle 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data.
You can recognize the use of this protection for data transmission by the small lock symbol in the top left of the browser, to the left of the Internet address (e.g. examplepage.de) and the use of the https scheme (instead of http) as part of our Internet address.
If you want to know more about encryption, we recommend a Google search for "Hypertext Transfer Protocol Secure wiki" to get good links to further information.
communication
communication summary
👥 Affected: Anyone who communicates with us by phone, email or online form
📓 Processed data: e.g. B. Telephone number, name, e-mail address, entered form data. More details can be found under the type of contact used
🤝 Purpose: Handling of communication with customers, business partners, etc.
📅 Duration of storage: Duration of the business case and the legal regulations
⚖️ Legal bases: Article 6(1)(a) GDPR (consent), Article 6(1)(b) GDPR (contract), Article 6(1)(f) GDPR (legitimate interests)
Affected people
phone
online forms
legal bases
The processing of the data is based on the following legal bases:
- Article 6 paragraph 1 lit.
- Article 6(1)(b) GDPR (contract): There is a need to fulfill a contract with you or a processor, e.g. B. the telephone provider or we need the data for pre-contractual activities, such. B. the preparation of an offer, process;
- Article 6 paragraph 1 lit. f GDPR (legitimate interests): We want to conduct customer inquiries and business communication in a professional framework. These are certain technical facilities such. E-mail programs, exchange servers and mobile phone operators are necessary in order to be able to communicate efficiently.
Order processing contract (AVV)
Who are processors?
To make the terminology easier to understand, here is an overview of the three roles in the GDPR:
Content of an order processing contract
- Binding to us as responsible
- Obligations and rights of the controller
- Categories of data subjects
- Type of personal data
- Type and purpose of data processing
- Subject and duration of data processing
- Place of execution of the data processing
- Measures to ensure data security
- take possible technical and organizational measures to protect the rights of the data subject
- to keep a data processing register
- to cooperate with the data protection supervisory authority upon request
- carry out a risk analysis in relation to the personal data received
- Sub-processors may only be commissioned with the written consent of the person responsible
You can find out what such a GCU looks like in concrete terms, for example, athttps://www.wko.at/service/wirtschaftsrecht-gewerberecht/eu-dsgvo-sample-contract-order-processing.htmllook at. A sample contract is presented here.
cookies
Cookies summary
👥 Affected: Visitors to the website
🤝 Purpose: depending on the specific cookie. More details can be found below or from the manufacturer of the software that sets the cookie.
📓 Processed data: Depending on the cookie used. More details can be found below or from the manufacturer of the software that sets the cookie.
📅 Storage duration: depending on the respective cookie, can vary from hours to years
⚖️ Legal basis: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit.f GDPR (legitimate interests)
What are cookies?
Our website uses HTTP cookies to store user-specific data.
In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
For example, cookie data can look like this:
Name: _ga
Value: GA1.2.1326744211.152322019266-9
Purpose: Differentiation of website visitors
Expiry date: after 2 years
A browser should be able to support these minimum sizes:
What types of cookies are there?
Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed if a user puts a product in the shopping cart, then continues surfing on other pages and only goes to the checkout later. These cookies do not delete the shopping cart, even if the user closes their browser window.
Functional cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers.
Targeting cookies
These cookies ensure a better user experience. For example, entered locations, font sizes or form data are saved.
advertising cookies
These cookies are also called targeting cookies. They are used to provide the user with individually tailored advertising. This can be very useful, but also very annoying.
If you want to know more about cookies and don't shy away from technical documentation, we recommendhttps://datatracker.ietf.org/doc/html/rfc6265, the Internet Engineering Task Force (IETF) Request for Comments called “HTTP State Management Mechanism”.
Purpose of processing via cookies
Which data are processed?
Storage duration of cookies
Right to object - how can I delete cookies?
Chrome: Delete, enable and manage cookies in Chrome
Safari: Managing Cookies and Website Data with Safari
Firefox: Clear cookies to remove data websites have placed on your computer
Internet Explorer: Delete and manage cookies
Microsoft Edge: Deleting and managing cookies
If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow the cookie or not. The procedure differs depending on the browser. It is best to look for the instructions in Google with the search term “Delete cookies Chrome” or “Deactivate cookies Chrome” in the case of a Chrome browser.
legal basis
Web Hosting Introduction
Web Hosting Summary
👥 Affected: Visitors to the website
🤝 Purpose: professional website hosting and operation security
📓 Processed data: IP address, time of website visit, browser used and other data. More details can be found below or from the web hosting provider used.
📅 Duration of storage: depends on the respective provider, but usually 2 weeks
⚖️ Legal basis: Art. 6 Para. 1 lit.f GDPR (legitimate interests)
What is web hosting?
Why do we process personal data?
The purposes of data processing are:
- Professional website hosting and operation security
- to maintain operational and IT security
- Anonymous evaluation of access behavior to improve our offer and, if necessary, for criminal prosecution or the pursuit of claims
Which data are processed?
- the complete internet address (URL) of the accessed website
- Browser and browser version (e.g. Chrome 87)
- the operating system used (e.g. Windows 10)
- the address (URL) of the previously visited page (referrer URL) (e.g.https://www.beispielquellsite.de/vondabinichkommen.html/)
- the hostname and IP address of the device being accessed from (e.g. COMPUTERNAME and 194.23.43.121)
- Date and Time
- in files, the so-called web server log files
How long is data stored?
legal basis
Website modular systems Introduction
Website Builders Privacy Policy Summary
👥 Affected: Visitors to the website
🤝 Purpose: Optimization of our service
📓 Data processed: Data such as technical usage information such as browser activity, clickstream activity, session heat maps, as well as contact details, IP address or your geographic location. More details can be found below in this data protection declaration and in the data protection declaration of the providers.
📅 Storage duration: depends on the provider
⚖️ Legal bases: Article 6 paragraph 1 letter f GDPR (legitimate interests), Article 6 paragraph 1 letter a GDPR (consent)
What are website building blocks?
Why do we use website building blocks for our website?
What data is stored by a modular system?
How long and where is the data stored?
Right to object
legal basis
WordPress.com Privacy Policy
WordPress uses so-called standard contractual clauses (= Art. 46 Para. 2 and 3 GDPR) as the basis for data processing by recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or data transfer there. Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards if they are transferred to third countries (such as the USA) and stored there. Through these clauses, WordPress undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementation decision of the EU Commission. You can find the decision and the relevant Standard Contractual Clauses here, among others:https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de
The Data Processing Agreements, which correspond to the standard contractual clauses, can be found athttps://wordpress.com/support/data-processing-agreements/.
You can find out more about the data processed by using WordPress.com in the data protection declarationhttps://automattic.com/de/privacy/.
Order processing agreement (AVV) Wordpress.com
This contract is required by law because WordPress.com processes personal data on our behalf. This clarifies that WordPress.com may only process data that you receive from us on our instructions and must comply with the GDPR. The link to the order processing contract (AVV) can be found underhttps://wordpress.com/support/data-processing-agreements/.
World4You kit data protection declaration
We use World4You, a modular website system, for our website. Service provider is the Austrian company World4You Internet Services GmbH, Hafenstrasse 35, 4020 Linz, Austria. You can find out more about the data processed by using World4You in the data protection declarationhttps://www.world4you.com/de/unternehmen/datenschutzerklaerung.html.
Web Analytics Introduction
Web Analytics Privacy Policy Summary
👥 Affected: Visitors to the website
🤝 Purpose: Evaluation of visitor information to optimize the website.
📓 Data processed: Access statistics, which includes data such as access locations, device data, access duration and time, navigation behavior, click behavior and IP addresses. More details can be found in the web analytics tool used in each case.
📅 Duration of storage: depends on the web analytics tool used
⚖️ Legal basis: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit. f GDPR (legitimate interests)
What is web analytics?
Why do we run web analytics?
Which data are processed?
Duration of data processing
Right to object
legal basis
Information on special web analytics tools, if available, can be found in the following sections.
Email Marketing Introduction
Email Marketing Summary
👥 Affected: Newsletter subscribers
🤝 Purpose: direct mail mail, notification of systemic events
📓 Processed data: Data entered during registration, but at least the email address. You can find more details on this with the email marketing tool used in each case.
📅 Storage duration: Duration of the existence of the subscription
⚖️ Legal bases: Article 6 paragraph 1 lit. a GDPR (consent), Article 6 paragraph 1 lit. f GDPR (legitimate interests)
What is email marketing?
Why do we use email marketing?
Which data are processed?
Duration of data processing
Right to object
legal basis
Source: Created with thePrivacy Generatorby AdSimple