Data protection

Controller within the meaning of the GDPR

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection laws applicable in the European Union and other provisions of a data protection nature is

innoWerft Technology and Start-up Centre Walldorf Stiftung GmbH
Kleinfeldweg 54
69190 Walldorf

Represented by:
Dr Thomas Lindner, Managing Director
Phone: +49 6227 89934 0
Fax: +49 6227 89924 99
e-mail: kontakt@innowerft.com
Notes on data processing / definition of terms

  1. Your personal data within the meaning of Art. 4 No. 1 GDPR (e.g. IP address, name, e-mail address and telephone number, payment information) will only be processed by us in accordance with the provisions of German data protection law and in compliance with the European General Data Protection Regulation (GDPR). The following provisions inform you about the type, scope and purpose of the collection, processing and use of personal data.
  2. The processing of personal data within the meaning of Art. 4 No. 2 GDPR is lawful pursuant to Art. 6 GDPR if one of the following conditions is met:
    a) The data subject has given their consent to the processing of their personal data for one or more specific purposes;
    b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
    c) processing is necessary for compliance with a legal obligation to which the controller is subject;
    d) processing is necessary in order to protect the vital interests of the data subject or of another natural person;
    e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
    f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
  3. The processing of special personal data (e.g. health data) within the meaning of Art. 9 para. 1 GDPR is lawful, in particular pursuant to Art. 9 para. 2 GDPR, if one of the following conditions is met:
    - the person has given their express consent;
    - processing is necessary for the establishment, exercise or defence of legal claims or for the exercise of judicial proceedings.
  4. There is no automated decision-making or profiling of personal data within the meaning of Art. 22 GDPR.
  5. The operator shall ensure the security of the data in accordance with Art. 32 GDPR, taking into account the principle of proportionality through appropriate technical measures.
  6. If, contrary to expectations, a breach of data protection should occur, the competent supervisory authority will be notified in accordance with Art. 33 GDPR and the data subject in accordance with Art. 34 GDPR.

Scope of application

This privacy policy only applies to our websites. If you are redirected to other sites via links on our pages, please inform yourself there about the respective handling of your data.

Disclosure of data to third parties

Data transmitted within the scope of the contractual relationship will only be passed on to third parties (Art. 4 No. 10 GDPR) if you have expressly given your consent (Art. 4 No. 11 GDPR) or if the transfer is necessary for the fulfilment of the contract. Consent can be revoked informally at any time. Data collected when you visit the website is only collected by third parties who are expressly named below.

Data processing via website

 

Encryption

In accordance with the legal provisions of Section 13 (7) TMG, this site uses SSL encryption, which can be recognised by the lock symbol in the address bar of your browser. Transmitted data cannot be read by third parties if SSL encryption is activated.
As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can recognise whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures (TOM) to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
Visit our website

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. This involves the following data:

  • Name of the retrieved file
  • Date and time of retrieval
  • Amount of data transferred
  • Message whether the call was successful
  • IP address
  • Browser type
  • Browser version and its language
  • Operating system and its interface
  • Referrer URL

The data is stored in the log files of our hoster's IT system.

Purpose of processing: The processing of the above-mentioned data is necessary in order to display the website to you and to ensure the security and stability of our information technology systems and the technology of our website. In addition, the processing is carried out in order to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.

Legal basis: We have a legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR, whereby the legitimate interest arises from the stated purpose.

Storage period: The data will be deleted as soon as the data storage can no longer fulfil its purpose. The point in time is to be determined for each individual case, whereby the storage is to be terminated at the latest if any civil law claims are time-barred in accordance with Section 199 BGB or criminal prosecution is also no longer possible due to the statute of limitations (Sections 78, 79 StGB).
Contact - general

If you contact us (e.g. by e-mail, fax), we will store the data you provide, such as your name, e-mail address and any other contact details you provide.

Purpose of processing: The processing of the above-mentioned data is necessary in order to respond to your contact.

Legal basis: Depending on the enquiry, the processing of the data may be based on different legal bases. In any case, however, the processing is necessary to safeguard our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR. The legitimate interest arises from the fact that we want to fulfil the processing purpose.

Storage period: We will delete your personal data at the latest as soon as storage is no longer necessary. The point in time is to be determined for each individual case, whereby the storage is to be terminated at the latest if any civil law claims are time-barred in accordance with Section 199 BGB or criminal prosecution is also no longer possible due to the statute of limitations (Sections 78, 79 StGB).
Contact us - Contact form

If you contact us using the contact form, the data you enter in the input mask will be transmitted and stored. If you use the contact form, the following data will also be stored when you send the message:

  • IP address of the user
  • Date and time of registration
  • Browser type

Purpose of processing: The processing of personal data from the input mask serves to process the contact. The other data processed at the time of sending is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

Legal basis: Your consent will be obtained for the processing of this data before it is sent and reference will be made to this privacy policy. Based on your consent, the legal basis for processing is Art. 6 para. 1 lit. a GDPR.

Storage period: The data will be deleted at the latest as soon as the data storage can no longer fulfil its purpose. The point in time is to be determined for each individual case, whereby the storage is to be terminated at the latest if any civil law claims are time-barred in accordance with Section 199 BGB or criminal prosecution is also no longer possible due to the statute of limitations (Sections 78, 79 StGB).
Subscription to our newsletter

On the website of the nnoWerft Technologie- und Gründerzentrum Walldorf Stiftung GmbH, users are given the opportunity to subscribe to our enterprise's newsletter. The input mask used for this purpose determines what personal data are transmitted to the controller when the newsletter is ordered.

The nnoWerft Technologie- und Gründerzentrum Walldorf Stiftung GmbH informs its customers and business partners regularly by means of a newsletter about enterprise offers. Our company's newsletter can only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers to receive the newsletter. For legal reasons, a confirmation e-mail is sent to the e-mail address entered by a data subject for the first time for the newsletter mailing using the double opt-in procedure. This confirmation email is used to check whether the owner of the email address as the data subject has authorised the receipt of the newsletter.

When registering for the newsletter, we also store the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of a data subject's e-mail address at a later date and therefore serves as legal protection for the controller.

The personal data collected when registering for the newsletter is used exclusively to send our newsletter. Furthermore, subscribers to the newsletter may be informed by e-mail if this is necessary for the operation of the newsletter service or a registration in this regard, as could be the case in the event of changes to the newsletter offer or changes to the technical circumstances. The personal data collected as part of the newsletter service will not be passed on to third parties. The subscription to our newsletter can be cancelled by the data subject at any time. The consent to the storage of personal data, which the data subject has given us for the newsletter dispatch, can be revoked at any time. There is a corresponding link in every newsletter for the purpose of revoking consent. It is also possible to unsubscribe from the newsletter at any time directly on the controller's website or to inform the controller of this in another way.

We use the Mailify tool from Sarbacane Software SAS, 3 avenue Antoine Pinay, Parc d'activités des 4 vents, 59510 HEM (France) for our newsletter. The newsletter is sent using "MailChimp", a newsletter dispatch platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The applicable data protection provisions of Mailify may be retrieved under https://www.sarbacane.com/de/vertraege-und-bedingungen can be called up.

 

Cookies

Cookie Consent ID: 4b304b11-c718-450c-8488-7e9732863895

Absolutely necessary

Name Domain Expiry date Description of the
srp vg04.met.vgwort.de Session The VG Wort cookie helps to determine the copy probability of our texts and ensures the remuneration of legal claims of authors and publishers. IP addresses are only processed in anonymised form.
CookieScriptConsent www.innowerft.com 1 month This cookie is used by the Cookie-Script.com service to store the consent settings for visitor cookies. The cookie banner of Cookie-Script.com must function properly.

Performance

Name Domain Expiry date Description of the
_ga .innowerft.com 2 years This cookie name is associated with Google Universal Analytics. This is an important update to Google's most commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client ID. It is included in every page request on a site and is used to calculate visitor, session and campaign data for the site analytics reports.
_gid .innowerft.com 1 day This cookie is set by Google Analytics. It stores and updates a unique value for each page visited and is used to count and track page views.

Targeting

Name Domain Expiry date Description of the
UserMatchHistory .linkedin.com 1 month This cookie is used to track visitors so that more relevant adverts can be displayed based on the visitor's preferences.
lidc .linkedin.com 1 day This is a first-party Microsoft MSN cookie that ensures the proper functioning of this website.
AnalyticsSyncHistory .linkedin.com 1 month Used to store information about the time at which a synchronisation with the lms_analytics cookie took place for users in the designated countries
li_gc .linkedin.com 1 year 12 months Used to store the guest's consent to the use of cookies for non-essential purposes
bscookie .www.linkedin.com 2 years Used by the social networking service LinkedIn to track the use of embedded services.
_gat_gtag_UA_78174474_1 .innowerft.com 1 minute This cookie is part of Google Analytics and is used to limit requests (throttle request rate).
bcookie .linkedin.com 2 years This is a third-party Microsoft MSN cookie for sharing the content of the website via social media.
long .linkedin.com Session There are many different types of cookies associated with this name. In general, a more detailed look at its use on a particular website is recommended. In most cases, however, it is likely to be used to save language settings in order to potentially provide content in the saved language.
_fbp .innowerft.com 3 months Used by Facebook to deliver a range of advertising products, such as real-time bids from third-party advertisers

Functionality

Name Domain Expiry date Description of the
wp-wpml_current_language innowerft.com 1 day Reading the browser information regarding the language setting on the website
wpSGCacheBypass innowerft.com 1 day Caching of the website in the cache so that the page can be called up more quickly on repeated loading.
YSC .youtube.com Session This cookie is set by YouTube to track views of embedded videos.
VISITOR_INFO1_LIVE .youtube.com 6 months This cookie is set by Youtube to track user preferences for Youtube videos embedded in websites. It can also determine whether the website visitor is using the new or old version of the YouTube interface.

Unclassified

Name Domain Expiry date Description of the
cf7rt_HTTP_REFERER www.innowerft.com Session

Our own cookies

We use our own cookies in various places on our website. For information on the function of cookies and how you can generally prevent the setting of cookies, please refer to the subsection "Information on data processing / definition of terms".

We use permanent and so-called session cookies.

Session cookies store the following data:

  • Setting of cookies possible
  • Setting cookies allowed by the visitor
  • PHP Session ID
  • Browser compatibility
  • Presence of navigation elements on a website

Permanent cookies store the following data:

  • ID codes for analysing user behaviour

Cookies on our website that are used (at least in part) to analyse the user behaviour of visitors to our website (tracking) are only set for the visitor if they have given their prior consent. Cookies that are not used for tracking are set by our system without this consent.

Purpose of processing: Cookies enable us to recognise your browser the next time you visit our website. The cookies are used by us to provide the service, to analyse the surfing behaviour of our users on our website and to increase user-friendliness.

Legal basis: If the setting of the cookie and the processing of the data obtained based on it serves at least to analyse the user behaviour of visitors to our website (tracking), the processing is based on the consent of the data subject in accordance with Art. 6 para. 1 lit. a GDPR. In other cases, cookies are set to safeguard our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR, whereby the legitimate interest then arises from the fact that we want to fulfil the processing purpose.

Storage duration: Session cookies are automatically deleted at the end of your visit. Permanent cookies are stored for a maximum of one month or remain on your end device until you delete them. The data transmitted by the cookie is deleted immediately after it has been analysed

Deployment and use of eveeno for conferences, seminars and business events

We use eveeno for the purpose of organising conferences, seminars and business events. The provider of eveeno is Andreas Bothe, Ellenbogen 8, 91056 Erlangen, Germany, Phone: +49 157 57 00 00 59, Internet: www.eveeno.com, e-mail: info@eveeno.de.

In this context, data of the communication participants are processed and stored on the eveeno servers, insofar as these are part of communication processes with us. This data may include, in particular, registration and contact data, visual and vocal contributions as well as entries in chats and shared screen content. According to eveeno, the data is stored by the DCSA-certified Cologne-based company Hosteurope. The data is stored in one of the most environmentally friendly and secure data centres in Europe, the Datadock in Strasbourg.

The use of eveeno is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in organising the aforementioned events as efficiently as possible.

The applicable data protection provisions of eveeno may be retrieved under https://eveeno.com/de/privacy can be called up.

 

Use of Eventbrite (link)

On our website, we offer you the opportunity to book participation in events. For this purpose, we use the technical solution "Eventbrite", which is operated by Eventbrite, Inc, 155 5th Street, Floor 7, San Francisco, CA 94103, USA.

Eventbrite has a representative for the purposes of European data protection legislation. This is Eventbrite NL BV, located at Silodam 402, 1013AW, Amsterdam, the Netherlands.

When you register for an event, you will be redirected to the Eventbrite website.

Eventbrite collects personal data, if you voluntarily provide such information when registering for one of our events, Eventbrite then transmits this data to us as the organiser. To register with Eventbrite for an event, you must provide the following data to Eventbrite Inc:

  • Surname, first name
  • E-mail address
  • Payment information
  • Place
  • Ticket type
  • Event ID
  • IP address
  • Characteristics of the access device and/or browser

Eventbrite Inc. participates in the EU-US Privacy Shield Framework Programme of the US Department of Commerce and the European Commission regarding the collection, use and retention of personal data from European Economic Area member states.

Here you will find information on what data Eventbrite Inc. collects, processes and uses within the framework of the EU-US Privacy Shield Framework Programme and for what purposes this is done: https://www.eventbrite.de/support/articles/de/Troubleshooting/informationen-zum-eu-us-datenschutzschild?lg=de.

In addition, you can find further information regarding Eventbrite's compliance with European data protection regulations via the following link: https://www.eventbrite.de/support/articles/de/Troubleshooting/datenverarbeitungsnachtrag-fuer-veranstalter

For more information on how Eventbrite Inc. uses personal data, please refer to Eventbrite's privacy policy: https://www.eventbrite.de/support/articles/de/Troubleshooting/datenschutzrichtlinien-von-eventbrite?lg=de

As the organiser, we receive access from Eventbrite to the above-mentioned data of the participants of the booked event. We use the data for the purposes of preparing and following up the booked events. In addition, registered participants will receive information about the booked event and our contact options by email before and after the booked event.

The data is processed on the basis of Art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract).

Users will receive information by email after the event and will be contacted by us for the purpose of informing them about similar events in the future. This processing is justified in accordance with Art. 6 para. 1 lit. b) GDPR. You have the option at any time to object to the use of this data for advertising purposes in the future by cancelling your request via the access data on the platform www.eventbrite.de you have booked through. If you have booked events with us outside of Eventbrite, please send your cancellation to kontakt@innowerft.com. In addition, we are legally obliged to store data such as invoices, contracts and other accounting-relevant information for the legally prescribed period. The processing carried out for this purpose is based on Art. 6 para. 1 lt. c) GDPR in conjunction with §147 AO and 257 HGB.

Data protection provisions about the application and use of MailChimp

The newsletter is sent using "MailChimp", a newsletter dispatch platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The email addresses of our newsletter recipients, as well as their other data described in this notice, are stored on MailChimp's servers in the USA. MailChimp uses this information to send and analyse the newsletter on our behalf. Furthermore, MailChimp may, according to its own information, use this data to optimise or improve its own services, e.g. to technically optimise the sending and presentation of the newsletter or for economic purposes in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass it on to third parties.

You can find MailChimp's privacy policy here:https://mailchimp.com/legal/privacy

Statistical survey and analyses:

The newsletters contain a so-called "web-beacon", i.e. a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, is initially collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined with the help of the IP address) or the access times.

The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our endeavour nor that of MailChimp to observe individual users. The analyses serve us much more to recognise the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

 

Google Analytics

We use the web analysis service Google Analytics on our website. The provider is Google Inc (hereinafter "Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

Google Analytics is a web analysis service for collecting, collating and evaluating data on the behaviour of website visitors. Google Analytics uses cookies that transmit data to Google for analysis purposes when our website is accessed.

As part of this process, the following data is usually transmitted to Google's servers and stored:

  • Referrer URL
  • which subpage of the website is accessed
  • how often and for how long a subpage is viewed
  • IP address
  • Access time
  • Access location
  • Frequency of visits to our website.

We have activated the addition "_gat._anonymiseIp" for this service. This means that the IP address of your Internet connection will be shortened and anonymised by Google if our website is accessed from a member state of the European Union or from another state party to the Agreement on the European Economic Area. In exceptional cases, the full IP address is transmitted to a Google server in the USA and truncated there.

Purpose of processing: The purpose of the Google Analytics tool is to analyse the flow of visitors to our website. From the data obtained, Google analyses the use of the website and provides us with online reports that show the activities on our website. The use of Google Analytics enables us to optimise our website and carry out a cost-benefit analysis of our Internet advertising.

Legal basis: We only use cookies if you consent to this. To obtain your consent, we have placed a cookie layer on our website. By clicking on the button located there, you consent to the setting of cookies. The use of Google Analytics is therefore based on the legal basis of Art. 6 para. 1 lit. a GDPR.

Storage period: Google stores the data collected by Google Analytics for a maximum of 14 months.

Third country transfer: The data is usually transferred to Google's servers in the USA and stored there.

Transfer to third parties: It is possible that Google will pass on the data obtained in the process to third parties.

You also have the option of objecting to and preventing the collection of data generated by Google Analytics relating to the use of this website and the processing of this data by Google in general. To do this, you must install a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This browser add-on informs Google Analytics via JavaScript that no data and information on website visits may be transmitted to Google Analytics. The installation of the browser add-on is recognised by Google as an objection. If you delete, format or reinstall the IT system at a later date, you must reinstall the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by you or another person who is attributable to your sphere of control, you have the option of reinstalling or reactivating the browser add-on. We also offer you the option of deactivating the collection of website usage data for this website by clicking on the following link:

Deactivate Google Analytics

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.de/intl/de/policies/privacy/ and under http://www.google.com/analytics/terms/de.html can be retrieved. Google Analytics is available at this link https://www.google.com/intl/de_de/analytics/ explained in more detail.

Other data processing mediated via the website

Google Maps

We use the map service Google Maps on our website to display interactive maps and create directions.
The provider of Google Maps is Google Inc. (hereinafter "Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When you visit our website, your browser establishes a direct connection with a Google server. Google then transmits the map content integrated into our website to your browser. Through this and by using the route planning function, Google processes at least the following data:

  • IP address
  • Refferer URL
  • Date and time of retrieval
  • Location data
  • the addresses you enter when planning your route.

Google processes your data on its own responsibility. We are therefore not responsible for data processing in connection with this service. Nevertheless, based on Art. 13 GDPR, we would like to inform you as far as possible about the data collection in connection with this service.

Purpose of processing: The above-mentioned data is used to visualise geographical information on our website.

Legal basis: The legal basis for the use of Google Maps is Art. 6 para. 1 lit. f GDPR analogue. We have a legitimate interest in making it easier for our customers to find us.

Storage period: Since we have no influence on the further processing and use of the data by Google, we cannot make any statement about how long Google stores the data.

Data transmission: Your data will be sent to Google's servers in the USA. It cannot be ruled out that Google transmits the data to third parties.

Further information: The following link will take you to Google's privacy policy:
https://policies.google.com/privacy?hl=de#infochoices

Google Webfonts

External fonts, Google Fonts, are used on this website. Google Fonts is a service of Google Inc ("Google"). These web fonts are integrated by a server call, usually a Google server in the USA. This tells the server which of our web pages you have visited. The IP address of the browser of the end device of the visitor to this website is also stored by Google.
The use of Google Fonts serves to improve the visual presentation of our website and this therefore constitutes a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR.
You can find more information in Google's privacy policy, which you can access here:
https://www.google.com/policies/privacy/

YouTube

We have integrated the plugin for the video portal YouTube on our website. The provider is YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066 USA (hereinafter "YouTube").

When you visit our website, your browser establishes a direct connection to a YouTube server in the USA. YouTube then transmits the video content embedded in our website to your browser.
YouTube processes at least the following data in this way:

  • Your IP address
  • Refferer URL

YouTube processes your data on its own responsibility. We are therefore not responsible for data processing in connection with this service. Nevertheless, based on Art. 13 GDPR, we would like to inform you as far as possible about the data collection in connection with this service.

Purpose of processing: The above-mentioned data is used to display videos from the YouTube platform on our website.

Legal basis: The legal basis for the use of the YouTube plugin is Art. 6 para. 1 lit. f GDPR analogue. We have a legitimate interest in increasing the attractiveness of our website.

Storage period: Since we have no influence on the further processing and use of the data by YouTube, we cannot make any statement about how long YouTube stores the data.

Data transmission: Your data will be sent to YouTube's servers in the USA. It cannot be ruled out that YouTube transmits the data to third parties.

Further information: The following link will take you to YouTube's privacy policy: https://policies.google.com/privacy?hl=de&gl=de

Social media links

We have refrained from embedding so-called social media plugins on our website and instead only link to the pages of the companies listed below to protect your data:

  • Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
  • Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
  • XING SE, Dammtorstraße 30, 20354 Hamburg, Germany
  • Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland

If you follow a link, you will be redirected to the respective website of the respective company. Any processing of your personal data that takes place as a result is then outside our area of responsibility. Nevertheless, we would like to fulfil our obligation to provide information under Art. 13 GDPR as far as possible.

Purpose of processing: We set the links to make our website appealing. Furthermore, the links are placed in order to promote the communicative nature of the Internet and thus freedom of expression.

Legal basis: The legal basis for setting links is Art. 6 para. 1 lit. f GDPR analogue. We have a legitimate interest in increasing the attractiveness of our website.

Storage period: Since we have no influence on the further processing and use of the data by the above-mentioned companies, we cannot make any statement about how long the companies store the data if you follow one of the links.

Data transmission: If you follow a link, your data may be sent to servers in third countries such as the USA, depending on the company. It cannot be ruled out that the companies will transfer the data to third parties.

Further information: On the websites of the above-mentioned companies you will find further information on their respective data protection regulations.
Information on the rights of data subjects

Due to the processing of your personal data, you are a data subject within the meaning of the GDPR and you have the following rights towards us, whereby we are hereinafter referred to as the "controller":

  • Right to information, Art. 15 GDPR

You have the right to request information from the controller as to whether the controller is processing personal data concerning you. If the answer is yes, you have the right to access the information listed in Art. 15 GDPR.

  • Right to rectification of personal data, Art. 16 GDPR

In accordance with Art. 16 GDPR, you have the right to obtain from the controller the rectification or completion of personal data concerning you if the personal data concerning you is inaccurate or incomplete.

  • Right to erasure ("right to be forgotten"), Art. 17 GDPR

In accordance with Art. 17 GDPR, you have the right to demand that the controller erase personal data concerning you.

  • Right to restriction of processing, Art. 18 GDPR

As a data subject, you have the right, under the conditions of Art. 18 GDPR, to request the controller to restrict processing.

  • Right to information, Art. 19 GDPR

In accordance with Art. 19 GDPR, you have the right to be informed of the recipients to whom the personal data concerning you have been disclosed and to whom the controller has communicated your assertion of the rights to rectification, erasure or restriction of your data.

  • Right to data portability, Art. 20 GDPR

Under the conditions of Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format. You have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, subject to the conditions of Art. 20 GDPR. You have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

  • Right to object to the processing, Art. 21 GDPR

In accordance with Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 lit. e or lit. f. This also applies to profiling based on these provisions. If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

  • Right not to be subject to automated decision-making, including profiling, Art. 22 GDPR

As a data subject, you have the right under Art. 22 GDPR not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

 

  • Right to revoke the declaration of consent under data protection law, Art. 7 GDPR

In accordance with Art. 7 GDPR, you have the right to withdraw your consent to the processing of personal data concerning you at any time.

 

  • Right to lodge a complaint with a data protection supervisory authority, Art. 77 GDPR

Without prejudice to any other legal remedies, you have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR if you believe that the processing of your personal data by us violates the GDPR.

 

Competent supervisory authority:

The State Commissioner for Data Protection and Freedom of Information
Königstrasse 10 a
70173 Stuttgart

Postal address:
P.O. Box 10 29 32
70025 Stuttgart

Phone: 0711/615541-0
FAX: 0711/615541-15
e-mail: poststelle@lfdi.bwl.de
Homepage: https://www.baden-wuerttemberg.datenschutz.de/