Privacy Policy
Overview
In this privacy policy, we (Rematiq GmbH) inform you about the processing of personal data when using our website (https://rematiq.com).
Responsible and contact person
The contact person and so-called controller for the processing of your personal data when you visit this website within the meaning of the EU General Data Protection Regulation (GDPR) is
Rematiq GmbH
Amtsgericht Charlottenburg
HRB 257947 B
Rematiq GmbH
c/o Unicorn Workspaces
Voltastrasse 5, Gebäude 10, Aufgang 2
E-mail: dataprivacy@rematiq.com
Data processing on our website
2.1 Accessing our website / connection data
Each time you use our website, we collect the connection data that your browser automatically transmits to enable you to visit the website. This connection data comprises the so-called HTTP header information, including the user agent, and includes in particular
IP address of the requesting device,
Date and time of the request,
Address of the website accessed and the requesting website,
information about the browser and operating system used,
online identifiers (e.g. device identifiers, session IDs).
The data processing of this connection data is necessary to enable you to visit the website, to ensure the long-term functionality and security of our systems and for the general administrative maintenance of our website.
The connection data is also stored in internal log files for the purposes described above, temporarily and limited to the necessary content, in order to compile statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices with which the pages are accessed increases) and to generally maintain our website administratively.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, insofar as the page view occurs in the course of the initiation or execution of a contract, and otherwise Art. 6 para. 1 lit. f GDPR due to our legitimate interest in enabling website access and the permanent functionality and security of our systems. However, the automatic transmission of the connection data and the log files developed from it do not constitute access to the information in the end device within the meaning of the implementation laws of the ePrivacy Directive of the EU member states, in Germany § 25 TTDSG. Otherwise, however, it would be absolutely necessary anyway.
For data protection reasons, we do not permanently store or analyze log files.
2.2. Contacting us
You have various options for contacting us, e.g. via the contact form or by e-mail. In this context, we process data exclusively for the purpose of communicating with you.
The legal basis is Art. 6 para. 1 lit. b GDPR, insofar as your details are required to answer your inquiry or to initiate or execute a contract, and otherwise Art. 6 para. 1 lit. f GDPR due to our legitimate interest in you contacting us and us being able to answer your inquiry. We will only make promotional telephone calls if you have given your consent. If you are not an existing customer, we will only send you promotional emails on the basis of your consent. The legal basis in these cases is Art. 6 para. 1 lit. a GDPR in conjunction with Section 7 para. 2 no. 1 or 2 UWG.
The data collected by us when using the contact form will be automatically deleted after your request has been fully processed, unless we still need your request to fulfill contractual or legal obligations (see section 7 "Storage period").
2.3. Existing customer information by e-mail
If you conclude a contract with us for the use of the "REMATIQ" software, we will also use your contact details to send you further information about our products and services that is relevant to you by e-mail ("existing customer advertising"). This may include, in particular, news, promotions and offers as well as feedback and other surveys.
The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR in conjunction with Section 7 para. 3 UWG, according to which data processing is permitted to safeguard legitimate interests, insofar as this concerns the storage and further use of data for advertising purposes. You can object to the use of your data for advertising purposes at any time by clicking on the corresponding link in the emails or by sending a message to the contact details given above (e.g. by email or letter) without incurring any costs other than the transmission costs according to the basic rates.
We use Hubspot, a service provided by HubSpot Inc., 25 First Street, Cambridge, MA 02141 USA, to send advertising to existing customers. We have concluded an order processing agreement with HubSpot. Your data will be stored in encrypted form by HubSpot in the European Union and transmitted in encrypted form. Insofar as HubSpot works with sub-processors whose parent company is not based in the European Union, HubSpot and its sub-processors have concluded standard contractual clauses and taken additional measures to protect the data.
Forwarding of data
The data collected by us will only be passed on if there is a legal basis for this under data protection law in the specific case, in particular if:
you have given your express consent in accordance with Art. 6 para. 1 lit. a GDPR,
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data
we are legally obliged to disclose your data in accordance with Art. 6 para. 1 lit. c GDPR, in particular if this is necessary for legal prosecution or enforcement due to official inquiries, court orders and legal proceedings, or
this is legally permissible and required under Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you or for the implementation of pre-contractual measures taken at your request.
Some of the data processing may be carried out by our service providers. In addition to the service providers mentioned in this privacy policy, these may include, in particular, data centers that store our website and databases, software providers, IT service providers that maintain our systems, agencies, market research companies, group companies and consulting firms. If we pass on data to our service providers, they may only use the data to fulfill their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have suitable technical and organizational measures in place to protect the rights of the data subjects and are regularly monitored by us.
Data transfer to third countries
As explained in this privacy policy, we use services whose providers are partly located in so-called third countries (outside the European Union or the European Economic Area) or process personal data there, i.e. countries whose level of data protection does not correspond to that of the European Union. If this is the case and the European Commission has not issued an adequacy decision for these countries (Art. 45 GDPR), we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include the standard contractual clauses of the European Union or binding internal data protection regulations.
Where this is not possible, we base the data transfer on exceptions under Art. 49 GDPR, in particular your express consent or the necessity of the transfer for the fulfillment of the contract or for the implementation of pre-contractual measures.
If a transfer to a third country is planned and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. secret services) may gain access to the transferred data in order to collect and analyze it, and that the enforceability of your data subject rights cannot be guaranteed. When obtaining your consent via the consent banner, you will also be informed of this.
Storage duration
In principle, we only store personal data for as long as necessary to fulfill the purposes for which we collected the data. We then delete the data immediately, unless we still need the data until the end of the statutory limitation period for evidence purposes for civil law claims, due to statutory retention obligations or there is another legal basis under data protection law for the continued processing of your data in a specific individual case.
For evidence purposes, we must retain contractual data for three years from the end of the year in which the business relationship with you ends. Any claims expire at the earliest at this time in accordance with the statutory limitation period.
Even after this time, we must still store some of your data for accounting reasons. We are obliged to do so due to statutory documentation obligations that may arise from the German Commercial Code, the German Fiscal Code, the German Banking Act, the German Money Laundering Act and the German Securities Trading Act. The periods specified there for the retention of documents are two to ten years.
Your rights
You are entitled to the data subject rights formulated in Art. 15 - 21, Art. 77 GDPR at any time if the respective legal requirements are met:
Right to withdraw your consent;
Right to object to the processing of your personal data (Art. 21 GDPR);
Right to information about your personal data processed by us (Art. 15 GDPR);
Right to rectification of your incorrect personal data stored by us (Art. 16 GDPR)
Right to erasure of your personal data (Art. 17 GDPR);
Right to restriction of processing of your personal data (Art. 18 GDPR);
Right to data portability of your personal data (Art. 20 GDPR);
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
To assert your rights described here, you can contact us at any time using the contact details provided above. This also applies if you wish to receive copies of guarantees to demonstrate an adequate level of data protection. If the relevant legal requirements are met, we will comply with your data protection request.
Your requests to assert data protection rights and our responses to them will be stored for documentation purposes for a period of up to three years and, in individual cases, for the assertion, exercise or defense of legal claims beyond this period. The legal basis is Art. 6 para. 1 lit. f GDPR, based on our interest in the defense against any civil law claims pursuant to Art. 82 GDPR, the avoidance of fines pursuant to Art. 83 GDPR and the fulfillment of our accountability obligation under Art. 5 para. 2 GDPR.
Finally, you have the right to lodge a complaint with the data protection supervisory authority responsible for us. You can assert this right with a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement. In Berlin, where we are based, the competent supervisory authority is Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 59-61, 10555 Berlin.
Revocation and objection
You have the right to withdraw your consent at any time. As a result, we will no longer continue the data processing that was based on this consent in the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
If we process your data on the basis of legitimate interests, you have the right to object to the processing of your data at any time on grounds relating to your particular situation. If it concerns an objection to data processing for direct marketing purposes, you have a general right of objection, which will be implemented by us even without giving reasons.
If you wish to exercise your right of revocation or objection, simply send an informal message to the above-mentioned contact details.
Changes to the privacy policy
We occasionally update this privacy policy, for example if we adapt our website or if the legal or official requirements change.
Status: March 2024
Privacy Policy
Overview
In this privacy policy, we (Rematiq GmbH) inform you about the processing of personal data when using our website (https://rematiq.com).
Responsible and contact person
The contact person and so-called controller for the processing of your personal data when you visit this website within the meaning of the EU General Data Protection Regulation (GDPR) is
Rematiq GmbH
Amtsgericht Charlottenburg
HRB 257947 B
Rematiq GmbH
c/o Unicorn Workspaces
Voltastrasse 5, Gebäude 10, Aufgang 2
E-mail: dataprivacy@rematiq.com
Data processing on our website
2.1 Accessing our website / connection data
Each time you use our website, we collect the connection data that your browser automatically transmits to enable you to visit the website. This connection data comprises the so-called HTTP header information, including the user agent, and includes in particular
IP address of the requesting device,
Date and time of the request,
Address of the website accessed and the requesting website,
information about the browser and operating system used,
online identifiers (e.g. device identifiers, session IDs).
The data processing of this connection data is necessary to enable you to visit the website, to ensure the long-term functionality and security of our systems and for the general administrative maintenance of our website.
The connection data is also stored in internal log files for the purposes described above, temporarily and limited to the necessary content, in order to compile statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices with which the pages are accessed increases) and to generally maintain our website administratively.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, insofar as the page view occurs in the course of the initiation or execution of a contract, and otherwise Art. 6 para. 1 lit. f GDPR due to our legitimate interest in enabling website access and the permanent functionality and security of our systems. However, the automatic transmission of the connection data and the log files developed from it do not constitute access to the information in the end device within the meaning of the implementation laws of the ePrivacy Directive of the EU member states, in Germany § 25 TTDSG. Otherwise, however, it would be absolutely necessary anyway.
For data protection reasons, we do not permanently store or analyze log files.
2.2. Contacting us
You have various options for contacting us, e.g. via the contact form or by e-mail. In this context, we process data exclusively for the purpose of communicating with you.
The legal basis is Art. 6 para. 1 lit. b GDPR, insofar as your details are required to answer your inquiry or to initiate or execute a contract, and otherwise Art. 6 para. 1 lit. f GDPR due to our legitimate interest in you contacting us and us being able to answer your inquiry. We will only make promotional telephone calls if you have given your consent. If you are not an existing customer, we will only send you promotional emails on the basis of your consent. The legal basis in these cases is Art. 6 para. 1 lit. a GDPR in conjunction with Section 7 para. 2 no. 1 or 2 UWG.
The data collected by us when using the contact form will be automatically deleted after your request has been fully processed, unless we still need your request to fulfill contractual or legal obligations (see section 7 "Storage period").
2.3. Existing customer information by e-mail
If you conclude a contract with us for the use of the "REMATIQ" software, we will also use your contact details to send you further information about our products and services that is relevant to you by e-mail ("existing customer advertising"). This may include, in particular, news, promotions and offers as well as feedback and other surveys.
The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR in conjunction with Section 7 para. 3 UWG, according to which data processing is permitted to safeguard legitimate interests, insofar as this concerns the storage and further use of data for advertising purposes. You can object to the use of your data for advertising purposes at any time by clicking on the corresponding link in the emails or by sending a message to the contact details given above (e.g. by email or letter) without incurring any costs other than the transmission costs according to the basic rates.
We use Hubspot, a service provided by HubSpot Inc., 25 First Street, Cambridge, MA 02141 USA, to send advertising to existing customers. We have concluded an order processing agreement with HubSpot. Your data will be stored in encrypted form by HubSpot in the European Union and transmitted in encrypted form. Insofar as HubSpot works with sub-processors whose parent company is not based in the European Union, HubSpot and its sub-processors have concluded standard contractual clauses and taken additional measures to protect the data.
Forwarding of data
The data collected by us will only be passed on if there is a legal basis for this under data protection law in the specific case, in particular if:
you have given your express consent in accordance with Art. 6 para. 1 lit. a GDPR,
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data
we are legally obliged to disclose your data in accordance with Art. 6 para. 1 lit. c GDPR, in particular if this is necessary for legal prosecution or enforcement due to official inquiries, court orders and legal proceedings, or
this is legally permissible and required under Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you or for the implementation of pre-contractual measures taken at your request.
Some of the data processing may be carried out by our service providers. In addition to the service providers mentioned in this privacy policy, these may include, in particular, data centers that store our website and databases, software providers, IT service providers that maintain our systems, agencies, market research companies, group companies and consulting firms. If we pass on data to our service providers, they may only use the data to fulfill their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have suitable technical and organizational measures in place to protect the rights of the data subjects and are regularly monitored by us.
Data transfer to third countries
As explained in this privacy policy, we use services whose providers are partly located in so-called third countries (outside the European Union or the European Economic Area) or process personal data there, i.e. countries whose level of data protection does not correspond to that of the European Union. If this is the case and the European Commission has not issued an adequacy decision for these countries (Art. 45 GDPR), we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include the standard contractual clauses of the European Union or binding internal data protection regulations.
Where this is not possible, we base the data transfer on exceptions under Art. 49 GDPR, in particular your express consent or the necessity of the transfer for the fulfillment of the contract or for the implementation of pre-contractual measures.
If a transfer to a third country is planned and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. secret services) may gain access to the transferred data in order to collect and analyze it, and that the enforceability of your data subject rights cannot be guaranteed. When obtaining your consent via the consent banner, you will also be informed of this.
Storage duration
In principle, we only store personal data for as long as necessary to fulfill the purposes for which we collected the data. We then delete the data immediately, unless we still need the data until the end of the statutory limitation period for evidence purposes for civil law claims, due to statutory retention obligations or there is another legal basis under data protection law for the continued processing of your data in a specific individual case.
For evidence purposes, we must retain contractual data for three years from the end of the year in which the business relationship with you ends. Any claims expire at the earliest at this time in accordance with the statutory limitation period.
Even after this time, we must still store some of your data for accounting reasons. We are obliged to do so due to statutory documentation obligations that may arise from the German Commercial Code, the German Fiscal Code, the German Banking Act, the German Money Laundering Act and the German Securities Trading Act. The periods specified there for the retention of documents are two to ten years.
Your rights
You are entitled to the data subject rights formulated in Art. 15 - 21, Art. 77 GDPR at any time if the respective legal requirements are met:
Right to withdraw your consent;
Right to object to the processing of your personal data (Art. 21 GDPR);
Right to information about your personal data processed by us (Art. 15 GDPR);
Right to rectification of your incorrect personal data stored by us (Art. 16 GDPR)
Right to erasure of your personal data (Art. 17 GDPR);
Right to restriction of processing of your personal data (Art. 18 GDPR);
Right to data portability of your personal data (Art. 20 GDPR);
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
To assert your rights described here, you can contact us at any time using the contact details provided above. This also applies if you wish to receive copies of guarantees to demonstrate an adequate level of data protection. If the relevant legal requirements are met, we will comply with your data protection request.
Your requests to assert data protection rights and our responses to them will be stored for documentation purposes for a period of up to three years and, in individual cases, for the assertion, exercise or defense of legal claims beyond this period. The legal basis is Art. 6 para. 1 lit. f GDPR, based on our interest in the defense against any civil law claims pursuant to Art. 82 GDPR, the avoidance of fines pursuant to Art. 83 GDPR and the fulfillment of our accountability obligation under Art. 5 para. 2 GDPR.
Finally, you have the right to lodge a complaint with the data protection supervisory authority responsible for us. You can assert this right with a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement. In Berlin, where we are based, the competent supervisory authority is Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 59-61, 10555 Berlin.
Revocation and objection
You have the right to withdraw your consent at any time. As a result, we will no longer continue the data processing that was based on this consent in the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
If we process your data on the basis of legitimate interests, you have the right to object to the processing of your data at any time on grounds relating to your particular situation. If it concerns an objection to data processing for direct marketing purposes, you have a general right of objection, which will be implemented by us even without giving reasons.
If you wish to exercise your right of revocation or objection, simply send an informal message to the above-mentioned contact details.
Changes to the privacy policy
We occasionally update this privacy policy, for example if we adapt our website or if the legal or official requirements change.
Status: March 2024
Privacy Policy
Overview
In this privacy policy, we (Rematiq GmbH) inform you about the processing of personal data when using our website (https://rematiq.com).
Responsible and contact person
The contact person and so-called controller for the processing of your personal data when you visit this website within the meaning of the EU General Data Protection Regulation (GDPR) is
Rematiq GmbH
Amtsgericht Charlottenburg
HRB 257947 B
Rematiq GmbH
c/o Unicorn Workspaces
Voltastrasse 5, Gebäude 10, Aufgang 2
E-mail: dataprivacy@rematiq.com
Data processing on our website
2.1 Accessing our website / connection data
Each time you use our website, we collect the connection data that your browser automatically transmits to enable you to visit the website. This connection data comprises the so-called HTTP header information, including the user agent, and includes in particular
IP address of the requesting device,
Date and time of the request,
Address of the website accessed and the requesting website,
information about the browser and operating system used,
online identifiers (e.g. device identifiers, session IDs).
The data processing of this connection data is necessary to enable you to visit the website, to ensure the long-term functionality and security of our systems and for the general administrative maintenance of our website.
The connection data is also stored in internal log files for the purposes described above, temporarily and limited to the necessary content, in order to compile statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices with which the pages are accessed increases) and to generally maintain our website administratively.
The legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR, insofar as the page view occurs in the course of the initiation or execution of a contract, and otherwise Art. 6 para. 1 lit. f GDPR due to our legitimate interest in enabling website access and the permanent functionality and security of our systems. However, the automatic transmission of the connection data and the log files developed from it do not constitute access to the information in the end device within the meaning of the implementation laws of the ePrivacy Directive of the EU member states, in Germany § 25 TTDSG. Otherwise, however, it would be absolutely necessary anyway.
For data protection reasons, we do not permanently store or analyze log files.
2.2. Contacting us
You have various options for contacting us, e.g. via the contact form or by e-mail. In this context, we process data exclusively for the purpose of communicating with you.
The legal basis is Art. 6 para. 1 lit. b GDPR, insofar as your details are required to answer your inquiry or to initiate or execute a contract, and otherwise Art. 6 para. 1 lit. f GDPR due to our legitimate interest in you contacting us and us being able to answer your inquiry. We will only make promotional telephone calls if you have given your consent. If you are not an existing customer, we will only send you promotional emails on the basis of your consent. The legal basis in these cases is Art. 6 para. 1 lit. a GDPR in conjunction with Section 7 para. 2 no. 1 or 2 UWG.
The data collected by us when using the contact form will be automatically deleted after your request has been fully processed, unless we still need your request to fulfill contractual or legal obligations (see section 7 "Storage period").
2.3. Existing customer information by e-mail
If you conclude a contract with us for the use of the "REMATIQ" software, we will also use your contact details to send you further information about our products and services that is relevant to you by e-mail ("existing customer advertising"). This may include, in particular, news, promotions and offers as well as feedback and other surveys.
The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR in conjunction with Section 7 para. 3 UWG, according to which data processing is permitted to safeguard legitimate interests, insofar as this concerns the storage and further use of data for advertising purposes. You can object to the use of your data for advertising purposes at any time by clicking on the corresponding link in the emails or by sending a message to the contact details given above (e.g. by email or letter) without incurring any costs other than the transmission costs according to the basic rates.
We use Hubspot, a service provided by HubSpot Inc., 25 First Street, Cambridge, MA 02141 USA, to send advertising to existing customers. We have concluded an order processing agreement with HubSpot. Your data will be stored in encrypted form by HubSpot in the European Union and transmitted in encrypted form. Insofar as HubSpot works with sub-processors whose parent company is not based in the European Union, HubSpot and its sub-processors have concluded standard contractual clauses and taken additional measures to protect the data.
Forwarding of data
The data collected by us will only be passed on if there is a legal basis for this under data protection law in the specific case, in particular if:
you have given your express consent in accordance with Art. 6 para. 1 lit. a GDPR,
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data
we are legally obliged to disclose your data in accordance with Art. 6 para. 1 lit. c GDPR, in particular if this is necessary for legal prosecution or enforcement due to official inquiries, court orders and legal proceedings, or
this is legally permissible and required under Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you or for the implementation of pre-contractual measures taken at your request.
Some of the data processing may be carried out by our service providers. In addition to the service providers mentioned in this privacy policy, these may include, in particular, data centers that store our website and databases, software providers, IT service providers that maintain our systems, agencies, market research companies, group companies and consulting firms. If we pass on data to our service providers, they may only use the data to fulfill their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have suitable technical and organizational measures in place to protect the rights of the data subjects and are regularly monitored by us.
Data transfer to third countries
As explained in this privacy policy, we use services whose providers are partly located in so-called third countries (outside the European Union or the European Economic Area) or process personal data there, i.e. countries whose level of data protection does not correspond to that of the European Union. If this is the case and the European Commission has not issued an adequacy decision for these countries (Art. 45 GDPR), we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include the standard contractual clauses of the European Union or binding internal data protection regulations.
Where this is not possible, we base the data transfer on exceptions under Art. 49 GDPR, in particular your express consent or the necessity of the transfer for the fulfillment of the contract or for the implementation of pre-contractual measures.
If a transfer to a third country is planned and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. secret services) may gain access to the transferred data in order to collect and analyze it, and that the enforceability of your data subject rights cannot be guaranteed. When obtaining your consent via the consent banner, you will also be informed of this.
Storage duration
In principle, we only store personal data for as long as necessary to fulfill the purposes for which we collected the data. We then delete the data immediately, unless we still need the data until the end of the statutory limitation period for evidence purposes for civil law claims, due to statutory retention obligations or there is another legal basis under data protection law for the continued processing of your data in a specific individual case.
For evidence purposes, we must retain contractual data for three years from the end of the year in which the business relationship with you ends. Any claims expire at the earliest at this time in accordance with the statutory limitation period.
Even after this time, we must still store some of your data for accounting reasons. We are obliged to do so due to statutory documentation obligations that may arise from the German Commercial Code, the German Fiscal Code, the German Banking Act, the German Money Laundering Act and the German Securities Trading Act. The periods specified there for the retention of documents are two to ten years.
Your rights
You are entitled to the data subject rights formulated in Art. 15 - 21, Art. 77 GDPR at any time if the respective legal requirements are met:
Right to withdraw your consent;
Right to object to the processing of your personal data (Art. 21 GDPR);
Right to information about your personal data processed by us (Art. 15 GDPR);
Right to rectification of your incorrect personal data stored by us (Art. 16 GDPR)
Right to erasure of your personal data (Art. 17 GDPR);
Right to restriction of processing of your personal data (Art. 18 GDPR);
Right to data portability of your personal data (Art. 20 GDPR);
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
To assert your rights described here, you can contact us at any time using the contact details provided above. This also applies if you wish to receive copies of guarantees to demonstrate an adequate level of data protection. If the relevant legal requirements are met, we will comply with your data protection request.
Your requests to assert data protection rights and our responses to them will be stored for documentation purposes for a period of up to three years and, in individual cases, for the assertion, exercise or defense of legal claims beyond this period. The legal basis is Art. 6 para. 1 lit. f GDPR, based on our interest in the defense against any civil law claims pursuant to Art. 82 GDPR, the avoidance of fines pursuant to Art. 83 GDPR and the fulfillment of our accountability obligation under Art. 5 para. 2 GDPR.
Finally, you have the right to lodge a complaint with the data protection supervisory authority responsible for us. You can assert this right with a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement. In Berlin, where we are based, the competent supervisory authority is Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 59-61, 10555 Berlin.
Revocation and objection
You have the right to withdraw your consent at any time. As a result, we will no longer continue the data processing that was based on this consent in the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
If we process your data on the basis of legitimate interests, you have the right to object to the processing of your data at any time on grounds relating to your particular situation. If it concerns an objection to data processing for direct marketing purposes, you have a general right of objection, which will be implemented by us even without giving reasons.
If you wish to exercise your right of revocation or objection, simply send an informal message to the above-mentioned contact details.
Changes to the privacy policy
We occasionally update this privacy policy, for example if we adapt our website or if the legal or official requirements change.
Status: March 2024