Data Protection Statement
I consider data protection and the security of personal data to be important. That’s why I strictly adhere to the General Data Protection Regulation. Detailed below I provide full information about the scope and purpose of the data collection and processing on my website.
Purpose of Data Processing
I process and store your personal data if you provide this to us unsolicited: for example, if you contact me by mail, phone or e-mail, or if you download files.
Legal Basis for Data Processing
If you have given me your consent to the collection, processing or transfer of certain personal data, then that consent constitutes the legal basis for the processing of such data. In certain cases, I process your data in order to safeguard a legitimate interest of mine or of a third party. An example for this is the use of direct marketing activities in order to promote sales. The processing of personal data by me thus occurs on the basis of Art. 6 para. 1 sentence 1 lit. a) and f) and Art. 7 General Data Protection Regulation (GDPR).
Categories of Personal Data
I process and store personally identifiable data provided by you. This includes, for example, your name, address and e-mail address, and any other personal contact details.
Special Categories of Personal Data
No special categories of personal data are processed by me.
Origin of Personal Data
All personal data processed is directly provided by you.
Categories of Recipients of Personal Data
In providing your data, you agree to the processing and storage of that data by me.
Data Transfer in Third Countries
As described in this data protection statement, I am using service providers in so-called third countries (as the US). These are countries whose data protection level falls short of the level in the European Union. In such cases, and if there exists no adequacy decision of the European Union (Art. 45 GDPR), I have taken precautions in order to guarantee an appropriate data protection level. This includes standard contractual clauses of the European Union or internal regulations. In cases where this is not feasible, I rely on exceptions according to Art. 49 GDPR, especially your explicit consent or the necessity of the data transfer to fulfil a contract.
If a data transfer to a third country is performed and there is no adequacy decision and no appropriate guarantees exist, there is the risk that third country authorities (e.g. intelligence agencies) have access to the transferred data in order to collect and analyse them. Thus, your data subject rights cannot be en-forced.
Duration of Data Retention
I store your personal data as long as necessary for the purposes for which it has been collected or otherwise processed under Art. 17 para. 1 lit. a) GDPR. This is particularly necessary for the fulfilment of legal or contractual obligations. If the storage of data is no longer required for the fulfilment of legal or contractual obligations, then your data will be deleted, unless further processing is required for the following reasons:
Adherance to retention periods with respect to commercial and tax law,
Retention of evidence within the scope of legal limitation rules.
Rights of Data Subjects
With regard to the personal data concerning him or her, each data subject has rights against me. In accordance with the legal conditions, these are the right of access under Art. 15 GDPR, the right to correction under Art. 16 GDPR, the right to deletion under Art. 17 GDPR, the right to limitation of processing under Art. 18 GDPR, the right to data transferability under Art. 20 GDPR and the right to objection under Art. 21 GDPR.
The limitations of Sect. 34 and 35 German Federal Data Protection Act apply to the right of access and the right to erasure.
In addition, it is possible to file a complaint to the designated data protection supervisory authority under Art. 77 GDPR in connection with Sect. 19 German Federal Data Protection Act. The supervisory authority for me is Der Bayerische Landesbeauftragte für den Datenschutz (BayLfD), Wagmüllerstraße 18, 80538 München; e-mail: poststelle@datenschutz-bayern.de.
Consent to the processing of personal data may be revoked at any time, and applies thereafter, unless subsequently changed. This applies also to a consent given before the advent of the GDPR legislation (i.e. before May 25, 2018). The revocation of consent does not affect the lawfulness of the processing of personal data prior to any revocation.
In order to exercise your rights against me, please contact me in writing or by e-mail. See imprint.
Links to External Sites
This website contains links to other external websites. If you use any of these external links, you will be directed to a website which is not covered by my privacy policy.
Obligation to Provide Personal Data
In order to enter into a business relationship, you must provide me with the personal data that is necessary for the performance of the contractual relationship or that I must compulsorily ascertain due to legal requirements. If you do not provide me with this data, then the implementation and processing of the contractual relationship is not possible for me. Apart from that, there is no legal or contractual obligation to provide data.
Automated Decision-Making or Profiling
Automated decision-making / profiling does not take place.
Data Security
I have implemented comprehensive technical and organisational security measures in order to safeguard your data from accidental or deliberate manipulation, loss, destruction or from unauthorised access. My security procedures will be reviewed on a regular basis and adapted to technological progress.