1. Name and address of the responsible
The responsible within the meaning of the General Data Protection Regulation (GDPR) is:
53902 Bad Münstereifel
Phone: +49 2257 9528 0
2. Name and address of the data protection officer
The designated data protection officer of the responsible is:
53902 Bad Münstereifel
Phone: +49 2257 9528 0
3. General information on data processing
3.1 Scope of personal data processing
We process personal data of the website visitors only insofar as this is necessary to provide a fully working website as well as to provide our content and services.
3.2 Legal basis for processing of personal data
The legal basis for processing is article 6 (1) GDPR or article 28 GDPR. In the following, we will look at the individual points of article 6:
Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 par. 1, point (a) EU General Data Protection Regulation (GDPR) as legal basis.
If processing of personal data is necessary to perform a contract to which the data subject is a party, art. 6, para. 1, point (b) GDPR is the legal basis. This also applies also to processing operations required to carry out pre-contractual actions.
Insofar processing of personal data is required to fulfil a legal obligation to which our company is subjected to, art. 6, par. 1, point (c) GDPR is the legal basis.
In case processing is necessary in order to protect the vital interests of the data subject or another natural person, art. 6, par. 1, point (d) serves as legal basis.
If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not prevail over the first interest, art. 6, par. 1, point (f) GDPR acts as legal basis for processing.
3.3 Data erasure and storage period
Personal data will be erased or locked as soon as the purpose to its storage does not apply anymore. Additionally, a storage of personal data can occur if European or national legislators appoint this under union laws or regulations to which the responsible is subjected to. Data will also be erased or locked in case of expiring of storage periods except the storage is needed for fulfilling further contractual agreements.
4. Collection and storing of personal data, type and purpose of its usage
When calling our website, no data will be sent to our servers.
5. Transfer of data
As no data will be recorded when calling the website, the transfer of data to third parties is impossible.
Personal data that will be sent to us by approaching via the e-mail-address published on the website will remain in our company. We will only pass them to third parties in following cases:
- the transmission of data is necessary for assertion, practicing or defence of a legal right according to art. 6, par. 1, point (f) GDPR and we have no motive for the assumption that> the transmission of your personal data is mainly worth of protection.
the transfer of data pursuant to art. 6, par. 1, point (f) GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
- there is a legal obligation to transfer the data according art. 6, par. 1, point (c) GDPR, as well
- as it is permitted by law according to art. 6, par. 1, point (b) and necessary to fulfil the contractual relationships with you.
6. Rights of the data subject
You have the right to:
- obtain information about your personal data processed by us according to GDPR article 15. Especially, you can demand information about the purpose of the data processing, the sort of the processed data, the sort of the recipients to which your data will be passed/have been passed, the planned storage periods, if you have a claim to correct, restrict the processing and erasure, contradiction, the exist of a right of appeal, the origin of your data if they were not collected by us, the exist of an automated decision-making including profiling and if necessary meaningful information to details.
- obtain without undue delay the rectification of inaccurate personal data according to GDPR article 16.
- obtain the erasure of stored personal data according to GDPR article 17 except the processing is necessary for exercising your right of freedom of expression, for compliance with a legal obligation in the public interest and for the establishment, exercise or defence of legal claims.
- obtain restriction of processing your personal data according to GDPR article 18 if you contest the accuracy of the data, the processing is unlawful and you oppose the erasure of the data, the data are required for the establishment, exercise or defence of legal claims or you have objected to processing according to GDPR article 21.
- obtain the personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to transmit those data to another controller according to GDPR article 20.
- withdraw your consent at any time according to GDPR article 7, paragraph 2. This means that we are not allowed to continue processing your personal data, according to this consent, anymore.
- lodge a complaint with a supervisory authority according to GDPR article 77. Usually, you can turn to a supervisory authority on your habitual residence or your place of work.
7. Right to object
If your personal data are processed due to legitimate interests according to GDPR article 6, paragraph 1, point (f), you have the right to object your consent to the processing of your personal data according to GDPR article 21 in case there are valid reasons resulting from your special situation or the object addresses against direct advertising. For the latter case, you have a general right to object that will be put to practice without specifying your special situation. An e-mail fulfils to make use of your right to object.
8. Data security
To save your data from random or intentional manipulations, partly or completely loss, destruction or unauthorized access, there are adequate technical and organisational measures that are defined and regularly checked. Our security measures will be improved corresponding the technological development.
This data protection declaration is effective from May 2018.