Information according to Section 5 of the German Telemedia Act (TMG):
Werner Scholz e.K.
Leidenschaft für Print
Vahrer Str. 268b
28329 Bremen, Germany
Contact:
Phone: +49 421 40 89 72 35
Fax: +49 421 45 85 51 32
Email:
Privacy Policy
This privacy policy clarifies the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and its associated websites, functions, and content, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer"). With regard to the terminology used, such as "processing" or "controller," we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Controller
Werner Scholz e.K.
Leidenschaft für Print
Vahrer Str. 268b
28329 Bremen, Germany
Contact:
Phone: +49 421 40 89 72 35
Fax: +49 421 45 85 51 32
Email:
Types of Data Processed:
- Inventory data (e.g., names, addresses).
- Contact data (e.g., email, telephone numbers).
- Content data (e.g., text inputs, photographs, videos).
- Usage data (e.g., websites visited, interest in content, access times).
- Meta/communication data (e.g., device information, IP addresses).
Purpose of Processing
- Providing the online offer, its functions, and content.
- Responding to contact requests and communicating with users.
- Security measures.
- Reach measurement/marketing.
Terminology Used
"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
"Processing" means any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and covers virtually any handling of data.
"Controller" means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Relevant Legal Bases
In accordance with Art. 13 GDPR, we inform you of the legal bases for our data processing. Unless the legal basis is explicitly mentioned in the privacy policy, the following applies:
- The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 GDPR.
- The legal basis for processing for the performance of our services and implementation of contractual measures as well as responding to inquiries is Art. 6(1)(b) GDPR.
- The legal basis for processing to fulfill our legal obligations is Art. 6(1)(c) GDPR.
- The legal basis for processing to protect our legitimate interests is Art. 6(1)(f) GDPR.
- In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6(1)(d) GDPR serves as the legal basis.
Security Measures
We ask you to inform yourself regularly about the content of our privacy policy. We will adjust the privacy policy as soon as changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.
Cooperation with Processors and Third Parties
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them, or otherwise grant them access to the data, this is done only on the basis of legal permission (e.g., if transmission to third parties, such as payment service providers, is required for contract performance pursuant to Art. 6(1)(b) GDPR), if you have consented, if a legal obligation provides for this, or on the basis of our legitimate interests (e.g., when using agents, web hosts, etc.).
If we commission third parties to process data on the basis of a "data processing agreement," this is done on the basis of Art. 28 GDPR.
Transfers to Third Countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosing/transferring data to third parties, this only happens if it is to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 et seq. GDPR are met. This means, for example, processing on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g., for the USA through the "Privacy Shield"*) or compliance with officially recognized special contractual obligations (so-called "Standard Contractual Clauses").
Note: Please be aware that the "Privacy Shield" has been replaced by the "EU-U.S. Data Privacy Framework".
Rights of Data Subjects
Right of Access: You have the right to request confirmation as to whether data concerning you is being processed and to information about this data, as well as further information and a copy of the data in accordance with Art. 15 GDPR.
Right to Rectification: According to Art. 16 GDPR, you have the right to request the completion of data concerning you or the rectification of inaccurate data concerning you.
Right to Erasure and Restriction: In accordance with Art. 17 GDPR, you have the right to demand that data concerning you be deleted immediately, or alternatively, to demand a restriction of the processing of the data in accordance with Art. 18 GDPR.
Right to Data Portability: You have the right to request to receive the data concerning you that you have provided to us in accordance with Art. 20 GDPR and to demand its transmission to other controllers.
Right to Lodge a Complaint: Furthermore, according to Art. 77 GDPR, you have the right to lodge a complaint with the competent supervisory authority.
Right of Withdrawal
You have the right to withdraw consents granted pursuant to Art. 7(3) GDPR with effect for the future.
Right to Object
You may object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR. The objection may be made in particular against processing for the purposes of direct marketing.
Cookies and Right to Object in Direct Marketing
"Cookies" are small files that are stored on users' computers. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit to an online offer.
- Temporary cookies ("session cookies" or "transient cookies") are deleted after a user leaves an online offer and closes their browser.
- Permanent or persistent cookies remain stored even after the browser is closed (e.g., login status or interests for reach measurement).
- Third-party cookies are offered by providers other than the controller responsible for the online offer.
We may use temporary and permanent cookies and clarify this in the context of our privacy policy. If users do not want cookies stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser.
Deletion of Data
The data processed by us will be deleted or restricted in its processing in accordance with Art. 17 and 18 GDPR. Unless explicitly stated in this privacy policy, data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no statutory retention obligations.
Statutory retention periods in Germany: * 6 years according to § 257 (1) HGB (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.).
- 10 years according to § 147 (1) AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).
Hosting
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services, and technical maintenance services, which we use for the purpose of operating this online offer. In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties, and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6(1)(f) GDPR in conjunction with Art. 28 GDPR.
Collection of Access Data and Log Files
We, or our hosting provider, collect data on every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6(1)(f) GDPR. The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL, IP address, and the requesting provider. Log file information is stored for a maximum of 7 days for security reasons (e.g., to investigate misuse or fraud) and then deleted.
Agency Services
We process the data of our customers as part of our contractual services, which include conceptual and strategic consulting, campaign planning, software and design development/consulting or maintenance, implementation of campaigns and processes/handling, server administration, data analysis/consulting services, and training services.
We process inventory data, contact data, content data, contract data, payment data, usage, and meta-data. We generally do not process special categories of personal data unless these are components of a commissioned processing. The data subjects include our customers, interested parties as well as their customers, users, website visitors, or employees as well as third parties. The purpose of the processing is the provision of contractual services, billing, and our customer service. The legal bases result from Art. 6(1)(b) GDPR (contractual services) and Art. 6(1)(f) GDPR (analysis, statistics, optimization, security measures).
Administration, Financial Accounting, Office Organization, Contact Management
We process data in the context of administrative tasks as well as the organization of our business, financial accounting, and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the context of providing our contractual services. The processing bases are Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR.
Contacting Us
When contacting us (e.g., via contact form, email, telephone, or via social media), the user's details are processed to handle the contact request and its processing pursuant to Art. 6(1)(b) GDPR. User information can be stored in a Customer Relationship Management System ("CRM System") or comparable inquiry organization.
Social Media Online Presences
We maintain online presences within social networks and platforms to communicate with customers, interested parties, and users active there and to inform them about our services. When calling up the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.
Created with Datenschutz-Generator.de by RA Dr. Thomas Schwenke.