Security and protection of your personal data

We consider it our primary task to maintain the confidentiality of the personal data provided by you and to protect it from unauthorized access. We therefore exercise the utmost care and apply state-of-the-art security standards to ensure maximum protection of your personal data. As a company under private law, we are subject to the provisions of the European Basic Data Protection Regulation (DSGVO) and the provisions of the Federal Data Protection Act (BDSG). We have taken technical and organisational measures to ensure that the regulations on data protection are observed both by us and by our external service providers.

 

definitions

The legislator requires that personal data be processed lawfully, in good faith and in a manner understandable to the data subject ("lawfulness, fairness, transparency"). To ensure this, we inform you of the individual legal definitions that are also used in this Privacy Policy:

1. personal data "personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

(2) Processing "processing" means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or integration, limitation, erasure or destruction.

3. limitation of processing "limitation of processing" means the marking of stored personal data with a view to limiting their further processing.

4. profiling "profiling" means any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, conduct, place of residence or transfer.

5. pseudonymisation "pseudonymisation" means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the inclusion of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data cannot be attributed to an identified or identifiable natural person.

6. file system "file system" means any structured collection of personal data accessible according to specific criteria, whether centralised, decentralised or organised on a functional or geographical basis.

(7) 'controller' means a natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are laid down by Union law or the law of the Member States, the controller or the specific criteria of his or her designation may be laid down in Union law or the law of the Member States

8) Processor means a natural or legal person, public authority, agency or body which processes personal data on behalf of the controller.

9) "Recipient" means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. Authorities which may obtain personal data in the course of a particular investigation task under Union or national law.