As of May 7, 2018We appreciate your interest in our company. Your trust is important to us! Therefore, we guarantee you the greatest possible security and protection of all personal data. Our data protection practice is in accordance with the EU General Data Protection Regulation (EU-GDPR), the Federal Data Protection Act (BDSG n.f.) and the Telemedia Act (TMG).
Contact person for data protection
The person responsible within the meaning of the EU-GDPR and the data protection laws and regulations of the member states of the European Union is:
movendi GmbH
Rösrather Straße 1
53797 Lohmar-Honrath
For questions regarding data protection, please contact the data protection officer of movendi GmbH Tamara Schorn:
Tamara Schorn
Rösrather Straße 1
D- 53797Lohmar-Honarth
Phone: 0 22 06/ 609480
Email: schorn@movendi.de
1. Definitions
In order to ensure that the data protection declaration is easy to read and understand, we would like to explain the terms according to EU-GDPR Art. 4 in advance.a) personal data
Personal data is all information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) data subject
Data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
f) Pseudonymisation
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
h) Processor
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
i) Recipient
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
j) Third party
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
k) Consent
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. General data collection / processing
When you access our website, a range of general data and information is collected from data subjects.
The data collected includes:
- Browser type and version
- Origin of the network when the page is accessed
- Date and time
- Internet provider
- Operating system
- Internet or service provider
- Other data for hazard prevention
This data and information is stored in the server's log files. This process is used to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack and to ensure the long-term functionality of our information technology systems and the technology of our website.
In order to ensure an optimal level of protection, especially in the area of processing personal data, the data in the server log files is stored anonymously. After the communication process has ended, the data is evaluated for statistical purposes.
In addition, personal data (e.g. your name, your e-mail address, etc.) will only be transmitted if you expressly and knowingly provide us with such information for specific purposes. They are only processed, stored and forwarded to the extent necessary for the respective purpose or if you have given your consent.
3. Cookies
This website uses cookies. Cookies are small text information that is stored as a file on your device via your browser. Cookies are not fundamentally disadvantageous, but allow a more user-friendly service from website operators.
Cookies allow users to be clearly recognised and identified.
Of course, as a data subject, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. Alternatively, you can also use software that deletes cookies. In general, you can permanently object to or deactivate the use of cookies at any time via your browser settings.
Please use the help functions of your internet browser to find out how you can change these settings. Please note that individual functions of our website may not work if you have deactivated the use of cookies.
4. E-mail
If you send us an e-mail, this data will be stored. If there is the possibility to enter personal or business data (e-mail addresses, names, addresses) within the internet offer, the disclosure of this data and its appropriate processing for contacting the data subject (user) takes place on an expressly voluntary basis. The personal data will not be passed on to third parties.
If you, as a data subject, contact us via contact form with regard to a request of any kind, you give us your voluntary consent for the purpose of contacting you. For this purpose, it is necessary to provide a valid e-mail address. This is used to assign the request and then answer it. The provision of further data is optional. The information you provide will be automatically stored for the purpose of processing the request and for possible follow-up questions. After your request has been processed, personal data will be automatically deleted.
6. External links
This website contains so-called “external links” to other websites, over whose content and any data collection the person responsible for this website has no influence. For this reason, the person responsible cannot assume any liability for the content and data collection of these pages.
7. Data transfer
Your data will only be passed on to our employees or other service providers who support us in processing the order during individual processing steps within the scope of order processing. In addition, the information will of course not be passed on.
8. Storage period of personal data
The storage period of personal data depends on the respective retention period. After the expiry of the period, the data will be deleted, provided that they are not used for consent, contract fulfilment or contract initiation.
9. Deletion and blocking of personal data
The processing of personal data only takes place within the scope of the intended purpose. The controller processes and stores personal data of the data subject only for this period.
The routine deletion or blocking of personal data takes place when the legal requirements for the retention period (storage period) and the storage purpose of the controller are no longer given.
10. Rights of data subjects
Data subjects have the right to request confirmation from the controller as to whether personal data relating to them is being processed.
a) Right of access
Data subjects have the right to request confirmation from the controller as to whether personal data relating to them is being processed. According to the EU General Data Protection Regulation and the Federal Data Protection Act, you have the right to free information about your stored data.
- the processing purposes
- the categories of personal data that are processed
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations
- if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
- the existence of a right to rectification or erasure of personal data concerning them or to restriction of processing by the controller or a right to object to such processing
- the existence of a right of appeal to a supervisory authority if the personal data are not collected from the data subject: All available information on the origin of the data
- the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) GDPR and — at least in those cases — meaningful information about the logic involved and the scope and intended effects of such processing for the data subject
b) Right to rectification
The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
c) Right to erasure (“right to be forgotten”)
The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where:
-
- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- The data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) or point (a) of Article 9(2), and where there is no other legal ground for the processing.
- The data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2)
Objection to the processing.
- The personal data have been unlawfully processed.
- The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
- The personal data have been collected in relation to the offer of information society services referred to in Article 8(1).
If the above-mentioned reasons apply, one of our employees will comply with the request to delete the personal data. The controller will take appropriate measures (including technical measures) within the scope and taking into account the available technological possibilities. Other controllers (third-party data processing) will also be informed of the deletion.
d) Right to restriction of processing
The data subject has the right to obtain from the controller restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data,
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
- the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims, or
- the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.
If the above-mentioned conditions are met, an employee can arrange for the restriction of processing.
e) Right to restriction of processing
The data subject has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
- the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1) and
- the processing is carried out by automated means.
In exercising his or her right to data portability pursuant to paragraph 1, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible.
The data subject can contact one of our employees on the subject of data portability.
f) Right to object
The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions.
The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
The data subject must be expressly informed of the aforementioned right at the latest at the time of the first communication with him or her; this information must be provided in an understandable form and separate from other information.
In the context of the use of information society services, the data subject may exercise his or her right to object by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.
The data subject has the right to object, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her which is carried out for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1), unless the processing is necessary for the performance of a task carried out in the public interest.
g) Automated individual decisions, including profiling
The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
This does not apply if the decision:
- is necessary for the conclusion or performance of a contract between the data subject and the controller,
- is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests; or
- is based on the data subject's explicit consent.
If you, as a data subject, would like to assert an automated decision, you can contact one of our employees.
11. Legality of data processing
For us, the legal basis for the lawful processing of personal data may be the consent of the data subject.
This may also be justified by the fact that the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
In rare cases, lawfulness may be given if the processing is necessary to fulfil a legal obligation to which the controller is subject.
Furthermore, processing may be permitted in order to protect the vital interests of the data subject or of another natural person.
Personal data may also be processed if it is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
12. Amendment of our data protection regulations
We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your next visit.
13. Data protection for the use of Facebook
We use technologies from Facebook on our website. Facebook is an internet service of facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU, this service is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, hereinafter referred to as “Facebook”.
The certification is carried out by the EU-US Privacy Shield (“EU-US Privacy Shield”)
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Facebook guarantees that the data protection requirements of the EU are also complied with when processing data in the USA.
Our legal basis refers to Art. 6 para. 1 lit. f) GDPR due to the quality improvement of our website. The information about the assignment of personal data and the transfer to information about plug-ins, as well as about their respective functions, is provided by Facebook at: https://developers.facebook.com/docs/plugins/
If the plug-in is in use or you have the Facebook page open at the same time, data will be collected from you. This concerns the pages you visit and our website. Therefore, it is necessary for technical reasons that Facebook processes your IP address as well as the type and duration (including date and time) of your stay.
Facebook collects information and assigns the personal data to your user account. A further possibility of data collection or processing takes place via the “Like” button. By using the “Like” button, data may be published on the Facebook platform.
In order to prevent data from being collected by visiting our website, you must prevent the use of add-ons and Facebook plug-ins in your internet browser and must not be logged in to Facebook or use applications from Facebook.
Further information about the collection and use of data as well as your rights and protection options in this regard is provided by Facebook in the data protection notices available at: https://www.facebook.com/policy.php
.
14. Newsletter
If you subscribe to our free newsletter, the data requested from you for this purpose, i.e. your e-mail address and - optionally - your name and address, will be transmitted to us. At the same time, we store the IP address of the internet connection from which you access our website as well as the date and time of your registration. As part of the further registration process, we will obtain your consent to the sending of the newsletter, describe the content in concrete terms and refer to this data protection declaration. We use the data collected in this way exclusively for sending the newsletter - they will therefore not be passed on to third parties in particular.
The legal basis for this is Art. 6 para. 1 lit. a) GDPR.
You can revoke your consent to the newsletter dispatch at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. To do this, you simply need to inform us of your revocation or click on the unsubscribe link contained in every newsletter.
15. Google Fonts
We use Google Fonts on our website to display external fonts. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.
Through certification according to the EU-US Privacy Shield (“EU-US Privacy Shield”)
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google guarantees that the data protection requirements of the EU are also complied with when processing data in the USA. In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the optimisation and economic operation of our website.
Through the connection to Google established when our website is accessed, Google can determine from which website your request has been sent and to which IP address the display of the font is to be transmitted.
Google offers further information at
https://adssettings.google.com/authenticated
https://policies.google.com/privacy
in particular on how to prevent the use of data.
16. Data protection for the use of Google Maps
We use Google Maps on our website to display our location and to create directions. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”.
Through certification according to the EU-US Privacy Shield (“EU-US Privacy Shield”)
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google guarantees that the data protection requirements of the EU are also complied with when processing data in the USA. In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.
If you access the Google Maps component integrated into our website, Google stores a cookie on your device via your internet browser. In order to display our location and create directions, your user settings and data are processed. We cannot exclude the possibility that Google uses servers in the USA for this purpose.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in optimising the functionality of our website.
Through the connection to Google established in this way, Google can determine from which website your request has been sent and to which IP address the directions are to be transmitted.
If you do not agree with this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your internet browser. You can find details on this above under the item “Cookies”.
In addition, the use of Google Maps and the information obtained via Google Maps is subject to the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=de and the Terms and Conditions for Google Maps https://www.google.com/intl/de_de/help/terms_maps.html.
In addition, Google offers further information at
https://adssettings.google.com/authenticated
https://policies.google.com/privacy
.