Stockheimer Straße 10
86825 Bad Wörishofen
Types of data collected
Type and place of data processing
I process user data in a proper manner and take appropriate security measures to prevent unauthorized access and unauthorized forwarding, modification or destruction of data. Data processing is carried out by means of computers or IT-based systems in accordance with organizational procedures and practices specifically aimed at the stated purposes. In addition to the Data Controller, other parties could also operate this application internally (Human Resources, Sales, Marketing, Legal Department, System Administrators) or externally - and in the case where necessary, designated by the Data Controller as processors (such as technical service providers, delivery companies, hosting providers, IT companies or communication agencies) - and thus have access to the data. An up-to-date list of these parties can be requested from me at any time.
Legal bases of the processing
I may process personal data of users only if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: In some jurisdictions, the provider may be permitted to process personal data until the user objects to such processing ("opt-out") without relying on consent or any other of the following legal bases. However, this does not apply if the processing of personal data is subject to European data protection law;
- the data collection is necessary for the fulfillment of a contract with the user and/or for pre-contractual measures arising therefrom;
- the processing is necessary for compliance with a legal obligation to which the provider is subject;
- the processing is related to a task carried out in the public interest or in the exercise of official authority vested in the provider;
- the processing is necessary to protect the legitimate interests of the provider or a third party.
In any case, I will gladly provide information about the specific legal basis on which the processing is based, in particular whether the provision of personal data is a legal or contractual obligation or a prerequisite for the conclusion of a contract.
The data will be processed in my office and in all other places where the entities involved in the data processing are located.Depending on the location of the users, data transfers may involve the transfer of the user's data to a country other than their own. To learn more about the location of the processing of the transferred data, users may consult the section detailing the processing of personal data. Users also have the right to be informed about the legal basis of the transfer of data to a country outside the European Union or to an international organization governed by international law or established by two or more countries, such as the UN, as well as to be informed about the security measures taken by me to protect their data.If such a transfer takes place, the user can learn more about it by reviewing the relevant sections of this document or by contacting me using the information provided in the contact section.
Personal data is processed and stored for as long as required by the purpose for which it was collected. Therefore applies:
- Personal data collected for the purpose of fulfilling a contract concluded between the provider and the user will be stored until the complete fulfillment of this contract.
- Personal data collected to protect the Provider's legitimate interests will be retained for as long as necessary to fulfill those purposes. Users can obtain more detailed information about the Provider's legitimate interests in the relevant sections of this document or by contacting the Provider.
Furthermore, I am permitted to store personal data for a longer period of time if the user has consented to such processing, as long as the consent is not revoked. In addition, the provider may be obliged to store personal data for a longer period of time if this is necessary to fulfill a legal obligation or by order of a public authority.After the retention period has expired, personal data will be deleted. Therefore, the right to information, the right to deletion, the right to rectification and the right to data portability cannot be asserted after the retention period has expired.
The rights of users
Users may exercise certain rights in relation to their data processed by me. In particular, users have the right to do the following:
- Revoke the consents at any time. If the user has previously consented to the processing of personal data, he may revoke his own consent at any time.
- object to the processing of their data. The user has the right to object to the processing of their data if the processing is based on a legal basis other than consent. Further information on this is provided below.
- receive information regarding their data. The user has the right to know whether the data is processed by the provider, to receive information about individual aspects of the processing and to receive a copy of the data.
- Verification and rectification. The user has the right to verify the accuracy of his data and request its update or correction.
- request restriction of the processing of their data. Users have the right to restrict the processing of their data under certain circumstances. In this case, the provider will not process the data for any purpose other than storage.
- Request deletion or other removal of the personal data. Users have the right to request deletion of their data from the provider under certain circumstances.
- Receive their data and have it transferred to another responsible party. The user has the right to receive his or her data in a structured, common and machine-readable format and, if technically possible, to have it transferred to another controller without hindrance. This provision is applicable if the data is processed by automated means and the processing is based on the user's consent, on a contract to which the user is party, or on pre-contractual obligations.
Details on the right to object to processing
If personal data are processed in the public interest, in the exercise of a sovereign power conferred on me or for the protection of my legitimate interests, the user may object to such processing by providing a justification ground relating to his or her particular situation.Users are informed that they may object to the processing of personal data for direct marketing purposes at any time without giving reasons. Users can find out whether I process personal data for direct marketing purposes in the relevant sections of this document.
How to exercise the rights
All requests to exercise user rights may be directed to me using the contact information provided in this document. Requests can be exercised free of charge and will be processed by me as soon as possible, at the latest within one month.
Further information on the collection and processing of data
The user's personal data may be processed by me for law enforcement purposes within or in preparation of legal proceedings arising from the improper use of this application or related services.The user declares to be aware that I may be required by the authorities to hand over personal data.
Further about the personal data of the user
System logs and maintenance
This application and third party services may collect files that record interaction that takes place through this application (system logs) or use other personal data (e.g. IP address) for this purpose for operational and maintenance purposes.
Information not included in this statement
Further information about the collection or processing of personal data can be requested from me at any time via the listed contact details.
How "Do Not Track" requests are handled
No Cookie Consent
I host my website at Webflow (Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA [hereinafter: Webflow]). When you visit this website, Webflow collects various log files including your IP addresses. Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that are necessary for the presentation of the page, to provide certain website functions and to ensure security (necessary cookies).The use of Webflow is based on Art. 6 para. 1 lit. f DSGVO. I have a legitimate interest in the most reliable presentation of its website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
I have concluded an order processing agreement with the above-mentioned provider. This is a contract required by data protection law, which ensures that the personal data of website visitors are processed only according to the instructions of the provider and in compliance with the GDPR.
As far as changes affect a data use based on the user's consent, I will - if necessary - obtain a new consent.