Data pro­tec­tion statement

Thank you for your inte­rest in our com­pa­ny. Data pro­tec­tion has par­ti­cu­lar­ly high prio­ri­ty for the manage­ment of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG. The use of the Inter­net pages of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG is pos­si­ble without pro­vi­ding any per­so­nal data. Howe­ver, if a data sub­ject wis­hes to make use of our company’s spe­cial ser­vices via our web­site, it may be necessa­ry to pro­cess per­so­nal data. If the pro­ces­sing of per­so­nal data is necessa­ry and the­re is no legal basis for this pro­ces­sing, we gene­ral­ly obtain the con­sent of the data sub­ject. The pro­ces­sing of per­so­nal data, for examp­le the name, address, email address or tele­pho­ne num­ber of the data sub­ject, is always car­ri­ed out in accordance with the Gene­ral Data Pro­tec­tion Regu­la­ti­on and in accordance with the requi­re­ments for the coun­try-spe­ci­fic data pro­tec­tion regu­la­ti­ons for Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG. By means of this data pro­tec­tion state­ment, our com­pa­ny informs the public about the type, scope, and pur­po­se of the per­so­nal data that we collect, use, and pro­cess
. Fur­ther­mo­re, this data pro­tec­tion state­ment informs data sub­jects about their rights. As the con­trol­ler, Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG has imple­men­ted nume­rous tech­ni­cal and orga­niz­a­tio­nal mea­su­res to ensu­re the most com­ple­te pro­tec­tion pos­si­ble for per­so­nal data pro­ces­sed through this web­site. Nevertheless, inter­net-based data trans­mis­si­ons may have secu­ri­ty gaps, so that abso­lu­te pro­tec­tion can­not be gua­ran­te­ed. For this rea­son, every data sub­ject is free to trans­mit per­so­nal data to us in alter­na­ti­ve ways, for examp­le, by telephone.

1. Defi­ni­ti­ons

The data pro­tec­tion decla­ra­ti­on of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG is based on the ter­mi­no­lo­gy used by the Euro­pean legis­la­tor for the adop­ti­on of the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR). Our data pro­tec­tion decla­ra­ti­on should be easy to read and under­stand for the public as well as for our cus­to­mers and busi­ness part­ners. To ensu­re this, we would like to exp­lain the ter­mi­no­lo­gy used in advan­ce. We use the fol­lowing terms in this data pro­tec­tion statement:

a) Per­so­nal data

Per­so­nal data is all infor­ma­ti­on that rela­tes to an iden­ti­fied or iden­ti­fia­ble natu­ral per­son (her­ein­af­ter “data sub­ject”). A natu­ral per­son is regar­ded as iden­ti­fia­ble who, direct­ly or indi­rect­ly, can be iden­ti­fied in par­ti­cu­lar by means of assign­ment to an iden­ti­fier such as a name, an iden­ti­fi­ca­ti­on num­ber, loca­ti­on data, an online iden­ti­fier or one or more spe­cial fea­tures that express the phy­si­cal, phy­sio­lo­gi­cal, gene­tic, psy­cho­lo­gi­cal, eco­no­mic, cul­tu­ral or social iden­ti­ty of this natu­ral person.

b) Data subject

The data sub­ject is any iden­ti­fied or iden­ti­fia­ble natu­ral per­son who­se per­so­nal data is pro­ces­sed by the controller.

c) Pro­ces­sing

Pro­ces­sing is any pro­cess car­ri­ed out with or without the help of auto­ma­ted pro­ce­du­res or any such seri­es of pro­ces­ses in con­nec­tion with per­so­nal data such as the collec­tion, record­ing, orga­niz­a­ti­on, orde­ring, sto­rage, adap­t­ati­on or chan­ge, rea­ding, que­ry­ing, use, dis­clo­sure through trans­mis­si­on, dis­se­mi­na­ti­on or any other form of pro­vi­si­on, com­pa­ri­son or lin­king, restric­tion, dele­ti­on or destruction.

d) Restric­tion of processing

Restric­tion of pro­ces­sing is the mar­king of stored per­so­nal data with the aim of restric­ting their future processing.

e) Pro­filing

Pro­filing is any type of auto­ma­ted pro­ces­sing of per­so­nal data that con­sists of using this per­so­nal data to eva­lua­te cer­tain per­so­nal aspects rela­ting to a natu­ral per­son, in par­ti­cu­lar to ana­ly­ze or pre­dict aspects rela­ting to work per­for­mance, eco­no­mic situa­ti­on, health, pre­fe­ren­ces, inte­rests, relia­bi­li­ty, beha­vi­or, whe­rea­bouts, or relo­ca­ti­on of this natu­ral person.

f) Pseud­ony­miz­a­ti­on

Pseud­ony­miz­a­ti­on is the pro­ces­sing of per­so­nal data in a way in which the per­so­nal data can no lon­ger be assi­gned to a spe­ci­fic data sub­ject without the use of addi­tio­nal infor­ma­ti­on, pro­vi­ded that this addi­tio­nal infor­ma­ti­on is stored sepa­r­ate­ly and is sub­ject to tech­ni­cal and orga­niz­a­tio­nal mea­su­res that ensu­re that the per­so­nal data can­not be assi­gned to an iden­ti­fied or iden­ti­fia­ble natu­ral person.

g) Con­trol­ler

The con­trol­ler is the natu­ral or legal per­son, aut­ho­ri­ty, insti­tu­ti­on or other body that alo­ne or joint­ly with others deci­des on the pur­po­ses and means of pro­ces­sing per­so­nal data. If the pur­po­ses and means of this pro­ces­sing are spe­ci­fied by Euro­pean Uni­on law or the law of the mem­ber sta­tes, the con­trol­ler or the spe­ci­fic cri­te­ria for their appoint­ment can be pro­vi­ded for in accordance with Euro­pean Uni­on law or the law of the mem­ber states.

h) Pro­ces­sor

A pro­ces­sor is a natu­ral or legal per­son, aut­ho­ri­ty, insti­tu­ti­on or other body that pro­ces­ses per­so­nal data on behalf of the controller.

i) Reci­pi­ent

The reci­pi­ent is a natu­ral or legal per­son, aut­ho­ri­ty, insti­tu­ti­on or other body to which per­so­nal data is dis­c­lo­sed, regard­less of whe­ther it is a third par­ty or not. Howe­ver, aut­ho­ri­ties that may recei­ve per­so­nal data as part of a spe­ci­fic inves­ti­ga­ti­on accord­ing to Euro­pean Uni­on law or the law of the mem­ber sta­tes are not con­si­de­red recipients.

j) Third party

A third par­ty is a natu­ral or legal per­son, public aut­ho­ri­ty, agen­cy or body other than the data sub­ject, the con­trol­ler, the pro­ces­sor and the per­sons who are aut­ho­ri­zed to pro­cess the per­so­nal data under the direct respon­si­bi­li­ty of the con­trol­ler or the processor.

k) Con­sent

Con­sent is any vol­un­ta­ry, infor­med, and unam­bi­guous decla­ra­ti­on of intent given by the data sub­ject for the spe­ci­fic case in the form of a decla­ra­ti­on or other une­qui­vo­cal affir­ma­ti­ve action with which the data sub­ject indi­ca­tes that they con­sent to the pro­ces­sing of their per­so­nal data.

2. Name and address of the controller

The con­trol­ler wit­hin the mea­ning of the Gene­ral Data Pro­tec­tion Regu­la­ti­on, other data pro­tec­tion laws app­li­ca­ble in the mem­ber sta­tes of the Euro­pean Uni­on and other pro­vi­si­ons of a data pro­tec­tion natu­re is: Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG Wein­bergs­weg 20, 10119 Ber­lin, Ger­ma­ny, email: info@oel-berlin.de

3. Coo­kies

The Inter­net pages of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG use coo­kies. Coo­kies are text files that are stored on a com­pu­ter sys­tem via an inter­net brow­ser. Nume­rous web­sites and ser­vers use coo­kies. Many coo­kies con­tain a so-cal­led coo­kie ID. A coo­kie ID is a uni­que iden­ti­fier for the coo­kie. It con­sists of a string of cha­rac­ters through which web­sites and ser­vers can be assi­gned to the spe­ci­fic Inter­net brow­ser in which the coo­kie was stored. This enab­les the web­sites and ser­vers visi­ted to dis­tin­guish the indi­vi­du­al brow­ser of the data sub­ject from other Inter­net brow­sers that con­tain other coo­kies. A spe­ci­fic inter­net brow­ser can be reco­gni­zed and iden­ti­fied via the uni­que coo­kie ID. By using coo­kies, Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG can pro­vi­de users of this web­site with more user-friend­ly ser­vices that would not be pos­si­ble without the coo­kie set­ting. Using a coo­kie, the infor­ma­ti­on and offers on our web­site can be opti­mi­zed in the inte­rests of the user. As alrea­dy men­tio­ned, coo­kies enab­le us to reco­gni­ze the users of our web­site. The pur­po­se of this reco­gni­ti­on is to make it easier for users to use our web­site. For examp­le, the user of a web­site that uses coo­kies does not have to re-enter their access data every time they visit the web­site, becau­se this is done by the web­site and the coo­kie stored on the user’s com­pu­ter sys­tem. Ano­t­her examp­le is the coo­kie of a shop­ping cart in the online shop. The online shop uses a coo­kie to remem­ber the items that a cus­to­mer has pla­ced in the vir­tu­al shop­ping cart. The data sub­ject can pre­vent the set­ting of coo­kies by our web­site at any time by means of a cor­re­spon­ding set­ting in the Inter­net brow­ser used and can thus per­ma­nent­ly object to the set­ting of coo­kies. Fur­ther­mo­re, coo­kies that have alrea­dy been set can be dele­ted at any time via an Inter­net brow­ser or other soft­ware pro­grams. This is pos­si­ble in all com­mon inter­net brow­sers. If the data sub­ject deac­ti­va­tes the set­ting of coo­kies in the inter­net brow­ser used, not all func­tions of our web­site may be ful­ly usable.

4. Collec­tion of gene­ral data and information

The web­site of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG collects a seri­es of gene­ral data and infor­ma­ti­on each time the web­site is acces­sed by a data sub­ject or an auto­ma­ted sys­tem. The­se gene­ral data and infor­ma­ti­on are stored in the server’s log files. The­se gene­ral data and infor­ma­ti­on can inclu­de the (1) brow­ser types and ver­si­ons used, (2) the ope­ra­ting sys­tem used by the acces­sing sys­tem, (3) the web­site from which an acces­sing sys­tem reaches our web­site (so-cal­led refer­rer), (4) the sub-web­sites that are acces­sed via an acces­sing sys­tem on our web­site, (5) the date and time of access to the web­site, (6) an inter­net pro­to­col address (IP address), (7) the inter­net ser­vice pro­vi­der of the acces­sing sys­tem and (8) other simi­lar data and infor­ma­ti­on that ser­ve to avert dan­ger in the event of attacks on our infor­ma­ti­on tech­no­lo­gy sys­tems. When using this gene­ral data and infor­ma­ti­on, Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG does not draw any con­clu­si­ons about the data sub­ject. Rather, this infor­ma­ti­on is requi­red to (1) cor­rect­ly deli­ver the con­tent of our web­site, (2) opti­mi­ze the con­tent of our web­site and the adver­ti­sing for it, (3) ensu­re the long-term func­tio­n­a­li­ty of our infor­ma­ti­on tech­no­lo­gy sys­tems and the tech­no­lo­gy of our web­site, and ( 4) to pro­vi­de law enfor­ce­ment aut­ho­ri­ties with the infor­ma­ti­on necessa­ry for law enfor­ce­ment in the event of a cyber attack. This anony­mous­ly collec­ted data and infor­ma­ti­on is the­re­fo­re eva­lua­ted sta­tis­ti­cal­ly by Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co​.KG on the one hand and with the aim of incre­a­sing data pro­tec­tion and data secu­ri­ty in our com­pa­ny in order to ulti­mate­ly pro­vi­de an opti­mal level of pro­tec­tion for the per­so­nal data that we pro­cess. The anony­mous data in the ser­ver log files are stored sepa­r­ate­ly from all per­so­nal data pro­vi­ded by a data subject.

5. Regis­tra­ti­on on our website

The data sub­ject has the opti­on of regis­tering on the web­site of the con­trol­ler by pro­vi­ding per­so­nal data. Which per­so­nal data are trans­mit­ted to the con­trol­ler for pro­ces­sing is the result of the respec­ti­ve input mask that is used for the regis­tra­ti­on. The per­so­nal data ent­e­red by the data sub­ject are collec­ted and stored exclu­si­ve­ly for inter­nal use by the con­trol­ler for pro­ces­sing and for their pur­po­ses. The con­trol­ler can arran­ge for the data to be pas­sed on to one or more pro­ces­sors, for examp­le a par­cel ser­vice pro­vi­der, who also uses the per­so­nal data exclu­si­ve­ly for inter­nal use attri­bu­ta­ble to the con­trol­ler. By regis­tering on the web­site of the con­trol­ler, the IP address assi­gned by the Inter­net ser­vice pro­vi­der (ISP) to the data sub­ject, the date and time of regis­tra­ti­on are also saved. This data is stored becau­se it is the only way to pre­vent misu­se of our ser­vices and, if necessa­ry, to enab­le cri­mi­nal offen­ses to be inves­ti­ga­ted. In this respect, the sto­rage of this data is necessa­ry to pro­tect the con­trol­ler. This data is gene­ral­ly not pas­sed on to third par­ties unless the­re is a legal obli­ga­ti­on to pass it on or it is used for cri­mi­nal pro­se­cu­ti­on. The regis­tra­ti­on of the data sub­ject with the vol­un­ta­ry pro­vi­si­on of per­so­nal data enab­les the con­trol­ler to offer the data sub­ject con­tent or ser­vices which, due to the natu­re of the mat­ter, can only be offe­red to regis­tered users. Regis­tered per­sons are free to chan­ge the per­so­nal data pro­vi­ded during regis­tra­ti­on at any time or to have them com­ple­te­ly dele­ted from the data­ba­se of the con­trol­ler. The con­trol­ler will pro­vi­de any data sub­ject with infor­ma­ti­on about which per­so­nal data is stored about the data sub­ject at any time upon request. Fur­ther­mo­re, the con­trol­ler will cor­rect or dele­te per­so­nal data at the request or advice of the data sub­ject, pro­vi­ded that the­re are no sta­tu­to­ry reten­ti­on requi­re­ments to the con­tra­ry. All of the employees of the con­trol­ler are avail­ab­le to the data sub­ject as con­ta­ct per­sons in this context.

6. Sub­scrip­ti­on to our newsletter

On the web­site of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG, users are given the oppor­tu­ni­ty to sub­scri­be to our company’s news­let­ter. Which per­so­nal data is trans­mit­ted to the con­trol­ler when the news­let­ter is orde­red is a result of the input mask used for this pur­po­se. Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG informs its cus­to­mers and busi­ness part­ners at regu­lar inter­vals by means of a news­let­ter about com­pa­ny offers. Our company’s news­let­ter can gene­ral­ly only be recei­ved by the data sub­ject if (1) the data sub­ject has a valid e‑mail address and (2) the data sub­ject regis­ters to recei­ve the news­let­ter. For legal rea­sons, a con­fir­ma­ti­on e‑mail will be sent to the e‑mail address ent­e­red by a data sub­ject for the first time for sen­ding the news­let­ter using the dou­ble opt-in pro­ce­du­re. This con­fir­ma­ti­on email is used to check whe­ther the owner of the email address, as the data sub­ject, has aut­ho­ri­zed the rece­i­pt of the news­let­ter. When regis­tering for the news­let­ter, we also save the IP address assi­gned by the Inter­net ser­vice pro­vi­der (ISP) of the com­pu­ter sys­tem used by the data sub­ject at the time of regis­tra­ti­on, as well as the date and time of regis­tra­ti­on. The collec­tion of this data is necessa­ry in order to be able to trace the (pos­si­ble) misu­se of the e‑mail address of a data sub­ject at a later point in time and the­re­fo­re ser­ves the legal pro­tec­tion of the con­trol­ler. The per­so­nal data collec­ted when regis­tering for the news­let­ter will only be used to send our news­let­ter. Fur­ther­mo­re, sub­scri­bers to the news­let­ter could be infor­med by e‑mail if this is necessa­ry for the ope­ra­ti­on of the news­let­ter ser­vice or a cor­re­spon­ding regis­tra­ti­on, as this could be the case in the case of chan­ges to the news­let­ter offer or chan­ges in the tech­ni­cal con­di­ti­ons. The per­so­nal data collec­ted as part of the news­let­ter ser­vice will not be pas­sed on to third par­ties. The data sub­ject can can­cel the sub­scrip­ti­on to our news­let­ter at any time. The con­sent to the sto­rage of per­so­nal data that the data sub­ject has given us for sen­ding the news­let­ter can be revo­ked at any time. The­re is a cor­re­spon­ding link in every news­let­ter for the pur­po­se of with­drawing con­sent. It is also pos­si­ble to unsub­scri­be from the news­let­ter direct­ly on the web­site of the con­trol­ler or to inform the con­trol­ler of this in ano­t­her way.

7. News­let­ter tracking

The news­let­ters from Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG con­tain so-cal­led tracking pixels. A tracking pixel is a minia­tu­re gra­phic that is embed­ded in such e‑mails that are sent in HTML for­mat to enab­le log file record­ing and log file ana­ly­sis. This enab­les a sta­tis­ti­cal eva­lua­ti­on of the suc­cess or fail­u­re of online mar­ke­ting cam­pai­gns to be car­ri­ed out. Using the embed­ded tracking pixel, Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG can reco­gni­ze whe­ther and when an e‑mail was ope­ned by a data sub­ject and which links in the e‑mail were cal­led up by the data sub­ject. Such per­so­nal data collec­ted via the tracking pixels con­tai­ned in the news­let­ters are stored and eva­lua­ted by the con­trol­ler in order to opti­mi­ze the news­let­ter dis­patch and to bet­ter adapt the con­tent of future news­let­ters to the inte­rests of the data sub­ject. The­se per­so­nal data will not be pas­sed on to third par­ties. Data sub­jects are enti­t­led at any time to revo­ke the rele­vant sepa­ra­te decla­ra­ti­on of con­sent given via the dou­ble opt-in pro­ce­du­re. After a revo­ca­ti­on, this per­so­nal data will be dele­ted by the con­trol­ler. Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG auto­ma­ti­cal­ly inter­prets a with­dra­wal from the rece­i­pt of the news­let­ter as a revo­ca­ti­on.

Due to legal regu­la­ti­ons, the web­site of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG con­tains infor­ma­ti­on that enab­les quick elec­tro­nic con­ta­ct to our com­pa­ny and direct com­mu­ni­ca­ti­on with us, which is also a gene­ral address for elec­tro­nic mail (email address). If a data sub­ject con­ta­cts the con­trol­ler by email or a con­ta­ct form, the per­so­nal data trans­mit­ted by the data sub­ject will be auto­ma­ti­cal­ly saved. Such per­so­nal data trans­mit­ted on a vol­un­ta­ry basis by a data sub­ject to the con­trol­ler are stored for the pur­po­ses of pro­ces­sing or con­ta­c­ting the data sub­ject. This per­so­nal data is not pas­sed on to third parties.

8. Right of withdrawal

9. Rou­ti­ne dele­ti­on and blo­cking of per­so­nal data

The con­trol­ler pro­ces­ses and stores per­so­nal data of the data sub­ject only for the peri­od of time that is necessa­ry to achie­ve the sto­rage pur­po­se or if this is spe­ci­fied by the Euro­pean direc­ti­ves and regu­la­ti­ons or ano­t­her legis­la­tor in laws or regu­la­ti­ons to which the con­trol­ler is sub­ject. If the sto­rage pur­po­se no lon­ger app­lies or if a sto­rage peri­od pre­scri­bed by the Euro­pean direc­ti­ves and ordi­nan­ces or ano­t­her respon­si­ble legis­la­tor expi­res, the per­so­nal data will be rou­ti­nely blo­cked or dele­ted in accordance with the sta­tu­to­ry provisions.

10. Rights of the data subject

a) Right to confirmation

Every data sub­ject has the right gran­ted by the Euro­pean direc­ti­ve and regu­la­ti­on giver to request con­fir­ma­ti­on from the con­trol­ler as to whe­ther per­so­nal data con­cer­ning them are being pro­ces­sed. If a data sub­ject wis­hes to exer­cise this right to con­fir­ma­ti­on, they can con­ta­ct an employee of the con­trol­ler at any time.

b) Right to information

Every data sub­ject has the right, gran­ted by the Euro­pean legis­la­tor of direc­ti­ves and regu­la­ti­ons, to recei­ve free infor­ma­ti­on about the per­so­nal data stored about them and a copy of this infor­ma­ti­on from the con­trol­ler at any time. Fur­ther­mo­re, the Euro­pean direc­ti­ves and regu­la­ti­ons grant the data sub­ject access to the fol­lowing infor­ma­ti­on:
- the pur­po­ses of the pro­ces­sing
- the cate­go­ries of per­so­nal data that are pro­ces­sed
- the reci­pi­ents or cate­go­ries of reci­pi­ents to whom the per­so­nal data have been dis­c­lo­sed or are still being dis­c­lo­sed, in par­ti­cu­lar to reci­pi­ents in third coun­tries or to inter­na­tio­nal orga­niz­a­ti­ons
- if pos­si­ble, the plan­ned dura­ti­on for which the per­so­nal data will be stored or, if this is not pos­si­ble, the cri­te­ria for deter­mi­ning this dura­ti­on
- the exis­tence of a right to cor­rec­tion or dele­ti­on of their per­so­nal data or of restric­tion of pro­ces­sing by the con­trol­ler or a right to object to this pro­ces­sing or a right of appeal to a super­vi­so­ry aut­ho­ri­ty if the per­so­nal data is not collec­ted from data sub­ject: all avail­ab­le infor­ma­ti­on about the ori­gin of the data
- the exis­tence of auto­ma­ted decisi­on-making inclu­ding pro­filing in accordance with Arti­cle 22 (1) and (4) GDPR and — at least in the­se cases — mea­ning­ful infor­ma­ti­on about the logic invol­ved and the scope and inten­ded effects of such pro­ces­sing for the data sub­ject
Fur­ther­mo­re, the data sub­ject has the right to infor­ma­ti­on as to whe­ther per­so­nal data has been trans­mit­ted to a third coun­try or to an inter­na­tio­nal orga­niz­a­ti­on. If this is the case, the data sub­ject has the right to recei­ve infor­ma­ti­on about the appro­pria­te gua­ran­tees in con­nec­tion with the trans­mis­si­on. If a data sub­ject wis­hes to make use of this right to infor­ma­ti­on, they can con­ta­ct an employee of the con­trol­ler at any time.

c) Right to rectification

Every data sub­ject has the right gran­ted by the Euro­pean direc­ti­ves and regu­la­ti­ons to request the immedia­te cor­rec­tion of incor­rect per­so­nal data con­cer­ning them. Fur­ther­mo­re, the data sub­ject has the right, taking into account the pur­po­ses of the pro­ces­sing, to request the com­ple­ti­on of incom­ple­te per­so­nal data — inclu­ding by means of a sup­ple­men­ta­ry decla­ra­ti­on. If a data sub­ject wis­hes to exer­cise this right to rec­ti­fi­ca­ti­on, they can con­ta­ct an employee of the con­trol­ler at any time.

d) Right to era­su­re (right to be forgotten)

Every data sub­ject has the right gran­ted by the Euro­pean legis­la­tor of direc­ti­ves and regu­la­ti­ons to demand that the con­trol­ler dele­te the per­so­nal data con­cer­ning them immedia­te­ly, pro­vi­ded that one of the fol­lowing rea­sons app­lies and inso­far as the pro­ces­sing is not necessa­ry:
The per­so­nal data were collec­ted or other­wi­se pro­ces­sed for pur­po­ses for which they are no lon­ger necessa­ry.
The data sub­ject revo­kes their con­sent, on which the pro­ces­sing was based in accordance with Art. 6 Para­graph 1 Let­ter a GDPR or Art. 9 Para­graph 2 Let­ter a GDPR, and the­re is no other legal basis for the pro­ces­sing.
The data sub­ject objects to the pro­ces­sing in accordance with Art. 21 Para­graph 1 GDPR, and the­re are no over­ri­ding legi­ti­ma­te rea­sons for the pro­ces­sing, or the data sub­ject objects to the pro­ces­sing in accordance with Art. 21 Para­graph 2 Let­ter a GDPR.
The per­so­nal data was pro­ces­sed unlaw­ful­ly.
The dele­ti­on of per­so­nal data is necessa­ry to ful­fill a legal obli­ga­ti­on under Euro­pean Uni­on law or the law of the mem­ber sta­tes to which the con­trol­ler is sub­ject.
The per­so­nal data was collec­ted in rela­ti­on to the infor­ma­ti­on socie­ty ser­vices offe­red in accordance with Art. 8 Para. 1 GDPR.
If one of the abo­ve-men­tio­ned rea­sons app­lies and a data sub­ject wis­hes to have per­so­nal data stored at Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG dele­ted, they can con­ta­ct an employee of the con­trol­ler at any time. The employee of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG will arran­ge for the dele­ti­on request to be com­plied with immedia­te­ly. If the per­so­nal data has been made public by Tza­mou­ra­nis & Schmidt Inter­na­tio­na­le Han­dels­ge­sell­schaft mbH and if our com­pa­ny, as the con­trol­ler, is obli­ged to dele­te the per­so­nal data in accordance with Art. 17 Para­graph 1 GDPR, Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co . KG, taking into account the avail­ab­le tech­no­lo­gy and the imple­men­ta­ti­on cos­ts, will take appro­pria­te mea­su­res, inclu­ding tech­ni­cal ones, to inform other data pro­ces­sors who pro­cess the publis­hed per­so­nal data that the data sub­ject has reques­ted the dele­ti­on, inclu­ding links, by the­se other data pro­ces­sors of this per­so­nal data or copies or repli­ca­ti­ons of this per­so­nal data, inso­far as the pro­ces­sing is not necessa­ry. The employee of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG will arran­ge the necessa­ry actions in indi­vi­du­al cases.

e) Right to restric­tion of processing

Any data sub­ject has the right, gran­ted by the Euro­pean legis­la­tor of direc­ti­ves and regu­la­ti­ons, to requi­re the con­trol­ler to restrict pro­ces­sing if one of the fol­lowing con­di­ti­ons is met:
The cor­rect­ness of the per­so­nal data is con­tes­ted by the data sub­ject for a peri­od that enab­les the con­trol­ler to check the cor­rect­ness of the per­so­nal data.
The pro­ces­sing is unlaw­ful, the data sub­ject refu­ses to dele­te the per­so­nal data and ins­tead requests that the use of the per­so­nal data be restric­ted.
The con­trol­ler no lon­ger needs the per­so­nal data for the pur­po­ses of pro­ces­sing, but the data sub­ject needs them to assert, exer­cise, or defend legal claims.
The data sub­ject has lod­ged an objec­tion to the pro­ces­sing in accordance with Art. 21 Para­graph 1 GDPR and it has not yet been deter­mi­ned whe­ther the legi­ti­ma­te rea­sons of the con­trol­ler out­weigh tho­se of the data sub­ject.
If one of the abo­ve con­di­ti­ons is met and a data sub­ject would like to request the restric­tion of per­so­nal data stored at Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG, they can con­ta­ct an employee of the con­trol­ler. The employee of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG will arran­ge for the pro­ces­sing to be restricted.

f) Right to data portability

Every data sub­ject has the right gran­ted by the Euro­pean legis­la­tor of direc­ti­ves and regu­la­ti­ons to recei­ve the per­so­nal data con­cer­ning them, which have been made avail­ab­le to a con­trol­ler by the data sub­ject, in a struc­tu­red, com­mon, and machi­ne-read­a­ble for­mat. They also have the right to trans­fer this data to ano­t­her con­trol­ler without hin­dran­ce from the con­trol­ler to whom the per­so­nal data was pro­vi­ded, pro­vi­ded that the pro­ces­sing is based on the con­sent pur­suant to Art. 6 Para. 1 Let­ter a GDPR or Art. 9 Para. 2 let­ter a DS-GVO or on a con­tract accord­ing to Art. 6 Para. 1 let­ter b DS-GVO and the pro­ces­sing is car­ri­ed out using auto­ma­ted pro­ce­du­res, unless the pro­ces­sing is necessa­ry for the per­for­mance of a task that is in the public inte­rest or takes place in the exer­cise of offi­cial aut­ho­ri­ty, which has been assi­gned to the con­trol­ler. Fur­ther­mo­re, when exer­cis­ing their right to data por­ta­bi­li­ty in accordance with Art. 20 Para. 1 GDPR, the data sub­ject has the right to have the per­so­nal data trans­mit­ted direct­ly from one con­trol­ler to ano­t­her, inso­far as this is tech­ni­cal­ly fea­si­ble and if this does not affect the rights and free­doms of other per­sons. To assert the right to data por­ta­bi­li­ty, the data sub­ject can con­ta­ct an employee of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG at any time.

g) Right to object

Any data sub­ject has the right gran­ted by the Euro­pean legis­la­tor of direc­ti­ves and regu­la­ti­ons to object at any time to the pro­ces­sing of per­so­nal data rela­ting to them, which is based on Art. 6 Para­graph 1 Let­ter e or f DS-GVO. This also app­lies to pro­filing based on the­se pro­vi­si­ons. Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG will no lon­ger pro­cess the per­so­nal data in the event of an objec­tion, unless we can pro­ve com­pel­ling legi­ti­ma­te rea­sons for the pro­ces­sing that out­weigh the inte­rests, rights and free­doms of the data sub­ject, or the pro­ces­sing ser­ves to assert, exer­cise or defend legal claims. If Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG pro­ces­ses per­so­nal data in order to ope­ra­te direct mail, the data sub­ject has the right to object at any time to the pro­ces­sing of per­so­nal data for the pur­po­se of such adver­ti­sing. This also app­lies to pro­filing inso­far as it is asso­cia­ted with such direct adver­ti­sing. If the data sub­ject objects to Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG pro­ces­sing for direct mar­ke­ting pur­po­ses, Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG will no lon­ger pro­cess the per­so­nal data for the­se pur­po­ses. In addi­ti­on, the data sub­ject has the right, for rea­sons ari­sing from their par­ti­cu­lar situa­ti­on, to object to the pro­ces­sing of per­so­nal data con­cer­ning them by Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG for sci­en­ti­fic or his­to­ri­cal rese­arch pur­po­ses or for sta­tis­ti­cal pur­po­ses in accordance with Art. 89 Para. 1 GDPR, to object, unless such pro­ces­sing is necessa­ry to ful­fill a task in the public inte­rest. To exer­cise the right to object, the data sub­ject can con­ta­ct any employee of Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG direct­ly. The data sub­ject is also free, in con­nec­tion with the use of infor­ma­ti­on socie­ty ser­vices, regard­less of Direc­ti­ve 2002/58 / EC, to exer­cise their right of objec­tion by means of auto­ma­ted pro­ce­du­res in which tech­ni­cal spe­ci­fi­ca­ti­ons are used.

h) Auto­ma­ted decisi­ons in indi­vi­du­al cases inclu­ding profiling

Every data sub­ject has the right gran­ted by the Euro­pean legis­la­tor of direc­ti­ves and regu­la­ti­ons not to be sub­ject to a decisi­on based sole­ly on auto­ma­ted pro­ces­sing — inclu­ding pro­filing — which has legal effects on them or simi­lar­ly signi­fi­cant­ly affects them, so long as the decisi­on (1) is not necessa­ry for the con­clu­si­on or per­for­mance of a con­tract bet­ween the data sub­ject and the con­trol­ler, or (2) is per­mis­si­ble on the basis of Uni­on or Mem­ber Sta­te law to which the con­trol­ler is sub­ject and the­se legal pro­vi­si­ons take appro­pria­te mea­su­res to safe­guard the rights and free­doms as well as the legi­ti­ma­te inte­rests of the data sub­ject or (3) is made with the express con­sent of the data sub­ject. If the decisi­on (1) is necessa­ry for ent­e­ring into, or the per­for­mance of, a con­tract bet­ween the data sub­ject and the con­trol­ler, or (2) it is based on the data subject’s expli­cit con­sent, Tza­mou­ra­nis & Schmidt & Arta­le Inter­na­tio­na­le Han­dels GmbH & Co. KG will take appro­pria­te mea­su­res to pro­tect the rights and free­doms as well as the legi­ti­ma­te inte­rests of the data sub­ject, inclu­ding at least the right to obtain inter­ven­ti­on by a per­son on behalf of the con­trol­ler, to express their own point of view and to con­test the decisi­on. If the data sub­ject wis­hes to assert rights with regard to auto­ma­ted decisi­ons, they can con­ta­ct an employee of the con­trol­ler at any time.

i) Right to with­draw con­sent under data pro­tec­tion law

Every data sub­ject has the right gran­ted by the Euro­pean legis­la­tor of direc­ti­ves and regu­la­ti­ons to revo­ke their con­sent to the pro­ces­sing of per­so­nal data at any time. If the data sub­ject wis­hes to assert their right to with­draw con­sent, they can con­ta­ct an employee of the con­trol­ler at any time.

11. Data pro­tec­tion in app­li­ca­ti­ons and in the app­li­ca­ti­on process

The con­trol­ler collects and pro­ces­ses the per­so­nal data of app­li­cants for the pur­po­se of hand­ling the app­li­ca­ti­on pro­cess. The pro­ces­sing can also be done elec­tro­ni­cal­ly. This is par­ti­cu­lar­ly the case if an app­li­cant sends the rele­vant app­li­ca­ti­on docu­ments to the con­trol­ler elec­tro­ni­cal­ly, for examp­le by email or via a web form on the web­site. If the con­trol­ler con­clu­des an employ­ment con­tract with an app­li­cant, the data trans­mit­ted will be stored for the pur­po­se of pro­ces­sing the employ­ment rela­ti­ons­hip in com­pli­an­ce with the sta­tu­to­ry pro­vi­si­ons. If the con­trol­ler does not con­clu­de an employ­ment con­tract with the app­li­cant, the app­li­ca­ti­on docu­ments will be auto­ma­ti­cal­ly dele­ted two mon­ths after noti­fi­ca­ti­on of the rejec­tion decisi­on, pro­vi­ded that dele­ti­on does not con­flict with any other legi­ti­ma­te inte­rests of the con­trol­ler. Ano­t­her legi­ti­ma­te inte­rest in this sen­se is, for examp­le, a bur­den of pro­of in pro­cee­dings under the Gene­ral Equal Tre­at­ment Act (AGG).

12. Data pro­tec­tion pro­vi­si­ons on the app­li­ca­ti­on and use of Facebook

The con­trol­ler has inte­gra­ted com­pon­ents of the com­pa­ny Face­book on this web­site. Face­book is a social net­work. A social net­work is a social mee­ting place ope­ra­ted on the Inter­net, an online com­mu­ni­ty that usual­ly enab­les users to com­mu­ni­ca­te with one ano­t­her and inter­act in vir­tu­al space. A social net­work can ser­ve as a plat­form for the exchan­ge of opi­ni­ons and expe­ri­en­ces or enab­les the Inter­net com­mu­ni­ty to pro­vi­de per­so­nal or com­pa­ny-rela­ted infor­ma­ti­on. Among other things, Face­book enab­les users of the social net­work to crea­te pri­va­te pro­files, upload pho­tos and net­work via friend requests. The ope­ra­ting com­pa­ny of Face­book is Face­book, Inc., 1 Hacker Way, Men­lo Park, CA 94025, USA. If a data sub­ject lives out­side the USA or Cana­da, the con­trol­ler is Face­book Ire­land Ltd., 4 Grand Canal Squa­re, Grand Canal Har­bor, Dub­lin 2, Ire­land. Each time one of the indi­vi­du­al pages of this web­site is cal­led up, which is ope­ra­ted by the con­trol­ler and on which a Face­book com­po­nent (Face­book plug-in) has been inte­gra­ted, the Inter­net brow­ser on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject is auto­ma­ti­cal­ly acti­va­ted by the respec­ti­ve Face­book Com­po­nent and cau­ses a repre­sen­ta­ti­on of the cor­re­spon­ding Face­book com­po­nent to be down­loa­ded from Face­book. A com­ple­te over­view of all Face­book plug-ins can be found at https://​deve​lo​pers​.face​book​.com/​d​o​c​s​/​p​l​u​g​i​n​s​/​?​l​o​c​a​l​e​=de_DE. As part of this tech­ni­cal pro­cess, Face­book recei­ves know­ledge of which spe­ci­fic sub­page of our web­site is visi­ted by the data sub­ject. If the data sub­ject is log­ged into Face­book at the same time, Face­book reco­gni­zes with each visit to our web­site by the data sub­ject and for the ent­i­re dura­ti­on of the respec­ti­ve stay on our web­site, which spe­ci­fic sub­page of our web­site the data sub­ject is visi­t­ing. This infor­ma­ti­on is collec­ted by the Face­book com­po­nent and assi­gned to the respec­ti­ve Face­book account of the data sub­ject by Face­book. If the data sub­ject acti­va­tes one of the Face­book but­tons inte­gra­ted on our web­site, for examp­le the “Like” but­ton, or if the data sub­ject makes a com­ment, Face­book assigns this infor­ma­ti­on to the data subject’s per­so­nal Face­book user account and saves this per­so­nal data. Face­book always recei­ves infor­ma­ti­on via the Face­book com­po­nent that the data sub­ject has visi­ted our web­site if the data sub­ject is log­ged into Face­book at the same time as acces­sing our web­site; this takes place regard­less of whe­ther the data sub­ject clicks on the Face­book com­po­nent or not. If the data sub­ject does not want this infor­ma­ti­on to be trans­mit­ted to Face­book, they can pre­vent the trans­mis­si­on by log­ging out of their Face­book account befo­re cal­ling up our web­site. The data gui­de­li­ne publis­hed by Face­book, which is avail­ab­le at https://​de​-de​.face​book​.com/​a​b​o​u​t​/​p​r​ivacy/, pro­vi­des infor­ma­ti­on about the collec­tion, pro­ces­sing and use of per­so­nal data by Face­book. It also exp­lains which set­ting opti­ons Face­book offers to pro­tect the pri­va­cy of the data sub­ject. In addi­ti­on, various app­li­ca­ti­ons are avail­ab­le that make it pos­si­ble to sup­press data trans­mis­si­on to Face­book. Such app­li­ca­ti­ons can be used by the data sub­ject to sup­press data trans­mis­si­on to Facebook.

13. Data pro­tec­tion pro­vi­si­ons on the app­li­ca­ti­on and use of Shariff

The con­trol­ler has inte­gra­ted the Shariff com­po­nent on this web­site. The Shariff com­po­nent pro­vi­des social media but­tons that com­ply with data pro­tec­tion regu­la­ti­ons. Shariff was deve­lo­ped for the Ger­man com­pu­ter maga­zi­ne c’t and is publis­hed via Git­Hub, Inc . The com­po­nent was deve­lo­ped by Git­Hub, Inc. 88 Colin P. Kel­ly Juni­or Street, San Fran­cis­co, CA 94107, USA. The but­ton solu­ti­ons pro­vi­ded by the social net­works usual­ly trans­fer per­so­nal data to the respec­ti­ve social net­work when a user visits a web­site into which a social media but­ton has been inte­gra­ted. By using the Shariff com­po­nent, per­so­nal data is only trans­mit­ted to social net­works if the visi­tor to a web­site actively pres­ses one of the social media but­tons. Fur­ther infor­ma­ti­on on the Shariff com­po­nent is avail­ab­le from the com­pu­ter maga­zi­ne c’t at http://​www​.hei​se​.de/​n​e​w​s​t​i​c​k​e​r​/​m​e​l​d​u​n​g​/​D​a​t​e​n​s​c​h​u​t​z​-​u​n​d​-​S​o​c​i​a​l​-​M​e​d​i​a​-​D​e​r​-​c​t​-​S​h​a​r​i​f​f​-​i​s​t​-​i​m​-​E​i​n​s​a​t​z​-​2​470103. html rea­dy. The pur­po­se of using the Shariff com­po­nent is to pro­tect the per­so­nal data of visi­tors to our web­site and at the same time to enab­le us to inte­gra­te a but­ton solu­ti­on for social net­works on this web­site. Fur­ther infor­ma­ti­on and GitHub’s app­li­ca­ble data pro­tec­tion pro­vi­si­ons can be found at https://​help​.git​hub​.com/​a​r​t​i​c​l​e​s​/​g​i​t​h​u​b​-​p​r​i​v​a​c​y​-​p​olicy/.

14. Data pro­tec­tion pro­vi­si­ons on the app­li­ca­ti­on and use of YouTube

The con­trol­ler has inte­gra­ted com­pon­ents from You­Tube on this web­site. You­Tube is an Inter­net video por­tal that enab­les video publis­hers to post video clips free of char­ge and other users to view, rate and com­ment on them free of char­ge. You­Tube allows the publi­ca­ti­on of all types of vide­os, which is why com­ple­te film and tele­vi­si­on pro­grams, as well as music vide­os, trai­lers or vide­os made by users them­sel­ves can be acces­sed via the Inter­net por­tal. You­Tube is ope­ra­ted by You­Tube, LLC, 901 Cher­ry Ave., San Bru­no, CA 94066, USA. You­Tube, LLC is a sub­si­dia­ry of Goog­le Inc., 1600 Amphi­thea­ter Pkwy, Moun­tain View, CA 94043–1351, USA. Each time one of the indi­vi­du­al pages of this web­site is acces­sed, which is ope­ra­ted by the con­trol­ler and on which a You­Tube com­po­nent (You­Tube video) has been inte­gra­ted, the Inter­net brow­ser on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject is auto­ma­ti­cal­ly promp­ted by the respec­ti­ve You­Tube com­po­nent to down­load a repre­sen­ta­ti­on of the cor­re­spon­ding You­Tube com­po­nent from You­Tube. Fur­ther infor­ma­ti­on about You­Tube can be found at https://​www​.you​tube​.com/​y​t​/​a​b​o​ut/de/. As part of this tech­ni­cal pro­cess, You­Tube and Goog­le gain know­ledge of which spe­ci­fic sub-page of our web­site is visi­ted by the data sub­ject. If the data sub­ject is log­ged in to You­Tube at the same time, You­Tube reco­gni­zes which spe­ci­fic sub-page of our web­site the data sub­ject is visi­t­ing by cal­ling up a sub­page that con­tains a You­Tube video. This infor­ma­ti­on is collec­ted by You­Tube and Goog­le and assi­gned to the respec­ti­ve You­Tube account of the data sub­ject. You­Tube and Goog­le always recei­ve infor­ma­ti­on via the You­Tube component

that the data sub­ject has visi­ted our web­site if the data sub­ject is log­ged in to You­Tube at the same time as acces­sing our web­site; this takes place regard­less of whe­ther the data sub­ject clicks on a You­Tube video or not. If the data sub­ject does not want this infor­ma­ti­on to be trans­mit­ted to You­Tube and Goog­le, they can pre­vent the trans­mis­si­on by log­ging out of their You­Tube account befo­re cal­ling up our web­site. The data pro­tec­tion regu­la­ti­ons publis­hed by You­Tube, which are avail­ab­le at https://​www​.goog​le​.de/​i​n​t​l​/​d​e​/​p​o​l​i​c​i​e​s​/​p​r​ivacy/, pro­vi­de infor­ma­ti­on about the collec­tion, pro­ces­sing and use of per­so­nal data by You­Tube and Google.

14.2. Data pro­tec­tion pro­vi­si­ons about the app­li­ca­ti­on and use of Vimeo, Inc.

The con­trol­ler has inte­gra­ted com­pon­ents from Vimeo, Inc. on this web­site. . Vimeo, Inc. is an Inter­net video por­tal that enab­les video publis­hers to post video clips free of char­ge and other users to view, rate and com­ment on them free of char­ge. Vimeo, Inc. per­mits the publi­ca­ti­on of all types of vide­os, which is why com­ple­te film and tele­vi­si­on pro­grams as well as music vide­os, trai­lers or vide­os made by users them­sel­ves can be acces­sed via the Inter­net portal.

The ope­ra­ting com­pa­ny of Vimeo, Inc. is Vimeo, Inc., Vimeo, Inc. 555 West 18th Street, New York, New York 10011, USA.

Each time one of the indi­vi­du­al pages of this web­site is acces­sed, which is ope­ra­ted by the con­trol­ler and on which a Vimeo, Inc. com­po­nent (Vimeo, Inc. video) has been inte­gra­ted, the Inter­net brow­ser on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject is auto­ma­ti­cal­ly acti­va­ted by the respec­ti­ve Vimeo, Inc. web beacons com­po­nent to down­load a repre­sen­ta­ti­on of the cor­re­spon­ding Vimeo, Inc. com­po­nent from Vimeo, Inc. Fur­ther infor­ma­ti­on about Vimeo, Inc. can be found at https://​vimeo​.com/​p​r​i​v​a​c​y​#​b​eacons. As part of this tech­ni­cal pro­cess, Vimeo, Inc. recei­ves know­ledge of which spe­ci­fic sub­page of our web­site is visi­ted by the data subject.

If the data sub­ject is log­ged in to Vimeo, Inc. at the same time, Vimeo, Inc. reco­gni­zes which spe­ci­fic sub-page of our web­site the data sub­ject is visi­t­ing by cal­ling up a sub­page that con­tains a Vimeo, Inc. video. This infor­ma­ti­on is collec­ted by Vimeo, Inc. and assi­gned to the respec­ti­ve Vimeo, Inc. account of the data subject.

Vimeo, Inc. always recei­ves infor­ma­ti­on via the Vimeo, Inc. com­po­nent that the data sub­ject has visi­ted our web­site if the data sub­ject is log­ged in to Vimeo, Inc. at the same time as acces­sing our web­site; this takes place regard­less of whe­ther the data sub­ject clicks on a Vimeo, Inc. video or not. If the data sub­ject does not want this infor­ma­ti­on to be trans­mit­ted to Vimeo, Inc., they can pre­vent the trans­mis­si­on by log­ging out of their Vimeo, Inc. account befo­re cal­ling up our website.

The data pro­tec­tion pro­vi­si­ons publis­hed by Vimeo, Inc., which are avail­ab­le at https://​vimeo​.com/​p​rivacy, pro­vi­de infor­ma­ti­on about the collec­tion, pro­ces­sing and use of per­so­nal data by Vimeo, Inc.

The infor­ma­ti­on on coo­kies publis­hed by Vimeo, Inc., which is avail­ab­le at https://​vimeo​.com/​c​o​o​k​i​e​_​policy, pro­vi­des infor­ma­ti­on about the use, sto­rage, dele­ti­on, pro­ces­sing and use of so-cal­led coo­kies by Vimeo, Inc.

15. Pay­ment method: Data pro­tec­tion pro­vi­si­ons for PayPal as a pay­ment method

The con­trol­ler has inte­gra­ted com­pon­ents from PayPal on this web­site. PayPal is an online pay­ment ser­vice pro­vi­der. Pay­ments are pro­ces­sed via so-cal­led PayPal accounts, which are vir­tu­al pri­va­te or busi­ness accounts. PayPal also offers the opti­on of pro­ces­sing vir­tu­al pay­ments via credit cards if a user does not have a PayPal account. A PayPal account is mana­ged via an email address, which is why the­re is no clas­sic account num­ber. PayPal makes it pos­si­ble to initia­te online pay­ments to third par­ties or to recei­ve pay­ments. PayPal also acts as a trus­tee and offers buy­er pro­tec­tion ser­vices. The Euro­pean ope­ra­ting com­pa­ny of PayPal is PayPal (Euro­pe) S.à.r.l. & Cie. S.C.A., 22–24 Bou­le­vard Roy­al, 2449 Luxem­bourg, Luxem­bourg. If the data sub­ject selects “PayPal” as the pay­ment opti­on in our online shop during the orde­ring pro­cess, the data of the data sub­ject will be auto­ma­ti­cal­ly trans­mit­ted to PayPal. By selec­ting this pay­ment opti­on, the data sub­ject cons­ents to the trans­fer of per­so­nal data requi­red for pay­ment pro­ces­sing. The per­so­nal data trans­mit­ted to PayPal are usual­ly first name, last name, address, email address, IP address, tele­pho­ne num­ber, mobi­le pho­ne num­ber or other data that are necessa­ry for pay­ment pro­ces­sing. In order to pro­cess the purcha­se con­tract, per­so­nal data rela­ted to the respec­ti­ve order is also necessa­ry. The pur­po­se of trans­mit­ting the data is to pro­cess pay­ments and pre­vent fraud. The con­trol­ler will trans­mit per­so­nal data to PayPal in par­ti­cu­lar if the­re is a legi­ti­ma­te inte­rest in the trans­mis­si­on. The per­so­nal data exch­an­ged bet­ween PayPal and the con­trol­ler may be trans­mit­ted by PayPal to credit agen­ci­es. The pur­po­se of this trans­mis­si­on is to check your iden­ti­ty and credit­wort­hi­ness. PayPal may pass on the per­so­nal data to affi­lia­ted com­pa­nies and ser­vice pro­vi­ders or sub­con­trac­tors, inso­far as this is necessa­ry to ful­fill the con­trac­tu­al obli­ga­ti­ons or the data are to be pro­ces­sed on their behalf. The data sub­ject has the opti­on of revo­king their con­sent to the hand­ling of per­so­nal data from PayPal at any time. A revo­ca­ti­on does not affect per­so­nal data that must be pro­ces­sed, used or trans­mit­ted for (con­trac­tu­al) pay­ment pro­ces­sing. PayPal’s cur­rent data pro­tec­tion regu­la­ti­ons can be found at https://​www​.paypal​.com/​d​e​/​w​e​b​a​p​p​s​/​m​p​p​/​u​a​/​p​r​i​v​a​c​y-full.

16. Method of pay­ment: Data pro­tec­tion pro­vi­si­ons for Sofort­über­wei­sung as a method of payment

The con­trol­ler has inte­gra­ted com­pon­ents of Sofort­über­wei­sung on this web­site. Sofort­über­wei­sung is a pay­ment ser­vice that enab­les cash­less pay­ment for pro­ducts and ser­vices on the Inter­net. Sofort­über­wei­sung is a tech­ni­cal pro­cess through which the online retailer immedia­te­ly recei­ves a pay­ment con­fir­ma­ti­on. This enab­les a retailer to deli­ver goods, ser­vices or down­loads to the cus­to­mer immedia­te­ly after the order has been pla­ced. The ope­ra­ting com­pa­ny of Sofort­über­wei­sung is SOFORT GmbH, Fuß­berg­stras­se 1, 82131 Gau­ting, Ger­ma­ny. If the con­trol­ler selects “Sofort­über­wei­sung” as the pay­ment opti­on during the orde­ring pro­cess in our online shop, the data of the con­trol­ler will be auto­ma­ti­cal­ly trans­mit­ted to Sofort­über­wei­sung. By selec­ting this pay­ment opti­on, con­trol­ler cons­ents to the trans­fer of per­so­nal data requi­red for pay­ment pro­ces­sing. When pro­ces­sing the purcha­se via Sofort­über­wei­sung, the buy­er trans­mits the PIN and TAN to Sofort GmbH. Sofort­über­wei­sung then car­ri­es out a trans­fer to the online retailer after a tech­ni­cal check of the account balan­ce and retrie­val of fur­ther data to check the account coverage. The online retailer is then auto­ma­ti­cal­ly infor­med that the finan­cial tran­sac­tion has been car­ri­ed out. The per­so­nal data exch­an­ged with Sofort­über­wei­sung are first name, last name, address, email address, IP address, tele­pho­ne num­ber, mobi­le pho­ne num­ber or other data that are necessa­ry for pay­ment pro­ces­sing. The pur­po­se of trans­mit­ting the data is to pro­cess pay­ments and pre­vent fraud. The con­trol­ler will trans­mit other per­so­nal data to Sofort­über­wei­sung if the­re is a legi­ti­ma­te inte­rest in the trans­mis­si­on. The per­so­nal data exch­an­ged bet­ween Sofort­über­wei­sung and the con­trol­ler may be trans­mit­ted to credit agen­ci­es by Sofort­über­wei­sung. The pur­po­se of this trans­mis­si­on is to check your iden­ti­ty and credit­wort­hi­ness. Sofort­über­wei­sung may pass on the per­so­nal data to affi­lia­ted com­pa­nies and ser­vice pro­vi­ders or sub­con­trac­tors inso­far as this is necessa­ry to ful­fill the con­trac­tu­al obli­ga­ti­ons or the data is to be pro­ces­sed on behalf of the com­pa­ny. The data sub­ject has the opti­on of revo­king their con­sent to the hand­ling of per­so­nal data at any time by means of Sofort­über­wei­sung. A revo­ca­ti­on does not affect per­so­nal data that must be pro­ces­sed, used or trans­mit­ted for (con­trac­tu­al) pay­ment pro­ces­sing. The app­li­ca­ble data pro­tec­tion pro­vi­si­ons of Sofort­über­wei­sung can be found at https://​www​.sofort​.com/​g​e​r​-​D​E​/​d​a​t​e​n​s​c​h​u​t​z​e​r​k​l​a​e​r​u​n​g​-​s​o​f​o​r​t​-gmbh/.

17. Data pro­tec­tion pro­vi­si­ons on the app­li­ca­ti­on and use of Goog­le Ana­ly­tics (with anony­miz­a­ti­on function)

The con­trol­ler has inte­gra­ted the Goog­le Ana­ly­tics com­po­nent (with anony­miz­a­ti­on func­tion) on this web­site. Goog­le Ana­ly­tics is a web ana­ly­sis ser­vice. Web ana­ly­sis is the collec­tion, collec­tion and eva­lua­ti­on of data on the beha­vi­or of visi­tors to Inter­net pages. A web ana­ly­sis ser­vice collects, among other things, data on which web­site a data sub­ject came to a web­site (so-cal­led refer­rer), which sub-pages of the web­site were acces­sed or how often and for how long a sub-page was view­ed. A web ana­ly­sis is main­ly used to opti­mi­ze a web­site and for a cost-bene­fit ana­ly­sis of inter­net advertising.

The ope­ra­ting com­pa­ny of the Goog­le Ana­ly­tics com­po­nent is Goog­le Inc., 1600 Amphi­thea­ter Pkwy, Moun­tain View, CA 94043–1351, USA.

The con­trol­ler uses the addi­ti­on “gtag (‘ set ’,‘ anony­mi­zeIp ’, true);” for web ana­ly­sis via Goog­le Ana­ly­tics. By means of this addi­ti­on, the IP address of the Inter­net con­nec­tion of the data sub­ject is shor­ten­ed and anony­mi­zed by Goog­le if our Inter­net pages are acces­sed from a mem­ber sta­te of the Euro­pean Uni­on or from ano­t­her signa­to­ry to the Agree­ment on the Euro­pean Eco­no­mic Area.

The pur­po­se of the Goog­le Ana­ly­tics com­po­nent is to ana­ly­ze the flow of visi­tors to our web­site. Goog­le uses the data and infor­ma­ti­on obtai­ned, among other things, to eva­lua­te the use of our web­site, to com­pi­le online reports for us that show the acti­vi­ties on our web­site, and to pro­vi­de other ser­vices rela­ted to the use of our website.

Goog­le Ana­ly­tics pla­ces a coo­kie on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject. What coo­kies are has alrea­dy been exp­lai­ned abo­ve. With the set­ting of the coo­kie, Goog­le is enab­led to ana­ly­ze the use of our web­site. Each time one of the indi­vi­du­al pages of this web­site is acces­sed, which is ope­ra­ted by the con­trol­ler and on which a Goog­le Ana­ly­tics com­po­nent has been inte­gra­ted, the Inter­net brow­ser on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject is auto­ma­ti­cal­ly trig­ge­red by the respec­ti­ve Goog­le Ana­ly­tics com­po­nent to trans­mit data to Goog­le for the pur­po­se of online ana­ly­sis. As part of this tech­ni­cal pro­cess, Goog­le gains know­ledge of per­so­nal data, such as the IP address of the data sub­ject, which Goog­le uses, among other things, to trace the ori­gin of visi­tors and clicks and sub­se­quent­ly to enab­le com­mis­si­on accounting.

The coo­kie is used to store per­so­nal infor­ma­ti­on, such as the access time, the loca­ti­on from which access was made and the fre­quen­cy of visits to our web­site by the data sub­ject. Each time you visit our web­site, this per­so­nal data, inclu­ding the IP address of the Inter­net con­nec­tion used by the data sub­ject, is trans­mit­ted to Goog­le in the United Sta­tes of Ame­ri­ca. The­se per­so­nal data are stored by Goog­le in the United Sta­tes of Ame­ri­ca. Goog­le may pass this per­so­nal data collec­ted through the tech­ni­cal pro­cess on to third parties.

The data sub­ject can pre­vent the set­ting of coo­kies by our web­site, as alrea­dy shown abo­ve, at any time by means of a cor­re­spon­ding set­ting of the Inter­net brow­ser used and thus per­ma­nent­ly object to the set­ting of coo­kies. Such a set­ting of the inter­net brow­ser used would also pre­vent Goog­le from set­ting a coo­kie on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject. In addi­ti­on, a coo­kie alrea­dy set by Goog­le Ana­ly­tics can be dele­ted at any time via the Inter­net brow­ser or other soft­ware programs.

Fur­ther­mo­re, the data sub­ject has the opti­on of objec­ting to and pre­ven­ting the collec­tion of the data gene­ra­ted by Goog­le Ana­ly­tics rela­ting to the use of this web­site as well as the pro­ces­sing of this data by Goog­le. To do this, the data sub­ject must down­load and install a brow­ser add-on under the link https://​tools​.goog​le​.com/​d​l​p​a​g​e​/​g​a​optout. This brow­ser add-on informs Goog­le Ana­ly­tics via Java­Script that no data or infor­ma­ti­on on visits to web­sites may be trans­mit­ted to Goog­le Ana­ly­tics. The instal­la­ti­on of the brow­ser add-on is con­si­de­red an objec­tion by Goog­le. If the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject is dele­ted, for­mat­ted or reinstal­led at a later point in time, the data sub­ject must reinstall the brow­ser add-on in order to deac­ti­va­te Goog­le Ana­ly­tics. If the brow­ser add-on is unin­stal­led or deac­ti­va­ted by the data sub­ject or ano­t­her per­son who is attri­bu­ta­ble to their sphe­re of influ­ence, the­re is the opti­on of reinstal­ling or reac­ti­vat­ing the brow­ser add-on.

Fur­ther infor­ma­ti­on and the app­li­ca­ble data pro­tec­tion pro­vi­si­ons of Goog­le can be found at https://​www​.goog​le​.de/​i​n​t​l​/​d​e​/​p​o​l​i​c​i​e​s​/​p​r​ivacy/ and at http://​www​.goog​le​.com/​a​n​a​l​y​t​i​c​s​/​t​e​r​m​s​/​d​e.html. Goog­le Ana­ly­tics is exp­lai­ned in more detail under this link https://​www​.goog​le​.com/​i​n​t​l​/​d​e​_​d​e​/​a​n​a​l​ytics/.

18. Legal basis for processing

Art. 6 I lit. a GDPR ser­ves our com­pa­ny as the legal basis for pro­ces­sing ope­ra­ti­ons for which we obtain con­sent for a spe­ci­fic pro­ces­sing pur­po­se. If the pro­ces­sing of per­so­nal data is necessa­ry to ful­fill a con­tract to which the data sub­ject is a par­ty, as is the case, for examp­le, with pro­ces­sing ope­ra­ti­ons that are necessa­ry for the deli­very of goods or the pro­vi­si­on of other ser­vices or con­si­de­ra­ti­on, the pro­ces­sing is based on Art. 6 I lit. b GDPR. The same app­lies to such pro­ces­sing ope­ra­ti­ons that are necessa­ry to car­ry out pre-con­trac­tu­al mea­su­res, for examp­le in cases of inqui­ries about our pro­ducts or ser­vices. If our com­pa­ny is sub­ject to a legal obli­ga­ti­on which requi­res the pro­ces­sing of per­so­nal data, for examp­le to ful­fill tax obli­ga­ti­ons, the pro­ces­sing is based on Art. 6 I lit. c GDPR. In rare cases, it may be necessa­ry to pro­cess per­so­nal data in order to pro­tect the vital inte­rests of the data sub­ject or ano­t­her natu­ral per­son. This would be the case, for examp­le, if a visi­tor to our com­pa­ny were inju­red and their name, age, health insuran­ce data or other vital infor­ma­ti­on would have to be pas­sed on to a doc­tor, hos­pi­tal or other third par­ty. Then the pro­ces­sing would be based on Art. 6 I lit. d GDPR. Ulti­mate­ly, pro­ces­sing ope­ra­ti­ons could be based on Art. 6 I lit. f GDPR. Pro­ces­sing ope­ra­ti­ons that are not cove­r­ed by any of the afo­re­men­tio­ned legal bases are based on this legal basis if the pro­ces­sing is necessa­ry to safe­guard a legi­ti­ma­te inte­rest of our com­pa­ny or a third par­ty, pro­vi­ded that the inte­rests, fun­da­men­tal rights and free­doms of the data sub­ject do not pre­vail. We are par­ti­cu­lar­ly per­mit­ted to car­ry out such pro­ces­sing ope­ra­ti­ons becau­se they have been spe­ci­fi­cal­ly men­tio­ned by the Euro­pean legis­la­tor. In this respect, the Euro­pean legis­la­tor took the view that a legi­ti­ma­te inte­rest could be assu­med if the data sub­ject is a cus­to­mer of the con­trol­ler (reci­tal 47 sen­tence 2 GDPR).

19. Legi­ti­ma­te inte­rests in the pro­ces­sing that are being pur­sued by the con­trol­ler or a third party

If the pro­ces­sing of per­so­nal data is based on Arti­cle 6 I lit. f GDPR, our legi­ti­ma­te inte­rest is the con­duct of our busi­ness acti­vi­ties for the bene­fit of all our employees and our shareholders.

20. Dura­ti­on for which the per­so­nal data will be stored

The cri­ter­ion for the dura­ti­on of the sto­rage of per­so­nal data is the respec­ti­ve sta­tu­to­ry reten­ti­on peri­od. After the peri­od has expi­red, the rele­vant data is rou­ti­nely dele­ted, pro­vi­ded that it is no lon­ger requi­red to ful­fill or initia­te a contract.

21. Sta­tu­to­ry or con­trac­tu­al pro­vi­si­ons for the pro­vi­si­on of per­so­nal data; Neces­si­ty for the con­clu­si­on of the con­tract; Obli­ga­ti­on of the data sub­ject to pro­vi­de the per­so­nal data; pos­si­ble con­se­quen­ces of non-provision

We note that the pro­vi­si­on of per­so­nal data is in part requi­red by law (e.g. tax regu­la­ti­ons) or can also result from con­trac­tu­al regu­la­ti­ons (e.g. infor­ma­ti­on on the con­trac­tu­al part­ner). In order to con­clu­de a con­tract, it may some­ti­mes be necessa­ry for a data sub­ject to pro­vi­de us with per­so­nal data that we sub­se­quent­ly have to pro­cess. For examp­le, the data sub­ject is obli­ged to pro­vi­de us with per­so­nal data when our com­pa­ny con­clu­des a con­tract with them. Fail­u­re to pro­vi­de per­so­nal data would mean that the con­tract could not be con­clu­ded with the data sub­ject. Befo­re the data sub­ject pro­vi­des per­so­nal data, the data sub­ject must con­ta­ct one of our employees. Our employee will exp­lain to the data sub­ject on a case-by-case basis whe­ther the pro­vi­si­on of the per­so­nal data is requi­red by law or con­tract or is necessa­ry for the con­clu­si­on of the con­tract, whe­ther the­re is an obli­ga­ti­on to pro­vi­de the per­so­nal data and what con­se­quen­ces the fail­u­re to pro­vi­de the per­so­nal data would have.

22. Exis­tence of auto­ma­ted decision-making

As a respon­si­ble com­pa­ny, we do not use auto­ma­tic decisi­on-making or pro­filing. This data pro­tec­tion decla­ra­ti­on was crea­ted by the data pro­tec­tion decla­ra­ti­on gene­ra­tor of DGD Deut­sche Gesell­schaft für Daten­schutz GmbH, which acts as data pro­tec­tion offi­cer, in coope­ra­ti­on with the data pro­tec­tion lawy­ers of the law firm WIL­DE BEU­GER SOL­ME­CKE | Lawyers.