I. Name and address of the Controller
The Controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states and other data protection regulations is:
startport GmbH
Alte Ruhrorter Straße 42–52
47119 Duisburg
Telephone: +49 (0) 203 803-4370
E-mail: info@startport.net
II. Name and address of the Data Protection Officer
The Data Protection Officer of the Controller is:
Klaus Keukert
S&L ITcompliance GmbH
Florinstraße 18
56218 Mülheim-Kärlich
Germany
Telephone: +49 261 92736-0
E-mail: datenschutz@duisport.de
III. General information on data processing
- Scope of the processing of personal data
We generally only collect and use the personal data of our users to the extent necessary to provide a functional website and our content and services. The personal data of our users is only collected and used after the users have provided their consent. An exception applies in cases in which consent could not be obtained ahead of time for actual reasons, and if statutory provisions allow for the processing of this data.
- Legal basis for the processing of personal data
Where we acquire the consent of the person in question for the processing of their personal data, Art. 6 Para. 1 a) of the EU GDPR shall form the legal basis.
Art. 6 Para. 1 b) GDPR serves as the legal basis for the processing of personal data that is required to implement a contract to which the Data Subject is a party. This also applies to processing activities that are required to implement pre-contractual measures.
Art. 6 Para. 1 c) GDPR serves as the legal basis to the extent that personal data must be processed in order to comply with a legal obligation that applies to our company.
Art. 6 Para. 1 d) GDPR serves as the legal basis in the event that the vital interests of the Data Subject or another natural person require the processing of personal data.
Art. 6 Para. 1 f) GDPR serves as the legal basis for processing if this is required to protect a justified interest of our company or a third party, and where the interests, basic rights, and basic freedoms of the Data Subject do not outweigh the former interests.
- Data deletion and duration of storage
The personal data of the Data Subject shall be deleted or blocked once the purpose of its storage no longer applies. Data may be stored for longer periods if this is required by the European or national legislator in EU regulations, laws or other provisions that apply to the Data Controller. Data will also be blocked or erased if a retention period specified by the aforementioned standards expires, unless the data must continue to be stored for the conclusion or implementation of a contract.
- SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser address line changes from “http://” to “https://” and by the lock symbol in your browser bar.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
IV. Provision of the website and creation of log files
- Description and scope of data processing
Whenever our website is requested, our system automatically records data and information from the computer system of the requesting computer.
The following data is collected:
(1)Browser type and version
(2)Operating system used
(3)Referrer URL
(4)Host name of the accessing computer
(5)Date and time of the server request
(6)IP address
The data is also stored in the log files of our system. It is not stored together with other personal details about the user.
- Legal basis for data processing
The legal basis for the temporary storage of the data and the log files is Art. 6 Para. 1 f) GDPR.
- Purpose of data processing
The temporary storage of the IP address by the system is required in order to enable the delivery of the website to the computer of the user. To this end, the user’s IP address must be stored for the duration of the session.
These purposes also give rise to our justified interest in data processing pursuant to Art. 6 para. 1 f) GDPR.
- Duration of storage
The data is deleted once it is no longer required in order to meet the purpose for which it was collected. In instances where data was collected to make the website available, this will be the case once the respective session has ended.
The same applies after a maximum period of seven days for data stored in log files. It is possible that data is stored for longer periods. In that case, the IP addresses of the users will be erased or changed so that the accessing client can no longer be assigned.
- Right to object and data elimination
The collection of the data for the provision of the website and the storage of the data in log files are vital for the operation of the Internet site. As a result, the user does not have the option to object in this regard.
V. Use of cookies
a) Description and scope of data processing
Our website uses cookies. Cookies are text files that are saved in / by the Internet browser on the user’s computer system. A cookie can be placed on the user’s operating system when a user accesses a website. This cookie contains a distinctive series of characters that makes it possible to clearly identify the browser when the website is accessed again later on.
We use cookies to make our website more user-friendly. Some elements of our web page require that the accessing browser can also be identified after the user moves to another page.
The following data is stored and transferred in the cookies:
- Session ID
- Status cookie consent
- Time zone
- Time stamp
- Identification of the user
On our website, we also use cookies that enable an analysis of the surfing behavior of the user.
The following data can be transferred in this way:
_ga: This cookie is connected with Google Analytics. The new service reduces the dependence on cookies in general and uses only this and another – _gat: This cookie is used to distinguish individual users by assigning them a random number. It is used in each page request to calculate visitor, session, and campaign data for site analysis.
_gat: This cookie is linked to Google Analytics and transmits the request rate, or passes on a collection of data about highly frequented locations. It expires after 10 minutes.
__gid: Registers a unique ID that is used to generate statistical data on how the visitor uses the website. .
The data of users collected in this manner is assigned a pseudonym through technical provisions. This makes it impossible to link the data to the accessing user. The data is not stored together with other personal details of the users.
When our website is requested, the user is informed about the use of cookies for analysis purposes and their consent to the processing of personal data used in this context is obtained. At this point, reference is also made to this Data Privacy Statement.
b) Legal basis for data processing
The legal basis for the processing of personal data using technically required cookies is Art. 6 Para. 1 f) GDPR.
The legal basis for the processing of personal data using cookies for analysis purposes with the consent of the user is Art. 6 Para. 1 a) GDPR.
c) Purpose of data processing
The purpose of using technically required cookies is to simplify the use of websites for users. Some functions of our web page cannot be offered without the use of cookies. They require that the browser can also be recognized after the user visits another page.
We require cookies for the following applications:
(1) Google Analytics
(2) Twitter
The user data that is collected by the technically required cookies is not used to create user profiles.
The analysis cookies are used to improve the quality of our website and its contents. Analysis cookies tell us how the website is used, which enables us to continuously optimize our product.
These purposes also give rise to our justified interest in processing personal data according to Art. 6 para. 1 f) GDPR.
e) Duration of storage; right to object and data elimination
Cookies are stored on the computer of the user and are transmitted from there to our site. Therefore you as the user also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Already stored cookies can be erased at any time. This can also be done automatically. If cookies for our website are deactivated, you may no longer be able to use all of the functions of the website.
[borlabs_cookie_opt_out tracking=”
VI. E-mail contact
- Description and scope of data processing
Our website enables contact to be made using the provided e-mail addresses. In that case, the user’s personal data that is transmitted with the e-mail will be stored.
In this context, no data will be forwarded to third parties. The data is only used to process the conversation.
- Legal basis for data processing
The legal basis for the processing of data transmitted through the sending of an e-mail is Art. 6 Para. 1 f) GDPR. If the e-mail contact concerns the conclusion of a contract, Art. 6 para. 1 b) GDPR also forms an additional legal basis for processing purposes.
- Purpose of data processing
If contact is made by e-mail, this shall also constitute our required legitimate interest in the processing of the data.
- Duration of storage
The data is deleted once it is no longer required in order to meet the purpose for which it was collected. With regard to the personal data transmitted by e-mail, that is the case if the respective conversation with the user has ended. A conversation has ended if it is evident, based on the circumstances, that the relevant matter has been conclusively settled.
- Right to object and data elimination
The user can revoke their consent to the processing of personal data at any time. Users who contact us by e-mail can object to the storage of their personal data at any time. In this case, the conversation cannot be continued.
To revoke consent and to object to the storage of data, please use the e-mail addresses specified in I. or II.
In that case, all personal data that was stored during the course of the contact process will be erased.
VII. Newsletter
- Description and scope of data processing
Our website enables contact to be made using the provided e-mail addresses. When registering for the newsletter, the data from the input form is transmitted to us.
(1) E-mail address of the user
The following data is also collected during registration:
(1) IP address of the requesting computer
(2) Date and time of registration
For the processing of the data, your consent is obtained during the registration process and is referred to this privacy policy.
In connection with the data processing for the sending of newsletters, the data will not be passed on to third parties. The data will be used exclusively for sending the newsletter.
- Legal basis for data processing
The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 Para. 1 a) GDPR.
- Purpose of data processing
The collection of the user’s e-mail address serves the purpose of sending the newsletter.
The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used.
- Duration of storage
The data is deleted once it is no longer required in order to meet the purpose for which it was collected. The user’s e-mail address is therefore stored as long as the subscription to the newsletter is active.
The other personal data collected during the registration process is normally deleted after a period of seven days.
- Right to object and data elimination
The subscription to the newsletter can be canceled at any time by the user concerned. For this purpose there is a corresponding link in every newsletter.
This also makes it possible to withdraw your consent to the storage of personal data collected during the registration process.
MailChimp
This website uses the services of MailChimp for sending newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service with which the sending of newsletters can be organized and analyzed. If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), this data will be stored on the servers of MailChimp in the USA.
MailChimp has a certification according to the “EU-US-Privacy-Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
With MailChimp we can analyze our newsletter campaigns. When you open an e-mail sent with MailChimp, a file contained in the e-mail (so-called web-beacon) connects to the servers of MailChimp in the USA. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on. Technical information is also collected (e.g. time of access, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It serves exclusively as the basis for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want to be analyzed by MailChimp, you have to unsubscribe from the newsletter. For this purpose we provide a corresponding link in every newsletter message. You can also unsubscribe from the newsletter directly on the website.
Data processing is carried out on the basis of your consent – Art. 6 Para. 1 a) GDPR. You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out shall not be affected by the revocation.
The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after the cancellation of the newsletter. Data that has been stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
You can find more details in the MailChimp Privacy Policy at: https://mailchimp.com/legal/terms/.
Conclusion of a Data-Processing-Agreement
We have a so-called “Data-Processing-Agreement” with MailChimp, in which we obligate MailChimp to the protection of our customers’ data and to not pass said data on to third parties. This contract can be viewed under the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.
VIII. Rights of the Data Subject
If personal data is processed by you, you are considered the Data Subject in the sense of the GDPR and entitled to the following rights vis-a-vis the Data Controller:
- Right of access to information
You may request confirmation from the Data Controller as to whether personal data concerning you is being processed by us.
If that is the case, you can request the following information from the Data Controller:
(1) The purposes for which the personal data is processed;
(2) The categories of personal data that are processed;
(3) The recipients or categories of recipients to whom your personal data is disclosed or will be disclosed;
(4) The planned duration of the storage of your personal data or, if concrete information about this is not possible, criteria for the definition of the duration of storage;
(5) The existence of the right to the correction or deletion of your personal data, right to restrict processing by the Data Controller, and right to object to this processing;
(6) The existence of the right to lodge a complaint with a supervisory body;
(7) All available information about the origin of data if the personal data in question was not collected from the corresponding data subject;
(8) The existence of automated decision-making, including profiling, in accordance with Art. 22 Para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved as well as the significance and envisaged consequences of processing of this kind for the Data Subject.
You have the right to demand information about whether your personal data is transmitted to a third country or an international organization. In this context, you can request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in the context of the transmission.
- Right of rectification
You have the right to the rectification and/or completion of data by the Data Controller in cases where your personal data is incorrect or incomplete. The Data Controller must promptly make the correction.
- Right to the restriction of processing
You can demand the restriction of the processing of your personal data in the following circumstances:
(1) If you contest the accuracy of your personal data, for a period that enables the Data Controller to check the accuracy of the personal data;
(2) If the processing is unlawful and you decline the deletion of the personal data and request the restriction of its use, instead;
(3) If the Data Controller no longer requires the personal data for the purposes of processing but you require the data for the establishment, exercise, or defense of legal claims or
(4) If you have objected to processing in accordance with Art. 21 Para. 1 GDPR and it is not yet clear whether the legitimate grounds of the Data Controller outweigh your grounds.
If the processing of your personal data was restricted, this data – apart from the storage – may only be processed with your consent or for the purpose of asserting, exercising, or defending legal claims or to protect the rights of another natural or legal person, or for reasons of an important public interest of the European Union or an EU member state.
If the restriction on processing was restricted according to the above requirements, you will be informed by the Data Controller before the restriction is lifted.
- Right to deletion
a) Obligation to deletion
You can demand the deletion of your personal data by the Data Controller immediately, and the Data Controller shall be obliged to delete this data immediately if one of the following grounds applies:
(1) Your personal data is no longer required for the purposes for which it was collected or otherwise processed.
(2) You revoke the consent on which processing is based in accordance with Art. 6 Para. 1 a) or Art. 9 Para. 2 a) GDPR, and there are no other legal grounds for processing.
(3) You object to processing in accordance with Art. 21 Para. 1 GDPR and there are no overriding legitimate grounds for processing, or you object to processing in accordance with Art. 21 Para. 2 GDPR.
(4) Your personal data has been processed unlawfully.
(5) The deletion of your personal data is required in order to comply with a legal obligation in accordance with Union law or a law of member states to which the Data Controller is subject.
(6) Your personal data was collected in relation to services offered by the information society in accordance with Art. 8 Para. 1 GDPR.
b) Information disclosed to third parties
If the Data Controller has made your personal data public and is obliged in accordance with Art. 17 Para. 1 GDPR to delete this data, the Data Controller shall take reasonable steps, including technical measures, taking the available technology and implementation costs into account, to inform the Data Controllers responsible for the processing of your personal data that you, as a Data Subject, have requested the deletion of all links to this personal data or of copies or replications of this personal data.
c) Exceptions
The right to deletion shall not apply if processing is required for the following reasons
(1) To exercise the right to freedom of expression and information;
(2) To comply with a legal obligation that requires processing in accordance with Union or member state law to which the Data Controller is subject or to perform a task that is in the public interest or to exercise a public authority vested in the Data Controller;
(3) For reasons of public interest relating to health in accordance with Art. 9 Para. 2 h) and i) and Art. 9 Para. 3 GDPR;
(4) For archiving purposes that are in the public interest, scientific or historical research purposes, or statistical purposes in accordance with Art. 89 Para. 1 GDPR if the right specified in section a) is likely to render impossible or seriously impair the realization of the purposes of this processing or
(5) To establish, exercise, or defend legal claims.
- Right to notification
If you have asserted the right to the rectification, deletion, or restriction of processing of personal data vis à vis the Data Controller, the Data Controller is obliged to inform all recipients to whom the personal data in question has been disclosed of the rectification or deletion of this data or of the restriction of processing thereof, unless this is proven to be impossible or is associated with disproportionate effort.
You have the right – vis-à-vis the Data Controller – to be informed of these recipients.
- Right to data portability
You have the right to receive your personal data that you have provided to the Data Controller in a structured, commonly used, and machine-readable format. You also have the right to transmit this personal data to another Data Controller without impairment by the Data Controller to whom the personal data was provided as long as
(1) processing is based on consent in accordance with Art. 6 Para. 1 a) GDPR or Art. 9 Para. 2 a) GDPR or on a contract as per Art. 6 Para. 1 b) GDPR and
(2) processing takes place with the help of an automated procedure.
In exercising this right, you are also entitled to bring about the transfer of your personal data from one Data Controller to another, insofar as this is technically possible. This action may not impair the freedoms and rights of other persons.
The right to data portability does not apply to the processing of personal data that is required for the performance of a task that is in the public interest or that is performed in the exercise of public authority, which was assigned to the Data Controller.
- Right to object
You have the right to object at any time and for reasons relating to your particular circumstances to the processing of your personal data in accordance with Art. 6 Para. 1 e) or f) GDPR; this also applies to profiling on the basis of these provisions.
The Data Controller will no longer process your personal data unless he is able to submit compelling reasons worthy of protection as to why this data must be processed, which take precedence over your interests, rights, and freedoms, or if the data is processed for the purpose of asserting, exercising or defending legal claims.
Where your personal data is processed for direct advertising purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising.
If you object to the processing of your data for direct advertising purposes, your personal data will no longer be processed for these purposes.
In the context of the use of services offered by the information company, you have the option – notwithstanding Directive 2002/58/EC – to exercise your right of objection by means of automated methods in which technical specifications are used.
- Right to revoke declaration of consent in accordance with data protection law
You have the right to revoke your consent under data protection law at any time. The withdrawal of consent does not affect the legitimacy of the processing activities that took place until the time that consent was withdrawn.
- Automated individual decision-making includingprofiling
You have the right to not be subject to a decision based exclusively on automated processing – including profiling – that produces legal effects concerning you or that affects you significantly in a similar manner. This shall not apply if the decision
(1)is necessary for the conclusion or fulfillment of a contract between you and the Data Controller,
(2)is permitted by legal stipulations of the Union or member states to which the Data Controller is subject and that also contain appropriate measures for safeguarding your rights and freedoms as well as your legitimate interests
(3)is based on your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 Para. 1 GDPR, unless Art. 9 Para. 2 a) or g) GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your justified interests.
With regard to the cases specified in (1) and (3), the Data Controller shall implement appropriate measures to safeguard your rights and freedoms as well as your legitimate interests, including at least the right to obtain human intervention on the part of the Data Controller, to express your point of view, and to contest the decision.
10. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes upon the GDPR.
The supervisory authority to which you have submitted the complaint will inform the complainant of the status and results of the complaint, including the option to seek legal redress through the courts pursuant to Art. 78 GDPR.
IX. Objection of advertising e-mails
We hereby object to the use of contact data published as part of our duty to provide legal information in order to send unsolicited advertising and information material. The operators of our web pages expressly reserve the right to take legal steps in the case of the unsolicited sending of advertising material in the form of spam e-mails, for example.
X. Analysis tools and advertising
Google Analytics
This website uses functions of the Google Analytics Web analysis service. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable the analysis of your use of our website. The information generated by the cookie on your use of this website is generally transmitted to a Google server in the USA and stored there.
The storage of Google Analytics cookies takes place on the basis of Art. 6 Para. 1 f) GDPR. The operator of the website has a legitimate interest in the analysis of user behavior in order to optimize their web offering and advertising.
IP anonymization
We have activated the IP anonymization function on our website. As a result, your IP is truncated by Google within member states of the European Union and in other states subject to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the US and shortened in that location. On the order of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, to compile reports on website activities, and to provide other services relating to the use of the website and the Internet to the website operator. The IP address transmitted by your browser for Google Analytics is not associated with other Google data.
Browser plug-in
You can prevent the storage of cookies by making a corresponding setting in your browser software; however, please note that if you do so, you might not be able to use the full scope of all of this website’s functions. You can also prevent the recording of the data generated by the cookie and relating to your usage of the website (including your IP address) along with the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Objection to data collection
You can prevent the collection of your data by Google Analytics by clicking the following link. This sets an opt-out cookie that prevents the collection of your data when you visit this website in the future:
[borlabs_cookie_opt_out tracking=”google-analytics”]
For more information about the handling of user data for Google Analytics, see the Google Privacy: https://support.google.com/analytics/answer/6004245?hl=de.
Order data processing
We have entered into an order data processing contract with Google, and apply the strict specifications of the German data protection authorities to their full extent for the use of Google Analytics.
Google Analytics Demographics
This website uses the Google Analytics Demographics feature. This allows the creation of reports containing information on the age, gender, and interests of site visitors. This data comes from interest-based advertising by Google as well as visitor data from third-party providers. This data cannot be associated with a specific person. You can deactivate this function at any time in the display settings in your Google account or generally suppress the collection of your data by Google Analytics as described in the “Objection to data collection” section.
Google AdWords and Google Conversion-Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
In the context of Google AdWords we use so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that one’s Internet browser stores on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not expired, Google and we can recognize that the user clicked on the ad and was redirected to that page.
Each Google AdWords customer receives a different cookie. The cookies cannot be tracked on the websites of AdWords customers. The information collected through the conversion cookie is used to compile conversion statistics for AdWords customers who have opted-in to conversion tracking. Customers know the total number of users who clicked on their ad and were redirected to a website with a conversion tracking tag. However, they will not receive information that can be used to personally identify users. If you do not wish to participate in tracking, you can easily opt out of this usage by disabling the Google Conversion Tracking cookie on your web browser under your user preferences. You will then not be included in the conversion tracking statistics.
The storage of conversion cookies takes place on the basis of Art. 6 Para. 1 f) GDPR. The operator of the website has a legitimate interest in the analysis of user behavior in order to optimize their web offering and advertising.
More information about Google AdWords and Google Conversion Tracking can be found in the Google Privacy Policy: https://www.google.de/policies/privacy/.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If you disable cookies, the functionality of this website may be limited.
XI. Social media
Twitter plug-in
On our web pages functions of the service Twitter are integrated. These functions are offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Retweet” function, the websites you visit are linked to your Twitter account and announced to other users. Data is also transmitted to Twitter. We would like to point out that we, as the provider of the web pages, have no knowledge of the content of the transmitted data or its use by Twitter. For more information, please see the Twitter privacy statement at: https://twitter.com/privacy.
You can change your privacy settings on Twitter in the account settings https://twitter.com/account/settings under. [borlabs_cookie_opt_out tracking=”