VI. E-mail contact

1. Description and scope of data processing

Our website enables contact to be made using the provided e-mail addresses. In that case, the user’s personal data that is transmitted with the e-mail will be stored.  

In this context, no data will be forwarded to third parties. The data is only used to process the conversation. 

2. Legal basis for data processing 

The legal basis for the processing of data transmitted through the sending of an e-mail is Art. 6 Para. 1 f) GDPR. If the e-mail contact concerns the conclusion of a contract, Art. 6 para. 1 b) GDPR also forms an additional legal basis for processing purposes. 

3. Purpose of data processing

If contact is made by e-mail, this shall also constitute our required legitimate interest in the processing of the data. 

4. Duration of storage

The data is deleted once it is no longer required in order to meet the purpose for which it was collected. With regard to the personal data transmitted by e-mail, that is the case if the respective conversation with the user has ended. A conversation has ended if it is evident, based on the circumstances, that the relevant matter has been conclusively settled.  

5. Right to object and data elimination

The user can revoke their consent to the processing of personal data at any time. Users who contact us by e-mail can object to the storage of their personal data at any time. In this case, the conversation cannot be continued. 

To revoke consent and to object to the storage of data, please use the e-mail addresses specified in I. or II. 

In that case, all personal data that was stored during the course of the contact process will be erased. 

VII. Newsletter 

1. Description and scope of data processing

Our website enables contact to be made using the provided e-mail addresses. When registering for the newsletter, the data from the input form is transmitted to us. 

(1) E-mail address of the user 

The following data is also collected during registration: 

(1) IP address of the requesting computer 

(2) Date and time of registration 

For the processing of the data, your consent is obtained during the registration process and is referred to this privacy policy. 

In connection with the data processing for the sending of newsletters, the data will not be passed on to third parties. The data will be used exclusively for sending the newsletter. 

2. Legal basis for data processing

The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 Para. 1 a) GDPR. 

3. Purpose of data processing

The collection of the user’s e-mail address serves the purpose of sending the newsletter.  

The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used. 

4. Duration of storage

The data is deleted once it is no longer required in order to meet the purpose for which it was collected. The user’s e-mail address is therefore stored as long as the subscription to the newsletter is active.  

The other personal data collected during the registration process is normally deleted after a period of seven days. 

5. Right to object and data elimination

The subscription to the newsletter can be canceled at any time by the user concerned. For this purpose there is a corresponding link in every newsletter.  

This also makes it possible to withdraw your consent to the storage of personal data collected during the registration process. 

MailChimp 

This website uses the services of MailChimp for sending newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. 

MailChimp is a service with which the sending of newsletters can be organized and analyzed. If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), this data will be stored on the servers of MailChimp in the USA. 

MailChimp has a certification according to the “EU-US-Privacy-Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA. 

With MailChimp we can analyze our newsletter campaigns. When you open an e-mail sent with MailChimp, a file contained in the e-mail (so-called web-beacon) connects to the servers of MailChimp in the USA. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on. Technical information is also collected (e.g. time of access, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It serves exclusively as the basis for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. 

If you do not want to be analyzed by MailChimp, you have to unsubscribe from the newsletter. For this purpose we provide a corresponding link in every newsletter message. You can also unsubscribe from the newsletter directly on the website. 

Data processing is carried out on the basis of your consent – Art. 6 Para. 1 a) GDPR. You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out shall not be affected by the revocation. 

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after the cancellation of the newsletter. Data that has been stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this. 

You can find more details in the MailChimp Privacy Policy at: https://mailchimp.com/legal/terms/. 

Conclusion of a Data-Processing-Agreement 

We have a so-called “Data-Processing-Agreement” with MailChimp, in which we obligate MailChimp to the protection of our customers’ data and to not pass said data on to third parties. This contract can be viewed under the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/. 

VIII. Rights of the Data Subject 

If personal data is processed by you, you are considered the Data Subject in the sense of the GDPR and entitled to the following rights vis-a-vis the Data Controller: 

1. Right of access to information

You may request confirmation from the Data Controller as to whether personal data concerning you is being processed by us.  

If that is the case, you can request the following information from the Data Controller: 

(1) The purposes for which the personal data is processed; 

(2) The categories of personal data that are processed; 

(3) The recipients or categories of recipients to whom your personal data is disclosed or will be disclosed; 

(4) The planned duration of the storage of your personal data or, if concrete information about this is not possible, criteria for the definition of the duration of storage; 

(5) The existence of the right to the correction or deletion of your personal data, right to restrict processing by the Data Controller, and right to object to this processing;  

(6) The existence of the right to lodge a complaint with a supervisory body; 

(7) All available information about the origin of data if the personal data in question was not collected from the corresponding data subject; 

(8) The existence of automated decision-making, including profiling, in accordance with Art. 22 Para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved as well as the significance and envisaged consequences of processing of this kind for the Data Subject. 

You have the right to demand information about whether your personal data is transmitted to a third country or an international organization. In this context, you can request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in the context of the transmission. 

2. Right of rectification 

You have the right to the rectification and/or completion of data by the Data Controller in cases where your personal data is incorrect or incomplete. The Data Controller must promptly make the correction. 

3. Right to the restriction of processing

You can demand the restriction of the processing of your personal data in the following circumstances: 

(1) If you contest the accuracy of your personal data, for a period that enables the Data Controller to check the accuracy of the personal data; 

(2) If the processing is unlawful and you decline the deletion of the personal data and request the restriction of its use, instead; 

(3) If the Data Controller no longer requires the personal data for the purposes of processing but you require the data for the establishment, exercise, or defense of legal claims or 

(4) If you have objected to processing in accordance with Art. 21 Para. 1 GDPR and it is not yet clear whether the legitimate grounds of the Data Controller outweigh your grounds. 

If the processing of your personal data was restricted, this data – apart from the storage – may only be processed with your consent or for the purpose of asserting, exercising, or defending legal claims or to protect the rights of another natural or legal person, or for reasons of an important public interest of the European Union or an EU member state. 

If the restriction on processing was restricted according to the above requirements, you will be informed by the Data Controller before the restriction is lifted. 

4. Right to deletion

a) Obligation to deletion

You can demand the deletion of your personal data by the Data Controller immediately, and the Data Controller shall be obliged to delete this data immediately if one of the following grounds applies: 

(1) Your personal data is no longer required for the purposes for which it was collected or otherwise processed. 

(2) You revoke the consent on which processing is based in accordance with Art. 6 Para. 1 a) or Art. 9 Para. 2 a) GDPR, and there are no other legal grounds for processing.  

(3) You object to processing in accordance with Art. 21 Para. 1 GDPR and there are no overriding legitimate grounds for processing, or you object to processing in accordance with Art. 21 Para. 2 GDPR.  

(4) Your personal data has been processed unlawfully.  

(5) The deletion of your personal data is required in order to comply with a legal obligation in accordance with Union law or a law of member states to which the Data Controller is subject.  

(6) Your personal data was collected in relation to services offered by the information society in accordance with Art. 8 Para. 1 GDPR. 

b) Information disclosed to third parties

If the Data Controller has made your personal data public and is obliged in accordance with Art. 17 Para. 1 GDPR to delete this data, the Data Controller shall take reasonable steps, including technical measures, taking the available technology and implementation costs into account, to inform the Data Controllers responsible for the processing of your personal data that you, as a Data Subject, have requested the deletion of all links to this personal data or of copies or replications of this personal data.  

c) Exceptions

The right to deletion shall not apply if processing is required for the following reasons 

(1) To exercise the right to freedom of expression and information; 

(2) To comply with a legal obligation that requires processing in accordance with Union or member state law to which the Data Controller is subject or to perform a task that is in the public interest or to exercise a public authority vested in the Data Controller; 

(3) For reasons of public interest relating to health in accordance with Art. 9 Para. 2 h) and i) and Art. 9 Para. 3 GDPR; 

(4) For archiving purposes that are in the public interest, scientific or historical research purposes, or statistical purposes in accordance with Art. 89 Para. 1 GDPR if the right specified in section a) is likely to render impossible or seriously impair the realization of the purposes of this processing or 

(5) To establish, exercise, or defend legal claims. 

5. Right to notification

If you have asserted the right to the rectification, deletion, or restriction of processing of personal data vis à vis the Data Controller, the Data Controller is obliged to inform all recipients to whom the personal data in question has been disclosed of the rectification or deletion of this data or of the restriction of processing thereof, unless this is proven to be impossible or is associated with disproportionate effort. 

You have the right – vis-à-vis the Data Controller – to be informed of these recipients. 

6. Right to data portability

You have the right to receive your personal data that you have provided to the Data Controller in a structured, commonly used, and machine-readable format. You also have the right to transmit this personal data to another Data Controller without impairment by the Data Controller to whom the personal data was provided as long as 

(1) processing is based on consent in accordance with Art. 6 Para. 1 a) GDPR or Art. 9 Para. 2 a) GDPR or on a contract as per Art. 6 Para. 1 b) GDPR and 

(2) processing takes place with the help of an automated procedure. 

In exercising this right, you are also entitled to bring about the transfer of your personal data from one Data Controller to another, insofar as this is technically possible. This action may not impair the freedoms and rights of other persons. 

The right to data portability does not apply to the processing of personal data that is required for the performance of a task that is in the public interest or that is performed in the exercise of public authority, which was assigned to the Data Controller. 

7. Right to object

You have the right to object at any time and for reasons relating to your particular circumstances to the processing of your personal data in accordance with Art. 6 Para. 1 e) or f) GDPR; this also applies to profiling on the basis of these provisions.  

The Data Controller will no longer process your personal data unless he is able to submit compelling reasons worthy of protection as to why this data must be processed, which take precedence over your interests, rights, and freedoms, or if the data is processed for the purpose of asserting, exercising or defending legal claims. 

Where your personal data is processed for direct advertising purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising. 

If you object to the processing of your data for direct advertising purposes, your personal data will no longer be processed for these purposes. 

In the context of the use of services offered by the information company, you have the option – notwithstanding Directive 2002/58/EC – to exercise your right of objection by means of automated methods in which technical specifications are used. 

8. Right to revoke declaration of consent in accordance with data protection law

You have the right to revoke your consent under data protection law at any time. The withdrawal of consent does not affect the legitimacy of the processing activities that took place until the time that consent was withdrawn. 

9. Automated individual decision-making includingprofiling

You have the right to not be subject to a decision based exclusively on automated processing – including profiling – that produces legal effects concerning you or that affects you significantly in a similar manner. This shall not apply if the decision  

(1)is necessary for the conclusion or fulfillment of a contract between you and the Data Controller, 

(2)is permitted by legal stipulations of the Union or member states to which the Data Controller is subject and that also contain appropriate measures for safeguarding your rights and freedoms as well as your legitimate interests 

(3)is based on your express consent. 

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 Para. 1 GDPR, unless Art. 9 Para. 2 a) or g) GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your justified interests. 

With regard to the cases specified in (1) and (3), the Data Controller shall implement appropriate measures to safeguard your rights and freedoms as well as your legitimate interests, including at least the right to obtain human intervention on the part of the Data Controller, to express your point of view, and to contest the decision. 

10. Right to complain to a supervisory authority 

Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes upon the GDPR.  

The supervisory authority to which you have submitted the complaint will inform the complainant of the status and results of the complaint, including the option to seek legal redress through the courts pursuant to Art. 78 GDPR. 

IX. Objection of advertising e-mails

We hereby object to the use of contact data published as part of our duty to provide legal information in order to send unsolicited advertising and information material. The operators of our web pages expressly reserve the right to take legal steps in the case of the unsolicited sending of advertising material in the form of spam e-mails, for example. 

X. Analysis tools and advertising

Google Analytics 

This website uses functions of the Google Analytics Web analysis service. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. 

Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable the analysis of your use of our website. The information generated by the cookie on your use of this website is generally transmitted to a Google server in the USA and stored there. 

The storage of Google Analytics cookies takes place on the basis of Art. 6 Para. 1 f) GDPR. The operator of the website has a legitimate interest in the analysis of user behavior in order to optimize their web offering and advertising. 

IP anonymization 

We have activated the IP anonymization function on our website. As a result, your IP is truncated by Google within member states of the European Union and in other states subject to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the US and shortened in that location. On the order of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, to compile reports on website activities, and to provide other services relating to the use of the website and the Internet to the website operator. The IP address transmitted by your browser for Google Analytics is not associated with other Google data. 

Browser plug-in 

You can prevent the storage of cookies by making a corresponding setting in your browser software; however, please note that if you do so, you might not be able to use the full scope of all of this website’s functions. You can also prevent the recording of the data generated by the cookie and relating to your usage of the website (including your IP address) along with the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de. 

Objection to data collection 

You can prevent the collection of your data by Google Analytics by clicking the following link. This sets an opt-out cookie that prevents the collection of your data when you visit this website in the future:

[borlabs_cookie_opt_out tracking=”google-analytics”]

For more information about the handling of user data for Google Analytics, see the Google Privacy: https://support.google.com/analytics/answer/6004245?hl=de. 

Order data processing 

We have entered into an order data processing contract with Google, and apply the strict specifications of the German data protection authorities to their full extent for the use of Google Analytics. 

Google Analytics Demographics 

This website uses the Google Analytics Demographics feature. This allows the creation of reports containing information on the age, gender, and interests of site visitors. This data comes from interest-based advertising by Google as well as visitor data from third-party providers. This data cannot be associated with a specific person. You can deactivate this function at any time in the display settings in your Google account or generally suppress the collection of your data by Google Analytics as described in the “Objection to data collection” section. 

Google AdWords and Google Conversion-Tracking 

This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). 

In the context of Google AdWords we use so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that one’s Internet browser stores on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not expired, Google and we can recognize that the user clicked on the ad and was redirected to that page. 

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked on the websites of AdWords customers. The information collected through the conversion cookie is used to compile conversion statistics for AdWords customers who have opted-in to conversion tracking. Customers know the total number of users who clicked on their ad and were redirected to a website with a conversion tracking tag. However, they will not receive information that can be used to personally identify users. If you do not wish to participate in tracking, you can easily opt out of this usage by disabling the Google Conversion Tracking cookie on your web browser under your user preferences. You will then not be included in the conversion tracking statistics. 

The storage of conversion cookies takes place on the basis of Art. 6 Para. 1 f) GDPR. The operator of the website has a legitimate interest in the analysis of user behavior in order to optimize their web offering and advertising. 

More information about Google AdWords and Google Conversion Tracking can be found in the Google Privacy Policy: https://www.google.de/policies/privacy/. 

You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If you disable cookies, the functionality of this website may be limited. 

XI. Social media

Twitter plug-in 

On our web pages functions of the service Twitter are integrated. These functions are offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Retweet” function, the websites you visit are linked to your Twitter account and announced to other users. Data is also transmitted to Twitter. We would like to point out that we, as the provider of the web pages, have no knowledge of the content of the transmitted data or its use by Twitter. For more information, please see the Twitter privacy statement at: https://twitter.com/privacy. 

You can change your privacy settings on Twitter in the account settings https://twitter.com/account/settings under. [borlabs_cookie_opt_out tracking=”