Name and Address of the Data Controller

The data controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other privacy regulations is:

WASSERMANN TECHNOLOGIE GMBH
Sebastian Wassermann, Eberhard Hahl
Bürgermeister-Ebert-Straße 5
36124 Eichenzell
Tel.: +49 6659 82-0
E-Mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
Website: www.wassermann-technologie.de

Name and Address of the Data Protection Officer

The data controller's data protection officer is:

BerisDa GmbH
Justus-Liebig-Str. 4
36093 Künzell Germany
Tel.: +49 661 29 69 80 90
E-Mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
Website: www.berisda.de



I. General Information about Data Processing

1. Scope of Personal Data Processing

We only collect and use our users' personal data where such is necessary in order to ensure the functionality of our website as well as our content and services. Our users' personal data is only routinely collected and used with the user's consent. An exception is made for cases in which it is not possible to obtain prior consent for practical reasons and the data processing is permitted by law.

2. Legal Basis for the Processing of Personal Data

Where the data subject consents to processing operations involving their personal data, Art. 6 (1) lit. a of the General Data Protection Regulation (GDPR) serves as a legal basis for the processing of personal data. For personal data processing that is necessary for fulfilment of a contract to which the data subject is a contracting party, Art. 6 (1) lit. b GDPR serves as a legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. Where personal data processing is required in order to fulfil a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as a legal basis. If it becomes necessary to process personal data in order to protect the vital interests of the data subject or another natural person, Art. 6 (1) lit. d GDPR serves as a legal basis. If processing is required in order to protect a legitimate interest of our company or a third party and this legitimate interest is not outweighed by the interests, fundamental rights and fundamental freedoms of the data subject, Art. 6 (1) lit. f GDPR serves as a legal basis. Where the data subject consents to processing operations involving their personal data, Art. 6 (1) lit. a of the General Data Protection Regulation (GDPR) serves as a legal basis for the processing of personal data. For personal data processing that is necessary for fulfilment of a contract to which the data subject is a contracting party, Art. 6 (1) lit. b GDPR serves as a legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. Where personal data processing is required in order to fulfil a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as a legal basis. If it becomes necessary to process personal data in order to protect the vital interests of the data subject or another natural person, Art. 6 (1) lit. d GDPR serves as a legal basis. If processing is required in order to protect a legitimate interest of our company or a third party and this legitimate interest is not outweighed by the interests, fundamental rights and fundamental freedoms of the data subject, Art. 6 (1) lit. f GDPR serves as a legal basis.

3. Data Erasure and Duration of Storage

The data subject's personal data will be erased or blocked as soon as the purpose of storage ceases to apply. Data may be stored for longer if such is provided for by European or national legislators in directives, laws or other regulations under Union law to which the controller is subject. The data will also be blocked or erased upon expiration of any rentention period stipulated in the aforementioned standards unless the continued storage of the data is required for the conclusion or fulfilment of a contract.


II. Provision of the Website and Creation of Logfiles

1. Description and Scope of Data Processing

Each time our website is accessed, our system automatically records data and information from the system of the computer accessing the website. The following data is collected in this context:

(1) Information about the browser type and the version being used

(2) The user's operating system

(3) The user's internet service provider

(4) The user's IP address

(5) Date and time of access

(6) Websites from which the user's system accessed our website

(7) Website accessed by the user's system via our website

This data will also be stored in our system's logfiles. This data is not stored together with other personal data belonging to the user.

2. Legal Basis for Data Processing

The legal basis for the temporary storage of the data and logfiles is Art. 6 (1) lit. f GDPR.

3. Purpose of Data Processing

The temporary storage of the IP address by the system is necessary in order to deliver the website to the user's computer. The user's IP address must therefore continue to be stored for the duration of the session.

Data is stored in log files in order to ensure the functionality of the website. The data also helps us to optimise the website and to ensure the security of our IT systems. The data is not analysed for marketing purposes in this context.

Our legitimate interest in data processing according to Art. 6 (1) lit. f GDPR is also to be found in these purposes.

4. Duration of Storage

The data will be erased as soon as it is no longer required for the purpose for which it was collected. In the case of data which is collected for the provision of the website, this is when the respective session ends.

Where data is stored in logfiles, this is after seven days at latest. The data may potentially be stored for longer. In this case, the user's IP address will be erased or anonymised, so that it can no longer be attributed to the client accessing the website.

5. Option to Object and Request Erasure

The collection of data for the provision of the website and the storage of data in logfiles for the operation of the web pages are absolutely necessary. Consequently, the user does not have the option to object.


III. Use of Cookies

a) Description and Scope of Data Processing

Our website uses cookies. Cookies are small text files which are stored in the user's internet browser or on the user's computer system by the internet browser. If the user visits a website, a cookie can be stored on the user's operating system. This cookie contains a character sequence which allows the browser to be clearly identified when the website is next visited.

We use cookies to make our website more user-friendly. For some elements of our website, it is essential that the accessing browser can be identified, even following a change of page. The following data is also stored and transmitted in the cookies:

  • (1) Language settings

On our website we also use cookies which allow the surfing behaviour of the user to be analysed. The following data can be transmitted by this means:

  • (1) Frequency of page views
  • (2) Use of website functions

When the user visits our website, he/she will be informed that cookies are used for analytical purposes and his/her consent regarding the processing of the personal data used in this context will be obtained. He/she will also be referred to the privacy policy in this regard.

 

b) Legal Basis for Data Processing

Necessary technical cookies are used to make the website easier for users to use. We are unable to offer some of our website's functions without the use of cookies. These require that the browser can be recognised again, even following a change of page. We use cookies for the following applications:

  • (1) Integration of language settings

The user data that is collected through necessary technical cookies is not used to compile user profiles. Analysis cookies are used to improve the quality of our website and its content. The analysis cookies allow us to find out how the website is used and thus continuously optimise our offer.

e) Duration of Storage, Option to Object and Request Erasure

Cookies are stored on the user's computer and sent from there to our website. As the user, you therefore also have complete control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing your internet browser settings. Cookies that have already been stored can be deleted as any time. This can also be carried out automatically. If cookies are deactivated for our website, this may result in limited functionality of some areas of the website.


IV. E-Mail Contact

1. Description and Scope of Data Processing

We may contact you using the provided e-mail address. In this case, the user's personal data which was provided along with the e-mail address will be stored. No data is passed on to third parties in this context. The data is used only to process conversations.

2. Legal Basis for Data Processing

The legal basis for the processing of data which is transmitted through the sending of an e-mail is Art. 6 (1) lit. f GDPR. If the e-mail is sent with the intention of concluding a contract, Art. 6 (1) lit. b GDPR serves as a further legal basis for the processing.

3. Purpose of Data Processing

The necessary legitimate interest in the data processing is also to be found where contact is made via e-mail.

4. Duration of Storage

The data will be erased as soon as it is no longer required for the purpose for which it was collected. For the personal data disclosed as part of the e-mail, this is when the respective conversation with the user has ended. The conversation is considered to have ended when it can be determined from the circumstances that the issue in question has been conclusively resolved.

5. Option to Object and Request Erasure

The user can withdraw their consent to the processing of personal data at any time. If the user contacts us via e-mail, he/she can object to the storage of his/her personal data at any time. In such a case, the conversation cannot be continued. In this case, all personal data which has been stored in the course of contact being established will be erased.


V. Rights of the Data Subject

If personal data relating to you is processed, you are considered to be the data subject within the meaning of the GDPR and you are entitled to exercise the following rights vis-à-vis the data controller:

1. Right of Access

You can ask the data controller to confirm if we process personal data concerning you. If such processing is being carried out, you can ask the data controller to provide you with the following information:

(1) the purposes for which the personal data is processed;

(2) the categories of personal data that are processed;

(3) the recipients or categories of recipients to whom your personal data has been or will be disclosed;

(4) the planned duration of storage of your personal data or, if specific details regarding this matter cannot be provided, the criteria used to determine the duration of storage;

(5) the existence of the right to rectification or erasure of your personal data, the right to restrict processing by the data controller or the right to object to this processing;

(6) the existence of the right to lodge a complaint with a supervisory authority;

(7) all available information regarding the origin of the data, if the personal data is not collected from the data subject;

(8) the existence of automated decision-making, including profiling, referred to in Art. 22 (1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information regarding whether your personal data is transmitted to a third country or an international organisation. In this context you can ask to be informed of the appropriate safeguards as per Art. 46 GDPR which are provided in connection with the transmission.

This right to information can be limited insofar as the fulfilment of research or statistical purposes is likely to be made impossible or severely affected by such and limitation is required in order to ensure that these research or statistical purposes can be fulfilled.

2. Right to Rectification

You have the right to obtain from the controller the rectification or completion of inaccurate or incomplete processed personal data concerning you. The controller must rectify the data without undue delay. Your right to rectification can be limited insofar as the fulfilment of research or statistical purposes is likely to be made impossible or severely affected by such and limitation is required in order to ensure that these research or statistical purposes can be fulfilled.

3. Right to Restriction of Processing

You have the right to obtain restriction of the processing of your personal data where one of the following applies:

(1) you contest the accuracy of your personal data, for a period enabling the controller to verify the accuracy of the personal data;

(2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;

(3) the controller no longer needs the personal data for the purposes of the processing, but you still require it for the establishment, exercise or defence of legal claims, or

(4) you have objected to processing according to Art. 21 (1) GDPR and it is yet to be verified whether the legitimate grounds of the controller override your own grounds..

Where processing of your personal data has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If processing has been restricted in accordance with the aforementioned conditions, you shall be informed by the controller before the restriction of processing is lifted.

Your right to restriction of processing can be limited insofar as the fulfilment of research or statistical purposes is likely to be made impossible or severely affected by such and limitation is required in order to ensure that these research or statistical purposes can be fulfilled.

4. Right to Erasure

a) Obligation to erase

You can demand that the controller erase personal data concerning you without undue delay and the controller is obligated to erase this data without undue delay where one of the following grounds applies:

(1) Your personal data is no longer required for the purposes for which it was collected or otherwise processed.

(2) You withdraw the consent on which the processing is based according to Art. 6 (1) lit. a or Art. 9 (2) lit. a GDPR, and there is no other legal ground for the processing.

(3) You object to the processing according to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing according to Art. 21 (2) GDPR.

(4) Your personal data has been unlawfully processed.

(5) Your personal data has to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

(6) Your personal data has been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.

b) Disclosing information to third parties

If the controller has made your personal data public and is obligated to delete this data according to Art 17 (1) GDPR, they shall, in consideration of the available technologies and the costs of implementation, undertake reasonable measures to inform the parties responsible for the data processing that you, as the data subject, have requested the erasure of all links to this personal data or of any copies or replications of this personal data.

c) Exceptions

The right to erasure shall not apply to the extent that processing is necessary

(1) for exercising the right of freedom of expression and information;

(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for reasons of public interest in the area of public health in accordance with Art. 9 (2) lit. h and i as well as Art. 9 (3) GDPR;

(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 (1) in so far as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or

(5) for the establishment, exercise or defence of legal claims.

5. Right to Information

If you have exercised your right to rectification, erasure or restriction of processing vis-à-vis the controller, the controller is obligated to notify all recipients to whom your personal data has been disclosed of this rectification, erasure or restriction of processing, unless this proves to be impossible or requires disproportionate effort. You have the right to obtain from the controller information about these recipients.

6. Right to Data Portability

You have the right to receive the personal data concerning yourself, which you have provided to a controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, where:

(1) the processing is based on consent according to Art. 6 (1) lit. a or Art. 9 (2) lit. a GDPR or on a contract according to Art. 6 (1) lit. b GDPR and

(2) the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. The rights and freedoms of others must not be adversely affected by such. The right to data portability shall not apply to the processing of personal data which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7. Right to Object

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point Art. 6 (1) lit. e or f, including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing is carried out for the establishment, exercise or defence of legal claims. Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

Where personal data is processed for scientific or historical research purposes or statistical purposes according to Art. 89 (1) GDPR, you have the right to object to processing of your personal data on grounds relating to your particular situation. Your right to object can be limited insofar as the fulfilment of research or statistical purposes is likely to be made impossible or severely affected by such and limitation is required in order to ensure that these research or statistical purposes can be fulfilled.

8. Right to Withdraw a Declaration of Consent under Data Protection Law

You have the right to withdraw a declaration of consent under data protection law at any time. Should you withdraw your consent, the legality of any processing carried out prior to the consent being withdrawn remains unaffected. You can inform the controller that you are withdrawing your consent by post or e-mail.

9. Automated Individual Decision-Making, Including Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision

(1) is necessary for entering into, or performance of, a contract between you and the controller,

(2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or

(3) is based on your explicit consent.

These decisions shall not be based on special categories of personal data according to Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. In the cases referred to in points (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

10. Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.


VI. SSL Encryption

This website uses SSL encryption for reasons of security and to protect confidential information during transmission, e.g. the enquiries that you submit to us as the website operator. You can see when a connection is encrypted as the browser's address bar changes from "http://" to "https://" and the lock symbol is displayed in your browser toolbar. When the SSL encryption is activated, third parties are unable to view the data that you send to us.


VII. Use of Google Maps

This website uses the map service Google Maps via an API. The service provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Your IP address must be stored in order for you to use the Google Maps functions. This information is generally transmitted to a Google server in the USA and stored there. The provider of this website has no influence of this transfer of data. You can find more information about how users' data is handled by referring to Google's privacy policy: https://www.google.de/intl/de/policies/privacy/