We take the security of your personal information very seriously and adhere strictly to the rules of the data security laws. Personal information is only collected on this website in the amount required for technical and organizational purposes. Under no circumstances will this gathered data be sold. The following explanation gives an overview on how we manage this protection and what sort of data is collected and for what reasons.
§ 1 Limitation of liability, no contractual agreement
The contents of this website are presented with the greatest care possible. However, the provider does not guarantee the correctness, completeness, and topicality of the contents shown. Signed contributions give the views of the author in question and not necessarily the views of the website owner. The mere use of the website does not constitute a contractual relationship between the user and the website owner. As such, there are no contractual or quasi-contractual claims against the provider. If the use of the website should lead to a contractual relationship, then, as a purely precautionary measure, the following limitation of liability shall apply: the provider is liable for willful intent and gross negligence as well as for violation of an essential contractual obligation (cardinal obligation).
The provider is liable under the limitation of replacement of the predictable typical damages for such damages at the time of the conclusion of the contract, which result from a minor negligent violation of a cardinal obligation by him or one of his legal representatives or assistants. The provider is not liable for minor negligent violations of secondary obligations which are not cardinal obligations. These limitations do not cover liability for damages that are covered by a guarantee given by the provider or an assurance from him, nor claims made due to the product liability law or claims arising from an injury to life, the body, or health.
§ 2 External Links
This website contains connections to third party websites ("external links"). The respective operators are liable for these websites. At the time of the first connection to these external links, the provider reviewed these websites for possible legal violations, but none were apparent. The provider has no influence at all over the current or future presentation and content of the linked websites. The provision of external links does not mean that the provider is in agreement with the link or content behind the link. A continual review of external links without a specific notification of a legal violation cannot be reasonably expected. Should the provider become aware of legal violations such external links will be immediately deleted.
In its decision from May 12, 1998 – 312 O 85/98 – “Haftung für Links” (liability for links) the Landgericht (LG) Hamburg decided that through the provision of a link a website provider may be liable for the content of the linked site. This can – according to the LG – only be prevented in that a website provider explicitly distances himself from the contents of the linked site. Hereby, we distance ourselves explicitly from the content of all websites linked from this website. This statement applies to all the links found on our homepage. The individual operators are exclusively responsible for the content of those linked sites.
§ 3 Availability of the Website
The provider will endeavor to ensure that the service is available without interruptions. Even if care is taken, interruptions of service cannot be ruled out. The provider reserves the right to change his offering or cease providing the service at any time.
§ 4 Copyright and other intellectual property rights
The contents of this website fall under the German copyright and intellectual property laws. Any use of this material which is not covered by the German copyright and intellectual property laws requires the previous written agreement of the provider or the respective rights holder. This applies particularly to copying, modification, translation, electronic copying, and the use of or presentation of the content in databanks or other electronic media and systems. The contents and rights of third parties must be indicated as such. Unauthorized reproduction or forwarding of individual contents or complete pages is not permitted and is illegal. Only the creation of copies and downloads for personal, private and non-commercial use is permitted. Links to the provider’s website are always welcome and do not require the permission of this websites provider.
The presentation of this website in external frames is only permissible with prior permission.
§ 5 No legal warning without previous establishment of contact
If the content or the presentation of these pages should injure the rights of third parties or legal regulations, then we request an appropriate notification without an invoice. In order to prevent unnecessary legal disputes and costs, we request that in case of competition, copyright, data protection, or other problems you make contact with us in advance. We guarantee that justifiably protested passages will be immediately removed without you having to engage legal assistance. The removal of a possible rights infringement from these pages by property rights owners may not take place without our agreement. Simultaneously, we would like to point out that otherwise lawyer’s charges for legal assistance will be rejected as unjustified given the requirements for damage prevention, and otherwise we will institute a counter-charge due to the injury of these regulations.
§ 6 Data processing on this Internet site
Our server collects and automatically saves information which your browser sends us in log files. These are:
Browser type / version
Operating system in use
Referring URL (the previously visited site)
Host name of the contacting computer (IP address)
Time of the server request
We cannot identify individuals from this information. This information will not be combined with information from other sources.
§ 7 Cookies
§ 8 Forms
Information sent to us is only collected, processed, and saved for the purpose stated. The processing of the information entered into the contact form takes place exclusively on the basis of your consent (Art. 6 para. 1 letter a GDPR). You may revoke this permission at any time. An informal notification via email is sufficient. This does not influence the legality of the data processing done up to the time of the revocation. The information which you enter into the contact form remains with us, until you request that it be deleted, you revoke the permission to save it, or the purpose of the data is no longer given (such as after completed processing of your request). Mandatory legal provisions – especially retention periods – are not affected by this.
It is possible that during the course of on-going medical treatment and for the purposes of medical documentation information will be taken from the contact form and put into the individual patient file. In this case the legal retention period for medical documentation applies. We protect the transmission of your personal data - for example in forms - with TSL encryption. All contact forms and registration for the information evening and the baby gallery will be sent to the selected centre. When you sign the guestbook, this will be sent to the respective centre and service partners commissioned by us.
When downloading an eBook, the data is transmitted to the TFP Group and service partners commissioned by us. To provide you with the highest level of security in communication with you, our forms are transmitted TLS-encrypted.
§ 9 eBook
In order to send you the eBook, we need your e-mail address to improve the quality of our services. When downloading an eBook, the data is transmitted to the TFP Group and service partners commissioned by us. You will receive no further messages.
§10 Online Events
For our online events we use the service provider edudip.com. Depending on the date selected, your data for registering for the online event will be used to organise the event as well as for statistical evaluation. It is possible that we may contact you by telephone to obtain feedback following the event. We process your e-mail address to develop digital advertising target group profiles (Facebook Lookalike Audiences), including in social media. If you do not wish this, please let us know (revocation).
§11 Baby gallery
All data you send us in the form will be published in the baby gallery with the exception of your contact details. This data is only used for the unique identification of data records, for queries or for processing a revocation. When you register in the baby gallery, your data will be transmitted to the respective centre and service partners commissioned by us. Your data will be stored until your revocation.
§ 12 Guestbook
All data you send us in the form will be published in the guestbook, except your contact details. This data is only used for the unique identification of data records, for queries or for processing a revocation. When you register in the baby gallery, your data will be transmitted to the respective centre and service partners commissioned by us. Your data will be stored until your revocation.
§13 Processing of (personal) data by the person responsible for the online application procedure
We are pleased that you would like to apply to one of the companies of TFP Deutschland GmbH. In the following, we explain how we process your personal data in the context of an application and provide further relevant information.
We take your privacy very seriously and would therefore like to inform you here about how we handle your applicant data.
Before joining our company or during the application process, we process your personal data exclusively for the purpose of establishing a contractual relationship to the extent required in accordance with Art. 6 Para. 1 b) and Art. 88 DSGVO for the purpose of initiating an employment relationship.
For the simplified administration of incoming applicants and the application process, we use the Recruitee service based on Art. 6 para. 1 f) DSGVO. All important information on data protection at www.recruitee.com can be found at https://recruitee.com/de/security-gdpr.
The following types of personal data are regularly processed:
Candidate data: Name, date of birth, CV, nationality/work permit, etc. for the selection, recruitment and entry and exit management
Private contact details: address, telephone number, e-mail (for the purpose of contacting you)
Data subject to professional secrecy: e.g. data on health suitability and any restrictions - where applicable and necessary
Other data in personnel management: severe disability (if relevant), driving license holder (if relevant)
We do not require any information from you that is not usable according to the General Equal Treatment Act (AGG) (race, ethnic origin, gender, pregnancy, information on physical or mental illness, membership of a trade union, religion or belief, disability, age, sexual identity or sex life).
We request that you do not transmit such data to us. The same applies to content that is likely to infringe the rights of third parties (e.g. copyrights, ancillary copyrights or other intellectual property rights, personal rights, press law or general rights of third parties).
In order to establish, implement and terminate a contractual relationship pursuant to Art. 6 para. 1 lit.b) DSGVO in conjunction with §Section 26 BDSG (version as of 25.5.2018),
To fulfill a legal obligation under Art. 6 para. 1 lit.c) DSGVO (if relevant),
In the case of processing, to safeguard a legitimate interest under Art. 6 para. 1 lit. f) DPA (if relevant),
As well as on the basis of your consent by voluntarily providing data which is not absolutely necessary for the purpose (such as hobbies in your curriculum vitae). However, such a consent is generally not required for the conclusion or continuation of an existing contract, in accordance with Art. 6 para. 1 letter a) DSGVO.
Our legitimate interests pursuant to Art. 6 para. 1 f) DSGVO are, for example:
The optimization of the application processes
The achievement of efficiency gains by bundling services in individual Group companies (especially human resources, IT)
Ensuring compliance with safety regulations, requirements, industry standards and contractual obligations
The assertion, exercise or defence of legal claims
The prevention of damage and/or liability of the company by taking appropriate measures
Internal recipients according to the "need to know" principle,
Companies affiliated under company law (group companies) as joint responsible parties: The essential contents of the regulation of the tasks with regard to the rights of data subjects can be requested at the contact address given, but according to Art. 26 para. 3 DSGVO, these rights can be claimed by data subjects from all companies involved.
After the respective purpose has been achieved, your data will be deleted. However, data will be kept for as long as necessary to defend legal claims. The storage period for applicant data is usually 6 months. If your profile was sent to us by a personnel service provider and if commission claims of this service provider exist, the storage period can be until they are fulfilled, or the limitation period expires. If accounting-relevant processing has been carried out, such as the reimbursement of travel expenses, the data required for this purpose will be deleted in compliance with the statutory retention periods, usually 6 or 10 years. If the application was successful and we conclude a contract with you, we transfer the data collected during the application process to our personnel file.
§ 14 Google Analytics
This website uses Google Analytics, a web analysis service from Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are saved on your computer and enable an analysis of the websites you use. As a rule, the information obtained by the cookie about your use of this website is transferred to a Google server in the USA and is saved there. In the case of an activation of IP-anonymization on this website, your IP address will be shortened within the member states of the European Union or in other participating states of the agreement in the European economic area. Only in exceptional cases will the full IP-address be transferred to a server in the USA and shortened there.
IP-anonymization is active on this website. On behalf of the owner of this website, Google will use this information to evaluate your use of the website in order to create reports on the website activities and to provide other services connected to the website and the use of the internet to the website operator. The IP-address which is provided by your browser to Google Analytics will not be combined with other data at Google. You can prevent the placement of cookies with the appropriate setting in your web browser, but we must point out that in such a case you will not be able to completely use all the functions of the website.
Additionally, you can also prevent the transfer and use of the information on your use of the website which the cookie has collected (including your IP address) to Google as well as the processing of this data by Google when you load and install the browser plug-in at the following link: tools.google.com/dlpage/gaoptout. As an alternative to the browser add-on, or within browsers on mobile devices, click on this link in order to prevent the collection by Google Analytics within this website (the Opt-Out functions only in the browser and only for this domain). This will install an Opt-Out cookie on your computer. If you should delete the cookies in this browser, then the link must be clicked again.
§ 15 Google AdWords
On our website we use an on-line advertising program from Google Inc. called Google AdWords. This uses conversion tracking. With this tool Google AdWords places a cookie on your PC when you come to our website via a Google advertisement. After 30 days the cookie is no longer effective. It is not used to trace you. If you, as a user, visit our website and the cookie is still functional then both we and Google can see that you clicked on a certain advertisement and were directed to our website. In doing so every Google AdWords customer has another cookie placed. Such cookies cannot be tracked through the websites of the AdWords customers.
Information collected by the conversion cookies is used to collect conversion statistics for AdWords customers. In this manner we as customers discover the total number of customers who have reacted to one of our advertisements and are thereby directed to a website which is equipped with a conversion tracking tag. This procedure does not give us any information which we could use to identify you personally as a user. If you do not want this tracking procedure to be used then the cookie for the Google conversion tracking can be deactivated in your internet browser. Please use the Help function in the browser for further information. More information on the Google data protection rules may be found under http://www.google.de/policies/privacy/.
The Data Controller has integrated components of YouTube on this website. YouTube is an Internet video portal that allows video publishers to post video clips and other users to view, rate and comment on them free of charge. YouTube allows the publication of all types of videos, which is why complete film and television programs, music videos, trailers or videos produced by users themselves can be called up via the Internet portal.
YouTube is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the individual pages of this website is accessed, which is operated by the Data Controller and on which a YouTube component (YouTube video) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. More information about YouTube can be found at https://www.youtube.com/yt/about/de/ In the course of this technical procedure, YouTube and Google are informed which specific subpage of our website is visited by the data subject.
If the data subject is logged on to YouTube at the same time, by calling up a subpage containing a YouTube video, YouTube recognizes which specific subpage of our website the data subject is visiting. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.
YouTube and Google receive information via the YouTube component that the data subject has visited our website whenever the data subject is logged on to YouTube at the same time as accessing our website; this happens regardless of whether the data subject clicks on a YouTube video or not. If such a transmission of this information to YouTube and Google is not desired by the data subject, the data subject can prevent the transmission by logging out of their YouTube account before calling up our website.
§ 17 Digital Patient Information System
The legal basis for the data processing in the digital patient information system is Art. 6, para. 1, letter a, GDPR. The only information which is collected is that which is required for mail and SMS correspondence. The only data which is processed is that for which you have previously given your consent for this purpose. Personal and medical information from your patient file will also be part of the mailing and SMS correspondence. The email address and cell telephone number will only be used for mailing and SMS use. The mailings and SMS messages will not be encrypted.
You can revoke your registration via the deregistration link in any mailing at any time. Of course, a revocation only applies to future mailing or SMS messages. You always have a right to know which personal information of yours we have saved and used for mailing and SMS messages. Only the center involved in your treatment has access to your personal information. The information is saved in accordance with the legal retention periods for medical data. If this data should not be correct, we will of course correct or delete it as soon as we are notified. For such purposes please contact firstname.lastname@example.org. In case of complaint, you may also contact the responsible state data protection office.
§ 18 Newsletter
If you wish to receive the newsletter which is offered on the website, then we require a valid email address. We check if you are the owner of the given email address, or if the owner is in agreement with receiving the newsletter (double opt-in). Other data will not be collected. Our newsletter is exclusively of an informative nature and does not contain any advertising material.
The legal basis for the data processing is Art. 6 para. 1 letter f GDPR. The only information which is required to send the newsletter is collected. No other personal data is required to send the newsletter. The information is kept exclusively for the newsletter mailing. You can revoke your registration at any time through a deregistration link in any newsletter. A revocation, of course, only affects future newsletter mailings. After your revocation of the newsletter, your information will be immediately deleted, and you will not receive any more updates. You have the right at all times to know what personal data on you we have saved. If this should not be correct, then of course we will either correct or delete it. For this purpose, please contact email@example.com.
§ 19 Questionnaires on Service Quality
Answers to the questionnaires on service quality are anonymous for all patients. Tracing the answers is not possible or attempted. The questionnaires on service quality take place due to our obligation to maintain and improve our service quality according to SGB V § 135a (legal basis for the data processing is Art. 6 para. 1 letter. f GDPR – whereby, in respect of the results from the questionnaires, no personal information is collected or saved). Only that data is collected which is required for the collection of the questionnaire information. This includes personal and medical data from your patient file, but in an anonymous form. The information is transferred in unencrypted form.
§ 21 Use of Google Maps and Google Fonts
On this website, we use the offering from Google Maps. This enables us to provide you with interactive maps directly on the website and permits you to comfortably use the map functions.
Through the visit on the website, Google receives the information that you have called up the corresponding sub-page on our website. Additionally, the data named in § 6 of this statement is transferred. This takes place regardless of if you are logged in through a Google user account or if you do not have a user account. If you are logged in with Google, then your information will be credited to your account. If you do not want the information associated with your Google profile, then you must log off prior to activating the button. Google saves your information as a user profile and uses it for advertising purposes, market research and/or need-based design of its website. Such an evaluation takes place particularly (even for non-logged-in users) to provide customer-oriented advertising and to inform other users of the social networks of your activities on our website. You have a right to protest the creation of a user profile, though you must take this protest to Google directly.
More information on the purpose and extent of the data collection and the processing thereof through the plug-in provider may be found in the plug-in provider’s data protection statement. There you will also find information on your rights in this context and the set-up possibilities to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google processes your personal data in the USA and has accepted the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
This website uses Google Fonts to present the different scripts. No cookies are placed in this process. Google Fonts are a standard in modern web design. The use of Google Fonts takes place in the interest of a common and attractive presentation of our online presence. This is a legitimate interest in the sense of Art. 6 para. 1f GSPR.
The Google Fonts are embedded locally.
§ 22 LinkedIn Insights
On our website, you will find plug-ins from the social network LinkedIn, from the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (in the following called "LinkedIn"). The LinkedIn plug-ins can be recognized by their logo or the "recommend" button. Please note that when you visit our website, the plug-in sets up a connection between your internet browser and the LinkedIn server. LinkedIn is thereby informed that our website was visited by your IP address. If you click on the "recommend" button from LinkedIn and simultaneously are logged in to your LinkedIn account, then you are able to link the content of our internet site to your user profile at LinkedIn. In this manner, you make it possible for LinkedIn to see your visit to our website and connect the visit to your user account. You should know that we have no information on the content of the transferred data or its use at LinkedIn.
More details on data collection and your legal possibilities, as well as set-up options, may be found at LinkedIn. These are provided at the link https://www.linkedin.com/legal/privacy-policy
§ 23 Usage Google reCAPTCHA
With the help of CAPTCHA, a website can distinguish machines (bots) from humans.
CAPTCHAs increase the security of website forms to prevent and detect spam attacks or similar. We decided to use a CAPTCHA because we - like many other companies - have already had such attacks on our website.
Classically, a CAPTCHA analyses the behaviour and browser interactions of a website user in order to decide on the basis of this data whether it is a bot or a human being, and thus, whether it is possible to submit the form or whether it is refused. The principle is that a task is set that is easy for humans to solve but very difficult for bots, e.g. by asking the user to select from a selection of photos those showing a traffic sign. This is rather annoying for the user. reCAPTCHA v2 eliminates this unpleasant user experience by simply clicking on the "I am not a robot" box. This information, such as IP address, local settings, mouse movements, length of stay on the website, etc. is uploaded to Google's servers and analyzed to determine whether the owner of the information is a real person. These versions of reCaptcha use behavioral analysis (based on the user's previous browser interactions, among other things) to calculate the probability of the user being a human being. If the algorithm believes that the user is a human, a mouse click on the captcha is sufficient. Otherwise, a window with a question or other task that has to be solved will be displayed.
§ 24 Google Tag Manager
The Google Tag Manager is used. No user data is collected.
§ 25 Rights of the Data Subject
a) Right of Confirmation
Each data subject has been granted the right by the European legislature to demand confirmation from those responsible for processing his information if they have processed his personal data. If a data subject wants to exercise this right, then he can contact an employee of the organization responsible for the information processing.
b) Right of Information
The European legislature has granted to anyone whose personal data is being collected the right to obtain information without charges on the data which refers to him and to obtain a copy of this data. Additionally, the European legislature has granted the concerned persons the right to information on the following subjects:
The purposes of processing the information
The categories of personal information which are processed
The recipients or categories of recipients to whom the personal data is given or will be given, particularly to recipients in third countries or at international organizations
If possible the planned duration of the retention of the personal data, or if this is not possible then the criteria for determining this duration
The existence of a right of correction or deletion of their own personal data or of a restriction in the processing by those responsible or of a right of objection against this processing.
The existence of a right of complaint with a regulatory organization
When the personal data was not gathered from the person affected, all available information on the origin of the data
The existence of an automated decision process including profiling according to Article 11 para. 1 and 4 GDPR and —particularly in such cases — extensive information about the logic implemented as well as the extent and intended effects of such processing on the person affected
The person affected also has a right to information if his personal information is being sent to a third country or to an international organization. If this is the case then the person affected also has the right to know about appropriate guarantees in connection with the transfer of data.
If an affected person wishes to take advantage of his right to information, then he can do so at any time from an employee of the organization processing the data.
c) Right of Correction
The European legislature has granted to anyone whose personal data is being collected the right to demand the immediate correction of incorrect personal data. Additionally, the affected person has the right, considering the purpose of the data processing, to demand the completion of incomplete personal data – including via an explanatory statement.
If the person affected should wish to take advantage of this right of correction, then he may apply to an employee of the organization responsible for the data processing.
d) Right of Deletion (Right to be Forgotten)
The European legislature has granted to anyone who is affected by the processing of his personal data the right to demand from the controller that his personal data be immediately deleted if one of the following reasons applies and as long as the processing is not necessary:
The personal data was gathered or otherwise used for purposes for which they are no longer required.
The data subject revokes his consent which the processing requires in accordance with Art. 6 para. 1 a GDPR or Art. 9 para. 2 a GDPR, and there is no other legal basis for the processing.
The data subject objects to the processing in accordance with Art. 21 para. 1 GDPR, and there are no other legitimate reasons with a greater priority for the processing, or the data subject objects to the processing in accordance with Art. 21 para 2 GDPR.
The personal data was used illegally.
The deletion of the personal data is to satisfy a legal obligation according to Union law or the law of a member state to which the controller is subject.
The personal data was collected in connection with services offered by the information business according to Art. 8 para. 1 GDPR.
If one of the grounds given above applies and the data subject wishes the deletion of his personal data which we have saved then he can contact an employee responsible for the processing at any time. The employee will arrange that the request of deletion is immediately carried out.
If the personal data should have been made public by us and our organization is responsible for the deletion of the personal data according to Art. 17 para. 1 GDPR then we will take appropriate measures, considering the available technology and the cost of implementation, also of a technical nature, to inform others responsible for data processing who work with the published personal data, that the data subject has demanded the deletion of all links to this personal data or copies or replications of this personal data, as long as the process is not necessary. In individual cases, the employee will ensure that this is done.
e) Right of Restriction of Processing
The European legislature has granted to anyone who is affected by the processing of his personal data the right to demand from the controller the restriction of processing when one of the following conditions is met:
The data subject disputes the correctness of the personal data, and for a period of time which makes it possible for the controller to check the correctness of the personal data.
The processing is illegal, the data subject rejects the deletion of the personal data and demands instead the restriction of the use of the personal data.
The controller no longer requires the personal data for the purposes of using it, the data subject requires it for the purpose of enforcement, exercise or defense of legal claims.
The data subject has objected to the processing according to Art. 21 para. 1 GDPR and it is not yet certain if the controller’s legitimate reasons will prevail over those of the data subject.
If one of the conditions listed above is given and a data subject wishes to demand a restriction of processing of personal data which is saved with us then he may at any time contact an employee of the controller. The employee will arrange a restriction of the processing.
f) Right to Data Transferability
The European Legislature has granted to anyone who is affected by the processing of his personal data the right to receive the data which the affected person has given to the controller in a structured, customary, and machine-readable format. He also has the right to give this data to another responsible controller without hindrance from the controller who provided the personal data, as long as the processing was made on the basis of permission according to Art. 6 para. 1 a GDPR or Art. 9 para. 2 a GDPR or a contract according to Art. 6 para. 1 b GDPR and the processing uses an automatic procedure, as long as the processing is not done for a task which is in the public interest or in the exercise of public authority which has been transferred to the controller.
Additionally, according to Art. 20 para. 1 GDPR, the affected person in the exercise of his right of data portability has the right to effect that the personal data is transferred from one controller to another controller, as long as this is technically possible and as long as the rights and freedom of other persons are not impaired.
To exercise his right to data portability the affected person may at any time speak to any employee.
g) Right to Objection to Processing
The European legislature has granted to anyone who is affected by the processing of his personal data the right, for reasons which may arise from his particular situation, to object to the processing of his personal data, which takes place due to Article 6 para. 1 l e or f GDPR. This also applies to profiling supported by these regulations.
We do not process personal data further in case of an objection unless we can show compelling and legitimate reasons for the processing which are more important than the interests, rights, and freedom of the affected person, or the processing serves the enforcement, exercise, or defense of legal claims.
If we process personal data in order to conduct direct marketing then the person affected has the right to object at any time to the use of his personal data for the purposes of such advertising. This also applies to profiling, as far as it is connected to such direct marketing. If the affected person objects to us about the use of data for the purposes of direct marketing then we will no longer use the personal data for this purpose.
Additionally, the affected person has the right, for reasons which arise from his particular situation, to object to the use of his personal data which we might be using for scientific or historical research or for statistical reasons in accordance with Art. 89 para. 1 GDPR, unless such a use is required for a task that serves the public interest.
To exercise his right to objection the affected person may speak to any employee. The affected person may also, in connection with the use of services of the information company, regardless of the Guideline 2002/58/EG, exercise his right of objection via an automated system that uses technical specifications.
h) Automated Decisions in Individual Cases including Profiling
The European legislature has granted to anyone who is affected by the processing of his personal data the right to not be subject to a decision completely based on an automated decision – including profiling – which has a legal effect on him or significantly impairs him, as long as the decision (1) is not for the finalization or completion of a contract between the two persons and is required by the controller, or (2) due to Union regulations or those of the member states to which the controller is subject and these regulations include appropriate measures to protect the rights and freedoms of affected persons or (3) with the express permission of the person affected.
If the decision (1) is for a finalization or the completion of a contract between the affected person and the responsible person necessary or (2) takes place with the express consent of the affected person, we will take appropriate measures to protect the legitimate rights and freedom of the affected person, which as a minimum include the right to affect an intervention by a person on the part of the responsible organization, to express one’s own standpoint, and to dispute the decision.
If an affected person wishes to exercise his rights in connection with automated decisions, then he may apply to an employee of the organization responsible for the data processing at any time.
i) Right to revocation of a data protection acceptance
§ 26 Further Information
Your trust is important to us. Therefore we will be happy at any time to answer your questions about the use and processing of your personal data. If you have questions which this data protection statement does not answer, or if you want more information on a specific issue, then please contact our data security office at any time.
§ 27 Applicable Law
The applicable law shall be exclusively that of the Federal Republic of Germany, or the law of the Republic of Austria. In case of further questions please apply to your responsible state data protection commissioner.