Pri­vacy Policy

Ver­sion for 'normal' human beings

Any data you add to your pro­file will be publicly accessa­ble, except your email address.

We will NEVER share your email address with anyone.

We may send you important admi­nis­tra­tive mes­sa­ges rela­ted to your user account to your email address, like new pass­word requests, etc...

If you want to get updates about new posts sub­scribe to our mai­ling list or to our social media channels.

On sodafilm.de, we use the shop­ping cart from paypal and the­r­e­fore don't save any user data on our server. Excep­tion: on access of our down­load pro­ducts files we log the ip addresses.

We may use a cookie to save your lan­guage sel­ec­tion of our site.

Pri­vacy Policy

We are very deligh­ted that you have shown inte­rest in our enter­prise. Data pro­tec­tion is of a par­ti­cu­larly high prio­rity for the manage­ment of the Daniel Boehme. The use of the Inter­net pages of the Daniel Boehme is pos­si­ble wit­hout any indi­ca­tion of per­so­nal data; howe­ver, if a data sub­ject wants to use spe­cial enter­prise ser­vices via our web­site, pro­ces­sing of per­so­nal data could become neces­sary. If the pro­ces­sing of per­so­nal data is neces­sary and there is no sta­tu­tory basis for such pro­ces­sing, we gene­rally obtain con­sent from the data subject.

The pro­ces­sing of per­so­nal data, such as the name, address, e-mail address, or tele­phone number of a data sub­ject shall always be in line with the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR), and in accordance with the country-specific data pro­tec­tion regu­la­ti­ons appli­ca­ble to the Daniel Boehme. By means of this data pro­tec­tion decla­ra­tion, our enter­prise would like to inform the gene­ral public of the nature, scope, and pur­pose of the per­so­nal data we coll­ect, use and pro­cess. Fur­ther­more, data sub­jects are infor­med, by means of this data pro­tec­tion decla­ra­tion, of the rights to which they are entitled.

As the con­trol­ler, the Daniel Boehme has imple­men­ted num­e­rous tech­ni­cal and orga­niza­tio­nal mea­su­res to ensure the most com­plete pro­tec­tion of per­so­nal data pro­ces­sed through this web­site. Howe­ver, Internet-based data trans­mis­si­ons may in prin­ci­ple have secu­rity gaps, so abso­lute pro­tec­tion may not be gua­ran­teed. For this reason, every data sub­ject is free to trans­fer per­so­nal data to us via alter­na­tive means, e.g. by telephone.

1. Defi­ni­ti­ons

The data pro­tec­tion decla­ra­tion of the Daniel Boehme is based on the terms used by the Euro­pean legis­la­tor for the adop­tion of the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR). Our data pro­tec­tion decla­ra­tion should be legi­ble and under­stan­da­ble for the gene­ral public, as well as our cus­to­mers and busi­ness part­ners. To ensure this, we would like to first explain the ter­mi­no­logy used.

In this data pro­tec­tion decla­ra­tion, we use, inter alia, the fol­lo­wing terms:

  • a) Per­so­nal data

    Per­so­nal data means any infor­ma­tion rela­ting to an iden­ti­fied or iden­ti­fia­ble natu­ral person (“data sub­ject”). An iden­ti­fia­ble natu­ral person is one who can be iden­ti­fied, directly or indi­rectly, in par­ti­cu­lar by refe­rence to an iden­ti­fier such as a name, an iden­ti­fi­ca­tion number, loca­tion data, an online iden­ti­fier or to one or more fac­tors spe­ci­fic to the phy­si­cal, phy­sio­lo­gi­cal, gene­tic, mental, eco­no­mic, cul­tu­ral or social iden­tity of that natu­ral person.

  • b) Data subject

    Data sub­ject is any iden­ti­fied or iden­ti­fia­ble natu­ral person, whose per­so­nal data is pro­ces­sed by the con­trol­ler respon­si­ble for the processing.

  • c) Pro­ces­sing

    Pro­ces­sing is any ope­ra­tion or set of ope­ra­ti­ons which is per­for­med on per­so­nal data or on sets of per­so­nal data, whe­ther or not by auto­ma­ted means, such as coll­ec­tion, recor­ding, orga­ni­sa­tion, struc­tu­ring, sto­rage, adapt­a­tion or altera­tion, retrie­val, con­sul­ta­tion, use, dis­clo­sure by trans­mis­sion, dis­se­mi­na­tion or other­wise making available, ali­gnment or com­bi­na­tion, rest­ric­tion, era­sure or destruction.

  • d) Rest­ric­tion of processing

    Rest­ric­tion of pro­ces­sing is the mar­king of stored per­so­nal data with the aim of limi­ting their pro­ces­sing in the future.

  • e) Pro­fil­ing

    Pro­fil­ing means any form of auto­ma­ted pro­ces­sing of per­so­nal data con­sis­ting of the use of per­so­nal data to eva­luate cer­tain per­so­nal aspects rela­ting to a natu­ral person, in par­ti­cu­lar to ana­lyse or pre­dict aspects con­cer­ning that natu­ral person's per­for­mance at work, eco­no­mic situa­tion, health, per­so­nal pre­fe­ren­ces, inte­rests, relia­bi­lity, beha­viour, loca­tion or movements.

  • f) Pseud­ony­mi­sa­tion

    Pseud­ony­mi­sa­tion is the pro­ces­sing of per­so­nal data in such a manner that the per­so­nal data can no longer be attri­bu­ted to a spe­ci­fic data sub­ject wit­hout the use of addi­tio­nal infor­ma­tion, pro­vi­ded that such addi­tio­nal infor­ma­tion is kept sepa­ra­tely and is sub­ject to tech­ni­cal and orga­ni­sa­tio­nal mea­su­res to ensure that the per­so­nal data are not attri­bu­ted to an iden­ti­fied or iden­ti­fia­ble natu­ral person.

  • g) Con­trol­ler or con­trol­ler respon­si­ble for the processing

    Con­trol­ler or con­trol­ler respon­si­ble for the pro­ces­sing is the natu­ral or legal person, public aut­ho­rity, agency or other body which, alone or jointly with others, deter­mi­nes the pur­po­ses and means of the pro­ces­sing of per­so­nal data; where the pur­po­ses and means of such pro­ces­sing are deter­mi­ned by Union or Member State law, the con­trol­ler or the spe­ci­fic cri­te­ria for its nomi­na­tion may be pro­vi­ded for by Union or Member State law.

  • h) Pro­ces­sor

    Pro­ces­sor is a natu­ral or legal person, public aut­ho­rity, agency or other body which pro­ces­ses per­so­nal data on behalf of the controller.

  • i) Reci­pi­ent

    Reci­pi­ent is a natu­ral or legal person, public aut­ho­rity, agency or ano­ther body, to which the per­so­nal data are dis­c­lo­sed, whe­ther a third party or not. Howe­ver, public aut­ho­ri­ties which may receive per­so­nal data in the frame­work of a par­ti­cu­lar inquiry in accordance with Union or Member State law shall not be regarded as reci­pi­ents; the pro­ces­sing of those data by those public aut­ho­ri­ties shall be in com­pli­ance with the appli­ca­ble data pro­tec­tion rules accor­ding to the pur­po­ses of the processing.

  • j) Third party

    Third party is a natu­ral or legal person, public aut­ho­rity, agency or body other than the data sub­ject, con­trol­ler, pro­ces­sor and per­sons who, under the direct aut­ho­rity of the con­trol­ler or pro­ces­sor, are aut­ho­ri­sed to pro­cess per­so­nal data.

  • k) Con­sent

    Con­sent of the data sub­ject is any freely given, spe­ci­fic, infor­med and unam­bi­guous indi­ca­tion of the data subject's wishes by which he or she, by a state­ment or by a clear affir­ma­tive action, signi­fies agree­ment to the pro­ces­sing of per­so­nal data rela­ting to him or her.

2. Name and Address of the controller

Con­trol­ler for the pur­po­ses of the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR), other data pro­tec­tion laws appli­ca­ble in Member states of the Euro­pean Union and other pro­vi­si­ons rela­ted to data pro­tec­tion is:

Daniel Boehme

Ment­zel­str. 22

12555 Berlin

Deutsch­land

Phone: 03042086622

Email: [email protected]

Web­site: sodafilm.de

3. Coo­kies

The Inter­net pages of the Daniel Boehme use coo­kies. Coo­kies are text files that are stored in a com­pu­ter system via an Inter­net browser.

Many Inter­net sites and ser­vers use coo­kies. Many coo­kies con­tain a so-called cookie ID. A cookie ID is a unique iden­ti­fier of the cookie. It con­sists of a cha­rac­ter string through which Inter­net pages and ser­vers can be assi­gned to the spe­ci­fic Inter­net brow­ser in which the cookie was stored. This allows visi­ted Inter­net sites and ser­vers to dif­fe­ren­tiate the indi­vi­dual brow­ser of the dats sub­ject from other Inter­net brow­sers that con­tain other coo­kies. A spe­ci­fic Inter­net brow­ser can be reco­gni­zed and iden­ti­fied using the unique cookie ID.

Through the use of coo­kies, the Daniel Boehme can pro­vide the users of this web­site with more user-friendly ser­vices that would not be pos­si­ble wit­hout the cookie setting.

By means of a cookie, the infor­ma­tion and offers on our web­site can be opti­mi­zed with the user in mind. Coo­kies allow us, as pre­viously men­tio­ned, to reco­gnize our web­site users. The pur­pose of this reco­gni­tion is to make it easier for users to uti­lize our web­site. The web­site user that uses coo­kies, e.g. does not have to enter access data each time the web­site is acces­sed, because this is taken over by the web­site, and the cookie is thus stored on the user's com­pu­ter system. Ano­ther exam­ple is the cookie of a shop­ping cart in an online shop. The online store remem­bers the artic­les that a cus­to­mer has placed in the vir­tual shop­ping cart via a cookie.

The data sub­ject may, at any time, pre­vent the set­ting of coo­kies through our web­site by means of a cor­re­spon­ding set­ting of the Inter­net brow­ser used, and may thus per­ma­nently deny the set­ting of coo­kies. Fur­ther­more, alre­ady set coo­kies may be dele­ted at any time via an Inter­net brow­ser or other soft­ware pro­grams. This is pos­si­ble in all popu­lar Inter­net brow­sers. If the data sub­ject deac­ti­va­tes the set­ting of coo­kies in the Inter­net brow­ser used, not all func­tions of our web­site may be enti­rely usable.

4. Coll­ec­tion of gene­ral data and information

The web­site of the Daniel Boehme coll­ects a series of gene­ral data and infor­ma­tion when a data sub­ject or auto­ma­ted system calls up the web­site. This gene­ral data and infor­ma­tion are stored in the server log files. Coll­ec­ted may be (1) the brow­ser types and ver­si­ons used, (2) the ope­ra­ting system used by the acces­sing system, (3) the web­site from which an acces­sing system rea­ches our web­site (so-called refer­rers), (4) the sub-websites, (5) the date and time of access to the Inter­net site, (6) an Inter­net pro­to­col address (IP address), (7) the Inter­net ser­vice pro­vi­der of the acces­sing system, and (8) any other simi­lar data and infor­ma­tion that may be used in the event of attacks on our infor­ma­tion tech­no­logy systems.

When using these gene­ral data and infor­ma­tion, the Daniel Boehme does not draw any con­clu­si­ons about the data sub­ject. Rather, this infor­ma­tion is needed to (1) deli­ver the con­tent of our web­site cor­rectly, (2) opti­mize the con­tent of our web­site as well as its adver­ti­se­ment, (3) ensure the long-term via­bi­lity of our infor­ma­tion tech­no­logy sys­tems and web­site tech­no­logy, and (4) pro­vide law enforce­ment aut­ho­ri­ties with the infor­ma­tion neces­sary for cri­mi­nal pro­se­cu­tion in case of a cyber-attack. The­r­e­fore, the Daniel Boehme ana­ly­zes anony­mously coll­ec­ted data and infor­ma­tion sta­tis­ti­cally, with the aim of incre­asing the data pro­tec­tion and data secu­rity of our enter­prise, and to ensure an opti­mal level of pro­tec­tion for the per­so­nal data we pro­cess. The anony­mous data of the server log files are stored sepa­ra­tely from all per­so­nal data pro­vi­ded by a data subject.

5. Regis­tra­tion on our website

The data sub­ject has the pos­si­bi­lity to regis­ter on the web­site of the con­trol­ler with the indi­ca­tion of per­so­nal data. Which per­so­nal data are trans­mit­ted to the con­trol­ler is deter­mi­ned by the respec­tive input mask used for the regis­tra­tion. The per­so­nal data ente­red by the data sub­ject are coll­ec­ted and stored exclu­si­vely for inter­nal use by the con­trol­ler, and for his own pur­po­ses. The con­trol­ler may request trans­fer to one or more pro­ces­sors (e.g. a parcel ser­vice) that also uses per­so­nal data for an inter­nal pur­pose which is attri­bu­ta­ble to the controller.

By regis­tering on the web­site of the con­trol­ler, the IP address—assigned by the Inter­net ser­vice pro­vi­der (ISP) and used by the data subject—date, and time of the regis­tra­tion are also stored. The sto­rage of this data takes place against the back­ground that this is the only way to pre­vent the misuse of our ser­vices, and, if neces­sary, to make it pos­si­ble to inves­ti­gate com­mit­ted offen­ses. Inso­far, the sto­rage of this data is neces­sary to secure the con­trol­ler. This data is not passed on to third par­ties unless there is a sta­tu­tory obli­ga­tion to pass on the data, or if the trans­fer serves the aim of cri­mi­nal prosecution.

The regis­tra­tion of the data sub­ject, with the vol­un­t­ary indi­ca­tion of per­so­nal data, is inten­ded to enable the con­trol­ler to offer the data sub­ject con­tents or ser­vices that may only be offe­red to regis­tered users due to the nature of the matter in ques­tion. Regis­tered per­sons are free to change the per­so­nal data spe­ci­fied during the regis­tra­tion at any time, or to have them com­ple­tely dele­ted from the data stock of the controller.

The data con­trol­ler shall, at any time, pro­vide infor­ma­tion upon request to each data sub­ject as to what per­so­nal data are stored about the data sub­ject. In addi­tion, the data con­trol­ler shall cor­rect or erase per­so­nal data at the request or indi­ca­tion of the data sub­ject, inso­far as there are no sta­tu­tory sto­rage obli­ga­ti­ons. A Data Pro­tec­tion Offi­cer par­ti­cu­larly desi­gna­ted in this data pro­tec­tion decla­ra­tion, as well as the enti­rety of the controller’s employees are available to the data sub­ject in this respect as cont­act persons.

6. Sub­scrip­tion to our newsletters

On the web­site of the Daniel Boehme, users are given the oppor­tu­nity to sub­scribe to our enterprise's news­let­ter. The input mask used for this pur­pose deter­mi­nes what per­so­nal data are trans­mit­ted, as well as when the news­let­ter is orde­red from the controller.

The Daniel Boehme informs its cus­to­mers and busi­ness part­ners regu­larly by means of a news­let­ter about enter­prise offers. The enterprise's news­let­ter may only be recei­ved by the data sub­ject if (1) the data sub­ject has a valid e-mail address and (2) the data sub­ject regis­ters for the news­let­ter ship­ping. A con­fir­ma­tion e-mail will be sent to the e-mail address regis­tered by a data sub­ject for the first time for news­let­ter ship­ping, for legal reasons, in the double opt-in pro­ce­dure. This con­fir­ma­tion e-mail is used to prove whe­ther the owner of the e-mail address as the data sub­ject is aut­ho­ri­zed to receive the newsletter.

During the regis­tra­tion for the news­let­ter, we also store the IP address of the com­pu­ter system assi­gned by the Inter­net ser­vice pro­vi­der (ISP) and used by the data sub­ject at the time of the regis­tra­tion, as well as the date and time of the regis­tra­tion. The coll­ec­tion of this data is neces­sary in order to under­stand the (pos­si­ble) misuse of the e-mail address of a data sub­ject at a later date, and it the­r­e­fore serves the aim of the legal pro­tec­tion of the controller.

The per­so­nal data coll­ec­ted as part of a regis­tra­tion for the news­let­ter will only be used to send our news­let­ter. In addi­tion, sub­scri­bers to the news­let­ter may be infor­med by e-mail, as long as this is neces­sary for the ope­ra­tion of the news­let­ter ser­vice or a regis­tra­tion in ques­tion, as this could be the case in the event of modi­fi­ca­ti­ons to the news­let­ter offer, or in the event of a change in tech­ni­cal cir­cum­s­tances. There will be no trans­fer of per­so­nal data coll­ec­ted by the news­let­ter ser­vice to third par­ties. The sub­scrip­tion to our news­let­ter may be ter­mi­na­ted by the data sub­ject at any time. The con­sent to the sto­rage of per­so­nal data, which the data sub­ject has given for ship­ping the news­let­ter, may be revo­ked at any time. For the pur­pose of revo­ca­tion of con­sent, a cor­re­spon­ding link is found in each news­let­ter. It is also pos­si­ble to unsub­scribe from the news­let­ter at any time directly on the web­site of the con­trol­ler, or to com­mu­ni­cate this to the con­trol­ler in a dif­fe­rent way.

7. Newsletter-Tracking

The news­let­ter of the Daniel Boehme con­ta­ins so-called track­ing pixels. A track­ing pixel is a minia­ture gra­phic embedded in such e-mails, which are sent in HTML format to enable log file recor­ding and ana­ly­sis. This allows a sta­tis­ti­cal ana­ly­sis of the suc­cess or fail­ure of online mar­ke­ting cam­paigns. Based on the embedded track­ing pixel, the Daniel Boehme may see if and when an e-mail was opened by a data sub­ject, and which links in the e-mail were called up by data subjects.

Such per­so­nal data coll­ec­ted in the track­ing pixels con­tai­ned in the news­let­ters are stored and ana­ly­zed by the con­trol­ler in order to opti­mize the ship­ping of the news­let­ter, as well as to adapt the con­tent of future news­let­ters even better to the inte­rests of the data sub­ject. These per­so­nal data will not be passed on to third par­ties. Data sub­jects are at any time entit­led to revoke the respec­tive sepa­rate decla­ra­tion of con­sent issued by means of the double-opt-in pro­ce­dure. After a revo­ca­tion, these per­so­nal data will be dele­ted by the con­trol­ler. The Daniel Boehme auto­ma­ti­cally regards a with­dra­wal from the receipt of the news­let­ter as a revocation.

8. Cont­act pos­si­bi­lity via the website

The web­site of the Daniel Boehme con­ta­ins infor­ma­tion that enables a quick elec­tro­nic cont­act to our enter­prise, as well as direct com­mu­ni­ca­tion with us, which also includes a gene­ral address of the so-called elec­tro­nic mail (e-mail address). If a data sub­ject cont­acts the con­trol­ler by e-mail or via a cont­act form, the per­so­nal data trans­mit­ted by the data sub­ject are auto­ma­ti­cally stored. Such per­so­nal data trans­mit­ted on a vol­un­t­ary basis by a data sub­ject to the data con­trol­ler are stored for the pur­pose of pro­ces­sing or cont­ac­ting the data sub­ject. There is no trans­fer of this per­so­nal data to third parties.

9. Comm­ents func­tion in the blog on the website

The Daniel Boehme offers users the pos­si­bi­lity to leave indi­vi­dual comm­ents on indi­vi­dual blog con­tri­bu­ti­ons on a blog, which is on the web­site of the con­trol­ler. A blog is a web-based, publicly-accessible portal, through which one or more people called blog­gers or web-bloggers may post artic­les or write down thoughts in so-called blog­posts. Blog­posts may usually be com­men­ted by third parties.

If a data sub­ject leaves a com­ment on the blog published on this web­site, the comm­ents made by the data sub­ject are also stored and published, as well as infor­ma­tion on the date of the com­men­tary and on the user's (pseud­onym) chosen by the data sub­ject. In addi­tion, the IP address assi­gned by the Inter­net ser­vice pro­vi­der (ISP) to the data sub­ject is also logged. This sto­rage of the IP address takes place for secu­rity reasons, and in case the data sub­ject vio­la­tes the rights of third par­ties, or posts ille­gal con­tent through a given com­ment. The sto­rage of these per­so­nal data is, the­r­e­fore, in the own inte­rest of the data con­trol­ler, so that he can excul­pate in the event of an inf­rin­ge­ment. This coll­ec­ted per­so­nal data will not be passed to third par­ties, unless such a trans­fer is requi­red by law or serves the aim of the defense of the data controller.

10. Sub­scrip­tion to comm­ents in the blog on the website

The comm­ents made in the blog of the Daniel Boehme may be sub­scri­bed to by third par­ties. In par­ti­cu­lar, there is the pos­si­bi­lity that a com­men­ter sub­scri­bes to the comm­ents fol­lo­wing his comm­ents on a par­ti­cu­lar blog post.

If a data sub­ject deci­des to sub­scribe to the option, the con­trol­ler will send an auto­ma­tic con­fir­ma­tion e-mail to check the double opt-in pro­ce­dure as to whe­ther the owner of the spe­ci­fied e-mail address deci­ded in favor of this option. The option to sub­scribe to comm­ents may be ter­mi­na­ted at any time.

11. Rou­tine era­sure and blo­cking of per­so­nal data

The data con­trol­ler shall pro­cess and store the per­so­nal data of the data sub­ject only for the period neces­sary to achieve the pur­pose of sto­rage, or as far as this is gran­ted by the Euro­pean legis­la­tor or other legis­la­tors in laws or regu­la­ti­ons to which the con­trol­ler is sub­ject to.

If the sto­rage pur­pose is not appli­ca­ble, or if a sto­rage period pre­scri­bed by the Euro­pean legis­la­tor or ano­ther com­pe­tent legis­la­tor expi­res, the per­so­nal data are rou­ti­nely blo­cked or erased in accordance with legal requirements.

12. Rights of the data subject

  • a) Right of confirmation

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler the con­fir­ma­tion as to whe­ther or not per­so­nal data con­cer­ning him or her are being pro­ces­sed. If a data sub­ject wishes to avail hims­elf of this right of con­fir­ma­tion, he or she may, at any time, cont­act our Data Pro­tec­tion Offi­cer or ano­ther employee of the controller.

  • b) Right of access

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler free infor­ma­tion about his or her per­so­nal data stored at any time and a copy of this infor­ma­tion. Fur­ther­more, the Euro­pean direc­ti­ves and regu­la­ti­ons grant the data sub­ject access to the fol­lo­wing information:

    • the pur­po­ses of the processing;
    • the cate­go­ries of per­so­nal data concerned;
    • the reci­pi­ents or cate­go­ries of reci­pi­ents to whom the per­so­nal data have been or will be dis­c­lo­sed, in par­ti­cu­lar reci­pi­ents in third count­ries or inter­na­tio­nal organisations;
    • where pos­si­ble, the envi­sa­ged period for which the per­so­nal data will be stored, or, if not pos­si­ble, the cri­te­ria used to deter­mine that period;
    • the exis­tence of the right to request from the con­trol­ler rec­ti­fi­ca­tion or era­sure of per­so­nal data, or rest­ric­tion of pro­ces­sing of per­so­nal data con­cer­ning the data sub­ject, or to object to such processing;
    • the exis­tence of the right to lodge a com­plaint with a super­vi­sory authority;
    • where the per­so­nal data are not coll­ec­ted from the data sub­ject, any available infor­ma­tion as to their source;
    • the exis­tence of auto­ma­ted decision-making, inclu­ding pro­fil­ing, refer­red to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful infor­ma­tion about the logic invol­ved, as well as the signi­fi­cance and envi­sa­ged con­se­quen­ces of such pro­ces­sing for the data subject.

    Fur­ther­more, the data sub­ject shall have a right to obtain infor­ma­tion as to whe­ther per­so­nal data are trans­fer­red to a third coun­try or to an inter­na­tio­nal orga­ni­sa­tion. Where this is the case, the data sub­ject shall have the right to be infor­med of the appro­priate safe­guards rela­ting to the transfer.

    If a data sub­ject wishes to avail hims­elf of this right of access, he or she may at any time cont­act our Data Pro­tec­tion Offi­cer or ano­ther employee of the controller.

  • c) Right to rectification

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler wit­hout undue delay the rec­ti­fi­ca­tion of inac­cu­rate per­so­nal data con­cer­ning him or her. Taking into account the pur­po­ses of the pro­ces­sing, the data sub­ject shall have the right to have incom­plete per­so­nal data com­ple­ted, inclu­ding by means of pro­vi­ding a sup­ple­men­tary statement.

    If a data sub­ject wishes to exer­cise this right to rec­ti­fi­ca­tion, he or she may, at any time, cont­act our Data Pro­tec­tion Offi­cer or ano­ther employee of the controller.

  • d) Right to era­sure (Right to be forgotten)

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler the era­sure of per­so­nal data con­cer­ning him or her wit­hout undue delay, and the con­trol­ler shall have the obli­ga­tion to erase per­so­nal data wit­hout undue delay where one of the fol­lo­wing grounds applies, as long as the pro­ces­sing is not necessary:

    • The per­so­nal data are no longer neces­sary in rela­tion to the pur­po­ses for which they were coll­ec­ted or other­wise processed.
    • The data sub­ject with­draws con­sent to which the pro­ces­sing is based accor­ding to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
    • The data sub­ject objects to the pro­ces­sing pur­su­ant to Article 21(1) of the GDPR and there are no over­ri­ding legi­ti­mate grounds for the pro­ces­sing, or the data sub­ject objects to the pro­ces­sing pur­su­ant to Article 21(2) of the GDPR.
    • The per­so­nal data have been unlawfully processed.
    • The per­so­nal data must be erased for com­pli­ance with a legal obli­ga­tion in Union or Member State law to which the con­trol­ler is subject.
    • The per­so­nal data have been coll­ec­ted in rela­tion to the offer of infor­ma­tion society ser­vices refer­red to in Article 8(1) of the GDPR.

    If one of the afo­re­men­tio­ned reasons applies, and a data sub­ject wishes to request the era­sure of per­so­nal data stored by the Daniel Boehme, he or she may at any time cont­act our Data Pro­tec­tion Offi­cer or ano­ther employee of the con­trol­ler. The Data Pro­tec­tion Offi­cer of the Daniel Boehme or ano­ther employee shall promptly ensure that the era­sure request is com­plied with immediately.

    Where the con­trol­ler has made per­so­nal data public and is obli­ged pur­su­ant to Article 17(1) to erase the per­so­nal data, the con­trol­ler, taking account of available tech­no­logy and the cost of imple­men­ta­tion, shall take reasonable steps, inclu­ding tech­ni­cal mea­su­res, to inform other con­trol­lers pro­ces­sing the per­so­nal data that the data sub­ject has reques­ted era­sure by such con­trol­lers of any links to, or copy or repli­ca­tion of, those per­so­nal data, as far as pro­ces­sing is not requi­red. The Data Pro­tec­tion Offi­cer of the Daniel Boehme or ano­ther employee will arrange the neces­sary mea­su­res in indi­vi­dual cases.

  • e) Right of rest­ric­tion of processing

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler rest­ric­tion of pro­ces­sing where one of the fol­lo­wing applies:

    • The accu­racy of the per­so­nal data is con­tes­ted by the data sub­ject, for a period enab­ling the con­trol­ler to verify the accu­racy of the per­so­nal data.
    • The pro­ces­sing is unlawful and the data sub­ject oppo­ses the era­sure of the per­so­nal data and requests ins­tead the rest­ric­tion of their use instead.
    • The con­trol­ler no longer needs the per­so­nal data for the pur­po­ses of the pro­ces­sing, but they are requi­red by the data sub­ject for the estab­lish­ment, exer­cise or defence of legal claims.
    • The data sub­ject has objec­ted to pro­ces­sing pur­su­ant to Article 21(1) of the GDPR pen­ding the veri­fi­ca­tion whe­ther the legi­ti­mate grounds of the con­trol­ler over­ride those of the data subject.

    If one of the afo­re­men­tio­ned con­di­ti­ons is met, and a data sub­ject wishes to request the rest­ric­tion of the pro­ces­sing of per­so­nal data stored by the Daniel Boehme, he or she may at any time cont­act our Data Pro­tec­tion Offi­cer or ano­ther employee of the con­trol­ler. The Data Pro­tec­tion Offi­cer of the Daniel Boehme or ano­ther employee will arrange the rest­ric­tion of the processing.

  • f) Right to data portability

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor, to receive the per­so­nal data con­cer­ning him or her, which was pro­vi­ded to a con­trol­ler, in a struc­tu­red, com­monly used and machine-readable format. He or she shall have the right to trans­mit those data to ano­ther con­trol­ler wit­hout hin­drance from the con­trol­ler to which the per­so­nal data have been pro­vi­ded, as long as the pro­ces­sing is based on con­sent pur­su­ant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a con­tract pur­su­ant to point (b) of Article 6(1) of the GDPR, and the pro­ces­sing is car­ried out by auto­ma­ted means, as long as the pro­ces­sing is not neces­sary for the per­for­mance of a task car­ried out in the public inte­rest or in the exer­cise of offi­cial aut­ho­rity vested in the controller.

    Fur­ther­more, in exer­cis­ing his or her right to data por­ta­bi­lity pur­su­ant to Article 20(1) of the GDPR, the data sub­ject shall have the right to have per­so­nal data trans­mit­ted directly from one con­trol­ler to ano­ther, where tech­ni­cally fea­si­ble and when doing so does not adver­sely affect the rights and free­doms of others.

    In order to assert the right to data por­ta­bi­lity, the data sub­ject may at any time cont­act the Data Pro­tec­tion Offi­cer desi­gna­ted by the Daniel Boehme or ano­ther employee.

  • g) Right to object

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to object, on grounds rela­ting to his or her par­ti­cu­lar situa­tion, at any time, to pro­ces­sing of per­so­nal data con­cer­ning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to pro­fil­ing based on these provisions.

    The Daniel Boehme shall no longer pro­cess the per­so­nal data in the event of the objec­tion, unless we can demons­trate com­pel­ling legi­ti­mate grounds for the pro­ces­sing which over­ride the inte­rests, rights and free­doms of the data sub­ject, or for the estab­lish­ment, exer­cise or defence of legal claims.

    If the Daniel Boehme pro­ces­ses per­so­nal data for direct mar­ke­ting pur­po­ses, the data sub­ject shall have the right to object at any time to pro­ces­sing of per­so­nal data con­cer­ning him or her for such mar­ke­ting. This applies to pro­fil­ing to the extent that it is rela­ted to such direct mar­ke­ting. If the data sub­ject objects to the Daniel Boehme to the pro­ces­sing for direct mar­ke­ting pur­po­ses, the Daniel Boehme will no longer pro­cess the per­so­nal data for these purposes.

    In addi­tion, the data sub­ject has the right, on grounds rela­ting to his or her par­ti­cu­lar situa­tion, to object to pro­ces­sing of per­so­nal data con­cer­ning him or her by the Daniel Boehme for sci­en­ti­fic or his­to­ri­cal rese­arch pur­po­ses, or for sta­tis­ti­cal pur­po­ses pur­su­ant to Article 89(1) of the GDPR, unless the pro­ces­sing is neces­sary for the per­for­mance of a task car­ried out for reasons of public interest.

    In order to exer­cise the right to object, the data sub­ject may directly cont­act the Data Pro­tec­tion Offi­cer of the Daniel Boehme or ano­ther employee. In addi­tion, the data sub­ject is free in the con­text of the use of infor­ma­tion society ser­vices, and not­wi­th­stan­ding Direc­tive 2002/58/EC, to use his or her right to object by auto­ma­ted means using tech­ni­cal specifications.

  • h) Auto­ma­ted indi­vi­dual decision-making, inclu­ding profiling

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor not to be sub­ject to a decis­ion based solely on auto­ma­ted pro­ces­sing, inclu­ding pro­fil­ing, which pro­du­ces legal effects con­cer­ning him or her, or simi­larly signi­fi­cantly affects him or her, as long as the decis­ion (1) is not is neces­sary for ente­ring into, or the per­for­mance of, a con­tract bet­ween the data sub­ject and a data con­trol­ler, or (2) is not aut­ho­ri­sed by Union or Member State law to which the con­trol­ler is sub­ject and which also lays down sui­ta­ble mea­su­res to safe­guard the data subject's rights and free­doms and legi­ti­mate inte­rests, or (3) is not based on the data subject's expli­cit consent.

    If the decis­ion (1) is neces­sary for ente­ring into, or the per­for­mance of, a con­tract bet­ween the data sub­ject and a data con­trol­ler, or (2) it is based on the data subject's expli­cit con­sent, the Daniel Boehme shall imple­ment sui­ta­ble mea­su­res to safe­guard the data subject's rights and free­doms and legi­ti­mate inte­rests, at least the right to obtain human inter­ven­tion on the part of the con­trol­ler, to express his or her point of view and con­test the decision.

    If the data sub­ject wishes to exer­cise the rights con­cer­ning auto­ma­ted indi­vi­dual decision-making, he or she may at any time directly cont­act our Data Pro­tec­tion Offi­cer of the Daniel Boehme or ano­ther employee of the controller.

  • i) Right to with­draw data pro­tec­tion consent

    Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to with­draw his or her con­sent to pro­ces­sing of his or her per­so­nal data at any time.

    f the data sub­ject wishes to exer­cise the right to with­draw the con­sent, he or she may at any time directly cont­act our Data Pro­tec­tion Offi­cer of the Daniel Boehme or ano­ther employee of the controller.

13. Data pro­tec­tion for appli­ca­ti­ons and the appli­ca­tion procedures

The data con­trol­ler shall coll­ect and pro­cess the per­so­nal data of appli­cants for the pur­pose of the pro­ces­sing of the appli­ca­tion pro­ce­dure. The pro­ces­sing may also be car­ried out elec­tro­ni­cally. This is the case, in par­ti­cu­lar, if an appli­cant sub­mits cor­re­spon­ding appli­ca­tion docu­ments by e-mail or by means of a web form on the web­site to the con­trol­ler. If the data con­trol­ler con­cludes an employ­ment con­tract with an appli­cant, the sub­mit­ted data will be stored for the pur­pose of pro­ces­sing the employ­ment rela­ti­onship in com­pli­ance with legal requi­re­ments. If no employ­ment con­tract is con­cluded with the appli­cant by the con­trol­ler, the appli­ca­tion docu­ments shall be auto­ma­ti­cally erased two months after noti­fi­ca­tion of the refu­sal decis­ion, pro­vi­ded that no other legi­ti­mate inte­rests of the con­trol­ler are oppo­sed to the era­sure. Other legi­ti­mate inte­rest in this rela­tion is, e.g. a burden of proof in a pro­ce­dure under the Gene­ral Equal Tre­at­ment Act (AGG).

14. Data Pro­tec­tion pro­vi­si­ons about the appli­ca­tion and use of AddThis

On this web­site, the data con­trol­ler has inte­gra­ted com­pon­ents of the enter­prise AddThis. AddThis is a so-called book­mar­king pro­vi­der. The ser­vice allows for sim­pli­fied book­mar­king of Inter­net pages via but­tons. By cli­cking on the AddThis com­po­nent with the mouse, or by cli­cking on it, a list of book­mar­king and sha­ring ser­vices is dis­played. AddThis is used on over 15 mil­lion web­sites, and the but­tons are dis­played, accor­ding to the infor­ma­tion of the ope­ra­ting enter­prise, over 20 bil­lion times a year.

The ope­ra­ting com­pany of AddThis is AddThis, Inc. 1595 Spring Hill Road, Suite 300, Vienna, VA 22182, United States.

By cal­ling up one of the indi­vi­dual pages of the web­site, which is ope­ra­ted by the con­trol­ler, and on which an AddThis com­po­nent has been inte­gra­ted, the Inter­net brow­ser of the data sub­ject is auto­ma­ti­cally prompted by the respec­tive AddThis com­po­nent to down­load data from the web­site www.addthis.com. Within the frame­work of this tech­ni­cal pro­ce­dure, AddThis is infor­med of the visit and the spe­ci­fic indi­vi­dual page of this web­site that was used by the data sub­ject with the help of infor­ma­tion tech­no­logy. In addi­tion, AddThis is infor­med about the IP address of the com­pu­ter system assi­gned by the Inter­net ser­vice pro­vi­der (ISP) and used by the data sub­ject, the brow­ser type and lan­guage, the web page acces­sed before our web­site, the date and the time of the visit to our web­site. AddThis uses this data to create anony­mous user pro­files. The data and infor­ma­tion trans­mit­ted to AddThis in this way will enable the enter­prise AddThis, as well as affi­lia­tes or their partner-enterprises, to cont­act visi­tors of the web pages of the con­trol­ler with per­so­na­li­zed and interest-based advertising.

AddThis dis­plays per­so­na­li­zed and interest-based adver­ti­sing on the basis of a cookie set by the enter­prise. This cookie ana­ly­zes the indi­vi­dual sur­fing beha­vior of the com­pu­ter system used by the data sub­ject. The cookie saves the computer-based out­go­ing visits to Inter­net pages.

The data sub­ject may, at any time, pre­vent the set­ting of coo­kies through our web­site by means of a cor­re­spon­ding set­ting of the Inter­net brow­ser used, and thus per­ma­nently deny the set­ting of coo­kies. Such a set­ting of the Inter­net brow­ser used would also pre­vent AddThis from set­ting a cookie on the infor­ma­tion tech­no­logy system of the data sub­ject. Coo­kies may also be dele­ted by AddThis at any time via an Inter­net brow­ser or other soft­ware programs.

The data sub­ject also has the pos­si­bi­lity of objec­ting per­ma­nently to the pro­ces­sing of per­so­nal data by AddThis. For this pur­pose, the data sub­ject must click on the opt-out button under the link http://www.addthis.com/privacy/opt-out, which sets an opt-out cookie. The opt-out cookie used for this pur­pose is placed on the infor­ma­tion tech­no­logy system used by the data sub­ject. If the data sub­ject dele­tes the coo­kies from his system, then the data sub­ject must call up the link again and set a new opt-out cookie.

With the set­ting of the opt-out cookie, howe­ver, the pos­si­bi­lity exists that the web­sites of the con­trol­ler are not fully usable any­more by the data subject.

The appli­ca­ble data pro­tec­tion pro­vi­si­ons of AddThis may be acces­sed under http://www.addthis.com/privacy/privacy-policy.

15. Data pro­tec­tion pro­vi­si­ons about the appli­ca­tion and use of Facebook

On this web­site, the con­trol­ler has inte­gra­ted com­pon­ents of the enter­prise Face­book. Face­book is a social network.

A social net­work is a place for social mee­tings on the Inter­net, an online com­mu­nity, which usually allows users to com­mu­ni­cate with each other and inter­act in a vir­tual space. A social net­work may serve as a plat­form for the exch­ange of opi­ni­ons and expe­ri­en­ces, or enable the Inter­net com­mu­nity to pro­vide per­so­nal or business-related infor­ma­tion. Face­book allows social net­work users to include the crea­tion of pri­vate pro­files, upload photos, and net­work through friend requests.

The ope­ra­ting com­pany of Face­book is Face­book, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives out­side of the United States or Canada, the con­trol­ler is the Face­book Ire­land Ltd., 4 Grand Canal Square, Grand Canal Har­bour, Dublin 2, Ireland.

With each call-up to one of the indi­vi­dual pages of this Inter­net web­site, which is ope­ra­ted by the con­trol­ler and into which a Face­book com­po­nent (Face­book plug-ins) was inte­gra­ted, the web brow­ser on the infor­ma­tion tech­no­logy system of the data sub­ject is auto­ma­ti­cally prompted to down­load dis­play of the cor­re­spon­ding Face­book com­po­nent from Face­book through the Face­book com­po­nent. An over­view of all the Face­book Plug-ins may be acces­sed under https://developers.facebook.com/docs/plugins/. During the course of this tech­ni­cal pro­ce­dure, Face­book is made aware of what spe­ci­fic sub-site of our web­site was visi­ted by the data subject.

If the data sub­ject is logged in at the same time on Face­book, Face­book detects with every call-up to our web­site by the data subject—and for the entire dura­tion of their stay on our Inter­net site—which spe­ci­fic sub-site of our Inter­net page was visi­ted by the data sub­ject. This infor­ma­tion is coll­ec­ted through the Face­book com­po­nent and asso­cia­ted with the respec­tive Face­book account of the data sub­ject. If the data sub­ject clicks on one of the Face­book but­tons inte­gra­ted into our web­site, e.g. the "Like" button, or if the data sub­ject sub­mits a com­ment, then Face­book matches this infor­ma­tion with the per­so­nal Face­book user account of the data sub­ject and stores the per­so­nal data.

Face­book always recei­ves, through the Face­book com­po­nent, infor­ma­tion about a visit to our web­site by the data sub­ject, when­ever the data sub­ject is logged in at the same time on Face­book during the time of the call-up to our web­site. This occurs regard­less of whe­ther the data sub­ject clicks on the Face­book com­po­nent or not. If such a trans­mis­sion of infor­ma­tion to Face­book is not desi­ra­ble for the data sub­ject, then he or she may pre­vent this by log­ging off from their Face­book account before a call-up to our web­site is made.

The data pro­tec­tion gui­de­line published by Face­book, which is available at https://facebook.com/about/privacy/, pro­vi­des infor­ma­tion about the coll­ec­tion, pro­ces­sing and use of per­so­nal data by Face­book. In addi­tion, it is explai­ned there what set­ting opti­ons Face­book offers to pro­tect the pri­vacy of the data sub­ject. In addi­tion, dif­fe­rent con­fi­gu­ra­tion opti­ons are made available to allow the eli­mi­na­tion of data trans­mis­sion to Face­book, e.g. the Face­book blo­cker of the pro­vi­der Web­graph, which may be obtai­ned under http://webgraph.com/resources/facebookblocker/. These appli­ca­ti­ons may be used by the data sub­ject to eli­mi­nate a data trans­mis­sion to Facebook.

16. Data pro­tec­tion pro­vi­si­ons about the appli­ca­tion and use of Google Ana­ly­tics (with anony­miza­tion function)

On this web­site, the con­trol­ler has inte­gra­ted the com­po­nent of Google Ana­ly­tics (with the anony­mi­zer func­tion). Google Ana­ly­tics is a web ana­ly­tics ser­vice. Web ana­ly­tics is the coll­ec­tion, gathe­ring, and ana­ly­sis of data about the beha­vior of visi­tors to web­sites. A web ana­ly­sis ser­vice coll­ects, inter alia, data about the web­site from which a person has come (the so-called refer­rer), which sub-pages were visi­ted, or how often and for what dura­tion a sub-page was viewed. Web ana­ly­tics are mainly used for the opti­miza­tion of a web­site and in order to carry out a cost-benefit ana­ly­sis of Inter­net advertising.

The ope­ra­tor of the Google Ana­ly­tics com­po­nent is Google Inc., 1600 Amphi­theatre Pkwy, Moun­tain View, CA 94043-1351, United States.

For the web ana­ly­tics through Google Ana­ly­tics the con­trol­ler uses the appli­ca­tion "_gat. _anonymizeIp". By means of this appli­ca­tion the IP address of the Inter­net con­nec­tion of the data sub­ject is abrid­ged by Google and anony­mi­sed when acces­sing our web­sites from a Member State of the Euro­pean Union or ano­ther Con­trac­ting State to the Agree­ment on the Euro­pean Eco­no­mic Area.

The pur­pose of the Google Ana­ly­tics com­po­nent is to ana­lyze the traf­fic on our web­site. Google uses the coll­ec­ted data and infor­ma­tion, inter alia, to eva­luate the use of our web­site and to pro­vide online reports, which show the acti­vi­ties on our web­sites, and to pro­vide other ser­vices con­cer­ning the use of our Inter­net site for us.

Google Ana­ly­tics places a cookie on the infor­ma­tion tech­no­logy system of the data sub­ject. The defi­ni­tion of coo­kies is explai­ned above. With the set­ting of the cookie, Google is enab­led to ana­lyze the use of our web­site. With each call-up to one of the indi­vi­dual pages of this Inter­net site, which is ope­ra­ted by the con­trol­ler and into which a Google Ana­ly­tics com­po­nent was inte­gra­ted, the Inter­net brow­ser on the infor­ma­tion tech­no­logy system of the data sub­ject will auto­ma­ti­cally submit data through the Google Ana­ly­tics com­po­nent for the pur­pose of online adver­ti­sing and the sett­le­ment of com­mis­si­ons to Google. During the course of this tech­ni­cal pro­ce­dure, the enter­prise Google gains know­ledge of per­so­nal infor­ma­tion, such as the IP address of the data sub­ject, which serves Google, inter alia, to under­stand the origin of visi­tors and clicks, and sub­se­quently create com­mis­sion settlements.

The cookie is used to store per­so­nal infor­ma­tion, such as the access time, the loca­tion from which the access was made, and the fre­quency of visits of our web­site by the data sub­ject. With each visit to our Inter­net site, such per­so­nal data, inclu­ding the IP address of the Inter­net access used by the data sub­ject, will be trans­mit­ted to Google in the United States of Ame­rica. These per­so­nal data are stored by Google in the United States of Ame­rica. Google may pass these per­so­nal data coll­ec­ted through the tech­ni­cal pro­ce­dure to third parties.

The data sub­ject may, as stated above, pre­vent the set­ting of coo­kies through our web­site at any time by means of a cor­re­spon­ding adjus­t­ment of the web brow­ser used and thus per­ma­nently deny the set­ting of coo­kies. Such an adjus­t­ment to the Inter­net brow­ser used would also pre­vent Google Ana­ly­tics from set­ting a cookie on the infor­ma­tion tech­no­logy system of the data sub­ject. In addi­tion, coo­kies alre­ady in use by Google Ana­ly­tics may be dele­ted at any time via a web brow­ser or other soft­ware programs.

In addi­tion, the data sub­ject has the pos­si­bi­lity of objec­ting to a coll­ec­tion of data that are gene­ra­ted by Google Ana­ly­tics, which is rela­ted to the use of this web­site, as well as the pro­ces­sing of this data by Google and the chance to pre­clude any such. For this pur­pose, the data sub­ject must down­load a brow­ser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This brow­ser add-on tells Google Ana­ly­tics through a Java­Script, that any data and infor­ma­tion about the visits of Inter­net pages may not be trans­mit­ted to Google Ana­ly­tics. The instal­la­tion of the brow­ser add-ons is con­side­red an objec­tion by Google. If the infor­ma­tion tech­no­logy system of the data sub­ject is later dele­ted, for­mat­ted, or newly instal­led, then the data sub­ject must reinstall the brow­ser add-ons to disable Google Ana­ly­tics. If the brow­ser add-on was unin­stal­led by the data sub­ject or any other person who is attri­bu­ta­ble to their sphere of com­pe­tence, or is dis­ab­led, it is pos­si­ble to exe­cute the reinstal­la­tion or reac­ti­va­tion of the brow­ser add-ons.

Fur­ther infor­ma­tion and the appli­ca­ble data pro­tec­tion pro­vi­si­ons of Google may be retrie­ved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Ana­ly­tics is fur­ther explai­ned under the fol­lo­wing Link https://www.google.com/analytics/.

17. Data pro­tec­tion pro­vi­si­ons about the appli­ca­tion and use of Google+

On this web­site, the con­trol­ler has inte­gra­ted the Google+ button as a com­po­nent. Google+ is a so-called social net­work. A social net­work is a social mee­ting place on the Inter­net, an online com­mu­nity, which usually allows users to com­mu­ni­cate with each other and inter­act in a vir­tual space. A social net­work may serve as a plat­form for the exch­ange of opi­ni­ons and expe­ri­en­ces, or enable the Inter­net com­mu­nity to pro­vide per­so­nal or business-related infor­ma­tion. Google+ allows users of the social net­work to include the crea­tion of pri­vate pro­files, upload photos and net­work through friend requests.

The ope­ra­ting com­pany of Google+ is Google Inc., 1600 Amphi­theatre Pkwy, Moun­tain View, CA 94043-1351, UNITED STATES.

With each call-up to one of the indi­vi­dual pages of this web­site, which is ope­ra­ted by the con­trol­ler and on which a Google+ button has been inte­gra­ted, the Inter­net brow­ser on the infor­ma­tion tech­no­logy system of the data sub­ject auto­ma­ti­cally down­loads a dis­play of the cor­re­spon­ding Google+ button of Google through the respec­tive Google+ button com­po­nent. During the course of this tech­ni­cal pro­ce­dure, Google is made aware of what spe­ci­fic sub-page of our web­site was visi­ted by the data sub­ject. More detailed infor­ma­tion about Google+ is available under https://developers.google.com/+/.

If the data sub­ject is logged in at the same time to Google+, Google reco­gni­zes with each call-up to our web­site by the data sub­ject and for the entire dura­tion of his or her stay on our Inter­net site, which spe­ci­fic sub-pages of our Inter­net page were visi­ted by the data sub­ject. This infor­ma­tion is coll­ec­ted through the Google+ button and Google matches this with the respec­tive Google+ account asso­cia­ted with the data subject.

If the data sub­ject clicks on the Google+ button inte­gra­ted on our web­site and thus gives a Google+ 1 recom­men­da­tion, then Google assigns this infor­ma­tion to the per­so­nal Google+ user account of the data sub­ject and stores the per­so­nal data. Google stores the Google+ 1 recom­men­da­tion of the data sub­ject, making it publicly available in accordance with the terms and con­di­ti­ons accepted by the data sub­ject in this regard. Sub­se­quently, a Google+ 1 recom­men­da­tion given by the data sub­ject on this web­site tog­e­ther with other per­so­nal data, such as the Google+ account name used by the data sub­ject and the stored photo, is stored and pro­ces­sed on other Google ser­vices, such as search-engine results of the Google search engine, the Google account of the data sub­ject or in other places, e.g. on Inter­net pages, or in rela­tion to adver­ti­se­ments. Google is also able to link the visit to this web­site with other per­so­nal data stored on Google. Google fur­ther records this per­so­nal infor­ma­tion with the pur­pose of impro­ving or opti­mi­zing the various Google services.

Through the Google+ button, Google recei­ves infor­ma­tion that the data sub­ject visi­ted our web­site, if the data sub­ject at the time of the call-up to our web­site is logged in to Google+. This occurs regard­less of whe­ther the data sub­ject clicks or doesn’t click on the Google+ button.

If the data sub­ject does not wish to trans­mit per­so­nal data to Google, he or she may pre­vent such trans­mis­sion by log­ging out of his Google+ account before cal­ling up our website.

Fur­ther infor­ma­tion and the data pro­tec­tion pro­vi­si­ons of Google may be retrie­ved under https://www.google.com/intl/en/policies/privacy/. More refe­ren­ces from Google about the Google+ 1 button may be obtai­ned under https://developers.google.com/+/web/buttons-policy.

18. Data pro­tec­tion pro­vi­si­ons about the appli­ca­tion and use of Instagram

On this web­site, the con­trol­ler has inte­gra­ted com­pon­ents of the ser­vice Insta­gram. Insta­gram is a ser­vice that may be qua­li­fied as an audio­vi­sual plat­form, which allows users to share photos and videos, as well as dis­se­mi­nate such data in other social networks.

The ope­ra­ting com­pany of the ser­vices offe­red by Insta­gram is Insta­gram LLC, 1 Hacker Way, Buil­ding 14 First Floor, Menlo Park, CA, UNITED STATES.

With each call-up to one of the indi­vi­dual pages of this Inter­net site, which is ope­ra­ted by the con­trol­ler and on which an Insta­gram com­po­nent (Insta button) was inte­gra­ted, the Inter­net brow­ser on the infor­ma­tion tech­no­logy system of the data sub­ject is auto­ma­ti­cally prompted to the down­load of a dis­play of the cor­re­spon­ding Insta­gram com­po­nent of Insta­gram. During the course of this tech­ni­cal pro­ce­dure, Insta­gram beco­mes aware of what spe­ci­fic sub-page of our web­site was visi­ted by the data subject.

If the data sub­ject is logged in at the same time on Insta­gram, Insta­gram detects with every call-up to our web­site by the data subject—and for the entire dura­tion of their stay on our Inter­net site—which spe­ci­fic sub-page of our Inter­net page was visi­ted by the data sub­ject. This infor­ma­tion is coll­ec­ted through the Insta­gram com­po­nent and is asso­cia­ted with the respec­tive Insta­gram account of the data sub­ject. If the data sub­ject clicks on one of the Insta­gram but­tons inte­gra­ted on our web­site, then Insta­gram matches this infor­ma­tion with the per­so­nal Insta­gram user account of the data sub­ject and stores the per­so­nal data.

Insta­gram recei­ves infor­ma­tion via the Insta­gram com­po­nent that the data sub­ject has visi­ted our web­site pro­vi­ded that the data sub­ject is logged in at Insta­gram at the time of the call to our web­site. This occurs regard­less of whe­ther the person clicks on the Insta­gram button or not. If such a trans­mis­sion of infor­ma­tion to Insta­gram is not desi­ra­ble for the data sub­ject, then he or she can pre­vent this by log­ging off from their Insta­gram account before a call-up to our web­site is made.

Fur­ther infor­ma­tion and the appli­ca­ble data pro­tec­tion pro­vi­si­ons of Insta­gram may be retrie­ved under https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

19. Data pro­tec­tion pro­vi­si­ons about the appli­ca­tion and use of Twitter

On this web­site, the con­trol­ler has inte­gra­ted com­pon­ents of Twit­ter. Twit­ter is a mul­ti­l­in­gual, publicly-accessible micro­blog­ging ser­vice on which users may publish and spread so-called ‘tweets,’ e.g. short mes­sa­ges, which are limi­ted to 140 cha­rac­ters. These short mes­sa­ges are available for ever­yone, inclu­ding those who are not logged on to Twit­ter. The tweets are also dis­played to so-called fol­lo­wers of the respec­tive user. Fol­lo­wers are other Twit­ter users who follow a user's tweets. Fur­ther­more, Twit­ter allows you to address a wide audi­ence via hash­tags, links or retweets.

The ope­ra­ting com­pany of Twit­ter is Twit­ter, Inc., 1355 Market Street, Suite 900, San Fran­cisco, CA 94103, UNITED STATES.

With each call-up to one of the indi­vi­dual pages of this Inter­net site, which is ope­ra­ted by the con­trol­ler and on which a Twit­ter com­po­nent (Twit­ter button) was inte­gra­ted, the Inter­net brow­ser on the infor­ma­tion tech­no­logy system of the data sub­ject is auto­ma­ti­cally prompted to down­load a dis­play of the cor­re­spon­ding Twit­ter com­po­nent of Twit­ter. Fur­ther infor­ma­tion about the Twit­ter but­tons is available under https://about.twitter.com/de/resources/buttons. During the course of this tech­ni­cal pro­ce­dure, Twit­ter gains know­ledge of what spe­ci­fic sub-page of our web­site was visi­ted by the data sub­ject. The pur­pose of the inte­gra­tion of the Twit­ter com­po­nent is a retrans­mis­sion of the con­tents of this web­site to allow our users to intro­duce this web page to the digi­tal world and increase our visi­tor numbers.

If the data sub­ject is logged in at the same time on Twit­ter, Twit­ter detects with every call-up to our web­site by the data sub­ject and for the entire dura­tion of their stay on our Inter­net site which spe­ci­fic sub-page of our Inter­net page was visi­ted by the data sub­ject. This infor­ma­tion is coll­ec­ted through the Twit­ter com­po­nent and asso­cia­ted with the respec­tive Twit­ter account of the data sub­ject. If the data sub­ject clicks on one of the Twit­ter but­tons inte­gra­ted on our web­site, then Twit­ter assigns this infor­ma­tion to the per­so­nal Twit­ter user account of the data sub­ject and stores the per­so­nal data.

Twit­ter recei­ves infor­ma­tion via the Twit­ter com­po­nent that the data sub­ject has visi­ted our web­site, pro­vi­ded that the data sub­ject is logged in on Twit­ter at the time of the call-up to our web­site. This occurs regard­less of whe­ther the person clicks on the Twit­ter com­po­nent or not. If such a trans­mis­sion of infor­ma­tion to Twit­ter is not desi­ra­ble for the data sub­ject, then he or she may pre­vent this by log­ging off from their Twit­ter account before a call-up to our web­site is made.

The appli­ca­ble data pro­tec­tion pro­vi­si­ons of Twit­ter may be acces­sed under https://twitter.com/privacy?lang=en.

20. Data pro­tec­tion pro­vi­si­ons about the appli­ca­tion and use of YouTube

On this web­site, the con­trol­ler has inte­gra­ted com­pon­ents of You­Tube. You­Tube is an Inter­net video portal that enables video publishers to set video clips and other users free of charge, which also pro­vi­des free vie­w­ing, review and com­men­ting on them. You­Tube allows you to publish all kinds of videos, so you can access both full movies and TV broad­casts, as well as music videos, trai­lers, and videos made by users via the Inter­net portal.

The ope­ra­ting com­pany of You­Tube is You­Tube, LLC, 901 Cherry Ave., San Bruno, CA 94066, UNITED STATES. The You­Tube, LLC is a sub­si­diary of Google Inc., 1600 Amphi­theatre Pkwy, Moun­tain View, CA 94043-1351, UNITED STATES.

With each call-up to one of the indi­vi­dual pages of this Inter­net site, which is ope­ra­ted by the con­trol­ler and on which a You­Tube com­po­nent (You­Tube video) was inte­gra­ted, the Inter­net brow­ser on the infor­ma­tion tech­no­logy system of the data sub­ject is auto­ma­ti­cally prompted to down­load a dis­play of the cor­re­spon­ding You­Tube com­po­nent. Fur­ther infor­ma­tion about You­Tube may be obtai­ned under https://www.youtube.com/yt/about/en/. During the course of this tech­ni­cal pro­ce­dure, You­Tube and Google gain know­ledge of what spe­ci­fic sub-page of our web­site was visi­ted by the data subject.

If the data sub­ject is logged in on You­Tube, You­Tube reco­gni­zes with each call-up to a sub-page that con­ta­ins a You­Tube video, which spe­ci­fic sub-page of our Inter­net site was visi­ted by the data sub­ject. This infor­ma­tion is coll­ec­ted by You­Tube and Google and assi­gned to the respec­tive You­Tube account of the data subject.

You­Tube and Google will receive infor­ma­tion through the You­Tube com­po­nent that the data sub­ject has visi­ted our web­site, if the data sub­ject at the time of the call to our web­site is logged in on You­Tube; this occurs regard­less of whe­ther the person clicks on a You­Tube video or not. If such a trans­mis­sion of this infor­ma­tion to You­Tube and Google is not desi­ra­ble for the data sub­ject, the deli­very may be pre­ven­ted if the data sub­ject logs off from their own You­Tube account before a call-up to our web­site is made.

YouTube's data pro­tec­tion pro­vi­si­ons, available at https://www.google.com/intl/en/policies/privacy/, pro­vide infor­ma­tion about the coll­ec­tion, pro­ces­sing and use of per­so­nal data by You­Tube and Google.

21. Pay­ment Method: Data pro­tec­tion pro­vi­si­ons about the use of PayPal as a pay­ment processor

On this web­site, the con­trol­ler has inte­gra­ted com­pon­ents of PayPal. PayPal is an online pay­ment ser­vice pro­vi­der. Pay­ments are pro­ces­sed via so-called PayPal accounts, which repre­sent vir­tual pri­vate or busi­ness accounts. PayPal is also able to pro­cess vir­tual pay­ments through credit cards when a user does not have a PayPal account. A PayPal account is mana­ged via an e-mail address, which is why there are no clas­sic account num­bers. PayPal makes it pos­si­ble to trig­ger online pay­ments to third par­ties or to receive pay­ments. PayPal also accepts trus­tee func­tions and offers buyer pro­tec­tion services.

The Euro­pean ope­ra­ting com­pany of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Bou­le­vard Royal, 2449 Luxem­bourg, Luxembourg.

If the data sub­ject choo­ses "PayPal" as the pay­ment option in the online shop during the orde­ring pro­cess, we auto­ma­ti­cally trans­mit the data of the data sub­ject to PayPal. By sel­ec­ting this pay­ment option, the data sub­ject agrees to the trans­fer of per­so­nal data requi­red for pay­ment processing.

The per­so­nal data trans­mit­ted to PayPal is usually first name, last name, address, email address, IP address, tele­phone number, mobile phone number, or other data neces­sary for pay­ment pro­ces­sing. The pro­ces­sing of the purchase con­tract also requi­res such per­so­nal data, which are in con­nec­tion with the respec­tive order.

The trans­mis­sion of the data is aimed at pay­ment pro­ces­sing and fraud pre­ven­tion. The con­trol­ler will trans­fer per­so­nal data to PayPal, in par­ti­cu­lar, if a legi­ti­mate inte­rest in the trans­mis­sion is given. The per­so­nal data exch­an­ged bet­ween PayPal and the con­trol­ler for the pro­ces­sing of the data will be trans­mit­ted by PayPal to eco­no­mic credit agen­cies. This trans­mis­sion is inten­ded for iden­tity and cre­dit­wort­hi­ness checks.

PayPal will, if neces­sary, pass on per­so­nal data to affi­lia­tes and ser­vice pro­vi­ders or sub­con­trac­tors to the extent that this is neces­sary to ful­fill con­trac­tual obli­ga­ti­ons or for data to be pro­ces­sed in the order.

The data sub­ject has the pos­si­bi­lity to revoke con­sent for the hand­ling of per­so­nal data at any time from PayPal. A revo­ca­tion shall not have any effect on per­so­nal data which must be pro­ces­sed, used or trans­mit­ted in accordance with (con­trac­tual) pay­ment processing.

The appli­ca­ble data pro­tec­tion pro­vi­si­ons of PayPal may be retrie­ved under https://www.paypal.com/us/webapps/mpp/ua/privacy-full.

22. Legal basis for the processing

Art. 6(1) lit. a GDPR serves as the legal basis for pro­ces­sing ope­ra­ti­ons for which we obtain con­sent for a spe­ci­fic pro­ces­sing pur­pose. If the pro­ces­sing of per­so­nal data is neces­sary for the per­for­mance of a con­tract to which the data sub­ject is party, as is the case, for exam­ple, when pro­ces­sing ope­ra­ti­ons are neces­sary for the supply of goods or to pro­vide any other ser­vice, the pro­ces­sing is based on Article 6(1) lit. b GDPR. The same applies to such pro­ces­sing ope­ra­ti­ons which are neces­sary for car­ry­ing out pre-contractual mea­su­res, for exam­ple in the case of inqui­ries con­cer­ning our pro­ducts or ser­vices. Is our com­pany sub­ject to a legal obli­ga­tion by which pro­ces­sing of per­so­nal data is requi­red, such as for the ful­fill­ment of tax obli­ga­ti­ons, the pro­ces­sing is based on Art. 6(1) lit. c GDPR. In rare cases, the pro­ces­sing of per­so­nal data may be neces­sary to pro­tect the vital inte­rests of the data sub­ject or of ano­ther natu­ral person. This would be the case, for exam­ple, if a visi­tor were inju­red in our com­pany and his name, age, health insu­rance data or other vital infor­ma­tion would have to be passed on to a doctor, hos­pi­tal or other third party. Then the pro­ces­sing would be based on Art. 6(1) lit. d GDPR. Finally, pro­ces­sing ope­ra­ti­ons could be based on Article 6(1) lit. f GDPR. This legal basis is used for pro­ces­sing ope­ra­ti­ons which are not covered by any of the abo­ve­men­tio­ned legal grounds, if pro­ces­sing is neces­sary for the pur­po­ses of the legi­ti­mate inte­rests pur­sued by our com­pany or by a third party, except where such inte­rests are over­ridden by the inte­rests or fun­da­men­tal rights and free­doms of the data sub­ject which require pro­tec­tion of per­so­nal data. Such pro­ces­sing ope­ra­ti­ons are par­ti­cu­larly per­mis­si­ble because they have been spe­ci­fi­cally men­tio­ned by the Euro­pean legis­la­tor. He con­side­red that a legi­ti­mate inte­rest could be assu­med if the data sub­ject is a client of the con­trol­ler (Reci­tal 47 Sen­tence 2 GDPR).

23. The legi­ti­mate inte­rests pur­sued by the con­trol­ler or by a third party

Where the pro­ces­sing of per­so­nal data is based on Article 6(1) lit. f GDPR our legi­ti­mate inte­rest is to carry out our busi­ness in favor of the well-being of all our employees and the shareholders.

24. Period for which the per­so­nal data will be stored

The cri­te­ria used to deter­mine the period of sto­rage of per­so­nal data is the respec­tive sta­tu­tory reten­tion period. After expi­ra­tion of that period, the cor­re­spon­ding data is rou­ti­nely dele­ted, as long as it is no longer neces­sary for the ful­fill­ment of the con­tract or the initia­tion of a contract.

25. Pro­vi­sion of per­so­nal data as sta­tu­tory or con­trac­tual requi­re­ment; Requi­re­ment neces­sary to enter into a con­tract; Obli­ga­tion of the data sub­ject to pro­vide the per­so­nal data; pos­si­ble con­se­quen­ces of fail­ure to pro­vide such data

We cla­rify that the pro­vi­sion of per­so­nal data is partly requi­red by law (e.g. tax regu­la­ti­ons) or can also result from con­trac­tual pro­vi­si­ons (e.g. infor­ma­tion on the con­trac­tual part­ner). Some­ti­mes it may be neces­sary to con­clude a con­tract that the data sub­ject pro­vi­des us with per­so­nal data, which must sub­se­quently be pro­ces­sed by us. The data sub­ject is, for exam­ple, obli­ged to pro­vide us with per­so­nal data when our com­pany signs a con­tract with him or her. The non-provision of the per­so­nal data would have the con­se­quence that the con­tract with the data sub­ject could not be con­cluded. Before per­so­nal data is pro­vi­ded by the data sub­ject, the data sub­ject must cont­act our Data Pro­tec­tion Offi­cer. Our Data Pro­tec­tion Offi­cer cla­ri­fies to the data sub­ject whe­ther the pro­vi­sion of the per­so­nal data is requi­red by law or con­tract or is neces­sary for the con­clu­sion of the con­tract, whe­ther there is an obli­ga­tion to pro­vide the per­so­nal data and the con­se­quen­ces of non-provision of the per­so­nal data.

26. Exis­tence of auto­ma­ted decision-making

As a respon­si­ble com­pany, we do not use auto­ma­tic decision-making or profiling.

This Pri­vacy Policy has been gene­ra­ted by the Pri­vacy Policy Gene­ra­tor of the Exter­nal Data Pro­tec­tion Offi­cers that was deve­lo­ped in coope­ra­tion with RC GmbH, which sells used note­books and the Media Law Lawy­ers from WBS-LAW.