Pri­vacy Policy

Ver­sion for 'normal' human beings

Any data you add to your pro­file will be pub­licly access­able, except your email address.

We will NEVER share your email address with anyone.

We may send you impor­tant admin­is­tra­tive mes­sages related to your user account to your email address, like new pass­word requests, etc...

If you want to get updates about new posts sub­scribe to our mail­ing list or to our social media chan­nels.

On sodafilm.de, we use the shop­ping cart from paypal and there­fore don't save any user data on our server. Excep­tion: on access of our down­load prod­ucts files we log the ip addresses.

We may use a cookie to save your lan­guage selec­tion of our site.

Pri­vacy Policy

We are very delighted that you have shown inter­est in our enter­prise. Data pro­tec­tion is of a par­tic­u­larly high pri­or­ity for the man­age­ment of the Daniel Boehme. The use of the Inter­net pages of the Daniel Boehme is pos­si­ble with­out any indi­ca­tion of per­sonal data; how­ever, if a data sub­ject wants to use spe­cial enter­prise ser­vices via our web­site, pro­cess­ing of per­sonal data could become nec­es­sary. If the pro­cess­ing of per­sonal data is nec­es­sary and there is no statu­tory basis for such pro­cess­ing, we gen­er­ally obtain con­sent from the data sub­ject.

The pro­cess­ing of per­sonal data, such as the name, address, e-mail address, or tele­phone number of a data sub­ject shall always be in line with the Gen­eral Data Pro­tec­tion Reg­u­la­tion (GDPR), and in accor­dance with the coun­try-spe­cific data pro­tec­tion reg­u­la­tions applic­a­ble to the Daniel Boehme. By means of this data pro­tec­tion dec­la­ra­tion, our enter­prise would like to inform the gen­eral public of the nature, scope, and pur­pose of the per­sonal data we col­lect, use and process. Fur­ther­more, data sub­jects are informed, by means of this data pro­tec­tion dec­la­ra­tion, of the rights to which they are enti­tled.

As the con­troller, the Daniel Boehme has imple­mented numer­ous tech­ni­cal and orga­ni­za­tional mea­sures to ensure the most com­plete pro­tec­tion of per­sonal data processed through this web­site. How­ever, Inter­net-based data trans­mis­sions may in prin­ci­ple have secu­rity gaps, so absolute pro­tec­tion may not be guar­an­teed. For this reason, every data sub­ject is free to trans­fer per­sonal data to us via alter­na­tive means, e.g. by tele­phone.

1. Def­i­n­i­tions

The data pro­tec­tion dec­la­ra­tion of the Daniel Boehme is based on the terms used by the Euro­pean leg­is­la­tor for the adop­tion of the Gen­eral Data Pro­tec­tion Reg­u­la­tion (GDPR). Our data pro­tec­tion dec­la­ra­tion should be leg­i­ble and under­stand­able for the gen­eral public, as well as our cus­tomers and busi­ness part­ners. To ensure this, we would like to first explain the ter­mi­nol­ogy used.

In this data pro­tec­tion dec­la­ra­tion, we use, inter alia, the fol­low­ing terms:

  • a) Per­sonal data

    Per­sonal data means any infor­ma­tion relat­ing to an iden­ti­fied or iden­ti­fi­able nat­ural person (“data sub­ject”). An iden­ti­fi­able nat­ural person is one who can be iden­ti­fied, directly or indi­rectly, in par­tic­u­lar by ref­er­ence to an iden­ti­fier such as a name, an iden­ti­fi­ca­tion number, loca­tion data, an online iden­ti­fier or to one or more fac­tors spe­cific to the phys­i­cal, phys­i­o­log­i­cal, genetic, mental, eco­nomic, cul­tural or social iden­tity of that nat­ural person.

  • b) Data sub­ject

    Data sub­ject is any iden­ti­fied or iden­ti­fi­able nat­ural person, whose per­sonal data is processed by the con­troller respon­si­ble for the pro­cess­ing.

  • c) Pro­cess­ing

    Pro­cess­ing is any oper­a­tion or set of oper­a­tions which is per­formed on per­sonal data or on sets of per­sonal data, whether or not by auto­mated means, such as col­lec­tion, record­ing, organ­i­sa­tion, struc­tur­ing, stor­age, adap­ta­tion or alter­ation, retrieval, con­sul­ta­tion, use, dis­clo­sure by trans­mis­sion, dis­sem­i­na­tion or oth­er­wise making avail­able, align­ment or com­bi­na­tion, restric­tion, era­sure or destruc­tion.

  • d) Restric­tion of pro­cess­ing

    Restric­tion of pro­cess­ing is the mark­ing of stored per­sonal data with the aim of lim­it­ing their pro­cess­ing in the future.

  • e) Pro­fil­ing

    Pro­fil­ing means any form of auto­mated pro­cess­ing of per­sonal data con­sist­ing of the use of per­sonal data to eval­u­ate cer­tain per­sonal aspects relat­ing to a nat­ural person, in par­tic­u­lar to analyse or pre­dict aspects con­cern­ing that nat­ural person's per­for­mance at work, eco­nomic sit­u­a­tion, health, per­sonal pref­er­ences, inter­ests, reli­a­bil­ity, behav­iour, loca­tion or move­ments.

  • f) Pseu­do­nymi­sa­tion

    Pseu­do­nymi­sa­tion is the pro­cess­ing of per­sonal data in such a manner that the per­sonal data can no longer be attrib­uted to a spe­cific data sub­ject with­out the use of addi­tional infor­ma­tion, pro­vided that such addi­tional infor­ma­tion is kept sep­a­rately and is sub­ject to tech­ni­cal and organ­i­sa­tional mea­sures to ensure that the per­sonal data are not attrib­uted to an iden­ti­fied or iden­ti­fi­able nat­ural person.

  • g) Con­troller or con­troller respon­si­ble for the pro­cess­ing

    Con­troller or con­troller respon­si­ble for the pro­cess­ing is the nat­ural or legal person, public author­ity, agency or other body which, alone or jointly with others, deter­mines the pur­poses and means of the pro­cess­ing of per­sonal data; where the pur­poses and means of such pro­cess­ing are deter­mined by Union or Member State law, the con­troller or the spe­cific cri­te­ria for its nom­i­na­tion may be pro­vided for by Union or Member State law.

  • h) Proces­sor

    Proces­sor is a nat­ural or legal person, public author­ity, agency or other body which processes per­sonal data on behalf of the con­troller.

  • i) Recip­i­ent

    Recip­i­ent is a nat­ural or legal person, public author­ity, agency or another body, to which the per­sonal data are dis­closed, whether a third party or not. How­ever, public author­i­ties which may receive per­sonal data in the frame­work of a par­tic­u­lar inquiry in accor­dance with Union or Member State law shall not be regarded as recip­i­ents; the pro­cess­ing of those data by those public author­i­ties shall be in com­pli­ance with the applic­a­ble data pro­tec­tion rules accord­ing to the pur­poses of the pro­cess­ing.

  • j) Third party

    Third party is a nat­ural or legal person, public author­ity, agency or body other than the data sub­ject, con­troller, proces­sor and per­sons who, under the direct author­ity of the con­troller or proces­sor, are autho­rised to process per­sonal data.

  • k) Con­sent

    Con­sent of the data sub­ject is any freely given, spe­cific, informed and unam­bigu­ous indi­ca­tion of the data subject's wishes by which he or she, by a state­ment or by a clear affir­ma­tive action, sig­ni­fies agree­ment to the pro­cess­ing of per­sonal data relat­ing to him or her.

2. Name and Address of the con­troller

Con­troller for the pur­poses of the Gen­eral Data Pro­tec­tion Reg­u­la­tion (GDPR), other data pro­tec­tion laws applic­a­ble in Member states of the Euro­pean Union and other pro­vi­sions related to data pro­tec­tion is:

Daniel Boehme

Email: [email protected]

Web­site: sodafilm.de

3. Cook­ies

The Inter­net pages of the Daniel Boehme use cook­ies. Cook­ies are text files that are stored in a com­puter system via an Inter­net browser.

Many Inter­net sites and servers use cook­ies. Many cook­ies con­tain a so-called cookie ID. A cookie ID is a unique iden­ti­fier of the cookie. It con­sists of a char­ac­ter string through which Inter­net pages and servers can be assigned to the spe­cific Inter­net browser in which the cookie was stored. This allows vis­ited Inter­net sites and servers to dif­fer­en­ti­ate the indi­vid­ual browser of the dats sub­ject from other Inter­net browsers that con­tain other cook­ies. A spe­cific Inter­net browser can be rec­og­nized and iden­ti­fied using the unique cookie ID.

Through the use of cook­ies, the Daniel Boehme can pro­vide the users of this web­site with more user-friendly ser­vices that would not be pos­si­ble with­out the cookie set­ting.

By means of a cookie, the infor­ma­tion and offers on our web­site can be opti­mized with the user in mind. Cook­ies allow us, as pre­vi­ously men­tioned, to rec­og­nize our web­site users. The pur­pose of this recog­ni­tion is to make it easier for users to uti­lize our web­site. The web­site user that uses cook­ies, e.g. does not have to enter access data each time the web­site is accessed, because this is taken over by the web­site, and the cookie is thus stored on the user's com­puter system. Another exam­ple is the cookie of a shop­ping cart in an online shop. The online store remem­bers the arti­cles that a cus­tomer has placed in the vir­tual shop­ping cart via a cookie.

The data sub­ject may, at any time, pre­vent the set­ting of cook­ies through our web­site by means of a cor­re­spond­ing set­ting of the Inter­net browser used, and may thus per­ma­nently deny the set­ting of cook­ies. Fur­ther­more, already set cook­ies may be deleted at any time via an Inter­net browser or other soft­ware pro­grams. This is pos­si­ble in all pop­u­lar Inter­net browsers. If the data sub­ject deac­ti­vates the set­ting of cook­ies in the Inter­net browser used, not all func­tions of our web­site may be entirely usable.

4. Col­lec­tion of gen­eral data and infor­ma­tion

The web­site of the Daniel Boehme col­lects a series of gen­eral data and infor­ma­tion when a data sub­ject or auto­mated system calls up the web­site. This gen­eral data and infor­ma­tion are stored in the server log files. Col­lected may be (1) the browser types and ver­sions used, (2) the oper­at­ing system used by the access­ing system, (3) the web­site from which an access­ing system reaches our web­site (so-called refer­rers), (4) the sub-web­sites, (5) the date and time of access to the Inter­net site, (6) an Inter­net pro­to­col address (IP address), (7) the Inter­net ser­vice provider of the access­ing system, and (8) any other sim­i­lar data and infor­ma­tion that may be used in the event of attacks on our infor­ma­tion tech­nol­ogy sys­tems.

When using these gen­eral data and infor­ma­tion, the Daniel Boehme does not draw any con­clu­sions about the data sub­ject. Rather, this infor­ma­tion is needed to (1) deliver the con­tent of our web­site cor­rectly, (2) opti­mize the con­tent of our web­site as well as its adver­tise­ment, (3) ensure the long-term via­bil­ity of our infor­ma­tion tech­nol­ogy sys­tems and web­site tech­nol­ogy, and (4) pro­vide law enforce­ment author­i­ties with the infor­ma­tion nec­es­sary for crim­i­nal pros­e­cu­tion in case of a cyber-attack. There­fore, the Daniel Boehme ana­lyzes anony­mously col­lected data and infor­ma­tion sta­tis­ti­cally, with the aim of increas­ing the data pro­tec­tion and data secu­rity of our enter­prise, and to ensure an opti­mal level of pro­tec­tion for the per­sonal data we process. The anony­mous data of the server log files are stored sep­a­rately from all per­sonal data pro­vided by a data sub­ject.

5. Reg­is­tra­tion on our web­site

The data sub­ject has the pos­si­bil­ity to reg­is­ter on the web­site of the con­troller with the indi­ca­tion of per­sonal data. Which per­sonal data are trans­mit­ted to the con­troller is deter­mined by the respec­tive input mask used for the reg­is­tra­tion. The per­sonal data entered by the data sub­ject are col­lected and stored exclu­sively for inter­nal use by the con­troller, and for his own pur­poses. The con­troller may request trans­fer to one or more proces­sors (e.g. a parcel ser­vice) that also uses per­sonal data for an inter­nal pur­pose which is attrib­ut­able to the con­troller.

By reg­is­ter­ing on the web­site of the con­troller, the IP address—assigned by the Inter­net ser­vice provider (ISP) and used by the data subject—date, and time of the reg­is­tra­tion are also stored. The stor­age of this data takes place against the back­ground that this is the only way to pre­vent the misuse of our ser­vices, and, if nec­es­sary, to make it pos­si­ble to inves­ti­gate com­mit­ted offenses. Inso­far, the stor­age of this data is nec­es­sary to secure the con­troller. This data is not passed on to third par­ties unless there is a statu­tory oblig­a­tion to pass on the data, or if the trans­fer serves the aim of crim­i­nal pros­e­cu­tion.

The reg­is­tra­tion of the data sub­ject, with the vol­un­tary indi­ca­tion of per­sonal data, is intended to enable the con­troller to offer the data sub­ject con­tents or ser­vices that may only be offered to reg­is­tered users due to the nature of the matter in ques­tion. Reg­is­tered per­sons are free to change the per­sonal data spec­i­fied during the reg­is­tra­tion at any time, or to have them com­pletely deleted from the data stock of the con­troller.

The data con­troller shall, at any time, pro­vide infor­ma­tion upon request to each data sub­ject as to what per­sonal data are stored about the data sub­ject. In addi­tion, the data con­troller shall cor­rect or erase per­sonal data at the request or indi­ca­tion of the data sub­ject, inso­far as there are no statu­tory stor­age oblig­a­tions. A Data Pro­tec­tion Offi­cer par­tic­u­larly des­ig­nated in this data pro­tec­tion dec­la­ra­tion, as well as the entirety of the controller’s employ­ees are avail­able to the data sub­ject in this respect as con­tact per­sons.

6. Sub­scrip­tion to our newslet­ters

On the web­site of the Daniel Boehme, users are given the oppor­tu­nity to sub­scribe to our enterprise's newslet­ter. The input mask used for this pur­pose deter­mines what per­sonal data are trans­mit­ted, as well as when the newslet­ter is ordered from the con­troller.

The Daniel Boehme informs its cus­tomers and busi­ness part­ners reg­u­larly by means of a newslet­ter about enter­prise offers. The enterprise's newslet­ter may only be received by the data sub­ject if (1) the data sub­ject has a valid e-mail address and (2) the data sub­ject reg­is­ters for the newslet­ter ship­ping. A con­fir­ma­tion e-mail will be sent to the e-mail address reg­is­tered by a data sub­ject for the first time for newslet­ter ship­ping, for legal rea­sons, in the double opt-in pro­ce­dure. This con­fir­ma­tion e-mail is used to prove whether the owner of the e-mail address as the data sub­ject is autho­rized to receive the newslet­ter.

During the reg­is­tra­tion for the newslet­ter, we also store the IP address of the com­puter system assigned by the Inter­net ser­vice provider (ISP) and used by the data sub­ject at the time of the reg­is­tra­tion, as well as the date and time of the reg­is­tra­tion. The col­lec­tion of this data is nec­es­sary in order to under­stand the (pos­si­ble) misuse of the e-mail address of a data sub­ject at a later date, and it there­fore serves the aim of the legal pro­tec­tion of the con­troller.

The per­sonal data col­lected as part of a reg­is­tra­tion for the newslet­ter will only be used to send our newslet­ter. In addi­tion, sub­scribers to the newslet­ter may be informed by e-mail, as long as this is nec­es­sary for the oper­a­tion of the newslet­ter ser­vice or a reg­is­tra­tion in ques­tion, as this could be the case in the event of mod­i­fi­ca­tions to the newslet­ter offer, or in the event of a change in tech­ni­cal cir­cum­stances. There will be no trans­fer of per­sonal data col­lected by the newslet­ter ser­vice to third par­ties. The sub­scrip­tion to our newslet­ter may be ter­mi­nated by the data sub­ject at any time. The con­sent to the stor­age of per­sonal data, which the data sub­ject has given for ship­ping the newslet­ter, may be revoked at any time. For the pur­pose of revo­ca­tion of con­sent, a cor­re­spond­ing link is found in each newslet­ter. It is also pos­si­ble to unsub­scribe from the newslet­ter at any time directly on the web­site of the con­troller, or to com­mu­ni­cate this to the con­troller in a dif­fer­ent way.

7. Newslet­ter-Track­ing

The newslet­ter of the Daniel Boehme con­tains so-called track­ing pixels. A track­ing pixel is a minia­ture graphic embed­ded in such e-mails, which are sent in HTML format to enable log file record­ing and analy­sis. This allows a sta­tis­ti­cal analy­sis of the suc­cess or fail­ure of online mar­ket­ing cam­paigns. Based on the embed­ded track­ing pixel, the Daniel Boehme may see if and when an e-mail was opened by a data sub­ject, and which links in the e-mail were called up by data sub­jects.

Such per­sonal data col­lected in the track­ing pixels con­tained in the newslet­ters are stored and ana­lyzed by the con­troller in order to opti­mize the ship­ping of the newslet­ter, as well as to adapt the con­tent of future newslet­ters even better to the inter­ests of the data sub­ject. These per­sonal data will not be passed on to third par­ties. Data sub­jects are at any time enti­tled to revoke the respec­tive sep­a­rate dec­la­ra­tion of con­sent issued by means of the double-opt-in pro­ce­dure. After a revo­ca­tion, these per­sonal data will be deleted by the con­troller. The Daniel Boehme auto­mat­i­cally regards a with­drawal from the receipt of the newslet­ter as a revo­ca­tion.

8. Con­tact pos­si­bil­ity via the web­site

The web­site of the Daniel Boehme con­tains infor­ma­tion that enables a quick elec­tronic con­tact to our enter­prise, as well as direct com­mu­ni­ca­tion with us, which also includes a gen­eral address of the so-called elec­tronic mail (e-mail address). If a data sub­ject con­tacts the con­troller by e-mail or via a con­tact form, the per­sonal data trans­mit­ted by the data sub­ject are auto­mat­i­cally stored. Such per­sonal data trans­mit­ted on a vol­un­tary basis by a data sub­ject to the data con­troller are stored for the pur­pose of pro­cess­ing or con­tact­ing the data sub­ject. There is no trans­fer of this per­sonal data to third par­ties.

9. Com­ments func­tion in the blog on the web­site

The Daniel Boehme offers users the pos­si­bil­ity to leave indi­vid­ual com­ments on indi­vid­ual blog con­tri­bu­tions on a blog, which is on the web­site of the con­troller. A blog is a web-based, pub­licly-acces­si­ble portal, through which one or more people called blog­gers or web-blog­gers may post arti­cles or write down thoughts in so-called blog­posts. Blog­posts may usu­ally be com­mented by third par­ties.

If a data sub­ject leaves a com­ment on the blog pub­lished on this web­site, the com­ments made by the data sub­ject are also stored and pub­lished, as well as infor­ma­tion on the date of the com­men­tary and on the user's (pseu­do­nym) chosen by the data sub­ject. In addi­tion, the IP address assigned by the Inter­net ser­vice provider (ISP) to the data sub­ject is also logged. This stor­age of the IP address takes place for secu­rity rea­sons, and in case the data sub­ject vio­lates the rights of third par­ties, or posts ille­gal con­tent through a given com­ment. The stor­age of these per­sonal data is, there­fore, in the own inter­est of the data con­troller, so that he can excul­pate in the event of an infringe­ment. This col­lected per­sonal data will not be passed to third par­ties, unless such a trans­fer is required by law or serves the aim of the defense of the data con­troller.

10. Sub­scrip­tion to com­ments in the blog on the web­site

The com­ments made in the blog of the Daniel Boehme may be sub­scribed to by third par­ties. In par­tic­u­lar, there is the pos­si­bil­ity that a com­menter sub­scribes to the com­ments fol­low­ing his com­ments on a par­tic­u­lar blog post.

If a data sub­ject decides to sub­scribe to the option, the con­troller will send an auto­matic con­fir­ma­tion e-mail to check the double opt-in pro­ce­dure as to whether the owner of the spec­i­fied e-mail address decided in favor of this option. The option to sub­scribe to com­ments may be ter­mi­nated at any time.

11. Rou­tine era­sure and block­ing of per­sonal data

The data con­troller shall process and store the per­sonal data of the data sub­ject only for the period nec­es­sary to achieve the pur­pose of stor­age, or as far as this is granted by the Euro­pean leg­is­la­tor or other leg­is­la­tors in laws or reg­u­la­tions to which the con­troller is sub­ject to.

If the stor­age pur­pose is not applic­a­ble, or if a stor­age period pre­scribed by the Euro­pean leg­is­la­tor or another com­pe­tent leg­is­la­tor expires, the per­sonal data are rou­tinely blocked or erased in accor­dance with legal require­ments.

12. Rights of the data sub­ject

  • a) Right of con­fir­ma­tion

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor to obtain from the con­troller the con­fir­ma­tion as to whether or not per­sonal data con­cern­ing him or her are being processed. If a data sub­ject wishes to avail him­self of this right of con­fir­ma­tion, he or she may, at any time, con­tact our Data Pro­tec­tion Offi­cer or another employee of the con­troller.

  • b) Right of access

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor to obtain from the con­troller free infor­ma­tion about his or her per­sonal data stored at any time and a copy of this infor­ma­tion. Fur­ther­more, the Euro­pean direc­tives and reg­u­la­tions grant the data sub­ject access to the fol­low­ing infor­ma­tion:

    • the pur­poses of the pro­cess­ing;
    • the cat­e­gories of per­sonal data con­cerned;
    • the recip­i­ents or cat­e­gories of recip­i­ents to whom the per­sonal data have been or will be dis­closed, in par­tic­u­lar recip­i­ents in third coun­tries or inter­na­tional organ­i­sa­tions;
    • where pos­si­ble, the envis­aged period for which the per­sonal data will be stored, or, if not pos­si­ble, the cri­te­ria used to deter­mine that period;
    • the exis­tence of the right to request from the con­troller rec­ti­fi­ca­tion or era­sure of per­sonal data, or restric­tion of pro­cess­ing of per­sonal data con­cern­ing the data sub­ject, or to object to such pro­cess­ing;
    • the exis­tence of the right to lodge a com­plaint with a super­vi­sory author­ity;
    • where the per­sonal data are not col­lected from the data sub­ject, any avail­able infor­ma­tion as to their source;
    • the exis­tence of auto­mated deci­sion-making, includ­ing pro­fil­ing, referred to in Arti­cle 22(1) and (4) of the GDPR and, at least in those cases, mean­ing­ful infor­ma­tion about the logic involved, as well as the sig­nif­i­cance and envis­aged con­se­quences of such pro­cess­ing for the data sub­ject.

    Fur­ther­more, the data sub­ject shall have a right to obtain infor­ma­tion as to whether per­sonal data are trans­ferred to a third coun­try or to an inter­na­tional organ­i­sa­tion. Where this is the case, the data sub­ject shall have the right to be informed of the appro­pri­ate safe­guards relat­ing to the trans­fer.

    If a data sub­ject wishes to avail him­self of this right of access, he or she may at any time con­tact our Data Pro­tec­tion Offi­cer or another employee of the con­troller.

  • c) Right to rec­ti­fi­ca­tion

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor to obtain from the con­troller with­out undue delay the rec­ti­fi­ca­tion of inac­cu­rate per­sonal data con­cern­ing him or her. Taking into account the pur­poses of the pro­cess­ing, the data sub­ject shall have the right to have incom­plete per­sonal data com­pleted, includ­ing by means of pro­vid­ing a sup­ple­men­tary state­ment.

    If a data sub­ject wishes to exer­cise this right to rec­ti­fi­ca­tion, he or she may, at any time, con­tact our Data Pro­tec­tion Offi­cer or another employee of the con­troller.

  • d) Right to era­sure (Right to be for­got­ten)

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor to obtain from the con­troller the era­sure of per­sonal data con­cern­ing him or her with­out undue delay, and the con­troller shall have the oblig­a­tion to erase per­sonal data with­out undue delay where one of the fol­low­ing grounds applies, as long as the pro­cess­ing is not nec­es­sary:

    • The per­sonal data are no longer nec­es­sary in rela­tion to the pur­poses for which they were col­lected or oth­er­wise processed.
    • The data sub­ject with­draws con­sent to which the pro­cess­ing is based accord­ing to point (a) of Arti­cle 6(1) of the GDPR, or point (a) of Arti­cle 9(2) of the GDPR, and where there is no other legal ground for the pro­cess­ing.
    • The data sub­ject objects to the pro­cess­ing pur­suant to Arti­cle 21(1) of the GDPR and there are no over­rid­ing legit­i­mate grounds for the pro­cess­ing, or the data sub­ject objects to the pro­cess­ing pur­suant to Arti­cle 21(2) of the GDPR.
    • The per­sonal data have been unlaw­fully processed.
    • The per­sonal data must be erased for com­pli­ance with a legal oblig­a­tion in Union or Member State law to which the con­troller is sub­ject.
    • The per­sonal data have been col­lected in rela­tion to the offer of infor­ma­tion soci­ety ser­vices referred to in Arti­cle 8(1) of the GDPR.

    If one of the afore­men­tioned rea­sons applies, and a data sub­ject wishes to request the era­sure of per­sonal data stored by the Daniel Boehme, he or she may at any time con­tact our Data Pro­tec­tion Offi­cer or another employee of the con­troller. The Data Pro­tec­tion Offi­cer of the Daniel Boehme or another employee shall promptly ensure that the era­sure request is com­plied with imme­di­ately.

    Where the con­troller has made per­sonal data public and is obliged pur­suant to Arti­cle 17(1) to erase the per­sonal data, the con­troller, taking account of avail­able tech­nol­ogy and the cost of imple­men­ta­tion, shall take rea­son­able steps, includ­ing tech­ni­cal mea­sures, to inform other con­trollers pro­cess­ing the per­sonal data that the data sub­ject has requested era­sure by such con­trollers of any links to, or copy or repli­ca­tion of, those per­sonal data, as far as pro­cess­ing is not required. The Data Pro­tec­tion Offi­cer of the Daniel Boehme or another employee will arrange the nec­es­sary mea­sures in indi­vid­ual cases.

  • e) Right of restric­tion of pro­cess­ing

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor to obtain from the con­troller restric­tion of pro­cess­ing where one of the fol­low­ing applies:

    • The accu­racy of the per­sonal data is con­tested by the data sub­ject, for a period enabling the con­troller to verify the accu­racy of the per­sonal data.
    • The pro­cess­ing is unlaw­ful and the data sub­ject opposes the era­sure of the per­sonal data and requests instead the restric­tion of their use instead.
    • The con­troller no longer needs the per­sonal data for the pur­poses of the pro­cess­ing, but they are required by the data sub­ject for the estab­lish­ment, exer­cise or defence of legal claims.
    • The data sub­ject has objected to pro­cess­ing pur­suant to Arti­cle 21(1) of the GDPR pend­ing the ver­i­fi­ca­tion whether the legit­i­mate grounds of the con­troller over­ride those of the data sub­ject.

    If one of the afore­men­tioned con­di­tions is met, and a data sub­ject wishes to request the restric­tion of the pro­cess­ing of per­sonal data stored by the Daniel Boehme, he or she may at any time con­tact our Data Pro­tec­tion Offi­cer or another employee of the con­troller. The Data Pro­tec­tion Offi­cer of the Daniel Boehme or another employee will arrange the restric­tion of the pro­cess­ing.

  • f) Right to data porta­bil­ity

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor, to receive the per­sonal data con­cern­ing him or her, which was pro­vided to a con­troller, in a struc­tured, com­monly used and machine-read­able format. He or she shall have the right to trans­mit those data to another con­troller with­out hin­drance from the con­troller to which the per­sonal data have been pro­vided, as long as the pro­cess­ing is based on con­sent pur­suant to point (a) of Arti­cle 6(1) of the GDPR or point (a) of Arti­cle 9(2) of the GDPR, or on a con­tract pur­suant to point (b) of Arti­cle 6(1) of the GDPR, and the pro­cess­ing is car­ried out by auto­mated means, as long as the pro­cess­ing is not nec­es­sary for the per­for­mance of a task car­ried out in the public inter­est or in the exer­cise of offi­cial author­ity vested in the con­troller.

    Fur­ther­more, in exer­cis­ing his or her right to data porta­bil­ity pur­suant to Arti­cle 20(1) of the GDPR, the data sub­ject shall have the right to have per­sonal data trans­mit­ted directly from one con­troller to another, where tech­ni­cally fea­si­ble and when doing so does not adversely affect the rights and free­doms of others.

    In order to assert the right to data porta­bil­ity, the data sub­ject may at any time con­tact the Data Pro­tec­tion Offi­cer des­ig­nated by the Daniel Boehme or another employee.

  • g) Right to object

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor to object, on grounds relat­ing to his or her par­tic­u­lar sit­u­a­tion, at any time, to pro­cess­ing of per­sonal data con­cern­ing him or her, which is based on point (e) or (f) of Arti­cle 6(1) of the GDPR. This also applies to pro­fil­ing based on these pro­vi­sions.

    The Daniel Boehme shall no longer process the per­sonal data in the event of the objec­tion, unless we can demon­strate com­pelling legit­i­mate grounds for the pro­cess­ing which over­ride the inter­ests, rights and free­doms of the data sub­ject, or for the estab­lish­ment, exer­cise or defence of legal claims.

    If the Daniel Boehme processes per­sonal data for direct mar­ket­ing pur­poses, the data sub­ject shall have the right to object at any time to pro­cess­ing of per­sonal data con­cern­ing him or her for such mar­ket­ing. This applies to pro­fil­ing to the extent that it is related to such direct mar­ket­ing. If the data sub­ject objects to the Daniel Boehme to the pro­cess­ing for direct mar­ket­ing pur­poses, the Daniel Boehme will no longer process the per­sonal data for these pur­poses.

    In addi­tion, the data sub­ject has the right, on grounds relat­ing to his or her par­tic­u­lar sit­u­a­tion, to object to pro­cess­ing of per­sonal data con­cern­ing him or her by the Daniel Boehme for sci­en­tific or his­tor­i­cal research pur­poses, or for sta­tis­ti­cal pur­poses pur­suant to Arti­cle 89(1) of the GDPR, unless the pro­cess­ing is nec­es­sary for the per­for­mance of a task car­ried out for rea­sons of public inter­est.

    In order to exer­cise the right to object, the data sub­ject may directly con­tact the Data Pro­tec­tion Offi­cer of the Daniel Boehme or another employee. In addi­tion, the data sub­ject is free in the con­text of the use of infor­ma­tion soci­ety ser­vices, and notwith­stand­ing Direc­tive 2002/58/EC, to use his or her right to object by auto­mated means using tech­ni­cal spec­i­fi­ca­tions.

  • h) Auto­mated indi­vid­ual deci­sion-making, includ­ing pro­fil­ing

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor not to be sub­ject to a deci­sion based solely on auto­mated pro­cess­ing, includ­ing pro­fil­ing, which pro­duces legal effects con­cern­ing him or her, or sim­i­larly sig­nif­i­cantly affects him or her, as long as the deci­sion (1) is not is nec­es­sary for enter­ing into, or the per­for­mance of, a con­tract between the data sub­ject and a data con­troller, or (2) is not autho­rised by Union or Member State law to which the con­troller is sub­ject and which also lays down suit­able mea­sures to safe­guard the data subject's rights and free­doms and legit­i­mate inter­ests, or (3) is not based on the data subject's explicit con­sent.

    If the deci­sion (1) is nec­es­sary for enter­ing into, or the per­for­mance of, a con­tract between the data sub­ject and a data con­troller, or (2) it is based on the data subject's explicit con­sent, the Daniel Boehme shall imple­ment suit­able mea­sures to safe­guard the data subject's rights and free­doms and legit­i­mate inter­ests, at least the right to obtain human inter­ven­tion on the part of the con­troller, to express his or her point of view and con­test the deci­sion.

    If the data sub­ject wishes to exer­cise the rights con­cern­ing auto­mated indi­vid­ual deci­sion-making, he or she may at any time directly con­tact our Data Pro­tec­tion Offi­cer of the Daniel Boehme or another employee of the con­troller.

  • i) Right to with­draw data pro­tec­tion con­sent

    Each data sub­ject shall have the right granted by the Euro­pean leg­is­la­tor to with­draw his or her con­sent to pro­cess­ing of his or her per­sonal data at any time.

    f the data sub­ject wishes to exer­cise the right to with­draw the con­sent, he or she may at any time directly con­tact our Data Pro­tec­tion Offi­cer of the Daniel Boehme or another employee of the con­troller.

13. Data pro­tec­tion for appli­ca­tions and the appli­ca­tion pro­ce­dures

The data con­troller shall col­lect and process the per­sonal data of appli­cants for the pur­pose of the pro­cess­ing of the appli­ca­tion pro­ce­dure. The pro­cess­ing may also be car­ried out elec­tron­i­cally. This is the case, in par­tic­u­lar, if an appli­cant sub­mits cor­re­spond­ing appli­ca­tion doc­u­ments by e-mail or by means of a web form on the web­site to the con­troller. If the data con­troller con­cludes an employ­ment con­tract with an appli­cant, the sub­mit­ted data will be stored for the pur­pose of pro­cess­ing the employ­ment rela­tion­ship in com­pli­ance with legal require­ments. If no employ­ment con­tract is con­cluded with the appli­cant by the con­troller, the appli­ca­tion doc­u­ments shall be auto­mat­i­cally erased two months after noti­fi­ca­tion of the refusal deci­sion, pro­vided that no other legit­i­mate inter­ests of the con­troller are opposed to the era­sure. Other legit­i­mate inter­est in this rela­tion is, e.g. a burden of proof in a pro­ce­dure under the Gen­eral Equal Treat­ment Act (AGG).

14. Data Pro­tec­tion pro­vi­sions about the appli­ca­tion and use of AddThis

On this web­site, the data con­troller has inte­grated com­po­nents of the enter­prise AddThis. AddThis is a so-called book­mark­ing provider. The ser­vice allows for sim­pli­fied book­mark­ing of Inter­net pages via but­tons. By click­ing on the AddThis com­po­nent with the mouse, or by click­ing on it, a list of book­mark­ing and shar­ing ser­vices is dis­played. AddThis is used on over 15 mil­lion web­sites, and the but­tons are dis­played, accord­ing to the infor­ma­tion of the oper­at­ing enter­prise, over 20 bil­lion times a year.

The oper­at­ing com­pany of AddThis is AddThis, Inc. 1595 Spring Hill Road, Suite 300, Vienna, VA 22182, United States.

By call­ing up one of the indi­vid­ual pages of the web­site, which is oper­ated by the con­troller, and on which an AddThis com­po­nent has been inte­grated, the Inter­net browser of the data sub­ject is auto­mat­i­cally prompted by the respec­tive AddThis com­po­nent to down­load data from the web­site www.addthis.com. Within the frame­work of this tech­ni­cal pro­ce­dure, AddThis is informed of the visit and the spe­cific indi­vid­ual page of this web­site that was used by the data sub­ject with the help of infor­ma­tion tech­nol­ogy. In addi­tion, AddThis is informed about the IP address of the com­puter system assigned by the Inter­net ser­vice provider (ISP) and used by the data sub­ject, the browser type and lan­guage, the web page accessed before our web­site, the date and the time of the visit to our web­site. AddThis uses this data to create anony­mous user pro­files. The data and infor­ma­tion trans­mit­ted to AddThis in this way will enable the enter­prise AddThis, as well as affil­i­ates or their part­ner-enter­prises, to con­tact vis­i­tors of the web pages of the con­troller with per­son­al­ized and inter­est-based adver­tis­ing.

AddThis dis­plays per­son­al­ized and inter­est-based adver­tis­ing on the basis of a cookie set by the enter­prise. This cookie ana­lyzes the indi­vid­ual surf­ing behav­ior of the com­puter system used by the data sub­ject. The cookie saves the com­puter-based out­go­ing visits to Inter­net pages.

The data sub­ject may, at any time, pre­vent the set­ting of cook­ies through our web­site by means of a cor­re­spond­ing set­ting of the Inter­net browser used, and thus per­ma­nently deny the set­ting of cook­ies. Such a set­ting of the Inter­net browser used would also pre­vent AddThis from set­ting a cookie on the infor­ma­tion tech­nol­ogy system of the data sub­ject. Cook­ies may also be deleted by AddThis at any time via an Inter­net browser or other soft­ware pro­grams.

The data sub­ject also has the pos­si­bil­ity of object­ing per­ma­nently to the pro­cess­ing of per­sonal data by AddThis. For this pur­pose, the data sub­ject must click on the opt-out button under the link http://www.addthis.com/privacy/opt-out, which sets an opt-out cookie. The opt-out cookie used for this pur­pose is placed on the infor­ma­tion tech­nol­ogy system used by the data sub­ject. If the data sub­ject deletes the cook­ies from his system, then the data sub­ject must call up the link again and set a new opt-out cookie.

With the set­ting of the opt-out cookie, how­ever, the pos­si­bil­ity exists that the web­sites of the con­troller are not fully usable any­more by the data sub­ject.

The applic­a­ble data pro­tec­tion pro­vi­sions of AddThis may be accessed under http://www.addthis.com/privacy/privacy-policy.

15. Data pro­tec­tion pro­vi­sions about the appli­ca­tion and use of Face­book

On this web­site, the con­troller has inte­grated com­po­nents of the enter­prise Face­book. Face­book is a social net­work.

A social net­work is a place for social meet­ings on the Inter­net, an online com­mu­nity, which usu­ally allows users to com­mu­ni­cate with each other and inter­act in a vir­tual space. A social net­work may serve as a plat­form for the exchange of opin­ions and expe­ri­ences, or enable the Inter­net com­mu­nity to pro­vide per­sonal or busi­ness-related infor­ma­tion. Face­book allows social net­work users to include the cre­ation of pri­vate pro­files, upload photos, and net­work through friend requests.

The oper­at­ing com­pany of Face­book is Face­book, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives out­side of the United States or Canada, the con­troller is the Face­book Ire­land Ltd., 4 Grand Canal Square, Grand Canal Har­bour, Dublin 2, Ire­land.

With each call-up to one of the indi­vid­ual pages of this Inter­net web­site, which is oper­ated by the con­troller and into which a Face­book com­po­nent (Face­book plug-ins) was inte­grated, the web browser on the infor­ma­tion tech­nol­ogy system of the data sub­ject is auto­mat­i­cally prompted to down­load dis­play of the cor­re­spond­ing Face­book com­po­nent from Face­book through the Face­book com­po­nent. An overview of all the Face­book Plug-ins may be accessed under https://developers.facebook.com/docs/plugins/. During the course of this tech­ni­cal pro­ce­dure, Face­book is made aware of what spe­cific sub-site of our web­site was vis­ited by the data sub­ject.

If the data sub­ject is logged in at the same time on Face­book, Face­book detects with every call-up to our web­site by the data subject—and for the entire dura­tion of their stay on our Inter­net site—which spe­cific sub-site of our Inter­net page was vis­ited by the data sub­ject. This infor­ma­tion is col­lected through the Face­book com­po­nent and asso­ci­ated with the respec­tive Face­book account of the data sub­ject. If the data sub­ject clicks on one of the Face­book but­tons inte­grated into our web­site, e.g. the "Like" button, or if the data sub­ject sub­mits a com­ment, then Face­book matches this infor­ma­tion with the per­sonal Face­book user account of the data sub­ject and stores the per­sonal data.

Face­book always receives, through the Face­book com­po­nent, infor­ma­tion about a visit to our web­site by the data sub­ject, when­ever the data sub­ject is logged in at the same time on Face­book during the time of the call-up to our web­site. This occurs regard­less of whether the data sub­ject clicks on the Face­book com­po­nent or not. If such a trans­mis­sion of infor­ma­tion to Face­book is not desir­able for the data sub­ject, then he or she may pre­vent this by log­ging off from their Face­book account before a call-up to our web­site is made.

The data pro­tec­tion guide­line pub­lished by Face­book, which is avail­able at https://facebook.com/about/privacy/, pro­vides infor­ma­tion about the col­lec­tion, pro­cess­ing and use of per­sonal data by Face­book. In addi­tion, it is explained there what set­ting options Face­book offers to pro­tect the pri­vacy of the data sub­ject. In addi­tion, dif­fer­ent con­fig­u­ra­tion options are made avail­able to allow the elim­i­na­tion of data trans­mis­sion to Face­book, e.g. the Face­book blocker of the provider Web­graph, which may be obtained under http://webgraph.com/resources/facebookblocker/. These appli­ca­tions may be used by the data sub­ject to elim­i­nate a data trans­mis­sion to Face­book.

16. Data pro­tec­tion pro­vi­sions about the appli­ca­tion and use of Google Ana­lyt­ics (with anonymiza­tion func­tion)

On this web­site, the con­troller has inte­grated the com­po­nent of Google Ana­lyt­ics (with the anonymizer func­tion). Google Ana­lyt­ics is a web ana­lyt­ics ser­vice. Web ana­lyt­ics is the col­lec­tion, gath­er­ing, and analy­sis of data about the behav­ior of vis­i­tors to web­sites. A web analy­sis ser­vice col­lects, inter alia, data about the web­site from which a person has come (the so-called refer­rer), which sub-pages were vis­ited, or how often and for what dura­tion a sub-page was viewed. Web ana­lyt­ics are mainly used for the opti­miza­tion of a web­site and in order to carry out a cost-ben­e­fit analy­sis of Inter­net adver­tis­ing.

The oper­a­tor of the Google Ana­lyt­ics com­po­nent is Google Inc., 1600 Amphithe­atre Pkwy, Moun­tain View, CA 94043-1351, United States.

For the web ana­lyt­ics through Google Ana­lyt­ics the con­troller uses the appli­ca­tion "_gat. _anonymizeIp". By means of this appli­ca­tion the IP address of the Inter­net con­nec­tion of the data sub­ject is abridged by Google and anonymised when access­ing our web­sites from a Member State of the Euro­pean Union or another Con­tract­ing State to the Agree­ment on the Euro­pean Eco­nomic Area.

The pur­pose of the Google Ana­lyt­ics com­po­nent is to ana­lyze the traf­fic on our web­site. Google uses the col­lected data and infor­ma­tion, inter alia, to eval­u­ate the use of our web­site and to pro­vide online reports, which show the activ­i­ties on our web­sites, and to pro­vide other ser­vices con­cern­ing the use of our Inter­net site for us.

Google Ana­lyt­ics places a cookie on the infor­ma­tion tech­nol­ogy system of the data sub­ject. The def­i­n­i­tion of cook­ies is explained above. With the set­ting of the cookie, Google is enabled to ana­lyze the use of our web­site. With each call-up to one of the indi­vid­ual pages of this Inter­net site, which is oper­ated by the con­troller and into which a Google Ana­lyt­ics com­po­nent was inte­grated, the Inter­net browser on the infor­ma­tion tech­nol­ogy system of the data sub­ject will auto­mat­i­cally submit data through the Google Ana­lyt­ics com­po­nent for the pur­pose of online adver­tis­ing and the set­tle­ment of com­mis­sions to Google. During the course of this tech­ni­cal pro­ce­dure, the enter­prise Google gains knowl­edge of per­sonal infor­ma­tion, such as the IP address of the data sub­ject, which serves Google, inter alia, to under­stand the origin of vis­i­tors and clicks, and sub­se­quently create com­mis­sion set­tle­ments.

The cookie is used to store per­sonal infor­ma­tion, such as the access time, the loca­tion from which the access was made, and the fre­quency of visits of our web­site by the data sub­ject. With each visit to our Inter­net site, such per­sonal data, includ­ing the IP address of the Inter­net access used by the data sub­ject, will be trans­mit­ted to Google in the United States of Amer­ica. These per­sonal data are stored by Google in the United States of Amer­ica. Google may pass these per­sonal data col­lected through the tech­ni­cal pro­ce­dure to third par­ties.

The data sub­ject may, as stated above, pre­vent the set­ting of cook­ies through our web­site at any time by means of a cor­re­spond­ing adjust­ment of the web browser used and thus per­ma­nently deny the set­ting of cook­ies. Such an adjust­ment to the Inter­net browser used would also pre­vent Google Ana­lyt­ics from set­ting a cookie on the infor­ma­tion tech­nol­ogy system of the data sub­ject. In addi­tion, cook­ies already in use by Google Ana­lyt­ics may be deleted at any time via a web browser or other soft­ware pro­grams.

In addi­tion, the data sub­ject has the pos­si­bil­ity of object­ing to a col­lec­tion of data that are gen­er­ated by Google Ana­lyt­ics, which is related to the use of this web­site, as well as the pro­cess­ing of this data by Google and the chance to pre­clude any such. For this pur­pose, the data sub­ject must down­load a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This browser add-on tells Google Ana­lyt­ics through a JavaScript, that any data and infor­ma­tion about the visits of Inter­net pages may not be trans­mit­ted to Google Ana­lyt­ics. The instal­la­tion of the browser add-ons is con­sid­ered an objec­tion by Google. If the infor­ma­tion tech­nol­ogy system of the data sub­ject is later deleted, for­mat­ted, or newly installed, then the data sub­ject must rein­stall the browser add-ons to dis­able Google Ana­lyt­ics. If the browser add-on was unin­stalled by the data sub­ject or any other person who is attrib­ut­able to their sphere of com­pe­tence, or is dis­abled, it is pos­si­ble to exe­cute the rein­stal­la­tion or reac­ti­va­tion of the browser add-ons.

Fur­ther infor­ma­tion and the applic­a­ble data pro­tec­tion pro­vi­sions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Ana­lyt­ics is fur­ther explained under the fol­low­ing Link https://www.google.com/analytics/.

17. Data pro­tec­tion pro­vi­sions about the appli­ca­tion and use of Google+

On this web­site, the con­troller has inte­grated the Google+ button as a com­po­nent. Google+ is a so-called social net­work. A social net­work is a social meet­ing place on the Inter­net, an online com­mu­nity, which usu­ally allows users to com­mu­ni­cate with each other and inter­act in a vir­tual space. A social net­work may serve as a plat­form for the exchange of opin­ions and expe­ri­ences, or enable the Inter­net com­mu­nity to pro­vide per­sonal or busi­ness-related infor­ma­tion. Google+ allows users of the social net­work to include the cre­ation of pri­vate pro­files, upload photos and net­work through friend requests.

The oper­at­ing com­pany of Google+ is Google Inc., 1600 Amphithe­atre Pkwy, Moun­tain View, CA 94043-1351, UNITED STATES.

With each call-up to one of the indi­vid­ual pages of this web­site, which is oper­ated by the con­troller and on which a Google+ button has been inte­grated, the Inter­net browser on the infor­ma­tion tech­nol­ogy system of the data sub­ject auto­mat­i­cally down­loads a dis­play of the cor­re­spond­ing Google+ button of Google through the respec­tive Google+ button com­po­nent. During the course of this tech­ni­cal pro­ce­dure, Google is made aware of what spe­cific sub-page of our web­site was vis­ited by the data sub­ject. More detailed infor­ma­tion about Google+ is avail­able under https://developers.google.com/+/.

If the data sub­ject is logged in at the same time to Google+, Google rec­og­nizes with each call-up to our web­site by the data sub­ject and for the entire dura­tion of his or her stay on our Inter­net site, which spe­cific sub-pages of our Inter­net page were vis­ited by the data sub­ject. This infor­ma­tion is col­lected through the Google+ button and Google matches this with the respec­tive Google+ account asso­ci­ated with the data sub­ject.

If the data sub­ject clicks on the Google+ button inte­grated on our web­site and thus gives a Google+ 1 rec­om­men­da­tion, then Google assigns this infor­ma­tion to the per­sonal Google+ user account of the data sub­ject and stores the per­sonal data. Google stores the Google+ 1 rec­om­men­da­tion of the data sub­ject, making it pub­licly avail­able in accor­dance with the terms and con­di­tions accepted by the data sub­ject in this regard. Sub­se­quently, a Google+ 1 rec­om­men­da­tion given by the data sub­ject on this web­site together with other per­sonal data, such as the Google+ account name used by the data sub­ject and the stored photo, is stored and processed on other Google ser­vices, such as search-engine results of the Google search engine, the Google account of the data sub­ject or in other places, e.g. on Inter­net pages, or in rela­tion to adver­tise­ments. Google is also able to link the visit to this web­site with other per­sonal data stored on Google. Google fur­ther records this per­sonal infor­ma­tion with the pur­pose of improv­ing or opti­miz­ing the var­i­ous Google ser­vices.

Through the Google+ button, Google receives infor­ma­tion that the data sub­ject vis­ited our web­site, if the data sub­ject at the time of the call-up to our web­site is logged in to Google+. This occurs regard­less of whether the data sub­ject clicks or doesn’t click on the Google+ button.

If the data sub­ject does not wish to trans­mit per­sonal data to Google, he or she may pre­vent such trans­mis­sion by log­ging out of his Google+ account before call­ing up our web­site.

Fur­ther infor­ma­tion and the data pro­tec­tion pro­vi­sions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/. More ref­er­ences from Google about the Google+ 1 button may be obtained under https://developers.google.com/+/web/buttons-policy.

18. Data pro­tec­tion pro­vi­sions about the appli­ca­tion and use of Insta­gram

On this web­site, the con­troller has inte­grated com­po­nents of the ser­vice Insta­gram. Insta­gram is a ser­vice that may be qual­i­fied as an audio­vi­sual plat­form, which allows users to share photos and videos, as well as dis­sem­i­nate such data in other social net­works.

The oper­at­ing com­pany of the ser­vices offered by Insta­gram is Insta­gram LLC, 1 Hacker Way, Build­ing 14 First Floor, Menlo Park, CA, UNITED STATES.

With each call-up to one of the indi­vid­ual pages of this Inter­net site, which is oper­ated by the con­troller and on which an Insta­gram com­po­nent (Insta button) was inte­grated, the Inter­net browser on the infor­ma­tion tech­nol­ogy system of the data sub­ject is auto­mat­i­cally prompted to the down­load of a dis­play of the cor­re­spond­ing Insta­gram com­po­nent of Insta­gram. During the course of this tech­ni­cal pro­ce­dure, Insta­gram becomes aware of what spe­cific sub-page of our web­site was vis­ited by the data sub­ject.

If the data sub­ject is logged in at the same time on Insta­gram, Insta­gram detects with every call-up to our web­site by the data subject—and for the entire dura­tion of their stay on our Inter­net site—which spe­cific sub-page of our Inter­net page was vis­ited by the data sub­ject. This infor­ma­tion is col­lected through the Insta­gram com­po­nent and is asso­ci­ated with the respec­tive Insta­gram account of the data sub­ject. If the data sub­ject clicks on one of the Insta­gram but­tons inte­grated on our web­site, then Insta­gram matches this infor­ma­tion with the per­sonal Insta­gram user account of the data sub­ject and stores the per­sonal data.

Insta­gram receives infor­ma­tion via the Insta­gram com­po­nent that the data sub­ject has vis­ited our web­site pro­vided that the data sub­ject is logged in at Insta­gram at the time of the call to our web­site. This occurs regard­less of whether the person clicks on the Insta­gram button or not. If such a trans­mis­sion of infor­ma­tion to Insta­gram is not desir­able for the data sub­ject, then he or she can pre­vent this by log­ging off from their Insta­gram account before a call-up to our web­site is made.

Fur­ther infor­ma­tion and the applic­a­ble data pro­tec­tion pro­vi­sions of Insta­gram may be retrieved under https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

19. Data pro­tec­tion pro­vi­sions about the appli­ca­tion and use of Twit­ter

On this web­site, the con­troller has inte­grated com­po­nents of Twit­ter. Twit­ter is a mul­ti­lin­gual, pub­licly-acces­si­ble microblog­ging ser­vice on which users may pub­lish and spread so-called ‘tweets,’ e.g. short mes­sages, which are lim­ited to 140 char­ac­ters. These short mes­sages are avail­able for every­one, includ­ing those who are not logged on to Twit­ter. The tweets are also dis­played to so-called fol­low­ers of the respec­tive user. Fol­low­ers are other Twit­ter users who follow a user's tweets. Fur­ther­more, Twit­ter allows you to address a wide audi­ence via hash­tags, links or retweets.

The oper­at­ing com­pany of Twit­ter is Twit­ter, Inc., 1355 Market Street, Suite 900, San Fran­cisco, CA 94103, UNITED STATES.

With each call-up to one of the indi­vid­ual pages of this Inter­net site, which is oper­ated by the con­troller and on which a Twit­ter com­po­nent (Twit­ter button) was inte­grated, the Inter­net browser on the infor­ma­tion tech­nol­ogy system of the data sub­ject is auto­mat­i­cally prompted to down­load a dis­play of the cor­re­spond­ing Twit­ter com­po­nent of Twit­ter. Fur­ther infor­ma­tion about the Twit­ter but­tons is avail­able under https://about.twitter.com/de/resources/buttons. During the course of this tech­ni­cal pro­ce­dure, Twit­ter gains knowl­edge of what spe­cific sub-page of our web­site was vis­ited by the data sub­ject. The pur­pose of the inte­gra­tion of the Twit­ter com­po­nent is a retrans­mis­sion of the con­tents of this web­site to allow our users to intro­duce this web page to the dig­i­tal world and increase our vis­i­tor num­bers.

If the data sub­ject is logged in at the same time on Twit­ter, Twit­ter detects with every call-up to our web­site by the data sub­ject and for the entire dura­tion of their stay on our Inter­net site which spe­cific sub-page of our Inter­net page was vis­ited by the data sub­ject. This infor­ma­tion is col­lected through the Twit­ter com­po­nent and asso­ci­ated with the respec­tive Twit­ter account of the data sub­ject. If the data sub­ject clicks on one of the Twit­ter but­tons inte­grated on our web­site, then Twit­ter assigns this infor­ma­tion to the per­sonal Twit­ter user account of the data sub­ject and stores the per­sonal data.

Twit­ter receives infor­ma­tion via the Twit­ter com­po­nent that the data sub­ject has vis­ited our web­site, pro­vided that the data sub­ject is logged in on Twit­ter at the time of the call-up to our web­site. This occurs regard­less of whether the person clicks on the Twit­ter com­po­nent or not. If such a trans­mis­sion of infor­ma­tion to Twit­ter is not desir­able for the data sub­ject, then he or she may pre­vent this by log­ging off from their Twit­ter account before a call-up to our web­site is made.

The applic­a­ble data pro­tec­tion pro­vi­sions of Twit­ter may be accessed under https://twitter.com/privacy?lang=en.

20. Data pro­tec­tion pro­vi­sions about the appli­ca­tion and use of YouTube

On this web­site, the con­troller has inte­grated com­po­nents of YouTube. YouTube is an Inter­net video portal that enables video pub­lish­ers to set video clips and other users free of charge, which also pro­vides free view­ing, review and com­ment­ing on them. YouTube allows you to pub­lish all kinds of videos, so you can access both full movies and TV broad­casts, as well as music videos, trail­ers, and videos made by users via the Inter­net portal.

The oper­at­ing com­pany of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, UNITED STATES. The YouTube, LLC is a sub­sidiary of Google Inc., 1600 Amphithe­atre Pkwy, Moun­tain View, CA 94043-1351, UNITED STATES.

With each call-up to one of the indi­vid­ual pages of this Inter­net site, which is oper­ated by the con­troller and on which a YouTube com­po­nent (YouTube video) was inte­grated, the Inter­net browser on the infor­ma­tion tech­nol­ogy system of the data sub­ject is auto­mat­i­cally prompted to down­load a dis­play of the cor­re­spond­ing YouTube com­po­nent. Fur­ther infor­ma­tion about YouTube may be obtained under https://www.youtube.com/yt/about/en/. During the course of this tech­ni­cal pro­ce­dure, YouTube and Google gain knowl­edge of what spe­cific sub-page of our web­site was vis­ited by the data sub­ject.

If the data sub­ject is logged in on YouTube, YouTube rec­og­nizes with each call-up to a sub-page that con­tains a YouTube video, which spe­cific sub-page of our Inter­net site was vis­ited by the data sub­ject. This infor­ma­tion is col­lected by YouTube and Google and assigned to the respec­tive YouTube account of the data sub­ject.

YouTube and Google will receive infor­ma­tion through the YouTube com­po­nent that the data sub­ject has vis­ited our web­site, if the data sub­ject at the time of the call to our web­site is logged in on YouTube; this occurs regard­less of whether the person clicks on a YouTube video or not. If such a trans­mis­sion of this infor­ma­tion to YouTube and Google is not desir­able for the data sub­ject, the deliv­ery may be pre­vented if the data sub­ject logs off from their own YouTube account before a call-up to our web­site is made.

YouTube's data pro­tec­tion pro­vi­sions, avail­able at https://www.google.com/intl/en/policies/privacy/, pro­vide infor­ma­tion about the col­lec­tion, pro­cess­ing and use of per­sonal data by YouTube and Google.

21. Pay­ment Method: Data pro­tec­tion pro­vi­sions about the use of PayPal as a pay­ment proces­sor

On this web­site, the con­troller has inte­grated com­po­nents of PayPal. PayPal is an online pay­ment ser­vice provider. Pay­ments are processed via so-called PayPal accounts, which rep­re­sent vir­tual pri­vate or busi­ness accounts. PayPal is also able to process vir­tual pay­ments through credit cards when a user does not have a PayPal account. A PayPal account is man­aged via an e-mail address, which is why there are no clas­sic account num­bers. PayPal makes it pos­si­ble to trig­ger online pay­ments to third par­ties or to receive pay­ments. PayPal also accepts trustee func­tions and offers buyer pro­tec­tion ser­vices.

The Euro­pean oper­at­ing com­pany of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boule­vard Royal, 2449 Lux­em­bourg, Lux­em­bourg.

If the data sub­ject chooses "PayPal" as the pay­ment option in the online shop during the order­ing process, we auto­mat­i­cally trans­mit the data of the data sub­ject to PayPal. By select­ing this pay­ment option, the data sub­ject agrees to the trans­fer of per­sonal data required for pay­ment pro­cess­ing.

The per­sonal data trans­mit­ted to PayPal is usu­ally first name, last name, address, email address, IP address, tele­phone number, mobile phone number, or other data nec­es­sary for pay­ment pro­cess­ing. The pro­cess­ing of the pur­chase con­tract also requires such per­sonal data, which are in con­nec­tion with the respec­tive order.

The trans­mis­sion of the data is aimed at pay­ment pro­cess­ing and fraud pre­ven­tion. The con­troller will trans­fer per­sonal data to PayPal, in par­tic­u­lar, if a legit­i­mate inter­est in the trans­mis­sion is given. The per­sonal data exchanged between PayPal and the con­troller for the pro­cess­ing of the data will be trans­mit­ted by PayPal to eco­nomic credit agen­cies. This trans­mis­sion is intended for iden­tity and cred­it­wor­thi­ness checks.

PayPal will, if nec­es­sary, pass on per­sonal data to affil­i­ates and ser­vice providers or sub­con­trac­tors to the extent that this is nec­es­sary to ful­fill con­trac­tual oblig­a­tions or for data to be processed in the order.

The data sub­ject has the pos­si­bil­ity to revoke con­sent for the han­dling of per­sonal data at any time from PayPal. A revo­ca­tion shall not have any effect on per­sonal data which must be processed, used or trans­mit­ted in accor­dance with (con­trac­tual) pay­ment pro­cess­ing.

The applic­a­ble data pro­tec­tion pro­vi­sions of PayPal may be retrieved under https://www.paypal.com/us/webapps/mpp/ua/privacy-full.

22. Legal basis for the pro­cess­ing

Art. 6(1) lit. a GDPR serves as the legal basis for pro­cess­ing oper­a­tions for which we obtain con­sent for a spe­cific pro­cess­ing pur­pose. If the pro­cess­ing of per­sonal data is nec­es­sary for the per­for­mance of a con­tract to which the data sub­ject is party, as is the case, for exam­ple, when pro­cess­ing oper­a­tions are nec­es­sary for the supply of goods or to pro­vide any other ser­vice, the pro­cess­ing is based on Arti­cle 6(1) lit. b GDPR. The same applies to such pro­cess­ing oper­a­tions which are nec­es­sary for car­ry­ing out pre-con­trac­tual mea­sures, for exam­ple in the case of inquiries con­cern­ing our prod­ucts or ser­vices. Is our com­pany sub­ject to a legal oblig­a­tion by which pro­cess­ing of per­sonal data is required, such as for the ful­fill­ment of tax oblig­a­tions, the pro­cess­ing is based on Art. 6(1) lit. c GDPR. In rare cases, the pro­cess­ing of per­sonal data may be nec­es­sary to pro­tect the vital inter­ests of the data sub­ject or of another nat­ural person. This would be the case, for exam­ple, if a vis­i­tor were injured in our com­pany and his name, age, health insur­ance data or other vital infor­ma­tion would have to be passed on to a doctor, hos­pi­tal or other third party. Then the pro­cess­ing would be based on Art. 6(1) lit. d GDPR. Finally, pro­cess­ing oper­a­tions could be based on Arti­cle 6(1) lit. f GDPR. This legal basis is used for pro­cess­ing oper­a­tions which are not cov­ered by any of the above­men­tioned legal grounds, if pro­cess­ing is nec­es­sary for the pur­poses of the legit­i­mate inter­ests pur­sued by our com­pany or by a third party, except where such inter­ests are over­rid­den by the inter­ests or fun­da­men­tal rights and free­doms of the data sub­ject which require pro­tec­tion of per­sonal data. Such pro­cess­ing oper­a­tions are par­tic­u­larly per­mis­si­ble because they have been specif­i­cally men­tioned by the Euro­pean leg­is­la­tor. He con­sid­ered that a legit­i­mate inter­est could be assumed if the data sub­ject is a client of the con­troller (Recital 47 Sen­tence 2 GDPR).

23. The legit­i­mate inter­ests pur­sued by the con­troller or by a third party

Where the pro­cess­ing of per­sonal data is based on Arti­cle 6(1) lit. f GDPR our legit­i­mate inter­est is to carry out our busi­ness in favor of the well-being of all our employ­ees and the share­hold­ers.

24. Period for which the per­sonal data will be stored

The cri­te­ria used to deter­mine the period of stor­age of per­sonal data is the respec­tive statu­tory reten­tion period. After expi­ra­tion of that period, the cor­re­spond­ing data is rou­tinely deleted, as long as it is no longer nec­es­sary for the ful­fill­ment of the con­tract or the ini­ti­a­tion of a con­tract.

25. Pro­vi­sion of per­sonal data as statu­tory or con­trac­tual require­ment; Require­ment nec­es­sary to enter into a con­tract; Oblig­a­tion of the data sub­ject to pro­vide the per­sonal data; pos­si­ble con­se­quences of fail­ure to pro­vide such data

We clar­ify that the pro­vi­sion of per­sonal data is partly required by law (e.g. tax reg­u­la­tions) or can also result from con­trac­tual pro­vi­sions (e.g. infor­ma­tion on the con­trac­tual part­ner). Some­times it may be nec­es­sary to con­clude a con­tract that the data sub­ject pro­vides us with per­sonal data, which must sub­se­quently be processed by us. The data sub­ject is, for exam­ple, obliged to pro­vide us with per­sonal data when our com­pany signs a con­tract with him or her. The non-pro­vi­sion of the per­sonal data would have the con­se­quence that the con­tract with the data sub­ject could not be con­cluded. Before per­sonal data is pro­vided by the data sub­ject, the data sub­ject must con­tact our Data Pro­tec­tion Offi­cer. Our Data Pro­tec­tion Offi­cer clar­i­fies to the data sub­ject whether the pro­vi­sion of the per­sonal data is required by law or con­tract or is nec­es­sary for the con­clu­sion of the con­tract, whether there is an oblig­a­tion to pro­vide the per­sonal data and the con­se­quences of non-pro­vi­sion of the per­sonal data.

26. Exis­tence of auto­mated deci­sion-making

As a respon­si­ble com­pany, we do not use auto­matic deci­sion-making or pro­fil­ing.

This Pri­vacy Policy has been gen­er­ated by the Pri­vacy Policy Gen­er­a­tor of the Exter­nal Data Pro­tec­tion Offi­cers that was devel­oped in coop­er­a­tion with RC GmbH, which sells used note­books and the Media Law Lawyers from WBS-LAW.