In the following provisions, we will inform you about the type, scope and purposes of the collection and use of your personal data on this website. Personal data is all information relating to an identified or identifiable natural person. This includes in particular your name, your address and your e-mail address. The use of our website is in general possible without providing personal data. You are neither obliged to visit this website nor to provide any personal data.
The controller in the meaning of the GDPR is Dr. Karsten Krupna, lawyer, Am Sandtorkai 77, 20457 Hamburg.
- Data Processing to Provide Website Contents
With each access to contents of our website connection data are transferred to our web server. These connection data include: the IP address (Internet Protocol address) of the respective user, the date and time of the request, the referrer URL, Device numbers such as UDID (Unique Device Identifier) and comparable device numbers, device information (e.g. device type) and the browser type / version. These connection data are not used to draw conclusions about the user's identity or are combined with data from other data sources, but serve to provide the website. After 7 days at the latest, the data is made anonymous by shortening the IP address at domain level. The legal basis for the processing of your data is Art. 6(1)(f) GDPR.
- Data Transfer
We will only transfer your personal data to third parties or other recipients if this is necessary for the provision of services, if you have given your consent, if there is a legal obligation or if the transfer of data is permitted on another legal basis. For example, data is passed on to technical service providers. Where necessary, we have made agreements with the recipients of your data on order processing in accordance with Art. 28 GDPR.
- Data Transfer to Countries outside the EU
In general, your data will not be transferred to recipients in countries outside the EU. However, should it be necessary for our purposes, we will only transfer your data if it is ensured that the recipient of the data guarantees an adequate level of data protection and that there are no other interests worthy of protection against the data transfer.
- Duration for which Personal Data are stored/Criteria for determing the Duration
Your personal data will be deleted by us as soon as they are no longer necessary for the aforementioned purposes of processing or in the event of an objection if there are no opposing grounds of us worthy of protection. In certain cases, e.g. if there is a legal obligation to store your personal data, however, they are not deleted immediately, but initially blocked.
- Security Measures to protect your personal data
We protect your data by technical and organisational measures against unauthorised access, loss or destruction. Our security measures are continuously improved in line with technological developments. Our employees and all persons involved in data processing are obliged to comply with data protection laws and the confidential handling of personal data. To protect the personal data of our users, we use a secure online transmission procedure, the so-called "Secure Socket Layer" (SSL) transmission. You can recognise this by the fact that an "s" ("https://") or a green, closed lock symbol is added to the address component http://. By clicking on the icon you will receive information about the SSL certificate used. The display of the symbol depends on the browser version you are using. SSL encryption guarantees the encrypted and complete transmission of your data.
- Your Rights
Within the framework of legal requirements, you can exercise the following rights:
- Confirmation whether personal data concerning you is processed by us.
- Access to these data and the circumstances of the processing.
- Correction if data is incorrect.
- Erasure, insofar as there is no justification and no obligation to keep the data (any more) for the processing.
- Restriction of processing in special cases provided for by law.
- Objection in the case of data processing on the basis of Art. 6(1)(f) GDPR.
- Transmission of your personal data - if you have provided it - to you or a third party in a structured, common and machine-readable format.
- No automated individual Decision-Making
We do not use your personal data for automated individual decisions.
- Amendment of the Data Protection Policy
New legal requirements, business decisions or technical developments may require changes to our data protection policy. The data protection policy will then be adapted accordingly. You can always find the latest version on our website.