Privacy Policy

Data Privacy Statement

of Hagstotz ITM GmbH, Research & Consulting, Saint-Andre-Straße 9, 75203 Königsbach-Stein

The company Hagstotz ITM GmbH takes the protection of your personal data seriously and complies with the statutory data protection regulations. Personal data is only collected to the technically required extent on this website. The collected data is neither sold nor disclosed to third parties for any other reasons.

The following Privacy Statement will provide an overview on how we guarantee this protection and which types of data are collected for which purpose.

 

§ 1          Name and contact data of the Controller and the Company Data Protection Officer

Controller pursuant to Art. 4(7) General Data Protection Regulation (GDPR) is Hagstotz ITM GmbH, Research & Consulting, Saint-Andre-Straße 9, 75203 Königsbach-Stein, vertreten durch die Geschäftsführerin Frau Karin Schmitt-Hagstotz, , info@hagstotz-itm.de, Tel: +49(0)7232/319090, Fax: +49(0)7232/3190919.

You can contact our Data Protection Officer, Mr Andreas Lingenfelser, at the above address with the addition ”The Data Protection Officer“ or on the email address datenschutz@hagstotz-itm.de.

 

§ 2          Information on the collection of personal data

(1) Below, we inform you about the collection of personal data when using our website. Personal data includes all data which can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.

(2) If you contact us via e-mail or via a contact form, we will store the data provided by you (your e-mail address and, if necessary, your name and phone number) in order to answer your questions. The data that were provided in this context will be deleted by us after the storage of such data is no longer required, or, in case legal retention periods apply, we will restrict the processing of such data.

(3) If we make use of contracted service providers for individual functions of our offer or if we intend to use your data for advertising purposes, we will inform you in more detail below about the corresponding activities. We will also indicate the criteria established by us concerning the storage time.

 

§ 3          Your rights

You may assert the following rights towards us with regard to the personal data relating to you:

•    pursuant to Art. 15 GDPR to request information regarding your personal data processed by us. In particular, you can obtain information about the purposes of the processing, the category of the personal data, the categories of recipients to whom your personal data have been or will be disclosed, the envisaged storage time, the existence of a right of rectification, erasure or restriction of processing of personal data or objection to such processing, the right to lodge a complaint, information as to the source of your data, if such data was not collected by us, the existence of automated decision-making, including profiling and, if applicable, meaningful information as to their details;

•    pursuant to Art. 16 GDPR to request the rectification of incorrect or completion of your personal data stored with us without undue delay;

•    pursuant to Art. 17 GDPR to request the erasure of your personal data stored with us, unless the processing is required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;

•    pursuant to Art. 18 GDPR to request the restriction of the processing of your personal data, provided you contest the accuracy of the personal data, the processing is unlawful and you oppose the erasure of such data and we no longer require the personal data, but such data are required by you for the establishment, exercise or defence of legal claims or you have objected to its processing pursuant to Art. 21 GDPR;

•    pursuant to Art. 20 GDPR to receive your personal data you have provided to us in a structured, commonly used and machine-readable format or to request the transmission of such data to another controller;

•    pursuant to Art. 7(3) GDPR to withdraw at any time your consent given to us. This means that we are no longer allowed to perform the processing of data based on such consent in the future, and

•    pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority. As a general rule, you may lodge the complaint with the supervisory authority competent for your habitual residence or your place of work or our registered office.

 

§ 4          Collection of personal data when visiting our website

(1) When you merely use the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we will not collect any personal data, except for the data sent by your browser to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. (The legal basis is Art. 6(1), clause 1, letter f GDPR):

  • IP address
  • Date and time of request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website issuing the request
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

(2) The aforementioned data is processed by us for the following purposes:

  • Ensuring a smooth connection to the website,
  • Ensuring a comfortable use of our website,
  • Evaluating system security and stability, and
  • for other administrative purposes.

 

Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

(3) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk and allocated to the browser you are using. The party responsible for storing the cookie (in this case us) will be supplied with certain information. Cookies cannot run programmes or transmit viruses to your computer. They are used to make the website more user-friendly and efficient on the whole.

Use of cookies:

a)  This website uses the following types of cookies and/or comparable software, the scope and functioning of which are explained below:

  • Transient cookies (see b)
  • Persistent cookies (see c)
  • Flash cookies (see f)
  • HTML5 storage objects (see f)

b)  Transient cookies are automatically deleted when you close your browser. These include in particular the session cookies. They store a so-called session ID which can be used to allocate different requests of your browser to the joint session. In this way, your computer can be recognised when you return to the website. The session cookies are deleted when you log out or when you close the browser.

c)   Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can use the security settings of your browser to delete the cookies at any time.

d)  You can configure your browser settings according to your wishes and, for example, refuse the acceptance of third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.

e)  We use cookies to identify you for follow-up visits if you have an account with us. Otherwise, you will have to log in again for each visit.

f)   The Flash cookies used are not recorded by your browser, but by your Flash plug-in. We also use HTML5 storage objects that are stored on your end device. These objects store the required data independently of the browser used and do not have an automatic expiry date. If you do not wish the Flash cookies to be processed, you must install a corresponding add-on, e.g. ”Better Privacy“ for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using the private mode in your browser. We also recommend that you regularly delete your cookies and your browser history manually.

(4) Furthermore, we use analytics services when you visit our website. A detailed explanation can be found below.

 

§ 5          Use of our contact form

(1) For enquiries of any kind, you can make use of the contact form provided on our website. To use this form, you need to provide a valid e-mail address so that we know who is making the enquiry and so that we can send you our reply. Any other information is provided voluntarily.

(2) We process data provided for the purpose of establishing contact in accordance with Article 6(1), clause 1, letter a GDPR, based on your freely given consent.

(3) The personal data we collect for the use of our contact form will be automatically deleted after the services in answer to your enquiry have ended.

 

§ 6          Further functions and offers of our website

(1) In addition to the purely informational use of our website, we offer various services (e.g. newsletter) which you can use if you are interested. As a rule, you must provide further personal data, which we use to provide the respective service and to which the aforementioned data processing principles apply.

(2) In some cases, we use external service providers to process your data. These service providers have been carefully selected and commissioned by us, they are bound by our instructions and are regularly checked.

(3) Furthermore, we may pass on your personal data to third parties if we offer conclusions of contracts or similar services together with partners. For more information, please provide your personal data or see the description of the offer below.

(4) If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.

 

§ 7          Disclosure of data

We will not disclose your personal data to third parties for any purposes other than those listed below. We will only disclose your personal data to third parties if:

  • you have given your explicit consent in accordance with Article 6(1), clause 1, letter a GDPR,
  • it is necessary to disclose this data, in accordance with Article 6(1), clause 1, letter f GDPR, for the establishment, exercise or defence of legal claims, and no grounds exist to assume you have an overriding and legitimate interest in the nondisclosure of your data,
  • this is required for compliance with a legal obligation to disclosure in accordance with Article 6(1), clause 1, letter c GDPR, and
  • it is legally permitted and necessary for the performance of a contract with you in accordance with Article 6(1), clause 1, letter b GDPR.

 

§ 8          Objection to or revocation of the processing of your data

(1) If you have given your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the permissibility of processing your personal data after you have given it to us.

(2) If we base the processing of your personal data on the weighing of interests, you may object to the processing. This is the case if processing is not necessary in particular to fulfil a contract with you, which is described by us in the following description of the functions. When exercising such objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust data processing or point out to you our compelling reasons worthy of protection, on the basis of which we will continue processing.

(3) You may of course object to the processing of your personal data for purposes of advertising at any time.

(4) You can inform us about your objection at the following contact details: info@hagstotz-itm.de.

 

§ 9       Use of Analysis Programs

(1)          We currently do not use any analysis program.

 

§ 10       Social media, connection to social networks

(1) We currently use the following social networks: Facebook, Twitter, Google+, LinkedIn and XING. On our website we do not currently use plug-ins from these network providers. To access the corresponding applications, click on the relevant link.

(2) We have no influence on the data that is then collected or on the data processing operations, nor have we knowledge of the full extent of the data collection, the purposes of the processing, or the storage periods. We also have no information relating to the deletion of the collected data by the network provider.

(3) You can find information on the purpose and scope of data collection and data processing by the network providers in the data protection or data privacy statements of these providers. There you can also find further information on your rights in this regard and on the settings options for protecting your privacy.
The addresses of the relevant providers and their URLs with data protection/privacy statements:

a) Our website has a connection (simple link) to the Facebook network. The provider is Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; for information on the Facebook data protection policy, see https://www.facebook.com/policy.php .

b) Our website has a connection (simple link) to the Twitter network. The provider is Twitter Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; for information on the Twitter data protection policy, see https://twitter.com/de/privacy .

c) Our website has a connection (simple link) to the Google+ network. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountainview, California 94043, USA; for information on the Google data protection policy, see https://policies.google.com/technologies/partner-sites?hl=de .

d) Our website has a connection (simple link) to the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. You can find information on the LinkedIn data protection policy at https://www.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy .

e) Our website has a connection (simple link) to the XING network. The provider is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany, for information on the data protection policy, see the XING data privacy statement https://privacy.xing.com/de/datenschutzerklaerung .

 

§ 11    Use of Google Maps

(1) This page uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to save your IP address. This information is generally transferred to a Google server in the USA and saved there. The provider of this page has no influence on this data transfer.

Google Maps are used to enable an attractive display of our online offers and to make it easy to find the locations specified on the website. This is a legitimate interest within the meaning of Art. 6 para. 1 letter f GDPR.

You can find more information on dealing with user data in the Google data protection statement: www.google.de/intl/de/policies/privacy/.

 

§ 12       Data security

(1) For the security of visits to our website, we employ the widely used SSL procedure (Secure Socket Layer) in conjunction with the highest encryption level that your browser supports. In most cases, this is 256-bit encryption. If your browser does not support 256-bit encryption, then we will fall back on 128-bit v3 technology. Which of the pages on our website are transferred in encrypted form can be recognised by a symbol of a key or of a closed padlock in the lower status bar of your browser.

(2) We also employ suitable technical and organisational security measures in order to protect your data from accidental or intentional manipulation, partial or complete loss, destruction or access by unauthorised third parties. Our security measures are continually improved in accordance with the development of technical standards.

 

Your HAGSTOTZ ITM GmbH Research & Consulting, Mai 2018