Privacy Statement

We appreciate your interest in our company. Data protection is a particularly high priority for the management of Kerstin Schaab. Use of the website of Kerstin Schaab is in principle possible without providing personal information. want to take unless an affected person special services of our company on our website to complete, but the processing of personal data could be needed. If the processing of personal data required, and there is for such processing is no legal basis, we get a general consent of the person concerned.

The processing of personal data, such as the name, address, e-mail address or phone number of a person concerned, shall always be in line with the Data Protection Regulation and in accordance with the rules applicable for Kerstin Schaab country-specific data protection regulations. By means of this Privacy Policy, our company would like to inform the public about the nature, scope and purpose of the collected by us, used and processed personal data. Furthermore, data subjects are informed by this privacy statement on their legal rights.

The Kerstin Schaab has implemented as the person responsible for the processing of numerous technical and organizational measures to ensure the consistent maximum protection of processed via this website personal data. Nonetheless, Internet-based data transfers can basically have security holes, so that an absolute protection can not be guaranteed. For this reason, it is open to any person concerned to submit personally identifiable information on alternative routes, for example by phone, contact us.

1. definitions

The privacy statements of Kerstin Schaab is based on the terminology used by the European policy and legislature, when adopting the Data Protection Regulation (DS-GMO). Our Privacy Policy is intended to be easy to read and understand for both the public as well as for our customers and business partners. To ensure this, we want to advance to explain the terminology used.

We use in this privacy policy, among others, the following terms:

  • a) personal data

    Personal data is any information relating to an identified or identifiable natural person (the "data subject"). an individual is considered to be identified, directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, to an online identifier or to one or more special features that reflect the physical, physiological, are genetic, mental, economic, cultural or social identity of that natural person can be identified.

  • b) person affected

    Person concerned, any identified or identifiable natural person whose personal data are processed by the data controller.

  • c) processing

    Processing each operation performed with or without the aid of automated processes or any such process number associated with personal data such as collection, the collection, the organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, the balance or the shortcut that limitation, deletion or destruction.

  • d) Restriction of the processing

    Limitation of processing is the marking of stored personal data with the aim of limiting their future processing.

  • e) profiling

    Profiling is any type of automated processing of personal data, which is that these personal data are used to evaluate certain personal aspects relating to a natural person, in particular to aspects relating to labor, economic status, health, personal analyze preferences, interests, reliability, performance, location or relocation of this natural person or predict.

  • f) pseudonymization

    Pseudonymization is the processing of personal data in a manner in which the personal data can no longer be assigned to a specific subject without the assistance of additional information, provided this additional information be kept separately and technical and organizational measures are in place to ensure that the personal data not an identified or identifiable natural person assigned.

  • g) or responsible for the data controller

    Responsible or data controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Are the purposes and means of processing prescribed by European Union law or the law of the Member States, the person responsible or the specific criteria being appointed, in accordance with Union law or the law of the Member States can be provided can.

  • h) processors

    Processors is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the person responsible.

  • i) Receiver

    Receiver a natural or legal person, public authority, agency, or other entity, the personal information is to be disclosed, regardless of whether it is with her to a third party or not. Authorities that may receive personal data in the context of a particular inquiry shall in accordance with Union law or the law of the Member States, but not as receiver.

  • j) Third

    Third is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who are authorized under the direct authority of the controller or the processor to process the personal data.

  • k) Consent

    Consent is any voluntary for the particular case and unequivocally delivered by the data subject informed manner expression of will in the form of a declaration or another recognizable affirmative act by which is meant the person that they agree to the processing of personal data concerning is.

2. Name and address of the controller

Responsible in terms of the Data Protection Regulation, other force in the Member States of the European Union Data Protection Act and other regulations with data protection law nature is this:

Kerstin Schaab

Burker Straße 13

91725 Ehingen

Germany

Tel .: 09835-977490

E-mail: info@valentina-arabians.de

Website: www.valentina-arabians.de

3. cookies

The website of Kerstin Schaab uses cookies. Cookies are text files that are stored on an Internet browser on a computer system and stored.

Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string, through which websites and servers can be assigned to the specific Internet browser, wherein the cookie is stored. This makes it possible to distinguish the visited websites and servers to individual browser of the person affected by other Internet browsers containing other cookies. A specific internet browser can be recognized through the unique cookie ID and identified.

Through the use of cookies Kerstin Schaab can provide user-friendly services to users of this website that would be impossible without the cookie was set.

By means of a cookie, the information and offers can be optimized on our website the user in mind. Cookies enable us, as already mentioned, recognize the users of our website. The purpose of this recognition is to facilitate the use of our Internet users. The user of a website that uses cookies, for example, does not need every time you visit the website again enter his access because it is taken from the Internet and stored on the computer system of the user cookie. Another example is the cookie of the shopping basket in the online shop. The online store keeps track of the items that a customer has placed in the virtual shopping cart, a cookie.

The affected person may prevent the use of cookies through our website at any time by means of a corresponding adjustment of the Internet browser used and thus contradict permanently the use of cookies. Furthermore, set cookies can be deleted from a web browser or other software programs already any time. This is possible in all popular Internet browsers. Disables the victim of cookies in the used internet browser, not all features of our website are fully usable with.

4. recording of general data and information

The Kerstin Schaab the web detected by each call to the Internet through an individual or an automated system a set of general data and information. These general data and information are stored in the log files of the server. can be detected (1) Browser used types and versions, (2) the operating system from accessing the system, (3) the website from which an accessing system to our web passes (so-called referrer), (4) the sub-sites which on an accessing system are driven on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) of the Internet service provider of the accessing system and (8) other similar data and information in the interest of security in the event of attacks on our information technology systems.

When using this general data and information Kerstin Schaab draws no conclusions on the person concerned. This information is rather required to (1) deliver the content of our web site correctly, (2) to improve the content of our website and the advertising of them to ensure (3) the continued functioning of our information technology systems and the technology of our website as well ( 4) by law enforcement agencies in the event of a cyber attack to provide the necessary information to law enforcement. This anonymous data collected and information by Kerstin Schaab therefore one hand statistically and further analyzed with the aim to increase the privacy and data security in our company to ultimately ensure an optimal level of protection of personal data processed by us. The anonymous data from the server log files are stored separately from all specified by a data subject personal data.

5. Possible contacts via the website

The website contains the Kerstin Schaab under law disclosures that enable rapid electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If an affected person by e-mail or via a contact form contact with the receiving of the data controller, the personal information provided by the data subject are automatically saved. Such voluntarily from a data subject to the transmitted data controllers personal data are stored for the purpose of processing or contacting the affected person. There is no transfer of personal data to third parties.

6. commenting on the blog on the website

The Kerstin Schaab provides users on a blog that the person responsible is on the site for processing, the ability to leave individual comments for individual blog posts. A blog is called a run on a website, publicly accessible usually portal in which one or more persons, the blogger or web bloggers post articles or can write thoughts in so-called blog posts. The blog posts can be commented usually by third parties.

Leaves a victim a comment in the blog published on this website, in addition to the left by the person concerned comments and information at the time of the comment input as well as the chosen by the person concerned username (pseudonym) saved and published. Furthermore, the Internet Service Provider (ISP) of the person concerned assigned IP address will be logged. This storage of the IP address for safety reasons and in the event that the person violates the rights of third parties by a delivered comment or posting illegal content. Therefore, the storage of this personal data is in their own interest of the data controller, so this might exculpate the event of a violation of the law if necessary. There is no transfer of collected personal data to third parties, unless such disclosure is required by law or the legal defense of the controller used.

7. Routine deletion and blocking of personal data

The processed data controller and stores personal data of the person concerned only for the period of time necessary to achieve the storage purpose or if allowed by the European directives and regulations donors or other lawmakers in laws or regulations to which the data controller subject was provided.

Eliminates the storage purpose or prescribed by the European directives and regulations donors or other responsible legislator storage period expires, the personal data are blocked or deleted routinely and as required by law.

8. Rights of the data subject

  • a) Right to confirmation

    Each person has the right granted by the European directives and regulations donor right to obtain from the data controller confirmation as to whether they are processed personal data concerning. Wants to take a victim of this right of confirmation to complete, it can be this any time of the call to an employee of the data controller.

  • b) right to information

    Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors to obtain at any time from the gratuitous data controllers information about the stored personal personal data and a copy of that information. In addition, the European policy and legislature of the affected person information has granted the following information:

    • processing purposes
    • the categories of data that are processed
    • the recipients or categories of recipients to whom the personal data have been disclosed or not disclosed, particularly in recipients in third countries or international organizations
    • If possible, the planned duration for which the personal data are stored, or, if this is not possible, the criteria for determining such duration
    • the existence of a right to correct or delete personal data concerning him or restriction of processing by the controller or the right of appeal against this processing
    • the existence of a right of application with a regulatory body
    • if the personal data are not collected from the data subject: all available information on the origin of the data
    • the existence of an automated decision-making, including profiling in accordance with Article 22, paragraph 1 and 4 DS-GMO and - at least in these cases - meaningful information about the logic involved and the scope and the desired impact of such processing for the person concerned

    Furthermore, the data subject shall have a right to obtain information on whether personal data have been transferred to a third country or to an international organization. If this is the case, the person concerned is, moreover, have the right to obtain information about the appropriate safeguards in connection with the submission.

    Wants to take a victim of this Right to complete, it can be this any time of the call to an employee of the data controller.

  • c) the right to correct

    Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors, the immediate correction to demand of respective incorrect personal data. Furthermore, the data subject shall have the right, taking into account the purposes of the processing, the completion of incomplete personal data - to demand - also by means of a supplementary statement.

    Wants to take a victim of this right of rectification, it can this any time of the call to an employee of the data controller.

  • d) right to delete (right to be forgotten are)

    Any person implicated in the processing of personal data has the right granted by the European policy and legislature to require the person responsible that the personal data concerning them will be deleted immediately, unless one of the following reasons applies and insofar as the processing is not required:

    • The personal data was collected for such purposes or processed in some other way, for which they are no longer necessary.
    • The person concerned shall withdraw their consent to the processing according to Art. 6 para. 1 point a DS-GMO or Art. 9 par. 2 point a DS-GMO supported, and there is a lack of otherwise legal basis for the processing.
    • The person concerned shall in accordance with Art. 21 para. 1 DS-GMO object to the processing, and there are no overriding legitimate grounds for processing before, or the person acting in accordance with Art. 21 para. 2 DS-GMO opposition to the processing one.
    • The personal data has been unlawfully processed.
    • The deletion of personal data is necessary for compliance with a legal obligation under Union law or the law of the Member States, the subject of the charge.
    • The personal data 1 DS-GMO were offered in terms of information society services in accordance with Art. 8 para. Collected.

    If any of the above reasons applies and an affected person wants the deletion of personal data stored in Kerstin Schaab cause, it can be this any time of the call to an employee of the data controller. The employees of Kerstin Schaab will cause the delete request is fulfilled immediately.

    the personal data of the Kerstin Schaab were made public and our company as the person responsible in accordance with Art. 17 para. 1 DS-GMO obliged to deletion of personal data to it, the Kerstin Schaab, taking into account the available technology and the cost of implementation appropriate measures, to set technical one for data controllers that process the published personal data on notice that the person concerned from these other for the data controller the erasure of all the links to these personal data or copies or replications of personal data demanded insofar as such processing is not required. The employees of Kerstin Schaab will do what is necessary in individual cases.

  • e) right to restrict the processing

    Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors to demand the limitation of processing by the person responsible if any of the following circumstances:

    • The accuracy of personal data is contested by the data subject, namely for a period which allows the controller to verify the accuracy of the personal data.
    • The processing is unlawful and the data subject rejects the deletion of personal data and calls instead for limiting the use of personal data.
    • The person in charge does not need the personal data for the purposes of processing longer, the person concerned, however, it needs to establishment, exercise or defense of legal claims.
    • The person concerned pursuant to object to processing. Art. 21 para. 1 DS-GMO inserted and it is not yet clear whether the legitimate reasons for the charge against those outweigh the individual concerned.

    If one of the above conditions is given and a person concerned would the restriction of personal data stored in Kerstin Schaab require, they may for this purpose at any time of the call to an employee of the data controller. The employees of Kerstin Schaab will cause the limitation of the processing.

  • f) the right to data portability

    Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors that they get personal data, which were provided by the person concerned a charge, in a structured, consistent and machine-readable format. It also has to submit these data to another charge without being hindered by those responsible, which the personal data have been provided the right, provided that the processing on the consent according to Art. 6 para. 1 point a DS-GMO or Art. 9 para . 2, point a DS-GMO or on a contract in accordance with Art. 6, para. 1, point b DS-GMO based and carried out the processing using automated procedures, provided that the processing is not required for the performance of a task which is in the public interest or , done in the exercise of official authority which has been transferred to the person responsible.

    Furthermore, the data subject 1 DS-GMO has in exercising their right to data portability under Art. 20 para. To obtain that personal data are transferred directly from a charge to a different charge, if this is technically feasible and if the law, This does not, the rights and freedoms of others are affected.

    To exercise the right to data portability, the affected person may at any time apply to an employee's Kerstin Schaab.

  • g) right of appeal

    Any person implicated in the processing of personal data has the right granted by the European directives and regulations donor, for reasons arising from their specific situation at any time to the processing concerning them of personal data on the basis of Art. 6 para. 1 letter e or f DS-GMO done to appeal. This also applies to a system based on these provisions profiling.

    The Kerstin Schaab not process the personal data in the event of contradiction, unless we can prove compelling legitimate grounds for processing, outweigh the interests, rights and freedoms of the data subject, or the processing is for the establishment, exercise or defense legal claims.

    Processes the Kerstin Schaab personal information to operate direct mail, the person concerned has the right at any time to object to the processing of personal data for the purposes of such advertising. This also applies to the profiling, as far as it is in connection with such direct mail. Contradict the person concerned in relation to the Kerstin Schaab the processing for direct marketing purposes, the Kerstin Schaab will not process personal data for these purposes.

    In addition, the person concerned has the right for reasons arising from their specific situation, against which they processing of personal data for scientific when Kerstin Schaab or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 DS in question GMO done to appeal, unless such processing is necessary for the performance of a public interest task.

    To exercise the right to object to the data subject can directly contact any employee of Kerstin Schaab or another employee. The person concerned are also free, in connection with the use of information society services, regardless of Directive 2002/58 / EC to exercise their right by means of automated processes in which technical specifications defined.

  • h) Automated decisions in individual cases, including profiling

    Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors, not one solely on automated processing - including profiling - to be subject-based decision, which unfolds over legal effect or significantly affects him in a similar way, provided that the decision (1) is not for the conclusion or performance of a contract between the data subject and the person responsible is required, or (2), is authorized by the laws of the Union or the Member States, which is subject to charge and this legislation adequate measures included to safeguard the rights and freedoms and the legitimate interests of the data subject or (3) with the express consent of the data subject.

    If the decision (1) for the conclusion or performance of a contract between the data subject and the person responsible is required or (2) it is done with the express consent of the individual, meets the Kerstin Schaab appropriate measures to ensure the rights and freedoms and the legitimate to protect interests of the data subject, including at least the right to obtaining of a person's intervention on the part of those responsible, to a statement of his own position and to challenge the decision belongs.

    the person wants to have rights in relation to automated decisions, they can this any time of the call to an employee of the data controller.

  • i) the right to revoke a data protection consent

    Any person implicated in the processing of personal data has the right granted by the European policy and legislature to revoke a consent to the processing of personal data at any time.

    Want the person their right to withdraw a consent claim that they can this any time of the call to an employee of the data controller.

9. Legal basis for the processing

Art. 6 I lit. a DS-GVO dient unserem Unternehmen als Rechtsgrundlage für Verarbeitungsvorgänge, bei denen wir eine Einwilligung für einen bestimmten Verarbeitungszweck einholen. Ist die Verarbeitung personenbezogener Daten zur Erfüllung eines Vertrags, dessen Vertragspartei die betroffene Person ist, erforderlich, wie dies beispielsweise bei Verarbeitungsvorgängen der Fall ist, die für eine Lieferung von Waren oder die Erbringung einer sonstigen Leistung oder Gegenleistung notwendig sind, so beruht die Verarbeitung auf Art. 6 I lit. b DS-GVO. Gleiches gilt für solche Verarbeitungsvorgänge die zur Durchführung vorvertraglicher Maßnahmen erforderlich sind, etwa in Fällen von Anfragen zur unseren Produkten oder Leistungen. Unterliegt unser Unternehmen einer rechtlichen Verpflichtung durch welche eine Verarbeitung von personenbezogenen Daten erforderlich wird, wie beispielsweise zur Erfüllung steuerlicher Pflichten, so basiert die Verarbeitung auf Art. 6 I lit. c DS-GVO. In seltenen Fällen könnte die Verarbeitung von personenbezogenen Daten erforderlich werden, um lebenswichtige Interessen der betroffenen Person oder einer anderen natürlichen Person zu schützen. Dies wäre beispielsweise der Fall, wenn ein Besucher in unserem Betrieb verletzt werden würde und daraufhin sein Name, sein Alter, seine Krankenkassendaten oder sonstige lebenswichtige Informationen an einen Arzt, ein Krankenhaus oder sonstige Dritte weitergegeben werden müssten. Dann würde die Verarbeitung auf Art. 6 I lit. d DS-GVO beruhen.
Ultimately could processing operations on Art. 6 I lit. f DS GMOs rest. On this legal basis based processing operations which are not covered by any of the above legal bases when the processing to protect a legitimate interest of our company or a third party is required unless outweigh the interests for fundamental rights and freedoms of the data subject. Such processing operations are particularly us therefore permitted because they were specifically mentioned by the European legislator. He extent considered that a legitimate interest could be deemed to exist if the person concerned is a client of the charge (Recital 47 sentence 2 DS-GMO).

10. Legitimate interests of the processing that are pursued by the controller or a third party

Based processing of personal data Article 6 I lit. f DS-GMO is our legitimate interest to carry out our activities towards the welfare of all our employees and our shareholders.

11 period for which the personal data are stored

The criterion for the duration of the storage of personal data is relevant and statutory retention period. After the deadline, the relevant data is routinely deleted if they are no longer required to fulfill the contract or contract negotiations.

12. Statutory or contractual provisions to provide the personal data; Necessity for the conclusion of the contract; Obligation of the person concerned to provide the personal data; possible consequences of failure to provide

We will clarify the fact that the provision of personal data is required by law in some cases (eg tax laws) or also from contractual arrangements (eg information on the contractor) may result.
Sometimes it may be necessary to conclude a contract that any interested person presents us with personal data that must be processed in the order by us. The person concerned, for example, committed to provide personal information when our company enters into a contract with her. A failure to provide personal data would mean that the contract with the person concerned could not be closed.
Before a deployment of personal data by the person concerned, the person concerned must contact one of our employees. Our employees clears the affected individual cases also on whether the provision of personal data required by law or contract or is required for the contract if there is an obligation to provide the personal data, and what consequences would the failure to provide personal information.

13th anniversary of an automated decision-making

As a responsible company we do without an automatic decision or a profiling.