We appreciate your interest in our company. Data protection is a particularly high priority for the management of Kerstin Schaab. Use of the website of Kerstin Schaab is in principle possible without providing personal information. want to take unless an affected person special services of our company on our website to complete, but the processing of personal data could be needed. If the processing of personal data required, and there is for such processing is no legal basis, we get a general consent of the person concerned.
The Kerstin Schaab has implemented as the person responsible for the processing of numerous technical and organizational measures to ensure the consistent maximum protection of processed via this website personal data. Nonetheless, Internet-based data transfers can basically have security holes, so that an absolute protection can not be guaranteed. For this reason, it is open to any person concerned to submit personally identifiable information on alternative routes, for example by phone, contact us.
Personal data is any information relating to an identified or identifiable natural person (the "data subject"). an individual is considered to be identified, directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, to an online identifier or to one or more special features that reflect the physical, physiological, are genetic, mental, economic, cultural or social identity of that natural person can be identified.
Person concerned, any identified or identifiable natural person whose personal data are processed by the data controller.
Processing each operation performed with or without the aid of automated processes or any such process number associated with personal data such as collection, the collection, the organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, the balance or the shortcut that limitation, deletion or destruction.
Limitation of processing is the marking of stored personal data with the aim of limiting their future processing.
Profiling is any type of automated processing of personal data, which is that these personal data are used to evaluate certain personal aspects relating to a natural person, in particular to aspects relating to labor, economic status, health, personal analyze preferences, interests, reliability, performance, location or relocation of this natural person or predict.
Pseudonymization is the processing of personal data in a manner in which the personal data can no longer be assigned to a specific subject without the assistance of additional information, provided this additional information be kept separately and technical and organizational measures are in place to ensure that the personal data not an identified or identifiable natural person assigned.
Responsible or data controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Are the purposes and means of processing prescribed by European Union law or the law of the Member States, the person responsible or the specific criteria being appointed, in accordance with Union law or the law of the Member States can be provided can.
Processors is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the person responsible.
Receiver a natural or legal person, public authority, agency, or other entity, the personal information is to be disclosed, regardless of whether it is with her to a third party or not. Authorities that may receive personal data in the context of a particular inquiry shall in accordance with Union law or the law of the Member States, but not as receiver.
Third is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who are authorized under the direct authority of the controller or the processor to process the personal data.
Consent is any voluntary for the particular case and unequivocally delivered by the data subject informed manner expression of will in the form of a declaration or another recognizable affirmative act by which is meant the person that they agree to the processing of personal data concerning is.
Responsible in terms of the Data Protection Regulation, other force in the Member States of the European Union Data Protection Act and other regulations with data protection law nature is this:
Burker Straße 13
Tel .: 09835-977490
The Kerstin Schaab the web detected by each call to the Internet through an individual or an automated system a set of general data and information. These general data and information are stored in the log files of the server. can be detected (1) Browser used types and versions, (2) the operating system from accessing the system, (3) the website from which an accessing system to our web passes (so-called referrer), (4) the sub-sites which on an accessing system are driven on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) of the Internet service provider of the accessing system and (8) other similar data and information in the interest of security in the event of attacks on our information technology systems.
When using this general data and information Kerstin Schaab draws no conclusions on the person concerned. This information is rather required to (1) deliver the content of our web site correctly, (2) to improve the content of our website and the advertising of them to ensure (3) the continued functioning of our information technology systems and the technology of our website as well ( 4) by law enforcement agencies in the event of a cyber attack to provide the necessary information to law enforcement. This anonymous data collected and information by Kerstin Schaab therefore one hand statistically and further analyzed with the aim to increase the privacy and data security in our company to ultimately ensure an optimal level of protection of personal data processed by us. The anonymous data from the server log files are stored separately from all specified by a data subject personal data.
The website contains the Kerstin Schaab under law disclosures that enable rapid electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If an affected person by e-mail or via a contact form contact with the receiving of the data controller, the personal information provided by the data subject are automatically saved. Such voluntarily from a data subject to the transmitted data controllers personal data are stored for the purpose of processing or contacting the affected person. There is no transfer of personal data to third parties.
The Kerstin Schaab provides users on a blog that the person responsible is on the site for processing, the ability to leave individual comments for individual blog posts. A blog is called a run on a website, publicly accessible usually portal in which one or more persons, the blogger or web bloggers post articles or can write thoughts in so-called blog posts. The blog posts can be commented usually by third parties.
Leaves a victim a comment in the blog published on this website, in addition to the left by the person concerned comments and information at the time of the comment input as well as the chosen by the person concerned username (pseudonym) saved and published. Furthermore, the Internet Service Provider (ISP) of the person concerned assigned IP address will be logged. This storage of the IP address for safety reasons and in the event that the person violates the rights of third parties by a delivered comment or posting illegal content. Therefore, the storage of this personal data is in their own interest of the data controller, so this might exculpate the event of a violation of the law if necessary. There is no transfer of collected personal data to third parties, unless such disclosure is required by law or the legal defense of the controller used.
The processed data controller and stores personal data of the person concerned only for the period of time necessary to achieve the storage purpose or if allowed by the European directives and regulations donors or other lawmakers in laws or regulations to which the data controller subject was provided.
Eliminates the storage purpose or prescribed by the European directives and regulations donors or other responsible legislator storage period expires, the personal data are blocked or deleted routinely and as required by law.
Each person has the right granted by the European directives and regulations donor right to obtain from the data controller confirmation as to whether they are processed personal data concerning. Wants to take a victim of this right of confirmation to complete, it can be this any time of the call to an employee of the data controller.
Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors to obtain at any time from the gratuitous data controllers information about the stored personal personal data and a copy of that information. In addition, the European policy and legislature of the affected person information has granted the following information:
Furthermore, the data subject shall have a right to obtain information on whether personal data have been transferred to a third country or to an international organization. If this is the case, the person concerned is, moreover, have the right to obtain information about the appropriate safeguards in connection with the submission.
Wants to take a victim of this Right to complete, it can be this any time of the call to an employee of the data controller.
Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors, the immediate correction to demand of respective incorrect personal data. Furthermore, the data subject shall have the right, taking into account the purposes of the processing, the completion of incomplete personal data - to demand - also by means of a supplementary statement.
Wants to take a victim of this right of rectification, it can this any time of the call to an employee of the data controller.
Any person implicated in the processing of personal data has the right granted by the European policy and legislature to require the person responsible that the personal data concerning them will be deleted immediately, unless one of the following reasons applies and insofar as the processing is not required:
If any of the above reasons applies and an affected person wants the deletion of personal data stored in Kerstin Schaab cause, it can be this any time of the call to an employee of the data controller. The employees of Kerstin Schaab will cause the delete request is fulfilled immediately.
the personal data of the Kerstin Schaab were made public and our company as the person responsible in accordance with Art. 17 para. 1 DS-GMO obliged to deletion of personal data to it, the Kerstin Schaab, taking into account the available technology and the cost of implementation appropriate measures, to set technical one for data controllers that process the published personal data on notice that the person concerned from these other for the data controller the erasure of all the links to these personal data or copies or replications of personal data demanded insofar as such processing is not required. The employees of Kerstin Schaab will do what is necessary in individual cases.
Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors to demand the limitation of processing by the person responsible if any of the following circumstances:
If one of the above conditions is given and a person concerned would the restriction of personal data stored in Kerstin Schaab require, they may for this purpose at any time of the call to an employee of the data controller. The employees of Kerstin Schaab will cause the limitation of the processing.
Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors that they get personal data, which were provided by the person concerned a charge, in a structured, consistent and machine-readable format. It also has to submit these data to another charge without being hindered by those responsible, which the personal data have been provided the right, provided that the processing on the consent according to Art. 6 para. 1 point a DS-GMO or Art. 9 para . 2, point a DS-GMO or on a contract in accordance with Art. 6, para. 1, point b DS-GMO based and carried out the processing using automated procedures, provided that the processing is not required for the performance of a task which is in the public interest or , done in the exercise of official authority which has been transferred to the person responsible.
Furthermore, the data subject 1 DS-GMO has in exercising their right to data portability under Art. 20 para. To obtain that personal data are transferred directly from a charge to a different charge, if this is technically feasible and if the law, This does not, the rights and freedoms of others are affected.
To exercise the right to data portability, the affected person may at any time apply to an employee's Kerstin Schaab.
Any person implicated in the processing of personal data has the right granted by the European directives and regulations donor, for reasons arising from their specific situation at any time to the processing concerning them of personal data on the basis of Art. 6 para. 1 letter e or f DS-GMO done to appeal. This also applies to a system based on these provisions profiling.
The Kerstin Schaab not process the personal data in the event of contradiction, unless we can prove compelling legitimate grounds for processing, outweigh the interests, rights and freedoms of the data subject, or the processing is for the establishment, exercise or defense legal claims.
Processes the Kerstin Schaab personal information to operate direct mail, the person concerned has the right at any time to object to the processing of personal data for the purposes of such advertising. This also applies to the profiling, as far as it is in connection with such direct mail. Contradict the person concerned in relation to the Kerstin Schaab the processing for direct marketing purposes, the Kerstin Schaab will not process personal data for these purposes.
In addition, the person concerned has the right for reasons arising from their specific situation, against which they processing of personal data for scientific when Kerstin Schaab or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 DS in question GMO done to appeal, unless such processing is necessary for the performance of a public interest task.
To exercise the right to object to the data subject can directly contact any employee of Kerstin Schaab or another employee. The person concerned are also free, in connection with the use of information society services, regardless of Directive 2002/58 / EC to exercise their right by means of automated processes in which technical specifications defined.
Any person implicated in the processing of personal data has the right granted by the European directives and regulations donors, not one solely on automated processing - including profiling - to be subject-based decision, which unfolds over legal effect or significantly affects him in a similar way, provided that the decision (1) is not for the conclusion or performance of a contract between the data subject and the person responsible is required, or (2), is authorized by the laws of the Union or the Member States, which is subject to charge and this legislation adequate measures included to safeguard the rights and freedoms and the legitimate interests of the data subject or (3) with the express consent of the data subject.
If the decision (1) for the conclusion or performance of a contract between the data subject and the person responsible is required or (2) it is done with the express consent of the individual, meets the Kerstin Schaab appropriate measures to ensure the rights and freedoms and the legitimate to protect interests of the data subject, including at least the right to obtaining of a person's intervention on the part of those responsible, to a statement of his own position and to challenge the decision belongs.
the person wants to have rights in relation to automated decisions, they can this any time of the call to an employee of the data controller.
Any person implicated in the processing of personal data has the right granted by the European policy and legislature to revoke a consent to the processing of personal data at any time.
Want the person their right to withdraw a consent claim that they can this any time of the call to an employee of the data controller.
Art. 6 I lit. a DS-GVO dient unserem Unternehmen als Rechtsgrundlage für Verarbeitungsvorgänge, bei denen wir eine Einwilligung für einen bestimmten Verarbeitungszweck einholen. Ist die Verarbeitung personenbezogener Daten zur Erfüllung eines Vertrags, dessen Vertragspartei die betroffene Person ist, erforderlich, wie dies beispielsweise bei Verarbeitungsvorgängen der Fall ist, die für eine Lieferung von Waren oder die Erbringung einer sonstigen Leistung oder Gegenleistung notwendig sind, so beruht die Verarbeitung auf Art. 6 I lit. b DS-GVO. Gleiches gilt für solche Verarbeitungsvorgänge die zur Durchführung vorvertraglicher Maßnahmen erforderlich sind, etwa in Fällen von Anfragen zur unseren Produkten oder Leistungen. Unterliegt unser Unternehmen einer rechtlichen Verpflichtung durch welche eine Verarbeitung von personenbezogenen Daten erforderlich wird, wie beispielsweise zur Erfüllung steuerlicher Pflichten, so basiert die Verarbeitung auf Art. 6 I lit. c DS-GVO. In seltenen Fällen könnte die Verarbeitung von personenbezogenen Daten erforderlich werden, um lebenswichtige Interessen der betroffenen Person oder einer anderen natürlichen Person zu schützen. Dies wäre beispielsweise der Fall, wenn ein Besucher in unserem Betrieb verletzt werden würde und daraufhin sein Name, sein Alter, seine Krankenkassendaten oder sonstige lebenswichtige Informationen an einen Arzt, ein Krankenhaus oder sonstige Dritte weitergegeben werden müssten. Dann würde die Verarbeitung auf Art. 6 I lit. d DS-GVO beruhen.
Ultimately could processing operations on Art. 6 I lit. f DS GMOs rest. On this legal basis based processing operations which are not covered by any of the above legal bases when the processing to protect a legitimate interest of our company or a third party is required unless outweigh the interests for fundamental rights and freedoms of the data subject. Such processing operations are particularly us therefore permitted because they were specifically mentioned by the European legislator. He extent considered that a legitimate interest could be deemed to exist if the person concerned is a client of the charge (Recital 47 sentence 2 DS-GMO).
Based processing of personal data Article 6 I lit. f DS-GMO is our legitimate interest to carry out our activities towards the welfare of all our employees and our shareholders.
The criterion for the duration of the storage of personal data is relevant and statutory retention period. After the deadline, the relevant data is routinely deleted if they are no longer required to fulfill the contract or contract negotiations.
We will clarify the fact that the provision of personal data is required by law in some cases (eg tax laws) or also from contractual arrangements (eg information on the contractor) may result.
Sometimes it may be necessary to conclude a contract that any interested person presents us with personal data that must be processed in the order by us. The person concerned, for example, committed to provide personal information when our company enters into a contract with her. A failure to provide personal data would mean that the contract with the person concerned could not be closed.
Before a deployment of personal data by the person concerned, the person concerned must contact one of our employees. Our employees clears the affected individual cases also on whether the provision of personal data required by law or contract or is required for the contract if there is an obligation to provide the personal data, and what consequences would the failure to provide personal information.
As a responsible company we do without an automatic decision or a profiling.