The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations, as well as in accordance with this Data Protection Statement.
1. RESPONSIBILITY FOR DATA PROCESSING
The operator of the website www.buntscheck.com (hereinafter “website”) and the party responsible for processing personal data which is collected on this website is:
2. DATA PROTECTION OFFICER
3. THE KIND OF DATA PROCESSED ON THE WEBSITE AND ITS PURPOSE
The use of our website is generally possible without providing personal data. However, we may process personal data in the situations described below.
Whenever personal data is collected on our website (e.g. name, address or e-mail address), or when you provide us with data (e.g. by sending us an e-mail), it happens on a voluntary basis. An exception applies to cases in which prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.
This data will not be given to third parties without your explicit consent, unless we are required to do so by law, regulatory directive, or court order.
We remind you that data transmission on the internet (e.g. when communicating via e-mail) can involve gaps in security. Complete protection of such data from access by third parties is not possible.
4. LEGAL BASIS FOR PROCESSING PERSONAL DATA
Whenever we request and receive a person’s consent to process their personal data, the legal basis for this is Article 6(1)(a) of the EU General Data Protection Regulation (hereinafter: “GDPR”).
If processing a person’s data is necessary for the performance of a contract to which that person is a party, then the legal basis is Article 6(1)(b) GDPR. This also applies to data processing which is necessary for pre-contractual steps.
If processing personal data is necessary for compliance with a legal obligation to which our firm is subject, then the legal basis is Article 6(1)(c) GDPR.
If processing personal data is necessary for the purposes of the legitimate interests pursued by our firm or by a third party, given that these interests do not override the interests or fundamental rights and freedoms of that person, then the legal basis is Article 6(1)(f) GDPR.
6. ACCESS DATA / SERVER LOG FILES
Each time our website is accessed, our system automatically gathers information about the system and the device being used to access it.
Our system collects and saves information that your browser transmits to us automatically in server log files. This information includes:
- Browser type and browser version
- Operating system
- Referrer URL (the page that linked to our website)
- Pages visited within our website
- Access status (files sent, files not found, etc)
- Date and time of the server request
- Amount of data transferred
- IP address
This information will not be stored together with any other personal data associated with the specific visitor to our website.
The temporary storage of data and log files is carried out on the basis of Section 15 (1) German Telemedia Act (TMG) and/or after 25th May 2018 on the basis of Article 6(1)(f) GDPR.
The storage in log files is done to ensure the functionality of our website and in order to be able to deliver the user-requested data package to the correct address when visiting our website. In addition, we use the information to ensure the security of our IT systems. An evaluation of the data for marketing purposes does not take place.
These purposes represent our legitimate interest in processing data as per Article 6(1)(f) GDPR. The data is deleted as soon as it is no longer needed for fulfilling the purpose for which is was collected. The log files described above are deleted after one week.
7. DATA SECURITY AND SSL ENCRYPTION
We do everything necessary to ensure that your information is handled securely and in accordance with this Data Protection Statement.
In order to ensure the best possible security for your data when it is communicated over the internet, we encrypt data using SSL (Secure Sockets Layer) encryption. You can see when a connection is SSL encrypted by checking the address line of your browser: a lock symbol is shown and “https://” appears at the beginning of the URL. Pages that are not encrypted can be recognised by “http://” at the beginning of the URL.
When SSL encryption is activated, the data that is transferred between you and the website cannot be read by third parties.
8. DURATION OF STORAGE AND DELETING OF DATA
The personal data described in this Data Protection Statement will be deleted in accordance with statutory provisions as soon as it is no longer required for the purposes described above. Insofar as statutory provisions prescribe a longer storage period, the data will be blocked so that its use for any other purpose will not be possible. Data is also blocked or deleted when a data retention period prescribed by the specified provisions expires – unless the data needs to be stored for longer for the purposes of concluding or fulfilling a contract.
9. YOUR RIGHTS REGARDING DATA PROTECTION
At any time, you have the right to information about your stored personal data, and as long as the regulatory requirements are met, you have the right to correction, deletion and restriction of data processing and the right to object to the processing of your data.
After 25th May 2018, you also have the right to receive your personal data in a structured, common and machine-readable format. Furthermore, as long as the regulatory requirements are met, you have the right to transfer this data to another authorised person. In exercising this right, you also have the right to stipulate that your personal data is transmitted directly by us to another authorised person, insofar as this is technically feasible. In this process, the freedoms and rights of other persons may not be affected.
To exercise these rights, as well as to send us other questions and/or complaints about the use of your personal information, you can contact us at any time at the address given in Section 2 above.
Complaints about the handling of your personal data may also be addressed to the relevant supervisory authority, in particular in the EU Member State of your place of residence, your employment or the location of the alleged infringement.
10. ADVERTISING E-MAIL EXPRESSLY PROHIBITED
The use of our contact information, published in fulfilment of imprint obligations, to send us any advertising or information material which we have not specifically requested, is herewith prohibited. If unsolicited advertising material such as spam e-mail are sent to us, we expressly reserve the right to take legal action against the parties responsible.