1. An overview of data protection
The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.
Data recording on this website
Who is the responsible party for the recording of data on this website (i.e., the “controller”)?
How do we record your data?
We collect your data as a result of your sharing of your data with us. This may, for instance be information you enter into our contact form.
Other data shall be recorded by our IT systems automatically or after you consent to its recording during your website visit. This data comprises primarily technical information (e.g., web browser, operating system, or time the site was accessed). This information is recorded automatically when you access this website.
What are the purposes we use your data for?
A portion of the information is generated to guarantee the error free provision of the website. Other data may be used to analyze your user patterns.
What rights do you have as far as your information is concerned?
You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. If you have consented to data processing, you have the option to revoke this consent at any time, which shall affect all future data processing. Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to log a complaint with the competent supervising agency.
Please do not hesitate to contact us at any time if you have questions about this or any other data protection related issues.
This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user's end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.
We are using the following host:
Andreas und Michael Geyer GbR
89584 Ehingen (Donau)
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
3. General information and mandatory information
The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.
Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.
We herewith advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third-party access.
Information about the responsible party (referred to as the “controller” in the GDPR)
The data processing controller on this website is:
Waldseilgarten Wallenhausen GmbH
Phone: 07309 425959
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).
General information on the legal basis for the data processing on this website
Information on data transfer to the USA and other non-EU countries
Among other things, we use tools of companies domiciled in the United States or other from a data protection perspective non-secure non-EU countries. If these tools are active, your personal data may potentially be transferred to these non-EU countries and may be processed there. We must point out that in these countries, a data protection level that is comparable to that in the EU cannot be guaranteed. For instance, U.S. enterprises are under a mandate to release personal data to the security agencies and you as the data subject do not have any litigation options to defend yourself in court. Hence, it cannot be ruled out that U.S. agencies (e.g., the Secret Service) may process, analyze, and permanently archive your personal data for surveillance purposes. We have no control over these processing activities.
Revocation of your consent to the processing of data
A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.
Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)
IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).
IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).
Right to log a complaint with the competent supervisory agency
In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.
Right to data portability
You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
Information about, rectification and eradication of data
Within the scope of the applicable statutory provisions, you have the right to at any time demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data. You may also have a right to have your data rectified or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time.
Right to demand processing restrictions
You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time. The right to demand restriction of processing applies in the following cases:
- In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
- If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data.
- If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
- If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.
4. Recording of data on this website
Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.
In some cases, it is possible that third-party cookies are stored on your device once you enter our site (third-party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g., cookies for the processing of payment services).
Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g., the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages.
Cookies, which are required for the performance of electronic communication transactions, or for the provision of certain functions you want to use (e.g., for the shopping cart function) or those that are necessary for the optimization (required cookies) of the website (e.g., cookies that provide measurable insights into the web audience), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of required cookies to ensure the technically error free and optimized provision of the operator’s services. If your consent to the storage of the cookies and similar recognition technologies has been requested, processing occurs exclusively on the basis of the consent obtained (Art. 6(1)(a) GDPR and § 25 (1) TTDSG); this consent may be revoked at any time.
You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.
In the event that third-party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Data Protection Policy and, if applicable, ask for your consent.
Server log files
The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises:
- The type and version of browser used
- The used operating system
- Referrer URL
- The hostname of the accessing computer
- The time of the server inquiry
- The IP address
This data is not merged with other data sources.
This data is recorded on the basis of Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.
If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.
The processing of these data is based on Art. 6(1)(b) GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6(1)(f) GDPR) or on your agreement (Art. 6(1)(a) GDPR) if this has been requested; the consent can be revoked at any time.
The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data or if the purpose for which the information is being archived no longer exists (e.g., after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions, in particular retention periods.
Request by e-mail, telephone, or fax
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR) if it has been obtained; the consent can be revoked at any time.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
5. Analysis tools and advertising
To measure conversion rates, this website uses the visitor activity pixel of Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.
This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns.
For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data.
The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.
In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: https://www.facebook.com/about/privacy/.
You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.
If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
6. Plug-ins and Tools
Google Web Fonts
To ensure that fonts used on this website are uniform, this website uses so-called Web Fonts provided by Google. When you access a page on our website, your browser will load the required web fonts into your browser cache to correctly display text and fonts.
To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
If your browser should not support Web Fonts, a standard font installed on your computer will be used.
For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.
This page uses Font Awesome for the uniform representation of fonts and symbols. Provider is Fonticons, Inc. 6 Porter Road Apartment 3R, Cambridge, Massachusetts, USA.
When you call up a page, your browser loads the required fonts into its browser cache to display texts, fonts, and symbols correctly. For this purpose, the browser you use must connect to the servers of Font Awesome. This allows Font Awesome to know that your IP address has been used to access this website. The use of Font Awesome is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the uniform presentation of the typeface on our website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
If your browser does not support Font Awesome, a standard font from your computer will be used.
We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to determine whether data entered on this website (e.g., information entered into a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g., IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google.
reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.
Data are stored and analyzed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the protection of the operator’s websites against abusive automated spying and against SPAM. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
We have included Wordfence on this website. The provider is Defiant Inc, Defiant, Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”).
Wordfence is designed to protect our website from unwanted access or malicious cyberattacks. To accomplish this, our website establishes a permanent connection with Wordfence’s servers, which check and block their databases against access to our website.
The use of Wordfence is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the most effective protection of his website against cyberattacks. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.
Data transmission to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.
We are very pleased about your interest in our company. Data protection has a particularly high value for the management of the Waldseilgarten Wallenhausen GmbH. A use of the internet pages of the Waldseilgarten Wallenhausen GmbH is generally accessible without any indication of personal data possible. If a person concerned uses special services of our company through our website, but could make a claim for damages through our website, but processing of personal data may become necessary. If the processing of personal data and exists for such processing no legal basis, we generally obtain the consent of the person concerned.
The Waldseilgarten Wallenhausen GmbH has been certified as being responsible Responsible for numerous technical and organizational measures implemented to ensure the most complete possible protection of the data transmitted via this website processed personal data. Nevertheless Internet-based data transmissions always have security gaps, so that absolute protection cannot be guaranteed. For this reason every data subject is free to use personal data also for alternative ways, for example by telephone.
The data protection declaration of Waldseilgarten Wallenhausen GmbH is based on the Terms used in the European Directives and Directives Regulator when adopting the basic data protection regulation (DS-GVO) were used. Our data protection declaration is intended to cover both easily readable for the public as well as for our customers and business partners and be understandable. To ensure this, we would like to first explain the terms used.
a) Individual-related data
Personal data is all information that relates to an identified or identifiable natural person (hereinafter referred to as 'data subject') obtain. A natural person is considered identifiable if he or she is directly or indirectly, in particular by assigning it to an identifier such as a name, to an identification number, to location data, to an online identification or to an or several special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person can be identified.
b) Person in question
A person in question means any identified or identifiable natural person whose personal data are processed by the controller. be processed by the controller.
Processing is any operation or set of operations, performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, conduct, location or change of location of that natural person.
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organisational measures, ensure that the personal data is not disclosed to an identified or identifiable natural person.
g) Controller or data controller
The data controller or data processor shall be the natural person responsible or any legal person, entity, body, office or agency which alone or jointly with others about the purposes and means of processing personal data is decisive. Are the purposes and means of this Processing by Union law or by the law of the Member States the responsible person or the specific persons can be informed about the criteria for its designation under Union law or the law of the Member States.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
The recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not it is a third party. However, authorities which may receive personal data in the course of a specific investigation, in accordance with Union or national law, shall not be considered as recipients.
j) Third party
A third party is any natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal datarbeiten.
Consent shall mean any informed and unequivocal expression of the data subject's free will in a specific case, in the form of a declaration or other unequivocal affirmative act by which the data subject signifies his or her consent to the processing of personal data relating to him or her.
2. Name and address of the controller
The person responsible within the meaning of the Basic Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature isWaldseilgarten Wallenhausen GmbH
Phone: 07309 425959
The person concerned can request the setting of cookies by our website at any time by means of a corresponding setting of the used Internet browsers and thus prevent the setting of cookies permanently contradict. Furthermore, cookies already set can be deleted at any time via a Internet browser or other software programs are deleted. This is described in all common Internet browsers possible. Does the person concerned deactivate the Cookies in the Internet browser used, are under certain circumstances not possible. not all functions of our website can be used to their full extent.
4. Collection of general data and information
The Internet site of the Waldseilgarten Wallenhausen GmbH records with each Access to the Internet site by a data subject or an automated system a number of general data and information. These general Data and information are stored in the log files of the server. The (1) browser types and versions used can be recorded, (2) the operating system used by the accessing system, (3) the website, by which an accessing system gets to our website (so-called referrer), (4) the sub-websites, which can be accessed via an accessing system (5) the date and time of a visit to our website, (5) the date and time of a visit to our access to the Internet site, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information relevant to the security of of attacks on our information technology systems.
When using this general data and information, the Waldseilgarten Wallenhausen GmbH does not draw any conclusions about the person concerned. This information is rather required to (1) improve the contents of our website correctly, (2) the contents of our website are not as well as the advertising for them, (3) the permanent Functionality of our information technology systems and technology of our website and (4) to enable law enforcement authorities to monitor in the event of a cyber attack, the necessary information for criminal prosecution to provide information. These anonymously collected data and information by the Waldseilgarten Wallenhausen GmbH are therefore on the one hand statistically and further evaluated with the aim of improving data protection and data security in our company in order to ultimately achieve an optimum level of protection for to ensure that the personal data processed by us is secure. The anonymous data of the server logfiles are separated from all other data by a personal data provided by the person concerned.
5. Registration on our website
The person concerned has the possibility to register on the website of the company responsible for the controller, indicating personal data, to register. Which personal data are transferred to the persons responsible for the processing responsible, is specified in the respective Input mask that is used for the registration. The input mask used by the personal data entered by the data subject will only be for internal use by the controller, and collected and stored for our own purposes. The person responsible for the processing Responsible person may pass on to one or more processors, for example, a parcel service provider, who will personal data also exclusively for internal use, which is attributable to the controller.
By registering on the website of the party responsible for the processing responsible will also be the Internet Service Provider (ISP) of the IP address assigned to the person concerned, the date and time of the Registration saved. The storage of this data takes place before the Background that this is the only way to prevent abuse of our services and, if necessary, to enable the data to be used to identify criminal offences committed ...to clear up the situation. In this respect, the storage of this data is necessary to secure the the processing controller is required. A transfer of this data to third parties does not take place in principle, unless there is a legal obligation to disclosure exists or the disclosure serves the purpose of criminal prosecution.
The registration of the data subject under voluntary disclosure of personal data serves the purpose of the controller, to offer the person concerned content or services which, on the basis of the Nature of the thing can be offered only to registered users. Registered persons are free to use the services offered during registration at any time or completely from the personal data provided to us and delete the data held by the controller.
The controller shall provide any data subject with information on what personal data relating to the data subject are stored at any time on request. The controller shall also correct or delete personal data on request or Notification of the data subject, unless otherwise provided by law are contrary to retention obligations. The entire staff of the company responsible for the data controller shall be available to the data subject in this context as a contact person.
6. Subscription of our newsletter
On the Internet site of the Waldseilgarten Wallenhausen GmbH the users are the possibility to subscribe to the newsletter of our company. Which personal data is sent to the person in charge of the newsletter when ordering the newsletter the data controller is transferred, results from the input mask used for this purpose.
The Waldseilgarten Wallenhausen GmbH informs its customers and business partners at regular intervals by means of a newsletter about Offers of the company. The newsletter of our company can be downloaded from the person concerned may in principle only be received if (1) the data subject has a valid e-mail address, and (2) the the person concerned registers to receive the newsletter. To the person sent by a Person concerned registered for the first time for the newsletter e-mail address, for legal reasons a confirmation e-mail will be sent to the Double-Opt-In procedure sent. This confirmation mail is used for Verification that the owner of the e-mail address is the data subject of the receipt of the newsletter.
When registering for the newsletter, we also store the data provided by the Internet Service Provider (ISP) of the IP address assigned by the affected the computer system used at the time of registration and the date and the time of registration. The collection of these data is necessary to the (possible) misuse of a data subject's e-mail address for later on and therefore serves the purpose of the legal and economic Protection of the controller.
The personal data collected in the context of a registration for the newsletter are used exclusively for the dispatch of our newsletter. Further subscribers to the newsletter could be informed by e-mail, provided this for the operation of the newsletter service or a registration in this regard is necessary, as in the case of changes to the newsletter offer or could be the case if the technical conditions change. It the data collected within the scope of the newsletter service will not be passed on to third parties personal data to third parties. The subscription to our newsletter can be be terminated at any time by the person concerned. The consent to the storage of personal data that the person concerned has given us for the newsletter can be revoked at any time. For the purpose of the revocation of the consent can be found in each newsletter a corresponding link. Furthermore there is the possibility to register at any time also directly on the Internet site of the controller of the newsletter dispatch or to inform the person responsible for the processing of in any other way.
The newsletter of the Waldseilgarten Wallenhausen GmbH contains so-called tracking pixels. A tracking pixel is a thumbnail graphic that is inserted into such e-mails which are sent in HTML format to create a log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns are carried out. Based on the embedded Zählpixels can recognize the Waldseilgarten Wallenhausen GmbH whether and when an e-mail has been opened by a person affected and which is stored in the e-mail links have been accessed by the data subject.
Such data collected via the tracking pixels contained in the newsletters personal data, shall be processed by the controller and shall be stored and evaluated to optimize the newsletter dispatch and The content of future newsletters will even better serve the interests of the person. This personal data will not be disclosed to third parties. passed on. Affected persons are entitled at any time to separate documents on this subject, submitted via the double opt-in procedure to revoke the declaration of consent. After a revocation these personal data from the controller deleted. A cancellation of the receipt of the newsletter indicates the Waldseilgarten Wallenhausen GmbH automatically as revocation.
8. Contact via the website
The Internet site of the Waldseilgarten Wallenhausen GmbH contains due to legal regulations Information that enables rapid electronic Establishing contact with our company and direct communication with us, which is also a general address of the so-called electronic mail (e-mail address). If a data subject by e-mail or via a contact form to contact the person responsible for the data controller, the data subjects shall be informed by the controller of the transmitted personal data is automatically stored. Such data on on a voluntary basis from a data subject to the controller responsible for processing personal data transmitted to the persons responsible are used for the purposes of processing or contacting the person concerned. It this personal data will not be passed on to third parties.
9. Routine deletion and blocking of personal data
The controller shall process and store personal data of the data subject only for the period of time necessary to is necessary to achieve the purpose of storage or if this is required by the European directives and regulations or any other legislator in laws or regulations, which the person responsible for the processing responsible, was provided for.
If the purpose of storage is no longer applicable or if one of the European Directives- and legislator or another competent legislator the prescribed storage period, the personal data will be stored for blocked routinely and in accordance with legal requirements or deleted.
10. Rights of the data subject
a) Right of confirmation
Every person concerned has to comply with the requirements of the European Directives and the right granted by the legislator to derogate from the to request confirmation from those responsible that they have been personal data are processed. If a data subject wishes this right of confirmation, it may at any time contact contact an employee of the controller.
b) Right of information
Any person affected by the processing of personal data has the right, granted by the European Directives and Regulations, to obtain at any time and free of charge from the controller information on personal data stored about him and to receive a copy of this information. Furthermore, the European Directive and Regulation Giver has granted the data subject access to the following information:
- the purposes of processing
- the categories of personal data processed
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular to recipients in third countries or international organisations
- if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
- the existence of a right of rectification or erasure of personal data relating to them or of a right of objection to their processing by the controller
- the existence of a right of appeal to a supervisory authority
- if the personal data are not collected from the data subject: All available information about the origin of the data
- the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the DPA and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject
- The data subject shall also have the right to obtain information as to whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject shall also have the right to obtain information on the appropriate safeguards in relation to the transfer.
If a data subject wishes to exercise this right of access, he or she may at any time contact an employee of the controller.
c) Right of correction
Every person concerned by the processing of personal data has the right, granted by the European legislator, to request the rectification without delay of inaccurate personal data concerning him. The data subject shall also have the right to request the completion of incomplete personal data, including by means of a supplementary declaration, having regard to the purposes of the processing.
If a data subject wishes to exercise this right of rectification, he or she may at any time contact an employee of the controller.
d) Right of cancellation (right to be forgotten)
Any person affected by the processing of personal data has the right, granted by the European Directives and Regulations, to obtain from the controller the immediate erasure of personal data relating to him/her, where one of the following reasons applies and where the processing is not necessary:
- The personal data has been collected or otherwise processed for purposes for which it is no longer necessary.
- The data subject withdraws the consent on which the processing was based in accordance with Article 6(1)(a) DPA or Article 9(2)(a) DPA and there is no other legal basis for the processing.
- The data subject lodges an objection to the processing pursuant to Article 21(1) of the DPA and there are no overriding legitimate reasons for processing, or the data subject lodges an objection to the processing pursuant to Article 21(2) of the DPA.
- The personal data were processed unlawfully.
- The deletion of personal data is necessary to comply with a legal obligation under Union or national law to which the controller is subject.
- The personal data were collected in relation to information society services offered in accordance with Article 8 (1) of the DS-GVO.
- If one of the above reasons applies and a person concerned wishes to have personal data stored by Waldseilgarten Wallenhausen GmbH deleted, he or she can contact an employee of the person responsible for processing at any time. The employee of Waldseilgarten Wallenhausen GmbH will ensure that the request for deletion is complied with immediately.
If the personal data was collected by the Waldseilgarten Wallenhausen GmbH made public and is our company as the responsible person according to Art. 17 (1) DS-GVO, our company is obliged to delete personal data, so meets the Waldseilgarten Wallenhausen GmbH under consideration of the available technology and implementation costs, also of a technical nature, to other data controllers, who process the published personal data, about it in to be informed that the data subject has been informed by these others for Data controller the deletion of all links to these sites personal data or of copies or replications of this data, or of copies or personal data, unless the processing does not involve the processing of is required. The employee of the Waldseilgarten Wallenhausen GmbH will be In individual cases, do what is necessary.
e) Right of restrict processing
Any person affected by the processing of personal data has the right granted by the European Directives and Regulations to request the controller to restrict the processing if one of the following conditions is met:
- The accuracy of the personal data is contested by the data subject for a period of time which allows the data controller to verify the accuracy of the personal data.
- The processing is unlawful, the data subject refuses to have the personal data deleted and instead requests that the use of the personal data be restricted.
- The controller no longer needs the personal data for the purposes of the processing, but the data subject needs them in order to assert, exercise or defend legal claims.
- The data subject has lodged an objection to the processing pursuant to Art. 21 (1) DPA and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.
- If one of the above-mentioned conditions is given and a person concerned wishes to request the restriction of personal data stored at Waldseilgarten Wallenhausen GmbH, he/she can contact an employee of the person responsible for processing at any time. The employee of Waldseilgarten Wallenhausen GmbH will arrange for the restriction of the processing.
f) Right of data transferability
Every person concerned by the processing of personal data shall have the right granted by the European Directive and Regulation Giver, which they personal data, which are transmitted by the data subject to a third party responsible, in a structured, common and reliable way, and in a machine-readable format. It also has the right to another person in charge without being hindered by the person in charge, to whom the personal data have been made available, provided that the processing is based on the consent pursuant to Article 6(1)(a) of the DPA or Art. 9(2)(a) DS-GVO or on a contract pursuant to Art. 6(6)(a) DS-GVO 1 letter b DS-GVO and the processing is carried out by means of automated procedure, unless the processing is necessary for the performance of a task which is necessary in the public interest or in the exercise of which of public authority, which has been transferred to the person responsible.
Furthermore, when exercising their right to data transfer in accordance with Article 20 Paragraph 1 of the DPA, data subjects have the right to request that personal data be transferred directly from one controller to another controller, insofar as this is technically feasible and provided that it does not adversely affect the rights and freedoms of other persons.
To assert the right to data transferability, the person concerned can contact an employee of Waldseilgarten Wallenhausen GmbH at any time.
g) Right of objection
Every person concerned by the processing of personal data has the right, granted by the European legislator, to object at any time, for reasons arising from his particular situation, to the processing of personal data concerning him which is carried out on the basis of Article 6 of the Directive and Regulation. paragraph 1(e) or (f) of the DPA. This also applies to profiling based on these provisions.
In the event of an objection, Waldseilgarten Wallenhausen GmbH will no longer process the personal data unless we can prove compelling reasons for processing worthy of protection that outweigh the interests, rights and freedoms of the person concerned, or the processing serves to assert, exercise or defend legal claims.
Does the Waldseilgarten Wallenhausen GmbH process personal data in order direct marketing, the data subject shall have the right at all times to Opposition to the processing of personal data for the purpose of of such advertising. This also applies to profiling, insofar as it is carried out with of such direct mail. If the data subject objects to Waldseilgarten Wallenhausen GmbH of the processing for the purposes of direct advertising, Waldseilgarten Wallenhausen GmbH will no longer process personal data for these purposes.
In addition, the person concerned has the right to object, for reasons arising from his or her particular situation, to the processing of personal data concerning him or her being carried out at Waldseilgarten Wallenhausen GmbH for scientific or historical research purposes or for statistical purposes in accordance with Article 89 Paragraph 1 of the DS-GVO, unless because such processing is necessary for the performance of a task carried out in the public interest.
In order to exercise the right of objection, the person concerned can directly contact any employee of Waldseilgarten Wallenhausen GmbH or any other employee. The person concerned is also free to exercise his or her right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures involving technical specifications.
h) Automated decisions in individual cases including profiling
Every person concerned by the processing of personal data shall have the the right granted by the European Directive and Regulation Giver, not to a exclusively on automated processing - including profiling - to be subjected to a decision based on the information available to it has legal effect, or if it has a similarly significant effect affected, unless the decision (1 ) is not relevant to the conclusion or Performance of a contract between the data subject and the responsible, or (2) required by law or regulation the Union or the Member States to which the responsible person is subject, and that this legislation provides for appropriate measures to ensure that the rights and freedoms and legitimate interests of the persons concerned person or (3) with the express consent of the data subject, or person is done.
If the decision (1) is necessary for the conclusion or fulfilment of a contract between the person concerned and the person responsible or (2) is made with the express consent of the person concerned, Waldseilgarten Wallenhausen GmbH will take appropriate measures to protect the rights and to safeguard the freedoms and legitimate interests of the data subject, for which purpose at least the right to obtain the intervention of a person from of the responsible person, to present his own point of view and to challenge of the decision.
If the data subject wishes to exercise rights relating to automated If the data subject wishes to invoke a decision, he or she may at any time consult a member of the staff of the controller.
i) Right to revoke a data protection consent
Every person affected by the processing of personal data has the right granted by the European Directives and Regulations to revoke his or her consent to the processing of personal data at any time.
If the data subject wishes to exercise his or her right to withdraw consent, he or she may at any time contact an employee of the controller.
11. Data protection for applications and the application process
The controller shall collect and process the personal data of applicants for the purpose of processing the Application procedure. The processing may also be carried out by electronic means take place. This is the case in particular if an applicant has application documents by electronic means, for example by e-mail or via a web form available on the Internet site, to which the Processing controller. Does the controller responsible for processing responsible for an employment contract with an applicant, the transmitted data for the purpose of processing the employment relationship stored in compliance with the statutory provisions. Is stored by the person responsible for the controller has no employment contract with the applicant the application file will be closed two months after the date of notification of the rejection decision is automatically deleted, provided that a deletion does not other legitimate interests of the controller are opposed to this. Other justified interests in this sense are for example, an obligation to produce evidence in proceedings under the General Equal Treatment Act (AGG).
12. Legal basis of the processing
Art. 6 I lit. a DS-GVO serves our company as a legal basis for Processing operations where we obtain consent for a specific Obtain purpose of processing. Is the processing of personal data for Performance of a contract to which the data subject is a party, as is the case for example with processing operations, for the delivery of goods or the provision of any other service or consideration are necessary, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations which are intended to implementation of pre-contractual measures are necessary, for example in cases of Inquiries about our products or services. Is our company subject to a legal obligation by which the processing of data personal data becomes necessary, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data could become necessary to protect the vital interests of the data subject, or of another natural person. This would be, for example, the Case, if a visitor in our company would be injured and as a result his name, his age, his health insurance data or other vital Information to a doctor, hospital or other third party would have to be passed on. Then the processing would be based on Art. 6 I lit. d DS-GVO. Finally, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations based on this legal basis are are not covered by any of the above legal bases if the Processing to protect a legitimate interest of our company or of a third party, provided that the interests, fundamental rights and obligations of fundamental freedoms of the person concerned do not prevail. Such processing operations are allowed, in particular because they are protected by the European legislator were specifically mentioned. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the person responsible (Recital 47 sentence 2 DS-GVO).
13. Legitimate interests in the processing pursued by the controller or a third party
If the processing of personal data is based on Article 6 I lit. f DS-GVO, our legitimate interest is to carry out our business activities for the benefit of the well-being of all our employees and our shareholders.
14. Duration for which the personal data are stored
The criterion for the duration of storage of personal data is the respective legal retention period. After expiry of the period, the corresponding data are routinely deleted, provided that they are no longer required for the fulfilment of the contract or the initiation of a contract.
15. Legal or contractual provisions for the provision of the personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing the data
We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or is also result from contractual regulations (e.g. details of the contractual partner) can. Sometimes it may be necessary for a contract to be concluded that a the person concerned provides us with personal data, which is stored in the sequence must be processed by us. The person concerned is for example, obligates us to provide personal data if our company concludes a contract with her. A non-delivery of personal data would have the consequence that the contract with the concerned could not be concluded. Before a provision personal data by the data subject, the data subject must contact one of our employees. Our employee clarifies the person concerned on a case-by-case basis, whether the provision of the personal data data required by law or contract or for the conclusion of a contract is required, whether an obligation exists which personal data, and the consequences of the use of such data for not providing the personal data.
16. Existence of automated decision making
As a responsible company, we avoid automatic decision making or profiling.
This data protection declaration was created by the data protection declaration generator of the DGD Deutsche Gesellschaft für Datenschutz GmbH, which acts as the external data protection officer for the Upper Palatinate, in cooperation with the lawyer for data protection Christian Solmecke.