Privacy policy
1. Name and address of the data controller
Responsible within the meaning of the GDPR, other applicable data protection and privacy laws in member states of the European Union and other regulations regarding data protection is:
Marian Mueller / Mark Falkenrath
Hermann-Becker-Straße 2
D-50672 Cologne
info@etikett.digital
Phone: +49 (0) 221 169 102 94
e-mail: info@etikett.digital
2. Data protection officer
If you have any questions about this privacy statement, please send us an email or refer directly to our data protection officer:
Marian Mueller / Mark Falkenrath
Hermann-Becker-Straße 2
D-50672 Cologne
info@etikett.digital
Phone: +49 (0) 221 169 102 94
e-mail: info@etikett.digital
3. General information
3.1. Definitions acc. to Art. 4 EU GDPR
In this privacy statement we use, among others, the following terminology:
Personal data
Personal data is information relating to an identified or identifiable natural person (hereinafter ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject
The data subject is any identified or identifiable natural person, whose personal data is processed by the data controller responsible for the processing.
3.2. Legal basis for the processing
Art. 6(1) lit. a EU GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Art. 6(1) lit. b EU GDPR. The same applies to such processing operations, which are necessary for carrying out pre-contractual measures, for example in the case of enquiries concerning our products or services. If our company is subject to a legal obligation by which processing of personal data is required, such as for the fulfilment of tax obligations, the processing is based on Art. 6(1) lit. c EU GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if visitors were injured in our company and their name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or another third party. Then the processing would be based on Art. 6(1) lit. d EU GDPR. Finally, processing operations could be based on Art. 6(1) lit. f EU GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 EU GDPR).
3.3. Collection of general data and information
When calling up our website, a series of general data and information is automatically collected. This general data and information (server log files) collected may be the browser types and versions used, the operating system used, the domain name of your internet service provider and other similar data and information. When using such general data and information, we cannot draw any conclusions about the data subject. This information is technically necessary in order to deliver the content of our website correctly and inevitably accrue when using the Internet. We analyse anonymously collected data and information statistically, with the aim of optimizing the content of our website as well as the underlying website technology. The processing of data and information is based on Art. 6(1) lit. b EU GDPR, which allows the processing of data and information necessary for the completion of a contract or for carrying out pre-contractual measures.
3.4. Period for which the personal data will be stored
The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfilment of the contract or the initiation of a contract.
4. Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in so-called server log files. These are:
• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address
This data is transmitted to our webspace provider for technical reasons, in particular in order to provide a secure and stable website. The data collected will be stored temporarily, but will not be joined with your other personal data. The legal basis for the storage is Art. 6(1) lit. f EU GDPR. Our legitimate interest is based in the improvement, stability, functionality and safety of our website.
The data will be deleted as far as further storage for evidence purposes is not necessary. Otherwise, the data are completely or partially excluded from deletion until the incident has been conclusively resolved.
5. Contact via the website
This website contains information (e.g. name, company, email, telephone number) that enables quick electronic contact to our company as well as direct communication with us. If a data subject contacts the data controller by email or through a contact form, the personal data provided by the data subject will be automatically saved. Such personal data, transmitted by a data subject to the data controller, is stored for the purpose of processing or contacting the data subject. The legal basis for such processing is Art. 6(1) lit. b EU GDPR. There is no disclosure of personal data to third parties. Your data will be deleted once the matter has been conclusively dealt with, provided that statutory storage obligations do not exist.
6. Rights of the data subject
With regard to your personal data, you may exercise the following rights against the data controller:
• Right of Access (Art. 15 EU GDPR)
• Right to Rectification (Art. 16 EU GDPR)
• Right to Erasure or Restriction of Processing (Art. 17 and 18 EU GDPR)
• Right to Object the Processing (Art. 21 EU GDPR)
• Right to Data Portability (Art. 20 EU GDPR)
• Right to Lodge a Complaint With a Supervisory Authority (Art. 77 EU GDPR)
You may, at any time, claim whether we have stored personal data referring to you and what this data involves. Likewise, you have the right to demand correction, blocking or deletion (apart from the mandatory data storage for business transactions) of your personal data. In order to enable the blocking of data at any time, the data in question must be available on a black list for control purposes. You can also request the deletion of the data, unless this is excluded by a legal archiving obligation. Should such an obligation exist, we will, on your request, block your data. You can make changes or revoke your permission by sending us notification thereof. Such changes will apply to subsequent transactions.
7. Changes to our privacy policy
We reserve the right to update our privacy statement from time to time in order to take into account changes in legislation or jurisdiction or in order to incorporate changes to our services into the privacy statement, e.g. following the launch of new services. The new privacy statement will apply for your new visit.