We operate our websites in accordance with the following principles:
We are committed to complying with data protection laws and strive to always adhere to the principles of data avoidance and data minimisation.
1. 1. Name and address of the controller and data protection officer
a. The controller within the meaning of the General Data Protection Directive and other national data protection laws of the Member States of the European Union as well as other data protection regulations is:
represented by CEO Michael Jakal
The Data Protection Officer of the controller is:
3. Legal basis for the collection and processing of personal data
We only process your personal data, such as your surname and first name, e-mail address and IP address etc. if there is a legal basis for this. Three provisions of the General Data Protection Directive in particular come into consideration here:
- You have given us your consent for us to process your personal data for one or more purposes, Art. 6 (1) 1 lit. a GDPR. In this context, you will be informed by us in detail about the purpose or purposes of the processing and we will document your explicit consent.
- We need to process your personal data to fulfil a contract or to carry out pre-contractual measures with you, Art. 6 (1) 1 lit. b GDPR.
- We need to process your personal data to safeguard our legitimate interests, unless your interests or fundamental rights and freedoms prevail, Art. 6 (1) 1 lit. f GDPR.
However, we will always inform you of the legal basis for processing your personal data in each case.
4. Disclosure of personal data
We will not your personal data to third parties for purposes other than those listed below. We only share your personal information with third parties if:
- You have given your express consent in accordance with Art. 6 (1) 1 lit. a GDPR
- The disclosure pursuant to Art. 6 (1) 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
- Disclosure is legally required pursuant to Art. 6 (1) 1 lit. c GDPR, and
- This is legally permissible and necessary for the settlement of contractual relationships with you pursuant to Art. 6 (1) 1 lit. b GDPR.
5. Storage duration and deletion
We only save all personal data you provide to us for as long as necessary to fulfil the purposes for which such data was transferred, or as required by law. Upon fulfilment of the purpose and/or expiration of the legal storage periods, the data will be deleted or blocked by us.
6. SSL encryption
This website uses SSL encryption for security reasons and to protect the transfer of sensitive content, such as the requests you send to us as the website operator. You can identify an encrypted connection as the address line of the browser changes from "http://" to "https://" and the lock symbol in your browser line.
If SSL encryption is enabled, the data you submit to us cannot be read by third parties.
7. Collection and storage of personal data and the nature and purpose of use
A. When visiting the website
When you visit our website, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until automatic deletion:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which access is gained (referrer URL)
- Browser used and, if applicable, the operating system of your computer and name of your access provider
The data mentioned is processed by us for the following purposes:
- Ensuring the convenient use of our website
Data which can be used to identify you, such as your IP address, is deleted after no more than seven days. If we save the data beyond this period, the data will be pseudonymised so that it is no longer possible to identify you.
The legal basis for data processing is Art. 6 (1) 1 lit. f GDPR Our legitimate interest is based on the data collection purposes listed above. Under no circumstances do we use the collected data to make any conclusions about you as an individual.
B. Contact form / e-mail contact
A form is available on our website which can be used to contact us at any time. To use the contact form, you will be required to provide a name for us to personally address you and a valid email address which we can use to contact you, so that we know who has sent the enquiry and are able to process it.
If you send us enquiries using the contact form, your details in the enquiry form, including the contact details you provide and your IP address pursuant to Art. 6 (1) lit. b and f GDPR for the execution of pre-contractual measures performed out at your request or for the purpose of exercising our legitimate interests, namely to carry out our business activities.
You are also welcome to send us an e-mail using the e-mail address provided on our website. In this case, we will store and process your e-mail address and the data you provided in the e-mail pursuant to Art. 6 (1) lit. b and f GDPR to process your message.
The enquiries and associated data will be deleted no later than three months after receipt, unless they are required for a further contractual relationship.
The data is processed by cookies as required for the purposes mentioned above in order to safeguard our legitimate interests and those of third parties pursuant to Art. 6 (1) lit. f GDPR.
Most browsers automatically accept cookies on the basis of the browser pre-settings. However, you can configure your browser so that no cookies are stored on your device or so that a notification is displayed before a new cookie is stored. If you disable the cookies in your browser, you may not be able to use all features of our website.
The different types of cookies we use are explained below.
- Session cookies
To make the use of our website more pleasant, we use session cookies to recognise if you have already visited individual pages of our website.
These session cookies are automatically deleted after leaving our website.
- Temporary cookies
These temporary cookies are stored on your device for a specific period of time.
- Cookies for marketing and optimisation purposes
These cookies are automatically deleted after a defined period of time.
9. Analysis and tracking tools
We use the following analytics or tracking tools on our website. These serve to ensure the continuous optimisation of our website and to design it as needed.
These interests are justified in the sense of Art. 6 para. 1 lit. f GDPR. The respective data processing purposes and data categories can be found in the corresponding tools.
- Google Analytics
We use Google Analytics, a web analytics service provided by Google Inc., on our website (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google").
- The name and version of the browser used
- Your computer's operating system
- Website from which access is gained (referrer URL)
- IP address of the requesting computer
- Time of the server request
As we have activated IP anonymization on our website, however, your IP address is initially truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there.
On our behalf, Google will use this information to evaluate your use of our website, compile reports about website activities and provide further services related to website and internet usage to us. The IP address transferred from your browser by Google Analytics that your IP address will not be linked with any other data held by Google.
You can prevent the storage of cookies by appropriately setting your browser software. However, please note that in this case, you might not be able to fully use all functions offered by this website.
In addition, you can prevent data generated by the cookie and relating to your use of the website (including your IP address) from being collected and processed by Google, by downloading and installing a browser plug-in from the following link: http://tools.google.com/dlpage/gaoptout?hl=de
You can prevent your data from being collected by Google Analytics by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to our website: Disable Google Analytics
10. Rights of the data subject
You have the following rights:
You have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. This right to information includes information about
- the purposes of processing
- the categories of personal data
- the recipients or categories of recipients to whom your data has been or will be disclosed
- the planned storage duration or at least the criteria for determining the storage duration
- your right to rectify, delete, restrict or object to the processing
- the right to complain to a supervisory authority
- the origin of your personal information, if not collected by us
- automated decision-making, including profiling and, where appropriate, meaningful information about the details
Pursuant to Art. 16 GDPR, you have the right to request the immediate correction of incorrect or incomplete stored personal data.
According to Art. 17 GDPR you have the right to request immediate deletion of your personal data by us, as long as further processing is not necessary for one of the following reasons:
- To exercise the right to freedom of expression and information
- To fulfil a legal obligation required by the law of the European Union or Member States to which the controller is subject, or to carry out a task delegated to the controller which is in the public interest or to exercise public authority
- For reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) GDPR
- For archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of this processing
- To assert, exercise or defend legal claims
- Limitation of the processing
Pursuant to Art. 18 GDPR, you may request that the processing of your personal data be restricted for one of the following reasons:
- You dispute the accuracy of your personal data.
- The processing is illegal and you refuse the deletion of your personal data.
- We no longer need your personal data for processing purposes, but you need it to enforce, exercise or defend your rights.
- You have filed an objection to the processing pursuant to Art. 21 (1) GDPR.
If you have requested the rectification or deletion of your personal data or the restriction of processing pursuant to Art. 16, Art. 17 (1) and Art. 18 GDPR, we shall inform all recipients who have had access to your personal data unless this proves to be impossible or can only be achieved with a disproportionate effort. You can ask us to inform you about these recipients.
You have the right to receive your personal data in a standard, structured and machine-readable format.
You also have the right to request the transfer of this data to a third party, provided that the processing was carried out using automated procedures and upon consent pursuant to Art. 6 (1) 1 lit. a or Art. 9 para. 2 lit. a or on the basis of a contract pursuant to Art. 6 (1) 1 lit. b GDPR.
Pursuant to Art. 7 (3) GDPR, you have the right to revoke your consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent before the revocation. We will no longer be permitted to continue the data processing based on your revoked consent in the future.
Pursuant to Art. 77 GDPR, you have the right to complain to a supervisory authority if you believe that the processing of your personal data violates the GDPR.
If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 (1) 1 lit. f GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for this arising from your particular situation or if you object to receiving direct mail. In the latter case, you have a general right of objection, which shall be implemented by us without the need to specify any particular situation. If you would like to exercise your right of revocation or objection, please send an email to info@. lichtbasis.de
- Automated decision making in individual cases, including profiling
You have the right not to be subject to a decision based solely on automated processing - including profiling - which will have legal effect or significantly affect you in a similar manner. This does not apply if the decision
- is required for the conclusion or performance of a contract between you and us
- is legal under the laws of the European Union or of the Member States we are subject to, and if legislation contains reasonable safeguards to safeguard your rights and freedoms and your legitimate interests
- is made with your express consent
However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g GDPR applies and reasonable measures have been taken to protect the rights and freedoms and your legitimate interests.
With regard to the cases in i. and iii, we shall take reasonable steps to safeguard the rights and freedoms and your legitimate interests, which at least includes the initiation of an intervention by an individual representing us to express our own position and challenge the decision.
Last edited: 25.05.2018