Data Protection and Privacy Policy
We are delighted that you are interested in our company, products, and services and would like to provide you with some key information regarding our approach to protecting your personal data. Protecting personal data is crucial, particularly in tomorrow's Internet-based business models and when developing Internet-based economies. In this data protection statement, we therefore aim to emphasize our dedication to protecting your personal data.
Our employees as well as the service providers appointed by us are bound to confidentiality and to observing the General Data Protection Regulation (EU) 2016/679 (GDPR) and any other relevant data protection regulations. We take protecting your personal data very seriously and conscientiously follow the rules of data protection acts.
1. Contacts
Contact for the responsible company and CEO:
IB-Lenhardt AG
Daniel Lenhardt
Heinrich-Hertz-Allee 7
66386 St. Ingbert
E-Mail: d.lenhardt@ib-lenhardt.de
Phone: +49 6894 38938-20
Fax: +49 6894 38938-99
Contact for the Data Protection Officer:
Fabian Hewer
Heinrich-Hertz-Allee 7
66386 St. Ingbert
E-Mail: datenschutz@ib-lenhardt.de
Phone: +49 6894 38938-53
Fax: +49 6894 38938-99
Contact for the Supervisory Authority:
Unabhängiges Datenschutzzentrum Saarland
Fritz-Dobisch-Str. 12
66111 Saarbrücken
E-Mail: poststelle@datenschutz.saarland.de
Phone: +49 0681 94781-0
Fax: +49 0681 94781-29
2. Collection and storage of personal data and purpose of their use
a) When visiting our website
The web browser you use on your device automatically sends data to our website once it is loaded. This information is stored temporarily in a so-called log file. The following information is logged automatically and stored until it is automatically deleted:
IP address of the requesting device
Date and time of the request
Name and URL of the requested file
Website from which the request originated (referer URL);
browser software used, possibly the operating system of your device and the name of your access provider.
The data points listed above are processed to the following end:
Ensuring the flawless delivery of the website
Assuring the comfortable use of our website
Analysis for system stability and security
GDPR Article 6 (1) point (f) forms the legal basis for this data processing. Our legitimate interest arises from the aforementioned purposes of gathering data. In no case we use the gathered data to draw conclusions about your person.
Furthermore, when visiting our website we make use of cookies and analytical services (Google Analytics). You can find more information on this in sections 4 and 5 of this document.
b) When signing up to our newsletter
If you have expressly agreed to do so according to GDPR Article 6(1)(a), we use your e-mail address to regularly send you our newsletter. Providing an e-mail address is sufficient for receiving our newsletter. Unsubscribing is possible at any time, i. e. via a link at the end of each newsletter. You may also send us your desire to unsubscribe by e-mail to privacy@ib-lenhardt.de.
c) When using our contact form
For questions of any kind we provide the possibility to get in touch with us through a contact form on our website. This requires giving a correct name and a valid e-mail address, so that we know who contacted us and to reply. Further details may be provided voluntarily.
Processing the data to the end of contacting us follows GDPR Article 6(1)(a) on basis of your voluntary consent.
Personal data gathered by using our contact form is automatically deleted after we have completed your request.
3. Passing on your data
Transmission, proliferation and passing-on of your data to any third party does not take place, with the following purposeful exceptions:
We will pass on your data only to a third party if:
you have given your express permission according to GDPR Article 6(1)(a);
necessary for the enforcement, exercise or defense of legal interests and there are no grounds for the assumption that you may have a substantially predominate interest in the protection and non-disclosure of your data, according to GDPR Article 6(1)(f);
there are legal obligations to do so, according to GDPR Article 6(1)(c); or
doing so is in accordance to GDPR Article 6(1)(b) in order to fulfill a contract with you.
4. Cookies
On our website we use cookies. These are small files, which your browser creates automatically and stores on your device (i. e. computer, notebook, tablet, smart phone) when you visit our website. Cookies cannot harm your device; they contain no viruses, trojans or other malware. A cookie may contain information that relates to your specific device. But this does not mean that we automatically and directly know your identity or who you are.
On the one hand we use cookies to give you a better browsing experience on our website. Thus, we may use so-called session cookies to see that you have visited a certain page from our website before. Your browser deletes them automatically as soon as you close it.
Furthermore, we may also use temporary cookies for a pre-defined time range on your device. We do this to constantly improve our website and give you a better browsing experience; for example, this may spare you from re-entering information you already entered into a form on a previous visit to our website.
On the other hand, we use cookies to gather statistical information, which will be processed to the end of improving our website for the future (see also section 5). These cookies let us know that you’ve already been here before. After a pre-defined time range, these cookies are deleted automatically as well.
Data processed through our Cookies constitute a legitimate interest of both ourselves and of third-parties according to GDPR Article 6(1)(f).
Most browsers accept cookies automatically. However, you may configure your browser to not store cookies at all on your computer or that each you are informed before a new cookie is created. But please note that full deactivation of cookies may result in the inability to use all features of our website.
5. Analysis tools, marketing, services
The following technologies are used to place interest-based advertising and to analyze and optimize the use of our website.
Use of SalesViewer® technology
This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.
In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally
The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
Cloudflare
Description of the service
Cloudflare is a service that offers websites increased security and performance. For example, Cloudflare offers a Content Delivery Network ("CDN") to improve website loading times. The use of a CDN enables the user to make content available for retrieval more quickly with the help of regionally or internationally distributed servers.
Processing company
Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, United States of America
Purpose of the data
This list shows the purposes of data collection and processing.
Optimization
Website security
Improvement of the service
Reducing bandwidth usage
Technologies used
This list shows all the technologies that this service uses to collect data.
Cookies
Data collected
This list contains all (personal) data collected by or through the use of this service.
IP address
System configuration information
Name of the website
Date and time of the request
Name and URL of the retrieved file
Amount of data transferred
Status information
Device operating system
Referrer URL
Requesting provider
Device type
Time of the server request
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. f GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
The data is deleted as soon as it is no longer required for the purposes of processing.
Data recipients
The recipients of the data collected are listed below
Cloudflare Group
Google AJAX
Description of the service
This is a stable, reliable, globally available high-speed content delivery network ("CDN") for the most popular open source JavaScript libraries
Processing company
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Delivering content
Technologies used
This list shows all the technologies used by this service to collect data.
JavaScript
Data collected
This list contains all (personal) data collected by or through the use of this service.
IP address
Browser information
Geographical location
Websites visited
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Data is deleted as soon as it is no longer required for the processing purposes.
Data recipients
The recipients of the collected data are listed below
Google LLC
Google Ireland Limited
Alphabet Inc
Google Fonts
Description of the service
This is a collection of fonts for commercial and personal use.
Processing company
Google Ireland Limited, Gordon House, 4 Barrow St, Dublin 4, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Provision of fonts
Improvement of the service
Technologies used
This list shows all the technologies that this service uses to collect data.
API
Collected data
This list contains all (personal) data collected by or through the use of this service.
IP address
Aggregated usage figures
Font request
Referrer URL
CSS requests
User Agent
Browser information
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Data is deleted as soon as it is no longer required for the processing purposes.
Data recipients
The recipients of the data collected are listed below
Alphabet Inc, Google LLC, Google Ireland Limited
Google Tag Manager
Description of the service
This is a tag management system. Google Tag Manager allows tags to be integrated centrally via a user interface. Tags are small sections of code that can track activities. Script codes from other tools are integrated via the Google Tag Manager. The Tag Manager makes it possible to control when a specific tag is triggered.
Processing company
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Tag management
Technologies used
This list shows all the technologies used by this service to collect data.
Website tags
Collected data
This list contains all (personal) data collected by or through the use of this service.
Aggregated data about the tag triggering
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
The data is deleted as soon as it is no longer required for the purposes of processing.
Data recipients
The recipients of the data collected are listed below
Alphabet Inc, Google LLC, Google Ireland Limited
gstatic.com
Description of the service
This is a domain used by Google to offload static content to another domain name in order to reduce bandwidth usage and increase network performance for the end user.
Processing company
Alphabet Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, United States of America
Purpose of the data
This list shows the purposes of data collection and processing.
Increase network performance
Reducing bandwidth usage
Technologies used
This list shows all the technologies that this service uses to collect data.
JavaScript
Data collected
This list contains all (personal) data collected by or through the use of this service.
Images
CSS
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. f GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Requests for CSS assets are stored temporarily for 1 day, font files are stored temporarily for one year. Some information is stored until it is removed by the user, some expires after a certain time, some is stored until the user's Google account is deleted.
Data recipients
The recipients of the data collected are listed below
Alphabet Inc, Google LLC, Google Ireland Limited
Hotjar
Description of the service
This is a web analysis service. It is used to collect data about user behavior. Hotjar may also process information provided by you as part of surveys and feedback functions that are integrated on our website.
Processing company
Hotjar Limited, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta
Purpose of the data
This list sets out the purposes of data collection and processing.
Analysis
feedback
Technologies used
This list shows all the technologies used by this service to collect data.
Cookies
Collected data
This list contains all (personal) data collected by or through the use of this service.
Date and time of the visit
Device type
Geographical location
IP address
Mouse movements
Pages visited
Referrer URL
Screen resolution
Unique device identifier
Language information
Device operating system
Browser type
Clicks
Domain name
Unique user ID
Responses to surveys
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Data about your visit and your activities on the website are generally stored for 365 days and then automatically deleted. This does not apply to information collected as part of surveys and incoming feedback. However, the data will always be deleted as soon as it is no longer required for the purposes of processing.
Data recipients
The recipients of the data collected are listed below.
Hotjar Ltd, Amazon Web Services EMEA SARL, Datadog Inc, Functional Software Inc.
New Relic
Description of the service
This is a performance analysis service.
Processing company
New Relic Inc, 188 Spear Street, Suite 1200, San Francisco, CA 94105, United States of America
Purpose of the data
This list shows the purposes of data collection and processing.
Marketing purposes
Digital performance monitoring
analysis
Technologies used
This list shows all the technologies used by this service to collect data.
cookies
Mobile SDK
API
Collected data
This list contains all (personal) data collected by or through the use of this service.
Browser information
Date and time of the visit
Device information
Device operating system
Domain name
Geographical location
IP address
Performance data
Unique device identifier
Usage data
User ID
Database query
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Data is deleted as soon as it is no longer required for the processing purposes.
Data recipients
The recipients of the collected data are listed below.
New Relic Inc.
Usercentrics Consent Management Platform
Description of the service
This is a consent management service. Usercentrics GmbH is used on the website as a processor for the purpose of consent management.
Processing company
Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany
Purpose of the data
This list shows the purposes of data collection and processing.
Compliance with legal obligations
Consent storage
Technologies used
This list shows all the technologies that this service uses to collect data.
Local Storage
Pixel
Collected data
This list contains all (personal) data collected by or through the use of this service.
Opt-in and opt-out data
Referrer URL
User agent
User settings
Consent ID
Time of consent
Consent type
Template version
Banner language
IP address
Geographical location
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. c GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Consent data (consent given and withdrawal of consent) is stored for one year. The data will then be deleted immediately.
Data recipients
The recipients of the data collected are listed below.
Usercentrics GmbH
Vimeo
Description of the service
This is a service for displaying video content.
Processing company
Vimeo LLC, 555 West 18th Street, New York, New York 10011, United States of America
Purpose of the data
This list shows the purposes of data collection and processing.
Show videos
Technologies used
This list shows all the technologies used by this service to collect data.
Cookies
Collected data
This list contains all (personal) data collected by or through the use of this service.
Browser information
Browser language
Browser type
Cookie information
Device information
Device operating system
Information from third-party sources
IP address
Pages visited
Referrer URL
Information provided by users on the site
Search queries
Geographical location
Viewed content
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Data is deleted as soon as it is no longer required for the processing purposes.
Data recipients
The recipients of the data collected are listed below.
Vimeo LLC
YouTube Video
Description of the service
This is a video player service. It can be used by the user to watch, share, comment on and upload videos.
Processing company
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Show videos
Technologies used
This list shows all the technologies used by this service to collect data.
Cookies (if the "Privacy-Enhanced" mode is not activated)
Collected data
This list contains all (personal) data collected by or through the use of this service.
Device information
IP address
Referrer URL
Viewed videos
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Data is deleted as soon as it is no longer required for the processing purposes.
Data recipients
The recipients of the collected data are listed below.
Alphabet Inc.
Google LLC
Google Ireland Limited
DoubleClick Ad
Description of the service
This is an advertising service. With this service it is possible to provide relevant ads to users and receive campaign reports.
Processing company
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Advertising
analysis
Optimization
Technologies used
This list shows all the technologies used by this service to collect data.
cookies
Collected data
This list contains all (personal) data collected by or through the use of this service.
Browser information
Click path
Cookie information
Date and time of visit
Demographic data
Device identifier
Location information
Hardware/software type
Internet service provider
IP address
Frequency with which ads are seen
Providing domains
Interaction data
Views of the page
Search history
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Data is deleted as soon as it is no longer required for the processing purposes.
Data recipients
The recipients of the collected data are listed below
Google Ireland Limited
Google LLC
Alphabet Inc.
Google Ads
Description of the service
This is an advertising service. This service can be used to display personalized or non-personalized advertising to users.
Processing company
Google Ireland Limited, Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Advertising
analysis
Provision of services
statistics
Technologies used
This list shows all the technologies used by this service to collect data.
cookies
Collected data
This list contains all (personal) data collected by or through the use of this service.
Advertisements viewed
Cookie ID
Date and time of the visit
Device information
Geographical location
IP address
Search terms
Advertising displayed
Customer ID
Impressions
Online identifiers
Browser information
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
The data is deleted as soon as it is no longer required for the purposes of processing. Log data is anonymized after 9 months and cookie information after 18 months.
Data recipients
The recipients of the data collected are listed below
Alphabet Inc, Google LLC, Google Ireland Limited
Google AdServices
Description of the service
This is an advertising service.
Processing company
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Advertising
Targeting
Technologies used
This list shows all the technologies used by this service to collect data.
Cookies
Collected data
This list contains all (personal) data collected by or through the use of this service.
Click path
events
IP address
Referrer URL
Touchpoint to the advertising material
Transaction
User Agent
Pages viewed
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
The data is deleted as soon as it is no longer required for the purposes of processing.
Data recipients
The recipients of the collected data are listed below
Google LLC
Google Ireland Limited
Alphabet Inc
Google Analytics
Description of the service
This is a web analytics service. It allows the user to measure advertising return on investment (ROI) and track user behavior with Flash, video, websites and applications.
Processing company
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
marketing
analysis
Technologies used
This list shows all the technologies used by this service to collect data.
cookies
pixels
JavaScript
Collected data
This list contains all (personal) data collected by or through the use of this service.
Click path
Date and time of the visit
Device information
Location information
IP address
Pages visited
Referrer URL
Browser information
Host name
Browser language
Browser type
Screen resolution
Device operating system
Interaction data
User behavior
Visited URL
Cookie ID
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
The retention period depends on the type of data stored. Each user can choose how long Google Analytics stores data before it is automatically deleted.
Data recipients
The recipients of the data collected are listed below
Google Ireland Limited, Alphabet Inc, Google LLC
Google Syndication
Description of the service
This is a Google domain used to store and load ad content and other resources related to ads for Google AdSense and DoubleClick from the Google CDN.
Processing company
Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Saving and loading ad content
Technologies used
This list shows all the technologies that this service uses to collect data.
Web beacons
Collected data
This list contains all (personal) data collected by or through the use of this service.
Category of ads
Ads clicked on
Interaction with ads
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
Data is deleted as soon as it is no longer required for the processing purposes.
Data recipients
The recipients of the collected data are listed below
Google LLC
Google Ireland Limited
Alphabet Inc
LinkedIn Insight Tag
Description of the service
This is a conversion tracking and retargeting service.
Processing company
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Purpose of the data
This list shows the purposes of data collection and processing.
Marketing and
Retargeting
analysis
Technologies used
This list shows all the technologies used by this service to collect data.
cookies
pixels
Collected data
This list contains all (personal) data collected by or through the use of this service.
Device information
IP address
Referrer URL
Timestamp
Browser information
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
The data is deleted after 90 days.
Data recipients
The recipients of the data collected are listed below
LinkedIn Ireland Unlimited Company
nr-data.net
Description of the service
This is a performance monitoring service.
Processing company
New Relic Corporation, 188 Spear St., Suite 1200, San Francisco, CA 94105, United States of America
Purpose of the data
This list shows the purposes of data collection and processing.
Optimization
Technologies used
This list shows all the technologies that this service uses to collect data.
SDKs
cookies
Collected data
This list contains all (personal) data collected by or through the use of this service.
IP address
Websites visited
Device identifier
Legal basis
The required legal basis for the processing of data is stated below
Art. 6 para. 1 sentence 1 lit. a GDPR
Retention period
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as it is no longer required for the specified processing purposes.
The data is deleted as soon as it is no longer required for the purposes of processing
Google Enhanced Conversions
On our website, we use Google Ads Enhanced Conversions provided by Google Inc. (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, "Google").
By using Google Ads Enhanced Conversions, we can better understand and optimize the performance of our advertising campaigns. For this purpose, we collect the email addresses and phone numbers you enter on our website (hereafter referred to as PIs) in a hashed format for further use in this process. Enhanced Conversions is a feature that improves the accuracy of conversion tracking while protecting user privacy by supplementing existing conversion tags with hashed PIs from the website. As part of the Enhanced Conversion feature, your hashed PIs are transmitted to Google on specific pages.
These measures are only implemented if you have consented to the use of this Google Conversion function in the tool settings. The enrichment of existing data is, of course, subject to the consent provided for this purpose. Only data from the sources you have agreed to are used.
Data Processor
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland
Privacy Information of the Data Processor
Below is the email address of the data protection officer of the processing company:
data-access-requests@google.com
Purposes of Data Processing
Advertising, recommendations, insights, and measurements
Performance
Analytics and research
Data Collected
The following is a list of data collected through the use of this service:
Hashed email address
Hashed phone number
Data is hashed using the SHA-256 encryption method.
The following list contains data not specifically collected for this process but already available for data processing and use within the respective services:
Information about your online behavior on our platforms, e.g., pages visited, forms filled out, products purchased, services used, etc.
Legal Basis
The following is the legal basis required for the processing of personal data:
Art. 6 para. 1 sentence 1 lit. a GDPR (Consent)
Location of Processing
European Union, worldwide
Retention Period
90 days
Data Recipients
Google and its worldwide affiliates
Transfer to Third Countries
Worldwide
Further Information
Click here to read the data processor’s privacy policy, obtain additional information, and manage your consents with Google:
https://policies.google.com/?gl=de&hl=de
6. Your rights as affected person
You have the right to:
demand disclosure of your personal data processed by us (GDPR Article 15). You may especially demand disclosure on the purposes of processing, the categories of personal data, the categories of recipients having or will have obtained disclosure of your data, the planned retention period, the existence of a right to correction, deletion, limitation of processing or the objection thereof, the existence of a right to appeal, the origin of your data as far as it has not been obtained by us, as well as the existence of an automatic decision-making process including profiling and potentially substantial information on the details thereof;
demand the immediate correction of wrong or completion of your personal data stored by us (GDPR Article 16);
demand the deletion of your personal data stored by us, as far as they are not necessary to exercising freedom of expression and information, fulfilling duty under law, on grounds of public interest or for the enforcement, exercise or defense of legal interests (GDPR Article 17);
demand the limitation of processing your personal data, as long you dispute its correctness, claim unlawful processing thereof, you however deny deletion and we no longer need the data, you however need it to enforce, exercise or defend legal claims or have according to GDPR Article 21 objected the processing of your data (GDPR Article 18);
demand your personal data which you have provided us in a common structured and machine-readable format or demand the transfer thereof to a named third party (GDPR Article 20);
revoke your one-time consent against us, followed the cease of any processing of your personal data which rested on this consent (GDPR Article 7 (3));
file complaint before a Supervisory Authority. Usually you may also do this before the Supervisory Authority responsible for your place of residence or company’s registered office.
7. Right to object
You have the right to object the processing of your personal data, if this data was processed on grounds of legitimate interest according to GDPR Article 6 (1) point (f), if you find yourself in a special situation or if the objection aims direct advertising. In the latter case, you have a general right to objection without naming a special situation. (GDPR Article 21).
If you wish to make use of your right to object, an e-mail to dp@ib-lenhardt.de will suffice.
8. Data Security
For visits on our website we use the common TLS (Transport Layer Security) procedure to secure your connection with the highest level of encryption supported by your web browser. Usually this is 256-bit encryption. If your browser does not support this, encryption will fall back to 128-bit strength. A closed-lock icon in the address bar of your browser will tell you whether or not one of our web pages is transmitted with encryption.
Furthermore, we make use of suitable technical and organizational measures in order to protect your data against manipulation, loss, destruction or the unauthorized access of third-parties. We do our best to keep up with technological evolution.
9. Currency and changes to this policy
This statement of privacy and data protection policy is currently valid and as of May 2018.
Through development of our website and offers thereon or due to changes in legal or authoritative requirements it may become necessary to change this policy.