Welcome to our pages. These privacy statements are based, inter alia, on the EU General Data Protection Regulation. Our website treats your personal data confidentially and processes your personal data only in accordance with the statutory provisions. The protection of your personal information is very important to us. Therefore, the collection of information from our websites is basically possible without providing personal information such as name, address, telephone number or e-mail address.
It may be necessary to process personal data when using other services, such as contacting by e-mail or using a form. In such necessary processing of personal data, we strictly adhere to the legal foundations. If the processing does not operate within legally regulated limits, we obtain the permission of the persons concerned before collecting and processing the personal data.
If we process personal data – such as first name and name, address, telephone or mobile phone number or e-mail address – this is done without exception in compliance with the provisions of the General Data Protection Regulation and the nationally applicable data protection regulations. The purpose of these privacy statements is to provide information about the nature, scope and purpose of data collection and the further use and processing of personal data. At this point, we want to publicly inform about the rights that each data subject has with regard to data protection.
Responsible for the processing of personal data is Holger Mertin. In order to ensure the most comprehensive and complete protection of personal data collected and processed through our websites, we have implemented extensive organizational and technical measures. In principle, however, data is transmitted when websites are accessed or contacted via e-mail, and security gaps can never be completely ruled out. Absolute protection against the knowledge of third parties can not be realized. Therefore, we offer each data subject to provide personal information to us through an alternative route, such as by mail or telephone.
Both the data protection provisions of the European General Data Protection Regulation (GDPR) and the national data protection provisions use terms on which these statements on the data protection of Holger Mertin are based. In order to explain to all persons who visit our pages our explanations of the data protection comprehensible and easy to read, the terms are listed and explained first.
The following terms are used in our privacy statements:
1.1 Personal data
personal data means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.2 Data subject (“Affected person”)
All natural persons who are identified or identifiable and whose personal data are processed by the responsible person of data processing.
This is any process or series of operations performed with or without the aid of automated processes, such as collecting, organizing, storing, adapting or modifying, reading out, querying, using, disclosure through submission, dissemination or any other form of provision, reconciliation or association, restriction, erasure or destruction.
1.4 Restriction of processing
The marking of stored personal data in order to limit their future processing.
Any type of automated processing of personal data that involves the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location of this natural person.
Is the processing of personal data such that the personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data do not belong to an identified or identifiable natural person.
1.7 Responsible for data processing (“Controller”)
Is the natural or legal person, public authority, agency or other that, alone or together with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the person who is responsible for data processing or the specific criteria for his designation may be provided for under Union or national law.
Representative means a natural or legal person established in the Union who, designated by the controller or processor in writing pursuant to Article 27, represents the controller or processor with regard to their respective obligations under this Regulation;
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
1.10 Third party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2.0 Naming a person responsible for data processing (“Controller”)
For the processing of personal data within the meaning of the EU General Data Protection Regulation and other applicable data protection laws in the member states of the EU as well as other directives in terms of data protection law:
This website uses so-called “cookies”. These are small pure text files that contain no potential damage. You can not damage a device that invokes these web pages or contain viruses. The calling browser stores cookies locally on the calling device to facilitate functions in communicating with web pages. For example, this could be credentials, the contents of a shopping cart, the settings in the email account that access a specific folder, and much more. Without cookies, internet sites will not be useful in many areas.
Most of these cookie text files are automatically deleted when the website leaves or the calling browser is closed (so-called “session cookies”). There are also some cookies that are stored permanently so that a repeat visit can be recognized and features re-made. So when calling web pages once selected settings do not need to be made again.
Cookies are used on almost all websites today. Most of these cookies contain a unique ID number. This ID number consists of an identifier that makes it possible to uniquely assign the browser used to the websites that have been visited. This allows web site operators to uniquely identify the browser and distinguish it from other browsers. Thus, the calling browser programs can be clearly identified and recognized.
Each browser has features to restrict or disable cookies. Due to the large number of possible browser programs, no general instructions for disabling cookies can be given here. The search with any search service (Google, Bing, etc.) for the name of the browser used and the term “disable cookies” as a result of accurate and current instructions for disabling cookies in the browser program used.
4.0 Automated information stored on the server (server log files)
Accessing this website, informations are automatically stored by the provider on whose servers the websites are stored and made available, which the calling processing device transmits to the server when these websites are called. This transmission is necessary so that the server can adapt to the individually used technology. In this way, the individual web pages can then be made available so that they can be displayed correctly on the calling device and with the processing browser.
This information includes, but is not limited to:
- The browser used and its version.
- The operating system used.
- The link to the visited website (“Referrer URL”).
- The name of the calling network device in the network (“Hostname”).
- The exact time of the call.
These data are purely anonymized technical information used to communicate between the calling device and the Internet server. A connection of this information with other data is not made by Holger Mertin.
It is basically possible to use this data for identification purposes. Thus, for example, law enforcement agencies – only in the case of specific suspicion of unlawful act – on the basis of these transmitted data to initiate identification of the provider of the calling device.
5.0 Secure transmission through SSL encryption
To ensure the security and privacy of confidential data, this website uses an encryption method (“SSL encryption”) for data transmission between the calling device and the server. This can be recognized by a corresponding note from the browser. Mostly this is a lock icon in front of the internet address in the address bar and the shortcut http s : // instead of http: //
This encryption is used to prevent unauthorized third parties from monitoring or storing data transmission between the calling device and these websites.
6.0 Data processing when contacting
Legal regulations force Holger Mertin to provide information that enables us to communicate with us quickly. In addition to the information about the registered office of the company (address), this also includes information on telephone availability, as well as the possibility of communication via electronic mail (e-mail address).
If the opportunity for electronic communication via an e-mail address with Holger Mertin is used by a data subject, the personal information and data transmitted by the data subject will be automatically stored. This personal, knowingly, and willingly shared personal information will be provided by the data subject for the sole purpose of contacting us. This data is therefore stored and processed by us exclusively for processing the contact. We do not disclose this information to third parties in any form or at any point.
7.0 Habitual deletion and blocking of collected personal data
Personal data of data subjects are stored and processed only for the period necessary for the fulfillment of the desired goal. If the purpose of the storage and processing is met or if a period of notice at European or national level given by the European Directives and Regulators or any other legislative authority expires, the personal data collected and processed shall automatically and habitually be deleted or blocked in accordance with the law.
8.0 Rights of data subjects in terms of data protection law
8.1 Confirmation right
Affected persons have the right to confirm to the person responsible for the processing of personal data whether personal data and information concerning them are processed and stored. For this purpose, data subjects can contact the person responsible for the processing of personal data at any time.
8.2 Right to information
All persons concerned with the storage and processing of personal data have the right at any time to receive information from the person responsible for the processing of personal data free of charge about the personal data and information stored on their own person. Upon request, this information may be handed over to the affected persons in a copy.
In addition, the European Regulatory and Regulatory Authority has provided information on the following stored and processed information:
- the processing purposes;
- the categories of personal data being processed;
- the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organizations;
- if possible, the planned duration for which the personal data are stored or, if this is not possible, the criteria for determining that duration;
- the existence of a right to rectification or erasure of the personal data relating to him or to a restriction of processing by the controller or a right to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- if the personal data are not collected from the data subject, all available information on the source of the data;
- the existence of automated decision-making, including profiling, as referred to in Article 22 (1) and (4) and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.
Furthermore, persons concerned with the storage and processing of personal data have the right to know whether their personal data has been transmitted to a third country or an international organization. In this case, all data subjects are also entitled to the right to information about suitable guarantees in connection with the transmission to third parties. In order to use this right to information, data subjects may at any time contact the controller.
All persons involved in the collection and processing of personal data have the right to immediate correction of personal data relating to them, including, in particular, the completion of incomplete personal data, including a statement supplementing the data. In order to exercise the right of correction, the person responsible for data processing can be contacted at any time.
8.4 Right of deletion (right to be forgotten)
There are a number of reasons why persons concerned by the processing of personal data have the right to require the data controllers to process the immediate removal of their personal data. As far as the processing of these personal data is not required, these are the following reasons:
- By eliminating the purpose of the collection of personal data further storage or processing is no longer necessary.
- The stated consent to the storage and processing of personal data within the meaning of Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR is revoked by the data subject and, in addition, there is no other legal basis for processing or storage.
- According to Art. 21 (1) GDPR, data subjects object to the storage and processing of the personal data concerning them and, in addition, there are no legitimate reasons for the storage and processing of personal data.
- According to Art. 21 (2) GDPR, the data subject objects to the storage and processing of personal data concerning him.
- The personal data collected by the data subjects were processed unlawfully.
- The controller is subject to the obligation to delete the personal data collected under Union or national law.
- The personal data of data subjects were collected in accordance with Article 8 (1) of the GDPR with respect to information society services offered.
In order to initiate the deletion of personal data concerning them, the data subject may contact the person responsible for the processing of personal data at any time. This will ensure that the deletion request is met immediately.
In cases where Holger Mertin is obliged to delete personal data that has been made public in accordance with Art. 17 (1) of the GDPR, we will, taking due consideration of costs and technology, take all measures to secure further data controllers, who process the personal data we have made public, informing them that the data subject has requested the deletion of all personal data concerning them, if their processing is not necessary. This also applies in particular to all links to the personal data as well as copies and replications of this personal data. Everything necessary for this is caused by the person responsible for data processing at Holger Mertin.
8.5 Right to limit processing
The data subject has the right to require the controller to restrict the processing if one of the following conditions is met:
- The accuracy of the personal data is contested by the data subject for a period of time that enables the person responsible to verify the accuracy of the personal data.
- The processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data.
- The controller no longer needs the personal data for processing purposes, but the data subject needs them to assert, exercise or defend legal claims.
- The data subject has objected to the processing referred to in Article 21 (1) and it is not yet clear whether the legitimate grounds of the controller prevail over those of the data subject.
The person responsible for the processing of personal data at Holger Mertin will, in the event of one of these conditions, cause the restriction of personal data if a person concerned by the processing of personal data so requires.
8.6 Data transferability
The European legislature and the legislator shall grant to all persons concerned by the processing of personal data the right to obtain all personal data provided by the data subject to a controller in a structured, common and machine-readable format. In addition, it has the right to transfer this data to another person without hindrance by the controller to whom the personal data was provided, provided that the processing is based on a consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) or a contract in accordance with Article 6 (1) (b) and, moreover, that the processing is carried out by automated means. This right does not apply to any processing necessary for the performance of a task of public interest or in the exercise of official authority delegated to the controller.
In exercising their right to data portability, the data subject has the right to obtain that the personal data are transmitted directly from one controller to another, where technically feasible and, in addition, that third-party rights are not infringed.
In order to claim the right to data portability, any person concerned with the processing of personal data may contact the person responsible for the processing of personal data at Holger Mertin.
8.7 Right to contradiction
By virtue of the reasons arising from its particular situation, the European Union legislator shall grant to all persons subject to the processing of personal data the right to contradict at any time to the processing of personal data relating to them, where such data are available pursuant to Article 6 (1e-f) GDPRs were levied. This also applies expressly to a profiling based on these provisions.
If Holger Mertin can not claim compelling reasons for the processing of personal data which outweigh the rights, freedoms or interests of the data subject, processing will cease. This does not apply to the exercise, assertion or defense of existing legal claims.
Any person affected by the processing of personal data has the right to object to the processing if the processing of the personal data concerning him is used for the purpose of direct mailing. This also applies and in particular for profiling, which is used for the purpose of direct mail. If the data subject objects to the processing of their personal data for direct marketing purposes, the processing of personal data for that purpose will cease.
If Holger Mertin collects and processes personal data for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, every person affected by the processing has the right to object to the processing of personal data concerning him / her, unless the processing of such personal data is necessary to fulfill a public interest task.
In order to protest against the processing of personal data, data subjects of the person responsible for the processing of personal data are available to Holger Mertin as contact person. Notwithstanding Directive 2002/58 / EC, data subjects are further free to exercise their right of objection in relation to the use of information society services by means of automated procedures using technical specifications.
8.8 Automated decisions on an individual basis including profiling
All persons subject to the processing of personal data shall be entitled by the European directive and regulatory authority not to be subject to a decision which depends on fully automated processing, including profiling, if that decision has legal effect on the person concerned. This shall only apply if the decision to conclude or to conclude a contract between the data subject and the controller is necessary or permitted by Union or Member State legislation to which the controller is subject, and this legislation provides for reasonable safeguards Rights and freedoms and the legitimate interests of the data subject or with the express consent of the data subject.
Any decision necessary to conclude or execute a contract between the controller and the data subject or with the express consent of the data subject shall Holger Mertin take appropriate measures to safeguard all freedoms, rights and legitimate interests of the data subjects To protect the person. This includes at least the right to obtain the intervention of a person by the person responsible, to express one’s own position and to contest the decision.
In order to assert rights relating to automated decisions on a case-by-case basis, including profiling, data subjects have access to data controllers.
8.9 Right to revoke a data-protection law consent
Any person affected by the processing of personal data shall have the right to revoke once given consent to the processing of their personal data at any time by the European Directives and Regulators. In order to withdraw a given consent, data subjects may contact the controller.
9.0 Using and Using AddThis
Within the technical implementation of these web pages, the controller has added contents of the company “AddThis”. AddThis is a so-called bookmarking provider. The integrated techniques allow easy linking of other websites via buttons. If a component of AddThis is overrun with the mouse, a list of different services opens. AddThis is in use millions of times, and these lists are displayed according to information from the operating company AddThis, Inc. 1595 Spring Hill Road, Suite 300, Vienna, VA 22182, USA over 20 billion times a year.
If a single page is called up on this website, on which the technological components of the AddThis service are integrated, the internet browser of the person concerned will automatically download contents of the website www.addthis.com. In this technical process, the above-mentioned company AddThis receives information about the invocation of this single page, and information about the information technology system used by the data subject. This information has the same scope as the information mentioned in point 4.0 above, including:
- The IP address assigned by the Internet Service Provider (ISP).
- The browser used and its version.
- The operating system used.
- The link to the called website (“Referrer URL”).
- The name of the network-device in the network (“hostname”).
- The exact time of the call.
This data is used by AddThis to create anonymous user profiles. The data from these anonymous user profiles are used by AddThis, as well as all of AddThis’ contracted and unbound partner companies, to provide targeted personalized and interest-based advertising to visitors to these sites. In order to use these technologically automated, personalized and interest-related forms of advertising, AddThis also uses the cookies mentioned under point 3.0 and explained there. By using these cookie text files, the individual server behavior (information about accessed web pages) of affected persons visiting these web pages can be analyzed.
In addition, each affected person has the option to specifically disable cookies only from AddThis. All you need to do is go to the website http://www.addthis.com/privacy/opt-out and put the function of the so-called “opt-out” on the button located there. In this case, a special cookie is anchored in the browser program of the data subject, which then prevents further cookie use by AddThis. If cookies are deleted via the opt-out button via the browser-internal functions on the information technology system of the person concerned (the browser cache emptied), the website http://www.addthis.com/privacy/opt-out and click the button to renew the contradiction.
Some of the components integrated on this website create a direct link to the social network Facebook. Facebook serves people as a virtual meeting place on the Internet to share opinions, experiences and experiences interactively and interactively. In addition, both private and business information may be made publicly available. The essence of social networks is the networking with other user profiles via an individual personal profile. In these user profiles, various types of data (photos, videos, etc.) can be deposited and made publicly accessible.
The operating company of the social network Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The person responsible for the processing of personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, if the data subject is outside the United States or Canada.
The techniques that are used on this website to connect to the social network Facebook, are mostly recognizable by Facebook icons, such as the Facebook company logo or the “Like-Button”. On this website of Facebook you get an overview of different plugins:
When visiting our pages, the plugin used establishes a direct link between the information technology system of the Facebook affected by data processing. The company Facebook receives the information, which concrete bottom of our website was visited, and the network address of the visiting device at the time of access. If these pages are linked via the techniques used in the affected person’s Facebook profile while they are logged into Facebook, Facebook can assign the Holger Mertin visit to the user account.
If a person affected by the processing of personal data is simultaneously connected to his own Facebook user account on the same data-processing IT device when visiting this website, information will be passed on to Facebook without any interaction in the user’s own account.
If a person affected by the processing of personal data does not wish to be assigned to their own Facebook user account when visiting our website, the Facebook user account has to be deregistered before visiting our website.
11.0 Legal basis of processing
11.1 For the purpose of obtaining consent for processes of processing personal data of a data subject for a particular processing purpose, the legal basis of Art. 6 (1a) GDPR.
11.2 If the processing of personal data of a data subject serves the fulfillment of a contract and if one of the contracting parties is the data subject, the processing of the personal data is based on Art. 6 (1b) GDPR. This is usually the case for delivery of goods or provision of a service or consideration. This also applies to processing operations that are necessary in the context of pre-contractual measures. This can be, for example, inquiries about goods or services or contact during order processes.
11.3 The processing of personal data is based on Art. 6 (1c) GDPR, if necessary for Holger Mertin to fulfill a legal obligation, such as statutory tax liability.
11.4 If the processing of personal data of a data subject is urgently required to protect the life or limb of the data subject or third parties, then the legal basis for this is Art. 6 (1d) GDPR. This is the case, for example, if the victim has an accident our rooms and important information has to be passed on to a doctor, hospital, or other rescuer.
11.5 For all other processing operations, the legal basis of Art. 6 (1f) GDPR, provided legitimate interests or statutory rights and freedoms of the data subject are not prevalent and processing is necessary to safeguard the legitimate interests of Holger Mertin or a third party. This right to edit is particularly mentioned by the European Regulators and Regulators. In particular, a legitimate interest may be assumed if the data subject is in contractual relationship with the person responsible for the processing of personal data (recital 47, second sentence, GDPR).
12.0 Legitimate processing interests that are being followed by the controller or a third party
In cases where the processing of personal data in Article 6 (1f) GDPR, the legitimate interest is the performance of the business for the benefit of our employees and our shareholders.
13.0 Duration of storage of personal data
The currently valid statutory retention period is the basis as a criterion for the duration of the storage of personal data of data subjects. All data that is not necessary to fulfill or initiate any contract will be routinely deleted after this deadline.
14.0 Various statutory information
General remarks on the following statutory information:
- Legal or contractual rules governing the provision of personal information.
- contracting requirements.
- Obligation of data subjects to provide personal information.
- Possible consequences of not providing personal information.
The provision of personal data is required by Holger Mertin in part (for example in the context of tax legislation) or mandatory due to contractual obligations (such as details of the contracting party). For example, the conclusion of a contract between Holger Mertin and a person subject to data processing results in the need to store, provide and process their personal data. Without such processing of personal data, the contract could not materialize.
Persons subject to the processing of personal data may contact the person responsible for processing in order to determine whether the provision of the personal data is legally required and / or necessary for the conclusion of a contract. In addition, information may be obtained on the consequences of refusing to collect personal data or objecting to processing.
15.0 Copyright notice
All contents of this website are subject to German copyright. All content, such as graphics, logos, text, are either self-created, have been approved in writing by the copyright holder or are subject to the Creative Commons License, the terms of which Holger Mertin strictly adheres to. If, contrary to expectations, doubts arise about the observance of copyright regulations through the content of this website, then an informal information by e-mail to the e-mail address stated in the imprint is sufficient. Holger Mertin will immediately check the information and react immediately to any objections that are actually justified and remove the corresponding content.
16.0 Linking to external content
Holger Mertin as the operator of a website in Germany is legally responsible for linked content and can not legally distance itself from linked content on external websites. One of the duties of a website operator is, among other things, to control whether the linked websites may have illegal content and then – if you really and legally dissociate – these links to remove. A so-called disclaimer, which only needs to assert that one distances oneself from the linked content, is legally ineffective and rather counterproductive. Today, the courts generally assume that linked unlawful content, from which one dissociates themselves at the same time, are accepted by the website operator and therefore assume the conditional intent.
For this reason, Holger Mertin regularly controls the linked content on external websites. Should unlawful contents be found on the pages of this website, then informal information by e-mail to the e-mail address stated in the imprint is sufficient. Holger Mertin will then immediately check the information and react immediately to any legitimate objections and remove the corresponding links to the external content.
17.0 Automated decision making
For Holger Mertin the protection of personal data is very important and we take this task very seriously. For this reason, we completely dispense with automated decision-making or profiling.
© 2020 Holger Maik Mertin. All rights reserved.