Privacy policy
1. General information and mandatory information
Foreword
For the sake of simplicity, we will call ourselves "operators" below and all readers of this privacy policy will be called "guests" below.
The following privacy policy gives a simple overview of what the operator does with personal data, what rights guests are entitled to and how these rights can be asserted.
Privacy
The operator takes the protection of personal data very seriously, treats personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
Personal data is data with which guests can be personally identified. This privacy policy explains what data is collected and what it is used for. It also explains how and for what purpose this happens.
Data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.
Note on the responsible organisation or person
Responsible for data processing is:
Castrum Nigra
Markus Rodemerk
Burgstr. 3-7
56068 Koblenz
Telephone: +49 (261) 8767902
Email:
Responsible is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries sent to the operator, the operator uses an SSL or SSL encryption for the website. TLS encryption. An encrypted connection can be recognized by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in the browser line.
2. Rights under the German General Data Protection Regulation (GDPR)
Right of information
In accordance with §15 GDPR, guests can request confirmation as to whether data concerning them is being processed. If this is the case, there is a right to information about the processed information.
Right to withdraw consent
If personal data is processed on the basis of consent, you have the right to revoke this consent at any time in accordance with §7 GDPR.
Right to object
If the processing of personal data is necessary to protect the legitimate interests of the operator, affected guests can object to the processing at any time in accordance with §21 GDPR.
Right to deletion
If guests have revoked their consent, have objected to the processing of their personal data (and there are no overriding legitimate reasons for the processing), personal data is no longer necessary for the purposes of processing, a corresponding legal obligation exists or personal data is processed unlawfully affected guests have the right to request the deletion of their personal data in accordance with §17 GDPR.
Right to correction
If personal data has been processed incorrectly, affected guests have the right to demand the correction of this data immediately in accordance with §16 GDPR.
Right to restriction of processing
Under the conditions of §18 GDPR, all guests have the right to request the restriction of the processing of their personal data.
Right to receive data
According to §20 GDPR, all guests have the right to receive personal data provided by them in a structured, common and machine-readable format.
An informal email to the operator is fine to assert these rights.
Right of appeal to the supervisory authority responsible for data protection
In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority in accordance with §13 GDPR. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at this link.
3. Data collection, data processing, data transmission
Server log files
The operator's website provider automatically collects and stores information in so-called "server log files", which a browser automatically transmits.
These are:
- Browser type and browser version
- Operating system
- Referrer URL
- Host name of the accessing computer
- Time of server request
- IP address
This data is not merged with other data sources and the guests are not identified using this data – unless required by law.
The basis for data processing is §6(1)f GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
The website provider of the operator:
eliq media GmbH
Karolingerstrasse 71
56626 Andernach
Germany
Website: https://eoss.de
Data processing (customer data, contract data)
The operator collects, processes and uses personal data only insofar as they are necessary for the establishment, content design or change of the legal relationship (inventory data). This is based on §6(1)b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
The operator collects, processes and uses personal data about the use of the website (usage data) insofar as this is necessary to enable the guests to use the service or to bill them.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transmission upon conclusion of contract for online shops, dealers and goods dispatch
The operator only transmits personal data to third parties if this is necessary in the context of contract processing, for example to the company entrusted with the delivery of the goods or the bank responsible for processing the payment. Any further transmission of the data does not take place or only if the guests concerned have expressly consented to the transmission. The data will not be passed on to third parties without express consent, for example for advertising purposes.
The basis for data processing is §6(1)b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
Data collection for administration, financial accounting, office organization, contact management
The operator collects and processes data as part of administrative tasks and the organization of operations, financial accounting and to comply with legal obligations, such as archiving.
The basis of processing is §6(1)c GDPR, §6(1)f GDPR. The purpose and interest in processing lies in administration, financial accounting, office organization, archiving of data, i.e. tasks that serve to maintain business activities, perform operational tasks and provide operational services.
The operator discloses or transmits data to the financial administration, to consultants such as tax consultants or auditors, as well as to other fee offices and payment service providers.
Furthermore, the operator stores information on suppliers, organizers and other business partners on the basis of business interests, e.g. for the purpose of later contact.
This mostly company-related data is generally stored permanently.
YouTube
The operator uses the provider YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA for the integration of videos. Normally, when a page with embedded YouTube videos is called up, the IP addresses of the people are sent to YouTube and cookies are installed on their computers. However, the operator has the YouTube videos with the extended data protection mode (in this case, YouTube still contacts Google's DoubleClick service, but according to Google's data protection information personal data is not evaluated) and a 2-click system integrated. As a result, YouTube no longer stores any information about the person, unless videos are loaded by clicking on the "Load video" button. When people click on the video, their IP address is transmitted to YouTube and YouTube learns that the video was viewed by the relevant person. If these people are logged into YouTube, this information is also assigned to the YouTube user account of these people (this can be prevented by logging out of YouTube before viewing the video).
The operator has no knowledge of and no influence on the possible collection and use of the data by YouTube. YouTube's privacy policy provides more information.
Status: 11/15/2023
