1. Name and contact information of person responsible for data processing as well as the company data protection officer
This data privacy notice applies to the processing of data by:
GARRELS – HOLZ
J.H. Garrels Lud. Sohn GmbH
Phone:+49 491 999964-0
Fax:+49 491 999964-64
2. Collection and storage of personal data and manner and purpose of data usage
a) When visiting the website
When you visit the website www.hvv-recht.de, the browser you use on your device automatically sends information to our website’s server. This information is temporarily stored in a log file. The following information is collected without any action on your part and is stored until it is automatically deleted:
▪ IP address of the accessing computer,
▪ date and time of access,
▪ name and URL of the accessed files,
▪ URL of the website visited prior to ours (referrer URL),
▪ browser used and, in some cases, the operating system of your computer as well as the name of your provider.
We use the data listed above for the following purposes:
▪ to ensure the smooth establishment of website connections,
▪ to provide a comfortable user experience on our website,
▪ to evaluate system security and stability, and
▪ for additional administrative purposes.
b) When using our contact form
If you have any questions, we offer you the option of contacting us using the form provided on the website. We require a valid email address so that we know who sent the request and can respond to it. You may provide further information voluntarily. Data processing for the purpose of contacting us is carried out in accordance with Article 6 (1) (1) (a) of the GDPR on the basis of your voluntary consent.
The personal data collected by us for the use of the contact form will be automatically deleted after the completion of your request.
3. Disclosure of data
Your personal data will not be transferred to third parties for purposes other than those listed below. We will only disclose your personal data to third parties if:
▪ you have given your express consent in accordance with Article 6 (1) (1) (a) of the GDPR,
▪ the disclosure pursuant to Article 6 (1) (1) (f) of the GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
▪ in the event that there is a legal obligation to pass on data pursuant to Article 6 (1) (1) (c) of the GDPR, and
▪ this is legally permissible and required for the execution of contractual relationships with you pursuant to Article 6 (1) (1) (b) of the GDPR.
5. Rights for data subjects:
You have the right:
in accordance with Article 15 of the GDPR, to obtain information about your personal data which we have processed. In particular, you may obtain information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged data storage period, the existence of the rights to rectification, to erasure, to restrict or object to processing, and to lodge a complaint, the origin of your data if it has not been collected by us, as well as the existence of an automated decision-making process, including profiling, and, if applicable, meaningful information about such a process;
in accordance with Article 16 of the GDPR, to immediately have inaccurate personal data stored by us rectified, or completed if it is incomplete;
in accordance with Article 17 of the GDPR, to demand that your personal data stored by us be erased, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;
in accordance with Article 18 of the GDPR, to obtain the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful but you oppose its erasure, we no longer need the data but you need it for the establishment, exercise or defence of legal claims, or you have objected to the processing pursuant to Article 21 of the GDPR;
in accordance with Article 20 of the GDPR, to obtain the personal data which you have provided us in a structured, commonly used and machine-readable format or to request transmission to another controller;
in accordance with Article 7 (3) of the GDPR, to withdraw your consent from us at any time. As a consequence of this withdrawal, we may not use your prior consent as a basis to continue the processing of your data in the future; and
in accordance with Article 77 of the GDPR, to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your regular place of residence or employment, or of our office.
6. Right to object
Insofar as your personal data are processed based on legitimate interests pursuant to Article 6 (1) (1) (f) of the GDPR, you have the right, pursuant to Article 21 of the GDPR, to object to the processing of your personal data if there are grounds for doing so relating to your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection which we will comply with without a statement of a particular situation. If you wish to exercise your right to object or to withdraw consent, please send an e-mail to email@example.com
7. Data security
When you visit our website, we employ the widely used SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser. In most cases, this means 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell that an individual page of our website has been transmitted in encrypted form when the symbol of a closed lock or key appears in the lower status bar of your browser. We also apply the requisite technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, and destruction or unauthorised access by third parties. We continuously improve our security measures in line with technological developments.