privacy

DATA PROTECTION POLICY

The controller as defined in the data protection legislation, especially the EU General Data Protection Regulation (GDPR), is:

Michael Keller
Katharina-von-Bora-Strasse 1
80333 Munich, Germany
Munich District Court, HRB 196269

Legal basis for data processing

We process personal data on the following legal grounds to display our website properly and ensure that our users have fully functional access to all available services:

• Consent (Art. 6 para. 1 lit. a) GDPR)
• To fulfill contracts (Art. 6 para. 1 lit. b) GDPR
• On the basis of a balance of interests (Art. 6 para. 1 lit. f) GDPR)
• To fulfill a legal obligation (Art. 6 para. 1 lit. c) GDPR)

Your rights

You are authorized to exercise the following rights at any time by notifying our data protection officer (contact details above):

• Get information about your saved personal data and its processing (Art. 15 GDPR),
• Rectify incorrect personal data (Art. 16 GDPR),
• Erase your saved personal data (Art. 17 GDPR),
• Restrict data processing provided we are not yet authorized to erase your data due to legal obligations (Art. 18 GDPR),
• Object to the processing of your personal data (Art. 21 GDPR) and
• Data portability, provided you have consented to data processing or have signed a contract with us (Art. 20 GDPR).

Once you have provided your consent, you can revoke it at any time. This will only impact future data processing and will not negate the legality of any processing that occurred previously.

You have the right to complain to your responsible supervisory agency at any time (Art. 77 GDPR in connection with § 19 BDSG (German Federal Data Protection Act)). Your responsible supervisory authority is determined by the state in which you live or work, or the suspected infringement. A list of supervisory authorities (for the private sector) with addresses is available at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

General information collected during website use, type and purpose of data processing:

When you access our website, i.e. if you do not register or provide any other type of information, general information is automatically collected. This information (server log files) includes the type of web browser, the operating system used, the domain name of your internet service provider, and other similar details. Only information is collected that does not specifically identify you personally.

This information is processed for the following purposes:

• Ensure a trouble-free connection to the website,
• Ensure trouble-free use of the website,
• Evaluate system security and stability, and
• for other administrative purposes.

We do not use your data to make any conclusions about your identity.

We may evaluate such anonymous information statistically to improve our website and technical functionalities.

Legal basis:

Data is processed in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

Recipients:

The data is only sent to the responsible data controller and potentially technical service providers involved in the operation and maintenance of our website as processors.

Storage duration:

The data is erased once it is no longer required for the purpose for which it was originally collected. Data used only to deploy the website is always erased once the corresponding session has been completed.

Provision required or mandatory:

The provision of the aforementioned personal data is not legally or contractually required. If we do not have the IP address and the consent to the use of cookies, however, it is not possible to guarantee the full functionality of our website. Individual services may also be unavailable or limited in scope. For this reason, the user has no right to object to this data collection.

SSL encryption

We use up-to-date encryption technologies (e.g. SSL) via HTTPS to ensure the security of your data during transmission.

WORDFENCE

This site uses the security plugin WORDFENCE to protect the website from hacker attacks etc.. Provider is DEFIANT, 800 5th Ave Ste 4100, Seattle, WA 98104.

The DSGVO-compliant data processing agreement provided has been concluded.

WORDFENCE currently uses three cookies and the following explains what each cookie does, who set the cookie, and why the cookie helps protect the site.

wfwaf-authcookie-(hash)
What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.
Who gets this cookie: This is only set for users that are able to log into WordPress.
How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.

wf_loginalerted_(hash)
What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location.
Who gets this cookie: This is only set for administrators.
How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.

wfCBLBypass
What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.
Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking.
How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.

Changes in our data protection regulations

We reserve the right to adapt this Data Protection Policy to ensure that it always reflects the latest legal requirements, or to incorporate any changes to our services into this Data Protection Policy, e.g. when we introduce new services. In this case, the new Data Protection Policy would apply the next time you use the website.

Use of Matomo

The web analytics tool “Matomo” is used on this website. We operate and host this on our own server. We use this analytics tool to ensure the correct and optimized presentation of our website.

This analytics tool uses so-called cookies, or text files that are saved on the computer that allow us to evaluate how people use our website.
The information generated by the cookie about the website use is saved on our server.
The IP address is anonymized directly after processing and prior to being saved. As such, it is impossible to track it to you specifically.

For more information on the privacy settings available in Matomo software, please see: https://matomo.org/docs/privacy/.

You can prevent cookies from being installed by changing your browser settings. Or, you can prevent all types of user analysis on this website by setting a so-called block cookie or opt-out cookie – which will apply to future site visits provided it is not deleted.

 

Vimeo & information on incorporating videos

We use the Vimeo platform for videos on our website due to performance limitations in local video hosting. We do this on the basis of our legitimate interest in ensuring an appropriate and optimized display as well as acceptable load times for our website. For technical reasons, the server at provider Vimeo is accessed as a result of the incorporated videos. Please refer to the provider’s data protection policy for information about how the browser or device uses data, as they are responsible for this data processing. To see Vimeo’s privacy policy, please see: https://vimeo.com/privacy

Vimeo guarantees appropriate data protection standards through its compliance with Privacy Shield principles (Privacy Shield Certification).

Shariff tool to share content

You can share content from our website on social media such as Facebook, Twitter, etc. in line with our Data Protection Policy. Our website uses Shariff for this purpose. This tool only establishes a direct contact between the networks and users once the user clicks on one of these buttons. The tool does not automatically transmit user data to the operators of these platforms.

External links

We use links to make reference to other websites and services rather than using plugins, some of which would result in the immediate transmission of data. We make every attempt to ensure that the linked pages comply with the necessary data protection and security standards. At the same time, please note that the operators of these linked pages are responsible for protecting your personal data. As such, such websites are outside of the scope of our own Data Protection Policy. The website operator will provide information about the type of data collection used in its own data protection policy.

Questions for the data protection officer

If you have questions about data protection, please send us an e-mail or contact the person responsible for data protection in our organization:

nextwork GmbH, Marco Peters, datenschutz@nextwork.de