The controller as defined by the General Data Protection Regulation, other national data protection laws of the Member States and other data protection regulations is:
For questions pertaining to data protection, please contact:
If your personal data are processed, you are a data subject as defined by the GDPR and you have the following rights against the controller:
You have the right to obtain confirmation from the controller as to whether we are processing personal data concerning you.
Where that is the case, you can request from the controller the following information:
(1) the purposes for which the personal data are being processed;
(2) the categories of personal data which are being processed;
(3) the recipients or categories of recipient to whom the personal data concerning you have been or will be disclosed;
(4) the envisaged period for which the personal data concerning you will be stored, or, if not possible, the criteria used to determine that period;
(5) the existence of the right to request rectification or erasure of personal data concerning you or restriction of processing of personal data by the controller or to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) where the personal data are not collected from the data subject, any available information as to their source;
(8) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether personal data concerning you are transferred to a third country or to an international organisation. If so, you have the right to be informed of the appropriate safeguards in accordance with Article 46 GDPR relating to the transfer.
You have the right to obtain from the controller the rectification and/or completion of personal data concerning you insofar as they are inaccurate or incomplete. The controller shall perform the rectification without undue delay.
You have the right to obtain from the controller restriction of processing of personal data concerning you where one of the following applies:
(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful, and you oppose the erasure of the personal data and request the restriction of their use instead;
(3) the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims; or
(4) you have objected to the processing in accordance with Article 21(1) GDPR pending the verification of whether the legitimate grounds of the controller override yours.
Where the processing of personal data concerning you has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If you have obtained restriction of processing under the above conditions, you will be informed by the controller before the restriction of processing is lifted.
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller has the obligation to erase personal data without undue delay where one of the following grounds applies:
(1) the personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(2) you withdraw your consent on which the processing is based in accordance with point (a) of Article 6(1), or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing;
(3) you object to the processing in accordance with Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing in accordance with Article 21(2) GDPR;
(4) the personal data concerning you have been unlawfully processed;
(5) the personal data concerning you have to be erased for compliance with a legal obligation under Union or Member State law to which the controller is subject;
(6) the personal data concerning you have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
Where the controller has made the personal data concerning you public and is obliged in accordance with Article 17(1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
The right to erasure shall not apply to the extent that processing is necessary
(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR insofar as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5) for the establishment, exercise or defence of legal claims.
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller shall communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.
The controller shall inform you about those recipients upon your request.
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
(1) the processing is based on consent in accordance with point (a) of Article 6(1) GDPR or point (a) of Article 9(2) GDPR or on a contract in accordance with point (b) of Article 6(1) GDPR and
(2) the processing is carried out by automated means.
In exercising your right to data portability, you have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The exercise of the right referred to here shall not adversely affect the rights and freedoms of others.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
You have the right to withdraw your consent to data processing at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:
(1) is necessary for entering into, or the performance of, a contract between you and a data controller;
(2) is authorised under Union or Member State law to which the controller is subject, and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
(3) is based on your explicit consent.
However, these decisions shall not be based on special categories of personal data referred to in Article 9(1) GDPR, unless point (a) or (g) of Article 9(2) GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
In the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you believe that the processing of personal data concerning you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint including the possibility of a judicial remedy in accordance with Article 78 GDPR.
The competent supervisory authority for kontextor teoranta is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
10555 Berlin, Germany
Tel.: +49 30 13889-0
Fax: +49 30 2155050
In principle, we only process our users’ personal data to the extent that this is necessary to provide a functional website as well as our content and services. The processing of our users’ personal data usually only occurs with the user’s consent. An exception applies in cases where it is impossible to obtain prior consent due to practical reasons and the processing of data is permitted by legal regulations.
Insofar as we obtain the consent of the data subject for processing of personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
For the processing of personal data necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis.
In cases where the vital interests of the data subject or another natural person necessitate the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.
If the processing of personal data is necessary to protect a legitimate interest pursued by our company or a third party, and the interests, fundamental rights and freedoms of the data subject do not override the aforementioned interest, Article 6(1)(f) GDPR serves as the legal basis for processing.
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted when a storage period prescribed by the aforementioned standards expires, unless it is necessary to continue to store the data for the conclusion or performance of a contract.
Whenever you visit our website, our system automatically collects data and information from the computer system of the accessing device.
The following data are collected:
(1) Information about the browser type and version used
(2) The user’s operating system
(3) The user’s internet service provider
(4) The user’s IP address
(5) Date and time of access
(6) Websites from which the user’s system accesses our website
(7) Websites that are accessed by the user’s system via our website
The legal basis for the temporary storage of the data and the log files is Article 6(1)(f) GDPR.
The data are stored in log files to ensure website functionality. In addition, the data are used to optimise the website and ensure the security of our information technology systems. The data are not analysed for marketing purposes in this context.
The above purposes also serve as our legitimate interest in processing the data in accordance with Article 6(1)(f) GDPR.
Data stored in log files will be deleted after seven days at the latest. Further storage is possible, in which case the IP addresses are deleted or anonymised so that it is no longer possible to identify the accessing client.
Collecting data to provide the website and the storage of the data in log files is essential for operating the website. Therefore, the user does not have the right to object.
A contact form is available on our website, which can be used to contact us electronically. If a user chooses this option, the data entered in the form will be transmitted to us and stored. These data are (*mandatory fields):
Email address *
How can we help you? *
The following data are also stored at the time the message is sent:
The user’s IP address
Date and time of registration
We can also be contacted via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.
In this context, the data will not be shared with third parties. The data are used exclusively for processing the conversation.
If the user provides their consent, the legal basis for data processing is Article 6(1)(a) GDPR.
If data are processed as a result of sending an email, the legal basis is Article 6(1)(f) GDPR. If the purpose of the email contact is to conclude a contract, an additional legal basis for processing is Article 6(1)(b) GDPR.
We only process the personal data entered into the form for the purpose of handling contact requests. In the case of contact via email, there is also a necessary legitimate interest in processing the data.
The other personal data processed when you submit an enquiry is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
Data are deleted as soon as they are no longer required for the purpose for which they were collected. Personal data entered into the contact form and data sent by email are deleted when the respective conversation with the user is concluded. The conversation is deemed concluded when it can be inferred from the circumstances that the relevant matter has been resolved.
The additional personal data collected during the submission process will be deleted after seven days at the latest.
The user has the option to withdraw their consent for the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
All personal data stored as part of the contact will be deleted.
You are welcome to send your application documents to the following email address: email@example.com In this case, we collect your email address and all data transmitted by you. The data are stored solely for the purpose of processing your application.
The legal basis for the processing of your data lies in the pre-contractual measures taken at your request, Article 6(1)(1)(b) Alt. 1 GDPR and Section 26(1)(1) BDSG (German Federal Data Protection Act).
You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests. For more information, please refer to the section “Rights of the data subject”. Your data will be deleted 6 months after the conclusion of the processing.
We use the open-source software tool Matomo (formerly PIWIK) on our website to analyse our users’ browsing behaviour. The software stores a cookie on the user’s computer (see above information on cookies). If individual pages of our website are accessed, the following data are stored:
Two bytes of the IP address of the user’s accessing system
The accessed web page
The website from which the user has reached the accessed web page (referrer)
The subpages that are accessed from the accessed web page
The time spent on the web page
The frequency with which the web page is accessed
The software runs exclusively on the servers of our website. Users’ personal data is only stored there. The data will not be shared with third parties.
The software is configured in such a way that the full IP addresses are not stored, but instead, 2 bytes of the IP address are masked (e.g. 12.18. xxx. xxx). In this way, the abbreviated IP address can no longer be assigned to the accessing computer.
The legal basis for the processing of the user’s personal data is Article 6(1)(f) GDPR.
The processing of users’ personal data allows us to analyse our users’ browsing behaviour. By evaluating the data obtained, we are able to compile information on the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. These purposes also constitute our legitimate interest in processing the data in accordance with Article 6(1)(f) GDPR. By anonymising the IP address, the users’ interest in the protection of their personal data is sufficiently taken into account.
The data are deleted as soon as they are no longer required for our record-keeping purposes.
In our case, this is after 90 days.