Privacy policy

This ver­sion should only serve as read­ing aid for non-Ger­man speak­ers. In case of any lan­guage unclar­i­ties refer­ring to any trans­la­tions of the home­page, the terms and con­di­tions or the Data Pro­tec­tion Dec­la­ra­tion, or in oth­er cas­es of doubt and inter­pre­ta­tion issues only the Ger­man ver­sion is pre­vail­ing and binding.

Thank you for your inter­est in ?respon­deo!® — Unternehmens­ber­atung. Data pro­tec­tion is par­tic­u­lar­ly impor­tant to the own­er of ?respon­deo!® — Unternehmens­ber­atung. The web­sites of ?respon­deo!® — Unternehmens­ber­atung and the asso­ci­at­ed web­sites of www.easygrading.de can gen­er­al­ly be used with­out pro­vid­ing any per­son­al data. How­ev­er, if a data sub­ject wish­es to make use of spe­cial ser­vices of our com­pa­ny via our web­site, it may be nec­es­sary to process per­son­al data. If the pro­cess­ing of per­son­al data is nec­es­sary and there is no legal basis for such pro­cess­ing, we gen­er­al­ly obtain the con­sent of the data subject.

The pro­cess­ing of per­son­al data, such as the name, address, e‑mail address or tele­phone num­ber of a data sub­ject, is always car­ried out in accor­dance with the Gen­er­al Data Pro­tec­tion Reg­u­la­tion and in accor­dance with the coun­try-spe­cif­ic data pro­tec­tion reg­u­la­tions applic­a­ble to ?respon­deo!® — Unternehmens­ber­atung. With this Data Pro­tec­tion Dec­la­ra­tion, ?respon­deo!® — Unternehmens­ber­atung would like to inform the pub­lic about the type, scope and pur­pose of the per­son­al data we col­lect, use and process. Fur­ther­more, data sub­jects are informed about their rights by means of this Data Pro­tec­tion Declaration.

?respon­deo!® — Unternehmens­ber­atung, as the per­son respon­si­ble for pro­cess­ing, has imple­ment­ed numer­ous tech­ni­cal and organ­i­sa­tion­al mea­sures to ensure the high­est pro­tec­tion of per­son­al data pos­si­ble processed via this web­site. Nev­er­the­less, inter­net-based data trans­mis­sions can have secu­ri­ty gaps, so that absolute pro­tec­tion can­not be guar­an­teed. For this rea­son, every per­son con­cerned is free to trans­mit per­son­al data to us by alter­na­tive means, for exam­ple by post.

Definitions

The Data Pro­tec­tion Dec­la­ra­tion of ?respon­deo!® — Unternehmens­ber­atung is based on the terms used by the Euro­pean Leg­is­la­tor and Reg­u­la­tor for the adop­tion of the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (DS-GVO). Our Data Pro­tec­tion Dec­la­ra­tion should be easy to read and under­stand for both the pub­lic and our cus­tomers and busi­ness part­ners. To ensure this, we would like to explain the terms used in advance.

We use the fol­low­ing terms, among oth­ers, in this Data Pro­tec­tion Declaration:

a) per­son­al data

Per­son­al data means any infor­ma­tion relat­ing to an iden­ti­fied or iden­ti­fi­able nat­ur­al per­son (here­inafter “data sub­ject”). An iden­ti­fi­able nat­ur­al per­son is one who can be iden­ti­fied, direct­ly or indi­rect­ly, in par­tic­u­lar by ref­er­ence to an iden­ti­fi­er such as a name, an iden­ti­fi­ca­tion num­ber, loca­tion data, an online iden­ti­fi­er or to one or more fac­tors spe­cif­ic to the phys­i­cal, phys­i­o­log­i­cal, genet­ic, men­tal, eco­nom­ic, cul­tur­al or social iden­ti­ty of that nat­ur­al person.

b) Data subject

Data sub­ject means any iden­ti­fied or iden­ti­fi­able nat­ur­al per­son whose per­son­al data are processed by the controller.

c) Pro­cess­ing

Pro­cess­ing means any oper­a­tion or set of oper­a­tions which is per­formed upon per­son­al data, whether or not by auto­mat­ic means, such as col­lec­tion, record­ing, orga­ni­za­tion, fil­ing, stor­age, adap­ta­tion or alter­ation, retrieval, con­sul­ta­tion, use, dis­clo­sure by trans­mis­sion, dis­sem­i­na­tion or oth­er­wise mak­ing avail­able, align­ment or com­bi­na­tion, restric­tion, era­sure or destruction.

d) Restric­tion of processing

Restric­tion of pro­cess­ing is the mark­ing of stored per­son­al data with the aim of lim­it­ing their future processing.

e) Pro­fil­ing

Pro­fil­ing is any type of auto­mat­ed pro­cess­ing of per­son­al data that con­sists of using such per­son­al data to eval­u­ate cer­tain per­son­al aspects relat­ing to a nat­ur­al per­son, in par­tic­u­lar to ana­lyze or pre­dict aspects relat­ing to that nat­ur­al person’s job per­for­mance, eco­nom­ic sit­u­a­tion, health, per­son­al pref­er­ences, inter­ests, reli­a­bil­i­ty, behav­ior, loca­tion or change of location.

f) Pseu­do­nymiza­tion

Pseu­do­nymiza­tion is the pro­cess­ing of per­son­al data in such a way that the per­son­al data can no longer be attrib­uted to a spe­cif­ic data sub­ject with­out the use of addi­tion­al infor­ma­tion, pro­vid­ed that such addi­tion­al infor­ma­tion is kept sep­a­rate and is sub­ject to tech­ni­cal and orga­ni­za­tion­al mea­sures to ensure that the per­son­al data is not attrib­uted to an iden­ti­fied or iden­ti­fi­able nat­ur­al person.

g) Con­troller or per­son respon­si­ble for processing.

The con­troller or per­son respon­si­ble for pro­cess­ing is the nat­ur­al or legal per­son, pub­lic author­i­ty, agency or oth­er body which alone or joint­ly with oth­ers deter­mines the pur­pos­es and means of the pro­cess­ing of per­son­al data. Where the pur­pos­es and means of such pro­cess­ing are deter­mined by Union or Mem­ber State law, the con­troller or the spe­cif­ic cri­te­ria for its des­ig­na­tion may be pro­vid­ed for under Union or Mem­ber State law.

h) Proces­sor

Proces­sor means a nat­ur­al or legal per­son, pub­lic author­i­ty, agency or oth­er body which process­es per­son­al data on behalf of the Controller.

i) Recip­i­ent

Recip­i­ent means a nat­ur­al or legal per­son, pub­lic author­i­ty, agency or oth­er body to whom per­son­al data are dis­closed, whether or not a third par­ty. How­ev­er, pub­lic author­i­ties that may receive per­son­al data in the con­text of a spe­cif­ic inves­tiga­tive task under Union or Mem­ber State law shall not be con­sid­ered as recipients.

j) Third Party

Third par­ty means a nat­ur­al or legal per­son, pub­lic author­i­ty, agency or oth­er body oth­er than the data sub­ject, the con­troller, the proces­sor and the per­sons autho­rized to process the per­son­al data under the direct respon­si­bil­i­ty of the con­troller or the processor.

k) Con­sent

Con­sent shall mean any freely giv­en indi­ca­tion of the data subject’s wish­es for the spe­cif­ic case in an informed and unam­bigu­ous man­ner, in the form of a state­ment or any oth­er unam­bigu­ous affir­ma­tive act by which the data sub­ject indi­cates that he or she con­sents to the pro­cess­ing of per­son­al data relat­ing to him or her.

2. Hosting

We host the con­tent of our web­site with the fol­low­ing provider:
All-Inkl
The provider is ALL-INKL.COM — Neue Medi­en Mün­nich, Inh. René Mün­nich, Haupt­straße 68, 02742 Frieder­s­dorf (here­inafter All-Inkl). For details, please refer to the pri­va­cy pol­i­cy of All-Inkl:
https://all-inkl.com/datenschutzinforma­tio­nen/.
The use of All-Inkl is based on Art. 6 para. 1 lit. f DSGVO. We have a legit­i­mate inter­est in the most reli­able pre­sen­ta­tion of our web­site. Inso­far as a cor­re­spond­ing con­sent has been request­ed, pro­cess­ing is car­ried out exclu­sive­ly on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 Para. 1 TTDSG, inso­far as the con­sent includes the stor­age of cook­ies or access to infor­ma­tion in the user’s ter­mi­nal device (e.g. device fin­ger­print­ing) as defined by the TTDSG. The con­sent can be revoked at any time.
Order pro­cess­ing
We have con­clud­ed an order pro­cess­ing agree­ment (AVV) for the use of the above-men­tioned ser­vice. This is a con­tract required by data pro­tec­tion law, which ensures that this process­es the per­son­al data of our web­site vis­i­tors only accord­ing to our instruc­tions and in com­pli­ance with the DSGVO.

3. The Name and Address of the Controller

The per­son respon­si­ble with­in the mean­ing of the Basic Data Pro­tec­tion Reg­u­la­tion, oth­er data pro­tec­tion laws in force in the Mem­ber States of the Euro­pean Union and oth­er pro­vi­sions of a data pro­tec­tion nature is:

Com­pa­ny name:?respon­deo!® — Unternehmensberatung
 Dr. Vik­tor Beyfuß
Street / Number:Nol­len­dorf­s­traße 34
Post­code / Location:D — 10777 Berlin
Phone:+49 30 21751169
Email:datenschutz@respondeo.de
URL:www.respondeo.de

4. Cookies

In order to design the ?respon­deo!® — Unternehmens­ber­atung web­site accord­ing to your needs and to col­lect cer­tain infor­ma­tion, we use var­i­ous tech­nolo­gies, includ­ing so-called cook­ies. Cook­ies are used to sim­pli­fy Inter­net, use and com­mu­ni­ca­tion. Cook­ies are text files which are stored on a com­put­er sys­tem via an inter­net browser.

Many web­sites and servers use cook­ies. Many cook­ies con­tain a so-called cook­ie ID. A cook­ie ID is a unique iden­ti­fi­er of the cook­ie. It con­sists of a string of char­ac­ters through which Inter­net pages and servers can be assigned to the spe­cif­ic inter­net brows­er in which the cook­ie was stored. This enables the vis­it­ed Inter­net pages and servers to dis­tin­guish the indi­vid­ual brows­er of the per­son con­cerned from oth­er Inter­net browsers that con­tain oth­er cook­ies. A par­tic­u­lar Inter­net brows­er can be rec­og­nized and iden­ti­fied by its unique cook­ie ID.

By using cook­ies, ?respon­deo!® — Unternehmens­ber­atung can pro­vide users of this web­site with more user-friend­ly ser­vices that would not be pos­si­ble with­out cookies.

By means of a cook­ie, the infor­ma­tion and offers on our web­site can be opti­mized for the user. Cook­ies enable us, as already men­tioned, to rec­og­nize the users of our web­site. The pur­pose of this recog­ni­tion is to make it eas­i­er for users to use our web­site. For exam­ple, the user of a web­site that uses cook­ies does not have to re-enter his access data each time he vis­its the web­site because this is tak­en over by the web­site and the cook­ie stored on the user’s com­put­er sys­tem. Anoth­er exam­ple is the cook­ie of a shop­ping bas­ket in an online shop. The online shop remem­bers the arti­cles that a cus­tomer has added to the vir­tu­al shop­ping cart.

The per­son con­cerned can pre­vent the set­ting of cook­ies by our web­site at any time by means of an appro­pri­ate set­ting of the Inter­net brows­er used and thus per­ma­nent­ly object to the set­ting of cook­ies. Fur­ther­more, cook­ies that have already been set can be delet­ed at any time via an inter­net brows­er or oth­er soft­ware pro­grams. This is pos­si­ble in all com­mon inter­net browsers. If the per­son con­cerned deac­ti­vates the set­ting of cook­ies in the inter­net brows­er used, not all func­tions of our web­site may be ful­ly usable.

5. Collection of General Data and Information

The web­site of ?respon­deo!® — Unternehmens­ber­atung col­lects a series of gen­er­al data and infor­ma­tion every time a per­son or an auto­mat­ed sys­tem access­es the web­site. This gen­er­al data and infor­ma­tion is stored in the log files of the serv­er. We may record (1) the brows­er types and ver­sions used, (2) the oper­at­ing sys­tem used by the access­ing sys­tem, (3) the web­site from which an access­ing sys­tem reach­es our web­site (so-called refer­rer), (4) the sub­web­sites which are accessed via an access­ing sys­tem on our web­site, (5) the date and time of access to the web­site, (6) an inter­net pro­to­col address (IP address), (7) the inter­net ser­vice providers of the access­ing sys­tem, and (8) oth­er sim­i­lar data and infor­ma­tion used for secu­ri­ty pur­pos­es in the event of attacks on our infor­ma­tion tech­nol­o­gy systems.

When using this gen­er­al data and infor­ma­tion, ?respon­deo!® — Unternehmens­ber­atung does not draw any con­clu­sions about the per­son con­cerned, even if, for exam­ple, the per­son con­cerned could be iden­ti­fied by com­bin­ing data, time and IP address by con­sult­ing the Inter­net provider to which the IP address is assigned. How­ev­er, ?respon­deo!® — Unternehmens­ber­atung does not car­ry out such search­es. Rather, the afore­men­tioned infor­ma­tion is required in order (1) to cor­rect­ly deliv­er the con­tents of our web­site, (2) to opti­mize the con­tents of our web­site and the adver­tis­ing for it, (3) to ensure the per­ma­nent func­tion­al­i­ty of our infor­ma­tion tech­nol­o­gy sys­tems and the tech­nol­o­gy of our web­site, and (4) to pro­vide law enforce­ment author­i­ties with the infor­ma­tion nec­es­sary for crim­i­nal pros­e­cu­tion in the event of a cyber attack. This anony­mous­ly col­lect­ed data and infor­ma­tion is there­fore eval­u­at­ed by ?respon­deo!® — Unternehmens­ber­atung both sta­tis­ti­cal­ly and with the aim of increas­ing data pro­tec­tion and data secu­ri­ty in our com­pa­ny ulti­mate­ly in order to ensure an opti­mum lev­el of pro­tec­tion for the per­son­al data processed by us. The anony­mous data of the serv­er log files are stored sep­a­rate­ly from all per­son­al data pro­vid­ed by a per­son concerned.

6. Registration on our Website

The data sub­ject may reg­is­ter on the web­site of the con­troller, pro­vid­ing per­son­al data. The per­son­al data trans­ferred to the con­troller is deter­mined by the respec­tive input mask used for reg­is­tra­tion. The per­son­al data entered by the data sub­ject is col­lect­ed and stored exclu­sive­ly for the pur­pose of draw­ing up con­tracts between ?respon­deo!® — Unternehmens­ber­atung and the data sub­ject, for inter­nal use by the data con­troller and for the data con­troller own pur­pos­es. The con­troller may arrange for the data to be trans­ferred to one or more proces­sors, such as a par­cel ser­vice, who also uses the per­son­al data exclu­sive­ly for inter­nal use attrib­ut­able to the controller.

Fur­ther­more, the IP address assigned by the inter­net ser­vice provider (ISP) to the data sub­ject, the date and time of reg­is­tra­tion are stored when the data sub­ject reg­is­ters on the data controller’s web­site. This data is stored against the back­ground that this is the only way to pre­vent mis­use of our ser­vices and, if nec­es­sary, to enable to inves­ti­gate crim­i­nal offences com­mit­ted. In this respect, the stor­age of this data is nec­es­sary to pro­tect the data con­troller. A trans­fer of these data to third par­ties does not take place in prin­ci­ple, unless there is the legal oblig­a­tion for such trans­fer on or the trans­fer on serves the crim­i­nal prosecution.

Reg­is­tra­tion of the data sub­ject with the vol­un­tary pro­vi­sion of per­son­al data serves the con­troller to offer the data sub­ject con­tent or ser­vices which, by their nature, can only be offered to reg­is­tered users. Reg­is­tered per­sons are free to mod­i­fy the per­son­al data pro­vid­ed dur­ing reg­is­tra­tion at any time or to have them com­plete­ly delet­ed from the data­base of the data con­troller if this data is not nec­es­sary for the ful­fil­ment of the con­tract or has to be stored due to legal requirements.

The con­troller shall at all times, upon request, inform each data sub­ject of the per­son­al data relat­ing to that data sub­ject. Fur­ther­more, the con­troller cor­rects or deletes per­son­al data at the request or notice of the data sub­ject, pro­vid­ed that there are no legal stor­age oblig­a­tions to the con­trary or the data are required for the ful­fil­ment of the contract.

7. Contact via the Website

Due to legal require­ments, the web­site of ?respon­deo!® — Unternehmens­ber­atung con­tains infor­ma­tion that enables rapid elec­tron­ic con­tact with our com­pa­ny and direct com­mu­ni­ca­tion with us, which also includes a gen­er­al address for so-called elec­tron­ic mail (e‑mail address). If a data sub­ject con­tacts the data con­troller via e‑mail or a con­tact form, the per­son­al data trans­mit­ted by the data sub­ject will be stored auto­mat­i­cal­ly. Such per­son­al data vol­un­tar­i­ly pro­vid­ed by a data sub­ject to the con­troller will be stored for the pur­pose of pro­cess­ing or con­tact­ing the data sub­ject. This per­son­al data is not passed on to third par­ties. Com­mu­ni­ca­tion by e‑mail with­out end-to-end encryp­tion is gen­er­al­ly not secure, so that it is gen­er­al­ly pos­si­ble that the data trans­mit­ted in this way may come to the knowl­edge of third parties.

8. Routine Deletion and Blocking of Personal Data

The con­troller shall process and store the per­son­al data of the data sub­ject only for the time nec­es­sary to achieve the data reten­tion pur­pose or to the extent pro­vid­ed for by the Euro­pean reg­u­la­tor or oth­er leg­is­la­tor in laws or reg­u­la­tions to which the con­troller is subject.

If the stor­age pur­pose ceas­es to apply or if a stor­age peri­od pre­scribed by the Euro­pean leg­is­laor and reg­u­la­tor or anoth­er com­pe­tent leg­is­la­tor expires, the per­son­al data is rou­tine­ly blocked or delet­ed in accor­dance with the statu­to­ry provisions.

9. Rights of the Data Subject

a) Right to confirmation

Every data sub­ject has the right grant­ed by the Euro­pean Direc­tive and Reg­u­la­tion to obtain con­fir­ma­tion from the con­troller as to whether per­son­al data con­cern­ing him or her are being processed. If a data sub­ject wish­es to exer­cise this right of con­fir­ma­tion, he or she may, at any time, con­tact the Data Pro­tec­tion Offi­cer or anoth­er employ­ee of the controller.

b) Right of access

Any per­son affect­ed by the pro­cess­ing of per­son­al data has the right grant­ed by the Euro­pean Direc­tive and Reg­u­la­tion to obtain at any time from the con­troller, free of charge, infor­ma­tion about the per­son­al data stored about him or her and a copy of that infor­ma­tion. In addi­tion, the Euro­pean Direc­tive and Reg­u­la­tion Leg­is­la­tor has grant­ed the data sub­ject access to the fol­low­ing information:

  • the pur­pos­es of processing
  • the cat­e­gories of per­son­al data processed
  • the recip­i­ents or cat­e­gories of recip­i­ents to whom the per­son­al data have been or will be dis­closed, in par­tic­u­lar in the case of recip­i­ents in third coun­tries or inter­na­tion­al organizations
  • if pos­si­ble, the planned dura­tion for which the per­son­al data will be stored or, if this is not pos­si­ble, the cri­te­ria for deter­min­ing this duration
  • the exis­tence of a right to obtain the rec­ti­fi­ca­tion or era­sure of per­son­al data con­cern­ing him or her, or to obtain the restric­tion of pro­cess­ing by the con­troller, or a right to object to such processing
  • the exis­tence of a right of appeal to a super­vi­so­ry authority
  • if the per­son­al data are not col­lect­ed from the data sub­ject: Any avail­able infor­ma­tion about the ori­gin of the data
  • the exis­tence of auto­mat­ed deci­sion-mak­ing, includ­ing pro­fil­ing, pur­suant to Arti­cle 22(1) and (4) of the GDPR and, at least in these cas­es, mean­ing­ful infor­ma­tion about the log­ic involved and the scope and intend­ed effects of such pro­cess­ing for the data subject.

Fur­ther­more, the data sub­ject shall have the right to obtain infor­ma­tion as to whether per­son­al data have been trans­ferred to a third coun­try or to an inter­na­tion­al orga­ni­za­tion. If this is the case, the data sub­ject also has the right to obtain infor­ma­tion about the appro­pri­ate safe­guards in con­nec­tion with the trans­fer.
If a data sub­ject wish­es to exer­cise this right of access, he or she may, at any time, con­tact the data pro­tec­tion offi­cer or anoth­er employ­ee of the controller.

c) Right to rectification

Every data sub­ject affect­ed by the pro­cess­ing of per­son­al data has the right grant­ed by the Euro­pean Direc­tive and Reg­u­la­tion to request the imme­di­ate rec­ti­fi­ca­tion of inac­cu­rate per­son­al data con­cern­ing him or her. Fur­ther­more, the data sub­ject has the right to request the com­ple­tion of incom­plete per­son­al data — also by means of a sup­ple­men­tary dec­la­ra­tion — tak­ing into account the pur­pos­es of the processing.

If a data sub­ject wish­es to exer­cise this right of rec­ti­fi­ca­tion, he or she may, at any time, con­tact the data pro­tec­tion offi­cer or anoth­er employ­ee of the controller.

d) Right to era­sure (right to be forgotten)

Any per­son con­cerned by the pro­cess­ing of per­son­al data has the right grant­ed by the Euro­pean Direc­tive and Reg­u­la­tion to obtain from the con­troller the era­sure with­out delay of per­son­al data con­cern­ing him or her, where one of the fol­low­ing grounds applies and inso­far as the pro­cess­ing is no longer necessary:

  • The per­son­al data were col­lect­ed or oth­er­wise processed for such pur­pos­es for which they are no longer necessary.
  • The data sub­ject revokes his or her con­sent on which the pro­cess­ing was based pur­suant to Art. 6(1)(a) DS-GVO or Art. 9(2)(a) DS-GVO and there is no oth­er legal basis for the processing.
  • The data sub­ject objects to the pro­cess­ing pur­suant to Arti­cle 21(1) DS-GVO and there are no over­rid­ing legit­i­mate grounds for the pro­cess­ing, or the data sub­ject objects to the pro­cess­ing pur­suant to Arti­cle 21(2) DS-GVO.
  • The per­son­al data have been processed unlawfully.
  • The era­sure of the per­son­al data is nec­es­sary for com­pli­ance with a legal oblig­a­tion under Union or Mem­ber State law to which the con­troller is subject.
  • The per­son­al data has been col­lect­ed in rela­tion to infor­ma­tion soci­ety ser­vices offered pur­suant to Arti­cle 8 (1) DS-GVO. 

If one of the afore­men­tioned rea­sons applies, and a data sub­ject wish­es to arrange for the era­sure of per­son­al data stored by the respon­deo — Unternehmens­ber­atung, he or she may, at any time, con­tact the data pro­tec­tion offi­cer or anoth­er employ­ee of the con­troller. The data pro­tec­tion offi­cer of the respon­deo — Unternehmens­ber­atung or anoth­er employ­ee shall prompt­ly ensure that the law­ful request for the era­sure is com­plied with immediately.

If the per­son­al data was made pub­lic by the respon­deo — Unternehmens­ber­atung and our enter­prise as the respon­si­ble par­ty pur­suant to Art. 17 Para. 1 DS-GVO, respon­deo — Unternehmens­ber­atung shall imple­ment rea­son­able mea­sures, includ­ing tech­ni­cal mea­sures, to com­pen­sate oth­er data con­trollers for pro­cess­ing the per­son­al data pub­lished, tak­ing into account the avail­able tech­nol­o­gy and the cost of imple­men­ta­tion, in order to inform the data sub­ject that he or she has request­ed from those oth­er data con­trollers to erase all links to the per­son­al data or copies or repli­ca­tions of the per­son­al data, unless the pro­cess­ing is nec­es­sary. The Data Pro­tec­tion Offi­cer of the respon­deo — Unternehmens­ber­atung or anoth­er employ­ee will arrange the nec­es­sary in indi­vid­ual cases.

e) Right to restric­tion of processing

Any per­son affect­ed by the pro­cess­ing of per­son­al data has the right, grant­ed by the Euro­pean Direc­tive and Reg­u­la­tion-mak­er, to request the con­troller to restrict the pro­cess­ing if one of the fol­low­ing con­di­tions is met:

  • The accu­ra­cy of the per­son­al data is con­test­ed by the data sub­ject for a peri­od enabling the con­troller to ver­i­fy the accu­ra­cy of the per­son­al data.
  • The pro­cess­ing is unlaw­ful, the data sub­ject objects to the era­sure of the per­son­al data and requests instead the restric­tion of the use of the per­son­al data.
  • The con­troller no longer needs the per­son­al data for the pur­pos­es of the pro­cess­ing, but the data sub­ject needs it for the asser­tion, exer­cise or defense of legal claims.
  • The data sub­ject has object­ed to the pro­cess­ing pur­suant to Arti­cle 21 (1) of the GDPR and it is not yet clear whether the legit­i­mate grounds of the con­troller over­ride those of the data subject.

If one of the afore­men­tioned con­di­tions is met, and a data sub­ject wish­es to request the restric­tion of per­son­al data stored by the respon­deo — Unternehmens­ber­atung, he or she may, at any time, con­tact the data pro­tec­tion offi­cer or anoth­er employ­ee of the con­troller. The data pro­tec­tion offi­cer of the respon­deo — Unternehmens­ber­atung or anoth­er employ­ee will arrange the law­ful restric­tion of the processing.

f) Right to data portability

Any per­son affect­ed by the pro­cess­ing of per­son­al data has the right grant­ed by the Euro­pean Direc­tive and Reg­u­la­tion to receive the per­son­al data con­cern­ing him or her, which have been pro­vid­ed by the data sub­ject to a con­troller, in a struc­tured, com­mon­ly used and machine-read­able for­mat. He or she also has the right to trans­mit such data to anoth­er con­troller with­out hin­drance from the con­troller to whom the per­son­al data have been pro­vid­ed, pro­vid­ed that the pro­cess­ing is based on con­sent pur­suant to Arti­cle 6(1)(a) of the GDPR or Arti­cle 9(2)(a) of the GDPR or on a con­tract pur­suant to Arti­cle 6(1)(b) of the GDPR and the pro­cess­ing is car­ried out by auto­mat­ed means, unless the pro­cess­ing is nec­es­sary for the per­for­mance of a task car­ried out in the pub­lic inter­est or in the exer­cise of offi­cial author­i­ty vest­ed in the controller.

Fur­ther­more, when exer­cis­ing the right to data porta­bil­i­ty pur­suant to Arti­cle 20(1) of the GDPR, the data sub­ject has the right to obtain that the per­son­al data be trans­ferred direct­ly from one con­troller to anoth­er con­troller where tech­ni­cal­ly fea­si­ble and pro­vid­ed that this does not adverse­ly affect the rights and free­doms of oth­er individuals.

In order to assert the right to data porta­bil­i­ty, the data sub­ject may at any time con­tact the data pro­tec­tion offi­cer appoint­ed by the respon­deo — Unternehmens­ber­atung or anoth­er employee.

g) Right to object

Any data sub­ject con­cerned by the pro­cess­ing of per­son­al data has the right, grant­ed by the Euro­pean Direc­tives and Reg­u­la­tions, to object at any time, on grounds relat­ing to his or her par­tic­u­lar sit­u­a­tion, to pro­cess­ing of per­son­al data con­cern­ing him or her car­ried out on the basis of Arti­cle 6(1)(e) or (f) of the DS-GVO. This also applies to pro­fil­ing based on these provisions.

The respon­deo — Unternehmens­ber­atung shall no longer process the per­son­al data in the event of the objec­tion, unless we can demon­strate com­pelling legit­i­mate grounds for the pro­cess­ing which over­ride the inter­ests, rights and free­doms of the data sub­ject, or for the asser­tion, exer­cise or defence of legal claims.

If the respon­deo — Unternehmens­ber­atung process­es per­son­al data for direct mar­ket­ing pur­pos­es, the data sub­ject shall have the right to object at any time to pro­cess­ing of per­son­al data for such mar­ket­ing. This also applies to the pro­fil­ing, inso­far as it is relat­ed to such direct mar­ket­ing. If the data sub­ject objects to the respon­deo — Unternehmens­ber­atung to the pro­cess­ing for direct mar­ket­ing pur­pos­es, the respon­deo — Unternehmens­ber­atung will no longer process the per­son­al data for these purposes.

In addi­tion, the data sub­ject has the right, on grounds relat­ing to his or her par­tic­u­lar sit­u­a­tion, to object to pro­cess­ing of per­son­al data con­cern­ing him or her which is car­ried out by the respon­deo — Unternehmens­ber­atung for sci­en­tif­ic or his­tor­i­cal research pur­pos­es, or for sta­tis­ti­cal pur­pos­es pur­suant to Arti­cle 89(1) of the DS-GVO, unless such pro­cess­ing is nec­es­sary for the per­for­mance of a task car­ried out for rea­sons of pub­lic interest.

In order to exer­cise the right to object, the data sub­ject may direct­ly con­tact the own­er of the respon­deo — Unternehmens­ber­atung. The data sub­ject is also free, in con­nec­tion with the use of infor­ma­tion soci­ety ser­vices, notwith­stand­ing Direc­tive 2002/58/EC, to exer­cise his or her right to object by means of auto­mat­ed pro­ce­dures using tech­ni­cal specifications.

h) Auto­mat­ed deci­sions in indi­vid­ual cas­es, includ­ing profiling.

Any data sub­ject con­cerned by the pro­cess­ing of per­son­al data shall have the right, grant­ed by the Euro­pean Direc­tive and the Reg­u­la­tion, not to be sub­ject to a deci­sion based sole­ly on auto­mat­ed pro­cess­ing, includ­ing pro­fil­ing, which pro­duces legal effects con­cern­ing him or her or sim­i­lar­ly sig­nif­i­cant­ly affects him or her, unless the deci­sion (1) is nec­es­sary for enter­ing into, or the per­for­mance of, a con­tract between the data sub­ject and the con­troller, or (2) is per­mit­ted by Union or Mem­ber State law to which the con­troller is sub­ject and that law con­tains suit­able mea­sures to safe­guard the data subject’s rights and free­doms and legit­i­mate inter­ests, or (3) is made with the data subject’s explic­it consent.

If the deci­sion (1) is nec­es­sary for enter­ing into, or the per­for­mance of, a con­tract between the data sub­ject and the data con­troller, or (2) it is made with the data subject’s explic­it con­sent, the respon­deo — Unternehmens­ber­atung shall imple­ment suit­able mea­sures to safe­guard the data subject’s rights and free­doms and legit­i­mate inter­ests, which include at least the right to obtain the data subject’s involve­ment on the part of the con­troller, to express his or her point of view and con­test the decision.

If the data sub­ject wish­es to exer­cise the rights con­cern­ing auto­mat­ed deci­sions, he or she may, at any time, con­tact the Data Pro­tec­tion Offi­cer or anoth­er employ­ee of the controller.

i) Right to with­draw con­sent under data pro­tec­tion law

Any data sub­ject con­cerned by the pro­cess­ing of per­son­al data has the right, grant­ed by the Euro­pean Direc­tive and Reg­u­la­tion Body, to with­draw con­sent for the pro­cess­ing of per­son­al data at any time in the future.

If the data sub­ject wish­es to exer­cise the right to with­draw the con­sent, he or she may, at any time, con­tact the Data Pro­tec­tion Offi­cer or anoth­er employ­ee of the controller.

Arti­cle 6 I let­ter (a) DS-GVO pro­vides our com­pa­ny with a legal basis for pro­cess­ing oper­a­tions for which we obtain con­sent for a spe­cif­ic pro­cess­ing pur­pose. If the pro­cess­ing of per­son­al data is nec­es­sary for the per­for­mance of a con­tract to which the data sub­ject is a par­ty, such as pro­cess­ing oper­a­tions nec­es­sary for the sup­ply of goods or oth­er ser­vices or con­sid­er­a­tion, the pro­cess­ing is based on Arti­cle 6 I let­ter (b) DS-GVO. The same applies to such pro­cess­ing process­es that are nec­es­sary to car­ry out pre-con­trac­tu­al mea­sures, for exam­ple in cas­es of enquiries about our prod­ucts or ser­vices. If our com­pa­ny is sub­ject to a legal oblig­a­tion requir­ing the pro­cess­ing of per­son­al data, for exam­ple to ful­fil tax oblig­a­tions, the pro­cess­ing is based on Art. 6 I let­ter c DS-GVO. In rare cas­es, the pro­cess­ing of per­son­al data may become nec­es­sary to pro­tect the vital inter­ests of the data sub­ject or anoth­er nat­ur­al per­son. This would be the case, for exam­ple, if a vis­i­tor were injured in our com­pa­ny and his name, age, health insur­ance data or oth­er vital infor­ma­tion had to be passed on to a doc­tor, a hos­pi­tal or oth­er third par­ties. The pro­cess­ing would then be based on Arti­cle 6 I let­ter (d) DS-GVO. Ulti­mate­ly, pro­cess­ing oper­a­tions could be based on Arti­cle 6 Ilet­ter (f) DS-GVO. Pro­cess­ing oper­a­tions which are not cov­ered by any of the afore­men­tioned legal bases are based on this legal basis if pro­cess­ing is nec­es­sary to safe­guard a legit­i­mate inter­est of our com­pa­ny or a third par­ty, pro­vid­ed that the inter­ests, fun­da­men­tal rights and free­doms of the data sub­ject do not pre­vail. Such pro­cess­ing pro­ce­dures are per­mit­ted to us in par­tic­u­lar because they have been specif­i­cal­ly men­tioned by the Euro­pean leg­is­la­tor. In this respect, the Euro­pe­and Leg­is­la­tor and reg­u­la­tor took the view that a legit­i­mate inter­est could be assumed if the per­son con­cerned is a cus­tomer of the per­son respon­si­ble (recital 47, sec­ond sen­tence, DS-DVO).

11. Legitimate Interests in the Processing Pursued by the Controller or a Third Party

If the pro­cess­ing of per­son­al data is based on Arti­cle 6 I let­ter (f) DS-GVO, it is in our legit­i­mate inter­est to con­duct our busi­ness for the ben­e­fit of all our employ­ees and our shareholders.

12. Duration for which the Personal Data is Stored

The cri­te­ri­on for the dura­tion of the stor­age of per­son­al data is the respec­tive legal reten­tion peri­od. After the expiry of this peri­od, the cor­re­spond­ing data will be rou­tine­ly delet­ed, pro­vid­ed that it is no longer nec­es­sary for the ful­fil­ment or ini­ti­a­tion of the contract.

We inform you that the pro­vi­sion of per­son­al data is part­ly required by law (e.g. tax reg­u­la­tions) or may also result from con­trac­tu­al reg­u­la­tions (e.g. infor­ma­tion on the con­trac­tu­al part­ner). In some cas­es, it may be nec­es­sary for a con­tract to be con­clud­ed if a data sub­ject pro­vides us with per­son­al data which must sub­se­quent­ly be processed by us. For exam­ple, the per­son con­cerned is oblig­ed to pro­vide us with per­son­al data if our com­pa­ny enters into a con­tract with him/her. Fail­ure to pro­vide per­son­al data would mean that the con­tract with the data sub­ject could not be con­clud­ed. Pri­or to the pro­vi­sion of per­son­al data by the data sub­ject, the data sub­ject may con­tact our Data Pro­tec­tion Offi­cer. Our Data Pro­tec­tion Offi­cer will inform the data sub­ject on a case-by-case basis whether the pro­vi­sion of per­son­al data is required by law or con­tract or required for the con­clu­sion of the con­tract, whether there is an oblig­a­tion to pro­vide the per­son­al data and what con­se­quences the fail­ure to pro­vide the per­son­al data would have.

14. Existence of Automated Decision Making

As a respon­si­ble com­pa­ny, we do not make use of auto­mat­ic deci­sion-mak­ings or profilings.

15. SSL or TLS encryption

The pages of respon­deo — Unternehmens­ber­atung and the asso­ci­at­ed Inter­net pages of www.easygrading.de use SSL or TLS encryp­tion for secu­ri­ty rea­sons and to pro­tect the trans­mis­sion of con­fi­den­tial con­tent, such as orders or inquiries that you send to us as the page oper­a­tor. You can rec­og­nize an encrypt­ed con­nec­tion by the fact that the address line of the brows­er changes from “http://” to “https://” and by the lock sym­bol in your brows­er line.

If SSL or TLS encryp­tion is acti­vat­ed, the data you trans­mit to us can­not be read by third parties.

16. Data collection on this website

a) Con­sent with CCM19

This web­site uses CCM19’s Con­sent tech­nol­o­gy to obtain your con­sent to the stor­age of cer­tain cook­ies on your ter­mi­nal device or to the use of cer­tain tech­nolo­gies, and to doc­u­ment this con­sent in accor­dance with data pro­tec­tion law. The provider of this tech­nol­o­gy is Papoo Soft­ware & Media GmbH, August­str. 4,53229 Bonn, Ger­many, website:

https://www.ccm19.de/.

When you enter our web­site, the fol­low­ing per­son­al data is trans­ferred to CCM19:

  • Your consent(s) or revo­ca­tion of your consent(s).
  • Your IP address
  • Infor­ma­tion about your browser
  • Infor­ma­tion about your ter­mi­nal device
  • Time of your vis­it to the website

Fur­ther­more, CCM19 stores a cook­ie in your brows­er in order to be able to assign the consent(s) giv­en to you or their revo­ca­tion. The data col­lect­ed in this way is stored until you request us to delete it, delete the CCM19 cook­ie your­self or the pur­pose for stor­ing the data no longer applies. Manda­to­ry legal stor­age oblig­a­tions remain unaffected.

CCM19 is used to obtain the legal­ly required con­sent for the use of cer­tain tech­nolo­gies. The legal basis for this is Art. 6 para. 1 lit. c DSGVO.

Order pro­cess­ing
We have con­clud­ed an order pro­cess­ing agree­ment (AVV) for the use of the above ser­vice. This is a con­tract required by data pro­tec­tion law, which ensures that this process­es the per­son­al data of our web­site vis­i­tors only accord­ing to our instruc­tions and in com­pli­ance with the DSGVO.

b) Con­tact form

If you send us inquiries via the con­tact form, your data from the inquiry form, includ­ing the con­tact data you pro­vid­ed there, will be stored by us for the pur­pose of pro­cess­ing the inquiry and in case of fol­low-up ques­tions. We do not pass on this data with­out your consent.

The pro­cess­ing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is relat­ed to the per­for­mance of a con­tract or is nec­es­sary for the imple­men­ta­tion of pre-con­trac­tu­al mea­sures. In all oth­er cas­es, the pro­cess­ing is based on our legit­i­mate inter­est in the effec­tive pro­cess­ing of the requests addressed to us (Art. 6 (1) (f) DSGVO) or on your con­sent (Art. 6 (1) (a) DSGVO) if this has been request­ed; the con­sent can be revoked at any time.

The data you enter in the con­tact form will remain with us until you request us to delete it, revoke your con­sent to store it, or the pur­pose for stor­ing the data no longer applies (e.g. after we have com­plet­ed pro­cess­ing your request). Manda­to­ry legal pro­vi­sions — in par­tic­u­lar reten­tion peri­ods — remain unaffected.

c) Inquiry by e‑mail, tele­phone or fax

If you con­tact us by e‑mail, tele­phone or fax, your inquiry includ­ing all result­ing per­son­al data (name, inquiry) will be stored and processed by us for the pur­pose of pro­cess­ing your request. We do not pass on this data with­out your consent.

The pro­cess­ing of this data is based on Art. 6 para. 1 lit. b DSGVO, pro­vid­ed that your request is relat­ed to the per­for­mance of a con­tract or is nec­es­sary for the imple­men­ta­tion of pre-con­trac­tu­al mea­sures is nec­es­sary. In all oth­er cas­es, the pro­cess­ing is based on our legit­i­mate inter­est in the effec­tive pro­cess­ing of the requests sent to us (Art. 6 (1) (f) DSGVO) or on your con­sent (Art. 6 (1) (a) DSGVO) if this has been request­ed; the con­sent can be revoked at any time.

The data you send to us via con­tact requests will remain with us until you request us to delete it, revoke your con­sent to store it, or the pur­pose for stor­ing the data no longer applies (e.g. after we have com­plet­ed pro­cess­ing your request). Manda­to­ry legal pro­vi­sions — in par­tic­u­lar legal reten­tion peri­ods — remain unaffected.

This Data Pro­tec­tion Dec­la­ra­tion applies sole­ly to all web­sites for which easy­grad­ing and respon­deo are respon­si­ble. Our web­sites may con­tain links to web­sites of oth­er com­pa­nies. We have set these links because we believe that these pages could be of inter­est to you. Our web­site con­tains links to exter­nal web­sites of third par­ties over whose con­tents we have no influ­ence. There­fore, we can­not assume any lia­bil­i­ty for these exter­nal con­tents. The respec­tive provider or oper­a­tor of the pages is always respon­si­ble for the con­tents of the linked pages. The linked pages were checked for pos­si­ble legal infringe­ments at the time of link­ing. Ille­gal con­tents were not rec­og­niz­able at the time of link­ing. How­ev­er, per­ma­nent mon­i­tor­ing of the con­tent of the linked pages is unrea­son­able with­out con­crete evi­dence of a vio­la­tion of the law. If we become aware of any infringe­ments, we will remove such links imme­di­ate­ly. If you have any ques­tions, please con­tact these com­pa­nies directly.

18. Up-to-Dateness of this Data Protection Declaration

This Data Pro­tec­tion Dec­la­ra­tion is cur­rent­ly valid. We reserve the right to change this Data Pro­tec­tion Dec­la­ra­tion at any time in com­pli­ance with the then valid legal pro­vi­sions for the future.

19. Final clause

Only the Ger­man ver­sion of these pri­va­cy pol­i­cy is rel­e­vant. If these con­di­tions are trans­lat­ed into oth­er lan­guages, they serve as a read­ing ver­sion exclu­sive­ly for the infor­ma­tion of the customer.

Server Location Germany

easy­grad­ing is an online solu­tion with which you can access your data from any­where. Com­pa­nies and pri­vate indi­vid­u­als in Ger­many receive bet­ter data pro­tec­tion than any­where else. There­fore, our servers are locat­ed exclu­sive­ly in data cen­ters in Ger­many. They are sub­ject to the strict Ger­man data pro­tec­tion laws and the Telecom­mu­ni­ca­tions Act (TKG). This ensures that your data does not fall into the wrong hands.

This Data Pro­tec­tion Dec­la­ra­tion was pre­pared using a draft of the media law firm WILDE BEUGER SOLMECKE in coop­er­a­tion with the DGD Deutsche Gesellschaft für Daten­schutz GmbH.

16. Picture credits

https://www.freepik.com/free-photo/abstract-office-desktop_8096894.htm
https://www.freepik.com/free-photo/side-view-cropped-unrecognizable-business-people-working-common-desk_5839469.htm
https://www.freepik.com/free-photo/happy-businesswoman-giving-presentation-her-partners-business-meeting_2524067.htm
https://www.freepik.com/free-photo/discussing-results-project_5401523.htm
https://www.freepik.com/free-photo/serious-businessman-presenting-company-business-goals-colleagues_3953818.htm
https://www.freepik.com/free-vector/gradient-isometric-laptop-technology-background_4132609.htm