We, Kadmos Technologies GmbH, Rosenthalerstraße 36, 10178 Berlin (hereinafter referred to as “us/we” or “Controller”) thank you for visiting our public website www.kadmos.io (hereinafter referred to as “Kadmos Website”). We are responsible for the data processed on the Kadmos Website. To find out, who is responsible for the Kadmos Website under press law, please see the imprint.
For other websites operated by us, or certain restricted parts of the Kadmos Website, such as the electronic platform (the “Kadmos Platform”) through which we and third parties with whom we partner provide certain services (the “Kadmos Services”) and which are accessible only to registered users of the Kadmos Platform, other data protection regulations may apply. Please inform yourself there.
The following information is intended to inform you (hereinafter also referred to as “User” or alternatively “you”) about how we have implemented the requirements of the EU General Data Protection Regulation (the “GDPR”) on the Kadmos Website, how we protect your privacy and how personal data is processed in the context of using the Kadmos Website.
If you feel the information provided below is insufficient or difficult to understand, please do not hesitate to contact us.
1. Who is responsible for data processing and whom can I contact?
The Controller is:
Kadmos Technologies GmbH
Please note that this is a shared mailbox. Requests concerning confidential matters should be sent to Kadmos’ DPO.
Last Update: 23.01.2023
If you have questions concerning matters related to the processing of your data, please contact our data protection officer (DPO):
Kadmos Technologies GmbH
Data Protection Officer
All e-mails sent to the DPO are subject to confidentiality.
The supervisory authority competent for the Controller is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Tel.: +49 30 13889-0
Fax: +49 30 2155050
The authority also offers a complaint form.
2. General principles and information regarding data protection
2.1 Scope of the processing of personal data
When you use the Kadmos Website, we collect and use your personal data only to the extent necessary to provide a functioning website and/or to provide our web- or online-offers.
In this context, the processing of your data takes place either.
● with your prior consent, or
● if the processing is required to arrange a contract or to fulfil contractual obligations, or
● if we are legally obliged to do so, for example to comply with a statutory right to information, or
● if the processing is required to protect our legitimate interests unless your interests or fundamental rights and freedoms prevail and require the protection of your personal data.
Additionally, exceptions apply in such cases where we are unable to obtain your prior consent for factual reasons or where the processing of personal data is permitted or required by law.
2.2 Legal bases
If we ask for your consent to the processing of personal data, Art. 6 par. 1 sentence 1 lit. a GDPR serves as the legal basis for the processing of personal data.
For the processing of personal data required for the performance, implementation of pre-contractual measures, or for the initiation of a contract, the legal basis is Art. 6 para 1 sentence 1 lit. b GDPR.
If the processing of personal data is necessary for compliance with a legal obligation, the legal basis is Art. 6 para 1 sentence 1 lit. c GDPR.
If the processing is required to protect our or a third parties’ legitimate interests, and if your interests, fundamental rights, and freedoms, which each require the protection of your personal data, do not outweigh such legitimate interest, the legal basis is Art. 6 para 1 sentence 1 lit. f GDPR.
2.3 Consent, right to withdraw consent, right to object the processing
As a general rule, we obtain your consent electronically. Typically, we will ask you to express your consent by ticking a checkbox displayed on the Kadmos Website, or by clicking on the relevant field of a form. Your declaration of consent is recorded electronically. You can contact us at any time to request a documentation of the declaration of consent you have submitted at the relevant time.
In some cases we may use the so-called “double opt-in procedure” once we have obtained your consent in order to verify that it is actually you who has given the consent in question. In these cases, we will usually ask you to click on a link in an email we send you, although we may use other methods in the future. In these cases, your consent will only become effective once you have confirmed that you have given your consent. The click on the link or any other declaration we ask you to make in order to verify the consent will be recorded electronically, and also the circumstances of obtaining the confirmation (e.g., email that was sent, link, IP address, time, date) will be recorded.
To request documentation of the declaration(s) of consent, which you priorly submitted, you can contact us at any time.
You can withdraw your consent at any time with effect for the future, in whole or in part. In cases where another legal basis applies to the processing of your data, you can object to the processing of your data at any time. There is no form requirement for your statement of withdrawal or objection, but any such declaration is best addressed electronically or sent via the other contact options made available on the Kadmos Website. The lawfulness of processing that took place on the basis of consent until receipt of your withdrawal or receipt of your general objection to processing, remains unaffected by this.
2.4 Recipients of personal data
We sometimes use third parties which provide services on our behalf and in accordance with our instructions (so-called “Processors”). These Processors constitute “recipients” within the meaning of the GDPR and may receive or come into contact with personal data as part of providing their services.
We have contractually ensured that our processors provide sufficient guarantees for having suitable technical and organisational measures in place, that the processing is carried out in compliance with the requirements of the GDPR and that the protection of the rights of the affected data subject is guaranteed (see Art. 28 GDPR).
If personal data is transferred to a third party which is not a processor, i.e. another Controller, we provide that this is only done in accordance with the requirements of the GDPR and only if there is legal basis for the transfer. To the extent such a transfer takes place, this will be expressly mentioned in the information provided below and the relevant legal basis, as well as the recipient or category of recipients will be named.
Please do not hesitate to contact us for further information on the processors we use.
2.5 Data processing in so-called third countries
Your personal data will generally be processed within the EU or the European Economic Area (EEA), and the processing will be governed by the GDPR. Please note that this is also the case if you are located in a country outside of the EU or the EEA.
It is possible that information is transferred to so-called “third countries”. “Third countries” are countries outside the territory of the EU and/or the EEA, where an adequate level of data protection comparable with the standards applicable within the EU/EEA cannot be readily assumed.
If the information transferred also includes personal data, we provide that, prior to any such transfer, there are guarantees for an appropriate level of data protection in the respective third country or at the relevant recipient in the third country. This may be assumed from a so-called “adequacy decision” of the European Commission, or by using the so-called “EU standard contractual clauses”. Upon request, we will be happy to provide you with further information on the suitable and appropriate guarantees that we require in order to ensure an adequate level of data protection.
2.6 Deletion of data and period of storage
We delete personal data as soon as the purpose of the processing has expired. Thereafter, we will only retain personal data
● if required for the performance of an agreement between you and us,
● if required by a competent European or national legislator under EU regulations, or if required by law or other legal provisions to which we are subject, e.g. for the fulfilment of statutory document and data retention requirements and/or
● in the event of a justified interest in the storage of the data, e.g. during the course of limitation periods for the purpose of legal defence against any claims, or during an ongoing legal dispute.
In these cases, the data will be deleted if the reason to retain the data or the applicable retention period have expired.
2.7 Rights of affected persons
As a person affected by the processing of personal data, the GDPR provides you with certain rights. If you would like to make use of one or more of these rights, you can contact one of our employees at any time.
3. Processing of data for the provision of the Kadmos Website and the collection of Log Data
3.1 Description and scope of processing
Each time you access any content on the Kadmos Website, our system automatically collects data and information from the computer system or mobile device from which you are accessing the content. The following data is collected (hereinafter referred to as “Log Data”):
● information about the browser type and the version used (so-called “user agent”);
● the operating system of your computer system or mobile device;
● the internet service provider used by your computer system or mobile device to access the internet;
● the IP address of your computer system or mobile device;
● the date, time and duration of access;
● the website from which you have accessed the content of the Kadmos Website (so-called “referrer”);
● the website you visit after you have accessed the Kadmos Website.
Except for the IP address, the log data listed above cannot be used to identify you personally. A personal identification can only be established by assigning or linking the log data to data on the user of an IP address, which is generally not available to us.
3.2 Purpose of the processing
Log data, in particular the IP address of your computer or mobile device, is collected and processed for the purpose of providing the content contained on our website. This requires temporary storage of your IP address. This is required to address data traffic between your computer system or mobile device and our web- and/or online-offers or is needed to use our web- and/or online-offers.
Any further processing and storage of your IP address in log files is carried out for the purpose of ensuring the functionality of our web- and online-offers, to optimise the same, and to ensure the security of our IT systems.
In addition, this data is analysed by us for statistical purposes. This takes place in summarised form; individual users cannot be identified.
3.3 Legal bases
The legal basis for the collection and processing of the log data, to the extent they constitute personal data, is Art. 6 para 1 sentence 1 lit. b GDPR (performance and arrangement of contracts), as we use the Kadmos Website to promote and offer our product offerings to Companies and users like you.
The legal basis for storing Log Data for purposes beyond the communication process is Art. 6 para 1 sentence 1 lit. f GDPR (protection of legitimate interests). In this case, our interest in using the Log Data to provide for, also preventively, a safe and secure operation of our IT systems and the protection of other users' data outweighs your interest in ensuring that your Log Data - which for technical reasons must be processed anyway to provide the Kadmos Website - is not used for these purposes.
3.4 Deletion of data and storage period
The Log Data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of Log Data for the provision of the Kadmos Website, this is the case when the relevant session – i.e. the website visit – has ended. The storage of Log Data beyond this, including the IP address, for the purpose of providing a safe and secure system, takes place for a maximum period of three (3) months after the Kadmos Website was accessed.
Any further processing and/or storage of Log Data is subject to the deletion of the IP addresses from the Log Data in order to anonymize the Log Data in such a way that it is no longer possible to relate the Log Data to a data subject.
3.5 Right to object and deletion possibilities
The collection of Log Data for the provision of the Kadmos Website, including its storage in log files within the limits mentioned above, is essential for the operation of the Kadmos Website. Therefore, there is no possibility to object. This does not apply to the processing of Log Data for analytical purposes; this depends on the web analysis tools used and the type of data analysis (personal / anonymous / pseudonymous) taking place. Please refer to section 6 to learn more about the data processed thereby and your right to object.
4. Hosting and cloud services
We use hosting services and cloud services in particular
● to provide our website;
● to provide the Kadmos Company Portal, the Kadmos Platform, and the Kadmos Services;
● to store and process the data generated by your use of the Kadmos CompanyPortal, the Kadmos Platform, and the Kadmos Services;
● to send notifications by e-mail or messages;
● for our internal and external communication, also as far as it concerns users, e.g.,for receiving, sending, and processing e-mails you send us or which we send you; and
● for our internal organisational processes.
The providers of said hosting services and cloud services make their systems(hardware and software) available to us for this purpose via the Internet. If you provide us with your data in accordance with this privacy notice, we process it on the services provided to us by these service provider(s).
Cloud service providers typically process usage and metadata of the users of their services in order to secure their servers and to optimise their services. Insofar as you access the Kadmos Platform and the data that we make available to you, or you upload data, or cause data to be pulled from third-party sources into the Kadmos Platform, the respective cloud service provider may analyse your usage behaviour or browser settings.
If the cloud service provider we use offers to process the data exclusively within theEU, we intend - if currently not already implemented anyway - to process your data exclusively there and under a data processing agreement as per Art. 28 GDPR. If this is not possible and depending on the country in which the service provider is based, the data specified in more detail below may be transferred to and processed on servers outside the European Union. Hence, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and it will be difficult or impossible to enforce your rights. In such cases, we will take additional steps to ensure that the processing remains permissible.Typically, this includes the following data:
● the data you or the Company supply us with during registration for the Kadmos Services, including the documents you upload;
● the data you supply us with by using the Kadmos Platform and the Kadmos Services through the Kadmos Company Portal;
● usage data, e.g., how often do you use the Kadmos Services, which service offerings in particular, how often, time/date stamp, IP address, etc.;
● metadata, unless already covered by the log data; and
● data on parties interested in Kadmos and their offerings, communication partners, employees (e.g., applicants, current and former employees) who do not belong to the groups mentioned elsewhere in this privacy notice.
Insofar as we process your personal data in connection with the initiation and performance of a contract, the legal basis is Art. 6 para. 1 sentence 1 lit. b GDPR(performance of a contract, pre-contractual measures). Insofar as the processing ofpersonal data is necessary for the fulfilment of a legal obligation to which we are subject, the legal basis is Art. 6 para. 1 sentence 1 lit. c GDPR (fulfilment of legalobligations). Otherwise, the legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR(safeguarding legitimate interests).
Our hosting or cloud service provider will only process your data to the extent necessary to fulfil the respective service obligations and follow our instructions regarding this data. For this purpose, we have concluded data processing contract(s)in accordance with Art. 28 GDPR with the service providers
5.1 Description and scope of data processing
The Kadmos Website uses different types of Cookies. Our own Cookies i.e. Cookies issued by the web server of the Kadmos Website, do not contain any directly relatable personal data, so your privacy is protected. However, depending on the type of Cookie and the possibility of assigning a Cookie to an IP address, it is generally possible to establish a reference to a person. Subject to the processing of the LogFiles, we do not generally carry out such referencing.
Some Cookies may be placed by third parties who appear on the Kadmos Website, or by services provided by third parties which we have integrated in the Kadmos Website. We may also share information about your use of our site with our social media, advertising and analytics partners. Our partners may combine this information with other information you have provided to them or that they have collected as part of your use of the Kadmos Website or through your use of the Kadmos Platform or the Kadmos Services, if you subscribe to our products directly as a Worker or through a Company as a Company User.
Most browsers automatically accept Cookies. On the browser you use with your computer system or mobile devices, you can delete Cookies already set at any time, or set your browser to not accept Cookies, which may lead to functional limitations of our offer. Please refer to the instructions of your browser or the manufacturer of your computer system or mobile devices for details of how this works.
We use different kinds of Cookies, which serve different purposes:
● Necessary cookies help to make the Kadmos Website usable by enabling basic functions such as page navigation and access to secure areas of the Kadmos Website. The Kadmos Website cannot function properly without these Cookies.
● Preference Cookies allow the Kadmos Website to remember information that affects the way the Kadmos Website behaves or looks, such as your preferred language.
● Statistics Cookies help us understand how visitors like you interact with the Kadmos Website by collecting and reporting information anonymously.
● Marketing Cookies are used to follow visitors to other websites. The intention is to show ads that are relevant and appealing to the individual user and therefore more valuable to publishers and third party advertisers.
5.2 Purpose of data processing
The purpose of using Necessary Cookies is to enable the use of the Kadmos Websites. They are needed for those functions of the Kadmos Website which cannot be provided without the use of such Cookies. For these it is necessary that the browser is recognized even after a page change.
Preference Cookies are used to enable us to remember choices you make when you use the Kadmos Website, such as remembering your language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid having to re-enter preferences every time you revisit the Kadmos Website.
Marketing Cookies and Statistics Cookies are used for the purpose of improving the quality of the Kadmos Website and its contents. In this way we learn how the Kadmos Website is used and we can thus constantly optimise the Kadmos Websiter. For these purposes, we also use third-party systems that set third-party cookies.
5.3 Legal bases
The law allows us to store cookies on your device only if they are absolutely necessary for the operation of this site (Necessary Cookies). For all other types of Cookies, we need to obtain your consent first. Therefore, the legal basis for processing all other Cookies is Art. 6 para 1sentence 1 lit. a GDPR (consent). If Necessary Cookies are used to create pseudonymous analyses of the use of the Kadmos Website, the legal basis is Art. 6 para 1 sentence lit. f GDPR(protection of legitimate interests).
5.4 Deletion of data and period of storage
All Cookies are stored on your computer system or mobile device and are transmitted to our web server. A distinction is made between so-called “Permanent Cookies” and “Session Cookies”. Session Cookies are stored for the duration of a browser session and are deleted when the browser is closed. Permanent Cookies are not deleted when the respective browser session is closed but are stored on the user's computer system or mobile device for a longer period of time. For example, the cookie that informs our webserver that you have granted consent may be a Permanent Cookie.
Necessary Cookies are usually Session Cookies and deleted once you leave the Kadmos Website. All other Cookies are Permanent Cookies and stored for periods between 30 days and two (2) years.
5.5 Right to object and deletion possibilities
You have full control over the use and storage of Cookies. You can generally deactivate or restrict the transmission of Cookies by changing the settings in your browser. You can delete Cookies that have already been saved at any time. Most browsers offer a function to do this automatically. If Cookies are deactivated, it may no longer be possible to use all functions of the Kadmos Website in full.
You can withdraw your consent at any time with effect for the future, in whole or in part.You can object to the processing of your data at any time. The Section regarding the General principles and information regarding data protection applies to the objection. In this case, you may no longer be able to access or use all parts of our website
6. Analysis tools
a ) Description and scope of data processing
We may embed videos on the Kadmos Website which are hosted and provided through the YouTube platform (an offering from YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, U.S. – “YouTube”). The contents of the YouTube videos are only started and played if you click actively on them. When you play an embedded YouTube video, a connection to the YouTube servers is established so that the video is played in your browser.
b ) Purpose of data processing
The purpose of using YouTube is to enhance the Kadmos Website and to provide a better user experience, including the option of providing How-tos and other support information via video.
c ) Legal basis
d ) Deletion of data and period of storage
YouTube cookies remain on your device until you delete them.
e) Right to object and deletion possibilities
You can withdraw your consent at any time with effect for the future, in whole or in part.You can object to the processing of your data at any time. The Section regarding the General principles and information regarding data protection applies to the objection. In this case, you may no longer be able to access or use all parts oft he Kadmos website.
You can also use the deactivation function of our cookie consent tool.
7.1 Description and scope of data processing
If you would like to receive our newsletter, you need to provide us with a valid e-mail address as well as your first and last name. In order to be able to check whether you are the owner of the e-mail address provided or whether the owner of this e-mail address would like to receive the newsletter, we will send an automated e-mail to the e-mail address provided (so-called double opt-in) after the first registration step. Only after confirmation of the newsletter registration via the link in the confirmation e-mail, will we add the e-mail address provided as well as your first and last name to our mailing list. We do not collect any other data other than your e-mail address, your first and last name and the information required to confirm your registration.
7.2 Purpose of data processing
Your data will only be processed for the purpose of sending the newsletter you subscribed to.
7.3 Legal basis
The legal basis for this processing is Art. 6 para 1 sentence 1 lit. a GDPR (consent)
7.4 Deletion of data and period of storage
Subject to a request for deletion, the data will be stored for as long as we need the data to send the newsletter. The data will be deleted if you unsubscribe from the newsletter, or if a newsletter is reported as undeliverable more than three (3) times, or if we generally stop sending out the newsletter you subscribed to.
7.5 Right to object and deletion possibilities
You can unsubscribe from the newsletter at any time by using the unsubscribe link provided at the end of each newsletter (“unsubscribe”). The explanations regarding the right of revocation also apply.
8. Contacts via e-mail or the contact form
8.1 Description and scope of data processing
We provide the general e-mail address email@example.com through which you may contact us electronically. We may also provide e-mail addresses reserved for special topics such as privacy matters or support requests, e.g. firstname.lastname@example.org for requests concerning privacy matters. You may also contact most of our employees through their Kadmos-provided e-mail address. We may respond to requests via e-mail, even if the original request was not received via e-mail but, for example, via postal mail. In some cases, we also actively send out e-mails, e.g. to (potential) customers, without having prior contact.
If you send us an e-mail or if we send you an e-mail, the data sent along with the email will be transmitted from the sender to the recipient. What kind of data is transmitted and collected depends partly on your e-mail program, but usually an e-mail contains the following data:
● e-mail addresses of the sender and the recipient(s), these may include secondary recipients (“cc:”)
● last name, first name, title, company (if applicable) of the sender and the recipient(s)
● subject of the e-mail
● message text and all personal data contained therein, e.g. postal address, telephone and facsimile number, mobile number, simple electronic signature
● e-mail header which contains technically required information about the system from which the e-mail originates and the system through which the e-mail was routed on its way to the system of the recipient, information regarding the circumstances of sending (e.g. time/date, IP Address, ID numbers), routing/forwarding as well as receipt by the system of the recipient (e.g. time/date, IP addresses, ID numbers), information about delays or retries, and sometimes scores or other information used to identify potential unsolicited or malicious e-mail (“Spam”, e-mail with virus- or trojan loads)
● files attached to the e-mail, if any
Additionally, the following data is usually processed and stored upon receipt:
● date and time of receipt by the recipient’s system(s)
● information about forwarding of the mail within the recipient’s system(s)
● information created by the recipients when processing your e-mail, e.g. flags, categories, saving to folders etc.
We also provide a contact form through which you may contact us without sending an email. In this case, you can select which information you want to disclose to us, but we will require one contact information from you, usually the e-mail address. Along with the information you provide us through the contact form, we collect the date and time of receipt of the message. Please note that we may also store the relevant entry in the Log Data file along with the message.
Under no circumstances will the data be passed on to third parties unless we have to refer to third parties to process the enquiry.
8.2 Purpose of data processing
The data will be processed exclusively for the purpose of processing your respective request. In addition, the technical data collected (e.g. e-mail headers) are used to prevent misuses of the e-mail address and to ensure the security of our IT systems.
8.3 Legal bases
The legal basis for the processing of the data is, to the extent the data processing is done for the purpose of the performance or initiation of a contract, Art. 6 para 1 sentence 1 lit. b GDPR.
The legal basis for the collection of additional data during the dispatch process is Art. 6 para 1 Sentence 1 lit. f. GDPR; the legitimate interests here lie in the prevention of abuse and ensuring system security.
8.4 Erasure of data and period of storage
The data relating to an enquiry is generally deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent via e-mail, this is the case when the respective communication is finished and/or the request has been finally answered. Communication is finished when it can be inferred from the circumstances that the relevant facts have been finally clarified. Instead of deletion, the data will be saved with restrictions placed on their processing if continued storage of the data is necessary, e.g. because the request or its content is subject to legal or supervisory data retention obligations.
8.5 Right to object and deletion possibilities
You can object to the processing of your data at any time. You also have the option of cancelling the communication with us at any time until the e-mail is sent. All personal data stored in connection with contacting us will be deleted in case of an objection, unless continued storage of the data is necessary.
9. Job advertisements and applications
9.1 Description and scope of data processing
Within the scope of the application procedure, only the data provided by you (e.g. application, curriculum vitae, photo if applicable) will be processed. If you expressly give us this option, we also use data that we learn from third parties, e.g. reference persons.
Within our company, only those employees and service providers who are involved in the application process receive your personal data. Furthermore, a transfer of the relevant data to third parties on the basis of legal regulations or contractual agreements is possible in each individual case. These can be processors such as an IT service provider we use to host out IT systems.
During the application procedure, you only need to provide the data necessary for assessing your suitability for the position to be filled. You cannot participate in the application procedure without providing at least this data. The provision of this information is therefore mandatory.
9.2 Purpose of data processing
The processing of your personal data is the basis for participation in the application procedure. Furthermore, the data provided should enable an assessment of the suitability of the person applying for the position to be filled. Without this data we cannot consider the application in the application procedure.
9.3 Legal basis
The legal basis for the processing of your personal data to carry out pre-contractual measures is § 26 BDSG (data processing for the purpose of the employment relationship) in connection with Art. 6 para. 1 sentence 1 lit. b GDPR (legal obligation) and Art. 6 para. 1 sentence 1 lit. b GDPR (contract fulfilment and initiation).
9.4 Data deletion and storage period
The storage period of your data is at least the period for the application procedure. Notwithstanding the above, in the event of a cancellation, we will delete your data no later than six (6) months after the cancellation is sent unless you have given us your express consent to keep your data for a future application procedure. If your application is successful, we will save the data in the personnel file for further processing.
9.5 Right to object and deletion possibilities
You can object to the processing of your data at any time. You can also withdraw any consent you have given us in connection with your application. If you object or withdraw consent, we can no longer proceed with the job application. All personal data stored in connection with the application process will be deleted in case of an objection, unless continued storage of the data is necessary.
10. Your rights as a data subject
As a person affected by the processing of personal data, the GDPR grants you certain rights,
● Pursuant to Art. 15 GDPR, you have the right to request information from us at any time about your personal data processed by us, its origin and the purposes and methods of processing the data as well as the recipients of the data.
● If your data processed by us is incorrect or incomplete, you may demand that it be supplemented or corrected without delay in accordance with Art. 16 GDPR.
● Art. 17 GDPR gives you the right to request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims. If you exercise this right, we may not be able to provide you with the website or we may only be able to provide it to you with restrictions.
● In accordance with Art. 18 GDPR, you may request that we process your data only with restrictions if you dispute the accuracy of the data or if the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it to assert, exercise or defend legal claims, or you have objected to the processing in accordance with Art. 21 GDPR;
● In accordance with Art. 20 GDPR, you also have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format or to have this data transferred or transmitted by us to other bodies.
● If we have collected and processed your personal data with your consent, you may revoke this consent at any time (Art. 7 (3) GDPR). For details see sec. 2.3.
● If you are of the opinion that the processing of personal data concerning you by us violates applicable data protection law, you may lodge a complaint with the competent supervisory authority (Art. 77 GDPR in conjunction with Sec. 19 BDSG). This also applies if you are not satisfied with our response to your concern. You can find the contact details under sec. 1.
● The restrictions according to sec. 34 and 35 BDSG apply to the right to information and the right to deletion.
You also have these rights with regard to recipients to whom we transfer your data and who are not merely our processors.
11. Amendment of this data protection policy
For legal and/or organisational reasons, amendments or adjustments will be required from time to time. Please therefore always ensure you are looking at the current version. Amendments always apply to personal data collected in the future. The protection of the data collected and stored by us before the relevant amendments is therefore not affected.