Privacy policy

Privacy policy

Thank you for visiting our website. In the following, we would like to inform you about the handling of your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR/German: DSGVO).

Controller

The controller responsible for the described data collection and processing is named in the imprint.

User data

When you visit our websites, so-called usage data is temporarily stored on our web server for statistical purposes as a log in order to improve the quality of our websites. This data set consists of:

  • the name and address of the requested content,
  • the date and time of the query,
  • the amount of data transferred,
  • the access status (content transferred, content not found),
  • the description of the web browser and operating system used,
  • the referral link, which indicates from which page you have reached ours,
  • the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.

The aforementioned log data is only evaluated anonymously. Art. 6 para. 1 lit. f GDPR serves as the legal basis for the aforementioned data processing. The processing of the aforementioned data is necessary for the provision of a website and thus serves to protect a legitimate interest of our company.

Data security

In order to protect your data from unwanted access as comprehensively as possible, we take technical and organisational measures. We use an encryption procedure on our pages. Your data is transferred from your computer to our server and vice versa via the Internet using TLS encryption. You can recognise this by the fact that the lock symbol is closed in the status bar of your browser and the address line starts with https://.

Storage of the IP address for security purposes

As soon as the aforementioned data is no longer required to display the website, it is deleted. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object. Further storage may take place in individual cases if required by law. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR.

Anonymous visitor measurement

We carry out anonymous visitor measurement on our websites. For this purpose, the log data of the web server and the shortened IP address are evaluated. It is not possible to draw any conclusions about your person.

Contact

You may have the option of contacting us via our contact form. To use our contact form, we first need the data marked as mandatory fields from you.

We use this data on the basis of Art. 6 para. 1 p. 1 lit. f GDPR in order to answer your enquiry.

In addition, you can decide for yourself whether you would like to provide us with further information. This information is provided voluntarily and is not mandatory for contacting us. We process your voluntary information on the basis of your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.

Your data will only be processed to respond to your enquiry. We delete your data if it is no longer required and there are no legal retention obligations to the contrary.

Insofar as your data transmitted via the contact form is processed on the basis of Art. 6 (1) sentence 1 lit. f GDPR, you can object to the processing at any time. You can also revoke your consent to the processing of your voluntary data at any time. To do so, please contact the e-mail address stated in the imprint.

You can also contact our contact persons directly by e-mail or telephone. We process the data you provide exclusively for the purpose of processing your enquiry, also on the basis of Art. 6 (1) sentence 1 lit. f GDPR. In this case, you also have the right to object.

If you contact us by e-mail, this is done without transport encryption, depending on the configuration of your mail server. If you wish to send us confidential data, we recommend that you use our encryption procedure. For this purpose, we provide you with corresponding PGP keys, for example:

You can download our public PGP key for the address oliver.wagner @ commentum.eu here: public PGP key.

This PGP key is signed with our own root key, which has the following fingerprint:

9551 867D 1172 8F81 B6F5 23AE 6E51 1AF6 7ABC 6CB0

Your rights as a user

When processing your personal data, the GDPR grants you certain rights as a data subject:

Right of access (Art. 15 GDPR)

You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to access this personal data and the information listed in detail in Article 15 of the GDPR.

Right of rectification (Art. 16 GDPR)

You have the right to request the correction of any inaccurate personal data relating to you and, where applicable, the completion of any incomplete data without delay.

Right to erasure (Art. 17 GDPR)

You have the right to request that personal data concerning you be deleted without delay, provided that one of the reasons listed in detail in Art. 17 of the GDPR applies.

Right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR applies.

Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 of the GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.

Right of objection (Art. 21 GDPR)

If data is collected on the basis of Art. 6 (1) p. 1 lit. f GDPR (data processing for the protection of legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right of appeal to a supervisory authority (Art. 77 GDPR)

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. The right of complaint may in particular be asserted before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.

Contact details regarding data protection

If you would like to contact us regarding data protection, please contact the office named in the imprint.