Data privacy is extremely important to us!
The privacy of your personal data in connection with use of these web pages is taken very seriously. In the following, you will find information on the collection, processing and utilization of your personal data when you visit these pages and use the services offered there.
1. Information on personal data
(1) “Personal data” means any information relating to a specific person or information that is capable of establishing a connection with a person – for example the name, postal address, a telephone number, an email address, details of a bank account etc. In some cases, personal data may even make it possible to draw conclusions as to a person’s identity.
(2) The service provider in the meaning of Art. 13 of the German Telemedia Act (TMG) and the responsible body (controller) pursuant to the German Federal Data Protection Act (BDSG) and the EU General Data Protection Regulation (GDPR) is:
Lactoprot Deutschland GmbH
2. Rights of the data subject
You have the following rights in connection with our processing of your data:
(1) Pursuant to Art. 15 GDPR you have a right of access to information on the processing of your personal data by us, in particular concerning the purposes of the processing, the categories of data processed, the recipients or categories of recipient, the period for which the personal data will be stored or the criteria used to determine that period; the right to request rectification, erasure or restriction of processing of personal data or to object to such processing; the right to lodge a complaint with a supervisory authority; the right to know the source of the personal data and the existence of automated decision-making and, where appropriate, information on guarantees pursuant to Art. 46 GDPR in the event of transfers to third countries or international organizations.
(2) Pursuant to Art. 16 GDPR you have the right to demand, without undue delay, the rectification of inaccurate personal data or completion of any incomplete personal data.
(3) Pursuant to Art. 17 GDPR you have the right to obtain erasure of the stored personal data if these data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; if you have withdrawn your given consent and there is no other legal ground for the processing; if you have objected to the processing and the data may no longer be processed pursuant to Art. 21 Subparagraph 1or 2 GDPR; if the data have been processed unlawfully; if erasure is necessary in order to comply with a legal obligation, or if the personal data have been collected in relation to the offer of information society services referred to in Article 8 Subparagraph 1 GDPR. This shall not apply if their processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for the performance of a task carried out in the public interest or for the establishment, exercise or defence of legal claims.
(4) Pursuant to Art. 18 GDPR you have the right to obtain restriction of processing of your personal data if you contest the accuracy of the data (for a period enabling verification of their accuracy), if the processing is unlawful but you oppose their erasure and request the restriction of their use instead; if we no longer need the data for the purpose of processing but you require them for the establishment, exercise or defence of legal claims, or if you have objected to their processing in accordance with Art. 21 Subparagraph 1 GDPR – this pending examination whether our legitimate grounds override your own legitimate grounds.
(5) Pursuant to Art. 21 Subparagraph 2 GDPR you have the right to object to processing of your personal data (if the data are processed for direct marketing purposes) or pursuant to Art. 21 Subparagraph 1 GDPR (if the data are processed according to Art. 6 Subparagraph 1 S. 1 e) or f) GDPR on grounds relating to your particular situation, unless we have compelling legitimate grounds for the processing which override your interests or the processing serves the establishment, exercise or defence of legal claims). For more detailed information on your right to object, see Section 23 below.
(6) Pursuant to Art. 20 GDPR you have a right to data portability, i.e. the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to have those data transmitted to another controller.
(7) Pursuant to Art. 7 Subparagraph 3 GDPR you have the right to withdraw the consent given to us at any time. As a result, we shall in future no longer be permitted to continue processing the data as of the time of the withdrawal. See also Section 24 below.
(8) Pursuant to Art. 77 GDPR you have the right to lodge a complaint with a supervisory authority. You will find the supervisory authority competent for us under Section 4. The right to lodge a complaint shall exist without prejudice to any other administrative or judicial remedy.
(9) Please send all requests for information, enquiries or objections to processing of your data by email to email@example.com or to the address stated in Section 1 Subsection 2.
3. Automated decision-making
Automated decision-making is not used on these pages.
4. Supervisory authority
The address of the supervisory authority competent for us is:
Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein, Holstenstrasse 98, 24103 Kiel,
5. Storage of access data
(1) Each time you access our website, access data are stored in a journal file on our provider’s server.
(2) This data record consists, for example, of your IP address, the date and time of the enquiry, the name of the file requested, the amount of data transferred and the access status, a description of the web browser and operating system used and the name of your Internet service provider.
(3) These data are collected for technical reasons. They are analysed solely for statistical purposes and are not personally identifiable (number of visitors and popularity of the website). They are deleted automatically after 14 days at the latest.
6. Collection of personal data in cases of informational use only
(1) When the website is used for purely informational purposes, i.e. if you do not log in to the website or register or give us any other information, we do not collect any personal data except for those mentioned in Section 5.2, which your browser transfers for technical reasons in order to enable you to visit the website.
7. Use of functions on our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. As a rule, you then have to give us further personal data which we need in order to render the service you request. If additional, voluntary information can be given, this information is marked accordingly.
(2) If you contact the service provider by email or by using the contact form, your email address and your name and telephone number (if you state them) will be stored by us so that we can answer your questions.
8. Liability for content
The content of our web pages has been compiled with the greatest possible care. Nevertheless, we can give no guarantee for the correctness, completeness or topicality of the content. According to Art. 7 Subsection 1 of the German Telemedia Act (TMG), we are responsible as a service provider for our own content on these pages under general law. However, according to Arts. 8 to 10 TMG we are not obliged, as a service provider, to supervise any third-party information conveyed or stored or to search for circumstances that may indicate illegal activity. Obligations under general law to remove or block the use of certain information remain unaffected by this. Nevertheless, liability in this respect is only possible from the time at which a concrete breach of the law becomes known. Should such breaches of the law become known to us, we shall remove the relevant content immediately.
9. Liability for links
Our pages may contain links to external websites of third parties. We have no influence on the content of these websites and cannot therefore assume liability for such external content. The content of the linked pages is in all cases the responsibility of the provider or operator of the websites. At the time the link was established, the linked pages were checked for any infringements of the law. At the time of linking, no illegal content was identifiable. However, permanent supervision of the content of the linked pages without a concrete reason to suspect a violation of the law cannot reasonably be expected. Should violations of the law become known, we shall remove such links immediately.
10. Data security
We take suitable technical and organizational measures to secure our website and other systems against loss, destruction, access, alteration or dissemination of your data by unauthorized persons. However, complete protection against all risks is not possible in spite of regular controls.
For encryption, our website uses the industrial standard SSL (Secure Sockets Layer). This ensures the confidentiality of your personal data in the Internet. You can see whether the data transmission taking place is encrypted from the closed key or lock symbol in the display of your browser.
11. Transfer of data
Your personal data will only be transferred to third parties:
- If you have given your express consent pursuant to Art. 6 Subparagraph 1 S. 1 a) GDPR;
- If their transfer is necessary for the performance of a contract pursuant to Art. 6 Subparagraph 1 S. 1 b) GDPR;
- If their transfer is necessary for compliance with a legal obligation in the meaning of Art. 6 Subparagraph 1 S. 1 c) GDPR;
- If transfer of the data is necessary in the public interest in the meaning of Art. 6 Subparagraph 1 e) GDPR, or
- If transfer of the data is necessary in accordance with Art. 6 Subparagraph 1 S. 1 f) GDPR for the purposes of our legitimate interests or those of a third party, except where such interests are overridden by your interest in protection of your data.
12. Data categories
We process the following categories of data: master data (for example the company name, name of the contact if appropriate, address); communications data; contractual data; claims data, and information on payments and default where appropriate. See the information given above.
13. Duration of storage of personal data
Your data will be stored by us for as long as they are needed for the purpose for which they are to be processed. Beyond this, we only store data if we are obliged to do so by law, e.g. in order to comply with statutory retention periods.
14. Information on your right to object
Pursuant to Article 21 GDPR, objection to the processing of your personal data on the basis of Article 6 Subparagraph 1 e) (data processing in the public interest) or f) (data processing for the purposes of our legitimate interests following a weighing up of interests) is possible at any time. In the event of an objection, your personal data will no longer be processed unless we demonstrably have compelling legitimate grounds for the processing which override the interests, rights and liberties of the person concerned or the processing serves the establishment, exercise or defence of legal claims.
Please send your objection to the email address firstname.lastname@example.org
15. Information on your right to withdraw your consent
If you have given us your consent to the processing of your personal data, you may withdraw this consent at any time. This naturally includes declarations of consent given to us before 25 May 2018 (i.e. before the GDPR came into effect). In all cases, consent can only be withdrawn with effect for the future. Withdrawal of consent will not eliminate the legitimacy of processing retroactively.
Please send your notice of withdrawal of consent by email to email@example.com
This privacy statement has the status of 20 May 2018. It is the current and valid version of our privacy statement.
However, we wish to point out that it may become necessary to revise this privacy statement from time to time in order to take account of factual or legal changes.
17. Data protection officer
If you have questions concerning data privacy, please contact our data protection officer at:
Vater Solution GmbH
Ms Kerstin Lange
or by email at firstname.lastname@example.org