Privacy Policy

Privacy Policy

Privacy Policy

We are glad that you visit our website. We respect your privacy. Data protection and data security when using our website are very important to us. With this privacy policy, we would like to inform you about the extent to which data is collected when you use our website and for what purposes we use this data. We would also like to inform you about your rights in this regard.

a. Type and purpose of processingWhen
you access our website, i.e., when you do not register or otherwise submit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of browser, the operating system used, the domain name of your Internet service provider, your IP address and the like. This is exclusively information that does not allow any conclusions to be drawn about your person. In particular, they are processed for the following purposes:

We do not use your data to draw conclusions about your person. Information of this kind is statistically evaluated by us, if necessary, in order to optimize our Internet presence and the technology behind it.
b. Legal basis of processingThe
processing is carried out pursuant to Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website.
c. Data categories

d. RecipientsThe recipients of
the data are internal employees and, if applicable, order processors who act as order processors for the operation and maintenance of our website.
e. Storage periodsThe
data will be deleted as soon as they are no longer required for the purpose of collection.

This is generally the case for the data used to provide the website when the respective session has ended.
f. Legal / contractual requirementThe
provision of the aforementioned personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website is not guaranteed. In addition, individual services and services may not be available or may be limited.
g. Third country transferThe
processing does not take place outside the European Union (EU) or the European Economic Area (EEA).

II Responsible person

QUANTUM cyber lab AGMarktplatz
38
73614 SchorndorfGermanyPhone
: +49 7181 / 669 61 51E-mail
: info@qcyberlab.com

III External data protection officers

Kanzlei KrügerEdith
Krüger (Owner)
Bahnhofstraße 44-4665185
WiesbadenGermanyPhone
: 061123601760Email
: ek@datenschutz-krueger.de

IV Data security

The personal data of every individual who has a contractual, pre-contractual or other relationship with our company deserve special protection. We aim to maintain our level of data protection at a high standard. That is why we are committed to the continuous development of our data protection and data security concepts. We are therefore committed to protecting your privacy and treating your personal data confidentially. To prevent manipulation, loss or misuse of your data stored with us, we take extensive technical and organizational security precautions that are regularly reviewed and adapted to technological progress. These include, among other things, the use of recognized encryption methods (SSL or TLS). However, we would like to point out that, due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures are not observed by other persons or institutions not within our sphere of responsibility. In particular, data disclosed in unencrypted form - e.g. if this is done by e-mail - can be read by third parties. We have no technical influence on this. It is the user's responsibility to protect the data he or she provides against misuse by encrypting it or in any other way.

V Data subject rights

If personal data is processed by you as a user, you are considered a data subject in accordance with the GDPR. Data subjects are entitled to the following rights vis-à-vis the controller:

VI Right to information

Every data subject has a right of access to personal data concerning him or her. The right of access extends to all data processed by us. The right can be exercised easily and at regular intervals so that all data subjects are always aware of the processing of their personal data and can verify its lawfulness (see recital 63 GDPR). The right of access includes in particular the following information:

If a data subject wishes to exercise this right of access, he or she may contact us at any time using the contact details provided at the beginning of this privacy policy.

VII Right to rectification

Every data subject has the right to demand that our company immediately correct any inaccurate personal data concerning him or her. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data - also by means of a supplementary declaration.
If a data subject wishes to exercise this right of access, he or she may, at any time, contact us using the contact details provided at the beginning of this privacy statement.

VIII Right to deletion

Every data subject has the right to erasure and to be forgotten and may request that we erase personal data concerning him or her without delay, provided that one of the following reasons applies and to the extent that processing is not necessary:

If one of the aforementioned reasons applies, and a data subject wishes to arrange for the deletion of personal data, he or she may, at any time, contact us using the contact details provided at the beginning of this data protection notice.The controller will arrange for the deletion request to be carried out immediately.

IX Right to restriction

Any data subject has the right to obtain from the controller the restriction of processing if one of the following conditions is met:

If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of personal data stored by the controller, he or she may, at any time, contact us using the contact details provided at the beginning of this data protection notice. The controller will arrange the restriction of the processing.

X Right to data portability

Every data subject has the right to receive personal data concerning him or her, which has been provided by the data subject to a controller, in a structured, commonly used and machine-readable format. He or she also has the right to transmit this data to another controller without hindrance from the current controller to whom the personal data have been provided, provided that the processing is based on consent pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR or on a contract pursuant to Article 6(1)(b) of the GDPR and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, when exercising the right to data portability pursuant to Article 20(1) of the GDPR, the data subject shall have the right to obtain that the personal data be transferred directly from one controller to another controller where technically feasible and provided that this does not adversely affect the rights and freedoms of other individuals. In order to assert the right to data portability, the data subject may at any time contact us using the contact details provided at the beginning of this data protection notice.

XI Right to object

Every data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her which is carried out on the basis of Article 6(1)(e) or (f) DSGVO. This also applies to profiling based on these provisions.
The controller shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the assertion, exercise or defense of legal claims. If the controller processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data for such marketing. This also applies to profiling, insofar as it is related to such direct marketing. If the data subject objects to the controller to the processing for direct marketing purposes, the controller will no longer process the personal data for these purposes.
In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her which is carried out by the controller for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the Data Protection Regulation, unless such processing is necessary for the performance of a task carried out in the public interest. In order to exercise the right to object, the data subject may contact us at any time via the contact details provided at the beginning of this data protection notice.

XII The right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, any data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her residence, place of work or the place of the alleged infringement, if the data subject considers that the processing of personal data relating to him or her infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

Our competent supervisory authority is:

The State Commissioner for Data Protection and

the freedom of information Baden-Württemberg

Corporation under public law

Represented by the State Representative Dr. Stefan Brink

Home address:

Lautenschlagerstrasse 20

70173 Stuttgart

Postal address:

PO Box 10 29 32

70025 Stuttgart

Tel.: 0711/615541-0

FAX: 0711/615541-15

E-mail: poststelle@lfdi.bwl.de

XIII Our right to amend the Directive

Since changes in the law or changes in our internal company processes may make it necessary to adapt this privacy policy, we ask you to read through this privacy policy regularly. We therefore reserve the right to amend this policy at any time in compliance with data protection law.

XIV Processor

If, in the course of our processing, we disclose data to other persons and companies (order processors, jointly responsible persons or third parties), transmit it to them or otherwise grant them access to the data, this shall only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the fulfillment of the contract), users have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we disclose or transfer data to other companies in our group of companies or otherwise grant them access, this is done in particular for administrative purposes as a legitimate interest and, in addition, on a basis that complies with legal requirements.

The following organizations, companies or persons have been commissioned by the operator of this website to process data:

Processors outside the EU / EEA:

 

Netlify, Inc, 2325 3rd Street, Suite 296, San Francisco, California 94107.

 

Privacy Officer of Netlify, Inc in Europ:

VeraSafe Ireland Ltd.

Unit 3D North Point House

North Point Business Park

New Mallow Road

Cork T23AT2P

Ireland

https://www.netlify.com

           

Netlify (https://www.netlify.com) processes your IP address and stores it in log files. The log files are stored for no longer than 30 days. The data processing is automated and is necessary for the provision and security of the web offer and its improvement. This information can be found in Netlify's Privacy Policy (https://www.netlify.com/privacy/), as well as Netlify's GDPR Policy (https://www.netlify.com/gdpr/).

XV Note on data transfer to the USA and other third countries

Among other things, tools from companies based in the USA or other third countries that are not secure under data protection law are integrated on our website. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

XVI Contact form

a. Type and purpose of processingThe
data you enter will be stored for the purpose of individual communication with you. For this purpose, it is necessary to provide a valid e-mail address, telephone number and your name. This serves the assignment of the request and the subsequent response to the same. The provision of further data is optional.
b. Legal basis of processingThe
processing of the data entered in the contact form is based on a legitimate interest (Art 6 (1) lit. f DSGVO). By providing the contact form, we would like to enable you to contact us in an uncomplicated manner. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions. If you contact us to request a quote, the data entered in the contact form will be processed to carry out pre-contractual measures (Art 6 para 1 lit. b DSGVO).
c. Data categories

d. RecipientsThe recipients of
the data are internal employees and, if applicable, order processors.
e. Storage periodsData
will be deleted no later than 6 months after processing the request. If there is a contractual relationship, we are subject to the statutory retention periods under the German Commercial Code (HGB) and delete your data after these periods have expired.
f. Legal / contractual requirementThe
provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, e-mail address and the reason for the request.
g. Third country transferThe
processing does not take place outside the European Union (EU) or the European Economic Area (EEA).
h. Revocation of consentYou
can revoke your consent to the storage of your personal data at any time with effect for the future. You can notify us of your revocation at any time using the contact option provided at the beginning of this privacy notice.
i. Automated decision-making and profilingAs a
responsible company, we do not use automated decision-making or profiling for this data processing.