Data Protection Policy
This data protection policy informs you about the nature, the scope and the purpose of the processing of personal data (hereinafter ‘data’) within our online website (hereinafter ‘website’). With regard to used definitions like e.g. ‘personal data’ or ‘processing’ we refer to the definitions within Art. 4 of the general data protection regulation (DSGVO).
ATMedia Gesellschaft für Datenkommunikation und digitale Medien mbH
Science Park 1
Geschäftsführer: Jörg Friedrich, Volker Hofmeyer
Categories of processed data
Meta/communication data (e.g. device information, IP-addresses)
Processing of special categories of personal data (Art. 9 Abs. 1 DSGVO)
We do not process any data that belong to special categories of personal data.
Categories of persons involved in the processing of data
Visitors and users of our website.
Purpose of processing
As of May 24, 2018
1. Legal basis
According to Art. 13 DSGVO we inform you about the legal basis of our data processing. As far as no legal basis is mentioned in our data protection policy, the following applies: legal basis for the obtaining of consent to the processing is Art. 6 Abs. 1 lit. a and Art. 7 DSGVO, legal basis for the processing in order to perform our services or for the performance of a contract as well as the processing of requests is Art. 6 Abs. 1 lit. b DSGVO, the legal basis for the processing in order to comply with our legal obligations is Art. 6 Abs. 1 lit. c DSGVO and the legal basis for the processing for the purposes of our legitimate interests is Art. 6 Abs. 1 lit. f DSGVO. If processing is necessary in order to protect the vital interests of the data subject or of another natural person, the legal basis is Art. 6 Abs. 1 lit. d DSGVO.
2. Changes and Updates
We ask you to inform yourself on a regular base about the content of our data protection policy. We will adapt our policy as soon as this is required by changes within our data processing procedures. We will inform you if such changes will require your participation (e.g. consent) or another kind of individual notification.
3. Security measures
According to Art. 32 DSGVO we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. These measures include the ability to ensure the confidentiality, integrity and availability of data via control of physical access as well as processing, transmission and separation. In addition we implement procedures to guarantee the rights of data subjects, the erasure of data and response reactions to possible data risks. We consider data protection as key figure during development, selection of hard- and software as well as the implementation of data protection by design and by default (Art. 25 DSGVO).
4. Processors and third parties
No processors and/or third parties are engaged.
5. Transfer to third countries
No personal data is transferred to third countries.
6. Rights of data subjects
6.1. You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed and where that is the case, access to the personal data and additional information according to Art. 15 DSGVO.
6.2. According to Art. 16 DSGVO you have the right to obtain from the controller the rectification of inaccurate personal data or the completion of incomplete personal data.
6.3. According to Art. 17 DSGVO you have the right to obtain from the controller the erasure of personal data concerning you without undue delay or alternatively you have the right according to Art. 18 DSGVO to obtain from the controller restriction of processing.
6.4. You have the right to receive your personal data you provided to us according to Art. 20 DSGVO and to transmit those data to another controller.
6.5. According to Art. 77 DSGVO you have the right to lodge a complaint with a supervisory authority. For atmedia GmbH this is:
Unabhängiges Datenschutzzentrum Saarland
Fritz-Dobsch-Str. 12, 66111 Saarbrücken, Germany
Tel.: 0681 / 94781 0, Fax.: 0681 / 94781 29
7. Right to withdraw
You have the right to withdraw your consent according to Art. 7 Abs. 3 DSGVO, the withdrawal will not affect the lawfulness of processing based on consent before this withdrawal.
8. Right to object
You have the right to object to future processing of personal data according to Art. 21 DSGVO at any time. Where personal data are processed for direct marketing purposes, you have the right to object to processing of personal data at any time.
9. Cookies and Right to object against direct marketing
No cookies are used on our website.
10. Erasure of personal data
10.1. According to Art. 17 and 18 DSGVO personal data are either erased or the processing is restricted. If not mentioned in this data protection policy, personal data that are not longer necessary in relation to the purposes for which they were collected are erased as long as there are no legal obligations which require further processing. If personal data can't be erased because of legal obligations, the processing of this personal data is restricted. In this case the personal data will be locked and there will be no processing for other purposes. This is true for e.g. data that has to be stored because of commercial law or tax law reasons.
10.2. By law a 6 year storing period is required according to § 257 Abs. 1 HGB (books of account, fixtures, opening balances, annual statements, business letters, accounting records, etc.) and a 10 year storing period is required according to § 147 Abs. 1 AO (books, records, reports, accounting records, business letters, tax relevant documents, etc.).
11. Performance of a contract
11.1. On our website we don't collect data for the purpose of performing a contract.
11.2. We process subscriber data (e.g. name and address as well as contact data of users), contract data (e.g. services used, names of contact persons, billing information) for the performance of our contractual obligations and services according to Art. 6 Abs. 1 lit b. DSGVO.
11.3. Your data will be deleted after the termination of legal warranty deeds and comparable obligations, the necessity for ongoing storage is checked every 3 years; in case of legal obligations to retain data this data is erased at the end of this period (6 years relating to commercial law and 10 years relating to tax law); data in the sales account is stored until the sales account is erased.
12.1. If you contact us (via email), your information will be processed in order to reply to your request according to Art. 6 Abs. 1 lit. b. DSGVO.
12.2. Your information might be stored in our customer relationship management system (‘CRM system’) or a comparable request organisation system.
12.3. We erase your request unless it is needed for further purposes. The necessity for ongoing storage is checked every two years. Requests from customers with a valid sales account are stored permanently, according to our sales account specifications. In case of legal obligations to retain data this data is erased at the end of this period (6 years relating to commercial law and 10 years relating to tax law).
13. Access data and log files
13.1. Basing on our legitimate interest according to Art. 6. Abs. 1 lit. f. DSGVO we collect and store information about every server access to our website (so-called server log files). These are name of the requested web page, filename, date and time of the request, transferred data size, message about successful request, browser type and version, operating system used, referrer URL (previously visited page), IP address and the requesting provider.
13.2. Log file data is stored for security reasons (e.g. for the clarification of misuse and fraud) for a duration of at most 90 days and erased afterwards. Data necessary for the purpose of later evidence will not be erased before the final clarification of the respective incident.
14. Cookies and range-measurement
No cookies are used on our website.