Data Privacy Policy

A. Purpose of this data privacy statement
We are happy about your interest in our Internet presence and in our offers on our website.
The protection of your personal data is a major concern to us. We therefore would like to inform you below in detail about the data being gathered during your visit to our Internet presence and while using our offers there, how the data are subsequently being processed and used by us, as well as the accompanying measures we have taken also technically and organisationally to ensure data protection.
As intended by the GDPR (General Data Protection Regulation), we inform you in accordance with Article 5 and Article 13 of the regulation and the transparency principle therein, about nature, scope and purpose of the data processing, as well as the legal basis that legitimates the processing of data. In addition, we advise you of the duration of data collection and your options to object or withdraw your consent, which are respectively tied to concrete data protection relevant measures. Insofar as a right to object cannot be granted for technical reasons, because the processing of data becomes imperative for the technical operation of the website, we assure that none of your data will be stored on our side.
Any additional rights which you may exercise independent of any concrete measure are disclosed in the section "Rights of the Data Subject" at the end of this data privacy statement. We advise you therein, for the purpose of transparency and independent of the concrete measures, of your options to object or withdraw from your consent.

Responsible body/ service provider
Responsible body - as defined by the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the data protection provisions of federal state law - and service provider as defined by the German Telecommunications Media Act (TMG) - is:
albamy GmbH
Gleimstraße 61
10437 Berlin
Germany
fon: +49 30 60 98 453 60
email: stephanie.hellstedt@albamygroup.com
website: www.albamygroup.com
(By way of comparison, our imprint on the website.)

Please direct any questions or remarks regarding our data privacy statement or data protection in general to Melanie Humbert to the following e-mail address: info@albamygroup.com

Legal basis for the processing of personal data
Insofar as consent to processing operations with personal data is obtained from data subjects, Article 6 (1) a) of the GDPR serves as the legal basis for the processing of personal data.
Insofar as the processing of personal data is necessary for the fulfilment of a contract to which the data subject is party, Article 6 (1) b) of the GDPR serves as legal basis. This also applies for processing operations that are necessary for the performance of pre-contractual measures.
Insofar as processing of personal data is necessary for the compliance with a legal obligation to which our company is subject, Article 6 (1) c) of the GDPR serves as legal basis.
In cases where processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person, Article 6 (1) d) of the GDPR serves as legal basis.
Should the processing be needed for the purposes of legitimate interests of our company or by a third party, and should such interests not be outweighed by the interests, fundamental rights or freedoms of the data subject, Article 6 (1) f) hence serves as legal basis for the processing.

Data erasure and storage period
Personal data of the data subject will be erased or locked as soon as the purpose for storing the data is no longer applicable. Data may be further stored if intended by European or International legislators in the provisions under Union Law or other regulations to which the controller is subjected. Data may also be erased or locked if and when a storage period stipulated by the aforementioned provisions expires, unless further storing of the data is required for purposes of contract conclusion or performance.

B. Data protection relevant processing operations

Gathering and use of your data while visiting our website
Description of the nature and scope of the data processing
If the website is used solely for information purposes and you do not register or otherwise transfer information, we collect only the data which your browser automatically transfers to our server. Transfer of such data may be necessary in order to show our website. The following data is being collected:
• Information regarding browser type and version
• Operating system of the user
• Internet service provider of the user
• IP address of the user
• Date and time of access
• Websites through which the system of the user arrives at our internet site
• Websites which are called up by the system of the user through our website
Besides the data being automatically transferred, those will then also be stored in the log files of our systems. The data will however not be stored together with other personal data of the user.

Purpose of the data processing
Storage in log files is necessary in order to ensure the functionality of our website. Furthermore, such data serves to ensure the security of our information technology systems. Assessment of data for marketing purposes is not carried out.
These purposes provide the basis for our legitimate interests in the processing of data in accordance with Article 6 (1) f) of the GDPR.

Legal basis
Temporary storage of automatically generated and for technical reasons necessary log files is lawfully carried out in accordance with Article 6 (1) f) of the GDPR. The legitimate interest is indicated with the purpose of processing.

Data processing period
Where data is stored in log files, storage will take place within seven days latest. Storage duration may exceed this time period. In such cases the IP address of users will be erased or alienated to the extent that a client calling up the website cannot be attributed to a specific user.

Options for objection and erasure
Gathering the data for website availability and storage in log files is imperative for running the website. Therefore the option to object cannot be granted.

E-mail communication and contact form
Nature and scope of the data processing
In cases of e-mail communication via the address indicated on our website or requests through our contact form, we gather, process and store personal data, such as first and last name, title, address, e-mail and IP address of the user as well as date and time of registration, for the purpose of performing the respective services, contacting or processing your request as well as for eventual follow-up questions.
With regard to the processing of data collected via the contact form, you will be made aware of our data protection policies and asked to give your consent prior to sending a request. Alternatively, contacting us via the provided e-mail address is an option. In such a case, personal data of the user transferred with the e-mail will be stored.
In this context, such data will not be transferred to third persons. The data is exclusively used for processing the conversation.

Purpose of data processing
Processing of personal data from the entry mask of the contact form serves the sole purpose of contacting you. This purpose constitutes our legitimate interest in processing of data in cases of an e-mail communication.
All other personal data processed during the sending operation serve the purpose of avoiding misuse of the contact form and to ensure security of our information technology systems. Our legitimate interest in the processing of data is established therein.

Legal basis for the processing of data
Legal basis for the processing of data transferred with the sending operation of an e-mail constitutes Article 6 (1) f) of the GDPR. Should communication via e-mail be aimed at the conclusion of a contract, then Article 6 (1) b) of the GDPR will additionally constitute a legal basis for the processing of data.

Storage period
The data will be erased if they are no longer necessary in relation to the purposes for which they were collected. With regards to personal data collected from the entry mask of our contact form and data transferred within the sending operation of e-mails, the aforementioned condition is met if and when the respective conversation with the user is finished. Finished is a conversation at the time when it becomes clear from the circumstances that the subject matter of the communication has been settled conclusively. Personal data additionally gathered during the sending operation of e-mails will be erased after a period of seven days latest.

Options for objection and erasure
When contacting us via e-mail, a user can at any time object to personal data being stored. In such a case, the conversation cannot be continued. Any and all personal data transferred and stored during communication will consequently be erased.

Security advice
We would like to advise users of security holes that may occur during data transfer in the Internet when contacting us via e-mail or through the contact form, and that the transfer of data cannot be completely protected against access by third persons. In the context of e-mail communication, personal data is usually being transferred by your computer over an insecure connection. Information that you send unencrypted by e-mail can during transfer be read and stored by third persons, and used by those for purposes other than intended. We therefore advise you to not send us any confidential information without using an encryption program.

Use of cookies
Nature and scope of the data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser and by the Internet browser onto the computer system of the user respectively. If a user calls up a website a cookie can be stored in the operating system of the user. This cookie contains a distinctive character string, which allows an identification of the browser when the website is called up again.
We use cookies for a more user-friendly design of our website. Several elements on our Internet site require that the calling browser can still be identified after switching sites.
The following data is being stored in and transferred with cookies:
Language settings
Contact form
In addition, the web analytics services mentioned in this privacy policy use so-called session cookies. Session cookies are small pieces of information that a provider stores in the RAM of the visitor's computer. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. In addition, a cookie contains information about its origin and the storage period. These cookies cannot store any other data

Purpose of processing
Technically necessary cookies are used for the purpose of facilitating the utilisation of websites for the user. Several of the functionalities of our Internet site could not be offered without the use of cookies. In this regard, it is necessary that the browser can be identified also after a switch of sites. This constitutes our legitimate interest in the processing of data.
We require cookies for the following applications:
Adopting language preferences
Recalling searched terms
Contact form
The user data collected through technically necessary cookies will not be used for user profiling.
We utilise analysis cookies for the purpose of improving the quality of our website and their contents. With the help of analysis cookies we can learn how the website is being used and thus continuously optimise our offers.

Legal basis for the processing of data
Legal basis for the processing of data through usage of cookies is, given the consent of the user, constituted by Article 6 (1) f) of the GDPR.
Legal basis for the processing of data through use of cookies for analytical purposes is, given the consent of the user, constituted by Article 6 (1) a) of the GDPR.

Storage period, options for objection and erasure
Cookies are stored on the computer of the user and transferred to our website by this computer. Therefore, as a user you have full control over the usage of cookies. Through modifications in your browser settings you can deactivate or limit the transfer of cookies. Stored cookies can be deleted at any time. This can also be set up to occur automatically. Should cookies for our website get deactivated some features and functions of the website may no longer be usable to the full extent.
The session cookies used are deleted by the web analytics services when you end the session, i.e. when you close the browser window or go to another page.
Transfer of flash cookies cannot be disabled through the browser settings, but rather through changes to the settings of the flash player.

Use of Google Analytics
Nature and scope of the data processing
This website uses Google Analytics, a web analysis service by Google Inc. („Google“). Google Analytics utilises so-called "cookies", text files that are stored on your computer and that enable an analysis of your usage of the website. Through cookies generated information about your usage of this website is generally transferred to a server of Google in the US and stored there. In case of IP address anonymisation being activated on this website, your IP address will be trimmed beforehand by Google within the member states of the European Union or in other states participating in the Treaty on the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the US and trimmed there. As instructed and authorised by the operator of this website, Google will use such information in order to evaluate your usage of this website, to assemble reports on website activities and to provide the website operator with further services regarding website or Internet usage. Google will not combine the IP address transferred in the process of Google Analytics with other data. OR: The IP address transferred in the process of Google Analytics will not be combined with other data of Google.
This website uses Google Analytics with the extension „_anonymizeIp()“. By means of this extension IP addresses will be processed in trimmed form and therefore cannot be attributed to a person. Insofar as the data gathered about you entails references to your person, tracking abilities are thus eliminated and the personal data thereby immediately erased.

Purpose
We use Google Analytics in order to be able to analyse and regularly improve the use of our website. Through the statistics gained from utilising analytics we can improve our offers and design them to be more interesting for you as a user. This represents our legitimate interest. For the exceptional cases in which personal data is transferred to the USA, the standard contractual clauses (SCCs) apply to the data transfer to a third country according to Art. 46 GDPR, https://privacy.google.com/businesses/controllerterms/mccs/. Information from third party providers: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
User conditions: http://www.google.com/analytics/terms/de.html,
as well as the data privacy policies: https://policies.google.com/privacy?hl=de&gl=de.

Legal basis
Legal basis for the use of Google Analytics is Article 6 (1) f) sentence 1 of the GDPR.

Options for objection and erasure
You can avoid storage of cookies by means of the respective settings in your browser software; we would like to point out though that in this case some features and functions of this website may no longer be usable to the full extent. Furthermore, you can avoid your web usage related data generated by the cookie (including your IP address) being collected and processed by Google if you download and install the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Route planner Google Maps
Nature and scope of the data processing
On our website we utilise Google Maps for the depiction of interactive maps and for route planning. Google Maps is a web mapping service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, U.S.A. („Google“). By using Google Maps, information about usage of this website, including your IP address and the (starting) address entered in the process of route planning, may be transferred to Google in the US. If you call up a website of our Internet presence that contains Google Maps your browser will automatically establish a direct connection to the Google servers. Content of a map is being directly transferred from Google to your browser by which it is then integrated into the website. We have no influence on the scope of the data gathered by Google in this manner. Such data includes, to our knowledge, the following:
• IP address,
• Internet address or URL of the website called up,
• Date an time of the visit on the respective website,
• the (start)address entered in the context of route planning.
We have no influence on further processing or use of the data, in particular the duration for which Google stores the above data, and we therefore cannot assume any responsibility in this regard.
Any further information on nature and scope of data collection and processing by the plug-in provider can be obtained from the data privacy statements of the provider. You will also find therein further information on your respective rights and settings options for protection of your privacy: https://policies.google.com/privacy?hl=de&gl=de. Google also processes your personal data in the USA. For the cases in which personal data is transferred to the USA, the standard contractual clauses (SCCs) apply to the data transfer to a third country, according to Art. 46 GDPR https://privacy.google.com/businesses/controllerterms/mccs/.

Purpose of the use of Google Maps
The use of Google Maps is intended to provide you with more ease by digitally indicating the location of our company and to facilitate the navigation should you wish to visit us. Through Google Maps we are able to display for you an interactive map directly on the website and to allow for a comfortable use of the map functionality.

Legal basis
We advise you of the aforementioned data being collected and processed not by us but by Google. Only by way of precaution do we base the use of Google Maps on Article 6 1) f) of the GDPR. The legitimate interest in using Google Maps is constituted by the purpose of displaying the location of the company and to provide the customer with a simple option for navigation.

Options for objection and erasure
If you do not wish to have your data be collected, processed or used by Google through our Internet presence you can deactivate JavaScript in your browser settings. In that case, you will not be able to use the map functionality. You have the right to object to user profiles being generated whereby in order to exercise this right you will have to direct your claim to Google.

Social plug-ins and tools
Nature and scope of the data processing
We currently make use of the following social media plug-ins or tools: Facebook, Instagram, Xing, LinkedIn. We thereby apply the so-called two-click solution. This means that in general no personal data will initially be transferred to the providers when visiting our site. You can recognise a plug-in provider by the designated box with the first letter or logo of the provider. We provide you thereby with a possibility to directly communicate with the provider of the plug-in by pressing the button. Only if and when you click the marked field and thus activate it, will the plug-in provider receive the information that you have called up the respective webpage of our inline offer. The following data will be transferred:
– IP address
– Date and time of request
– Time zone difference with Greenwich Mean Time (GMT)
– Content of the request (concrete site)
– Access status/HTTP status code
– Data volume transferred
– Website from which the request originates
– Browser
– Operating system and its interface
– Language and version of the browser software

In case of Facebook und Xing, according to the statements of the respective providers, the IP address will be immediately anonymised upon collection. By activating the plug-in, personal data will therefore be transferred by your browser to the respective provider and stored there (by US-American providers in the USA). Because data collection by the plug-in provider is carried out through the use of cookies in particular, we recommend that prior to clicking the greyed out box you may delete all cookies in your browser security settings. Neither do we have influence on the data collected and the processing operations nor are the full extent of data collection, the purposes for processing or the storage periods known to us. We also do not have any information on erasure of collected data by the plug-in provider.

Purpose of data processing
The plug-in provider stores the data gathered about you in user profiles and utilises those profiles for purposes of advertisement, market research and/or the tailored design of its website to suit the needs and preferences of customers. Such assessment is carried out (also for users not logged in) particularly for the purposes of displaying needs-oriented advertisement and informing other users of the social network about your activities on our website. Through plug-ins we offer you the possibility to interact with other social networks and other users so that we can improve our offer and make it more interesting to you.

Data transfer occurs irrespective of whether or not you have an account with the plug-in provider and are logged in. If you are logged in with the plug-in provider your data collected by us will directly be attributed to your respective account with the plug-in provider. If you use the activated button and for example link the site, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that after using a social network you regularly log out, in particular however before activating the button, because this way you can avoid data being referenced back to your profile with the plug-in provider.

Further information on the purpose and scope of the data collected and their processing by the plug-in provider can be obtained from the below data privacy statements published by those providers. You will also find therein further information on your respective rights and settings options for protection of your privacy.

Addresses of the respective plug-in providers and URL with their data protection information:
a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo. The standard contractual clauses (SCCs) apply to the transfer of personal data to the USA according to Art. 46 GDPR.

b) Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA, https://help.instagram.com/155833707900388/?helpref=hc_fnav&bc[0]=Instagram-Hilfe&bc[1]=Datenschutz%20und%20Sicherheitsbereich. The standard contractual clauses (SCCs) apply to the transfer of personal data to the USA according to Art. 46 GDPR.

c) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.

d) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. The standard contractual clauses (SCCs) apply to the transfer of personal data to the USA according to Art. 46 GDPR, https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=de.

Legal basis for the processing of data
Legal basis for utilising the plug-ins is Article 6 (1) f) sentence 1 of the GDPR.

Options for objection and erasure
You have the right to object to user profiles being generated whereby in order to exercise this right you will have to direct your claim to the respective provider.
We recommend that after using a social network you regularly log out, in particular however before activating the button, because this way you can avoid data being referenced to your profile with the plug-in provider.

C. Rights of the Data Subject
If personal data about you is being processed, you are a data subject within the meaning of the GDPR (German DSGVO), and you are entitled to the following rights:

Right of access
You can request from the controller confirmation of whether data that affects your person is being processed by us.
If such processing is taking place, you can then request from the controller the following information:
• Purposes for which the personal data is being processed;
• Processing categories of the personal data that is being processed;
• Recipients or categories of recipients to whom the mentioned personal data has been or still is being disclosed;
• Planned storage duration of the data concerning your person or, if concrete information cannot be provided thereto, criteria for the definition of the storage period;
• Your rights to correction or erasure of your personal data, a right to restrictions to processing by the controller or a right to object to this processing;
• Your rights to file complaints to the authorities;
• All available information about the origin of the data, as long as the personal data were not given by the data subject;
• Existence of an automated decision-taking process, including profiling in accordance with Article 22 (1) and (4) of the GDPR and – at least in those cases – with meaningful information about the logic involved as well as the implications and intended effects of such procedures on the data subject.
Furthermore, you have the right to request disclosure of whether the personal data concerning your person are being transferred to a third country or an international organisation. In this regard, you can request, in accordance with Article 46 of the GDPR, to be informed of all suitable guarantees within the context of data transfer.

Right of rectification
You have the right to rectification and/or completion by the controller insofar as the processed personal data concerning you are incorrect or incomplete. The controller has to immediately carry out the rectification.

Right to restrictions of processing
You are entitled to request restrictions to the processing of your personal data under the following conditions:
• you contest the accuracy of the personal data relating to you, for a period enabling the controller to verify the accuracy of the personal data;
• the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
• the controller no longer needs the personal data for the purposes of the processing, but you require these for establishing, exercising or defending of legal claims, or
• you objected to the processing pursuant to Article 21 (1) of the GDPR pending the verification whether the legitimate grounds of the controller override your grounds.
Where processing of personal data relating to you has been restricted, such data can, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been obtained pursuant to the above conditions, the controller will inform you before the restriction of processing is lifted.

Right to erasure
Erasure obligations
You have the right to request from the controller the erasure of personal data relating to you without undue delay, and the controller shall have the obligation to erase personal data without undue delay insofar as one of the following grounds applies:
• The personal data relating to you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
• You withdraw your consent on which the processing is based according to Article 6 (1) a) or Article 9 (2) a) of the GDPR, and no other legal basis for the processing is established.
• You object to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 (2) GDPR.
• The personal data relating to you have been unlawfully processed.
• The erasure of the personal data relating to you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
• The personal data relating to you have been collected in relation to the offer of information society services referred to in Article 8 (1) of the GDPR.

Obligations to inform third persons
To the extent that the controller has made the personal data relating to you public and is obliged to erase the personal data pursuant to Article 17 (1) of the GDPR, the controller, in consideration of available technology and the cost of implementation, then takes appropriate actions, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of those personal data.

Exceptions
The right to erasure is not substantiated where the processing is necessary:
• for exercising the right of freedom of expression and information;
• for compliance with a legal obligation which requires the processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the interest of the public or in the exercise of official authority vested in the controller;
• for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9 (2) as well as Article 9 (3) of the GDPR;
• for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89 (1) of the GDPR insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
• for the establishment, exercise or defence of legal claims.

Right of notification
To the extent that you assert your right of rectification, erasure or restrictions of processing towards the controller, the controller is then obligated to communicate any rectification or erasure of personal data relating to you or restriction of processing to each and any recipient to whom the data have been disclosed, unless this proves impossible or involves disproportionate effort.
You have the right to be informed by the controller about those recipients.

Right to data portability
You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, insofar as:
• the processing is based on consent pursuant to Article 6 (1 ) a) or Article 9 (2) a) of the GDPR or on a contract pursuant to point Article 6 (1) b) of the GDPR; and
• the processing is carried out by automated means.

In exercising this right you furthermore have the right to have the personal data relating to you transmitted directly from one controller to another controller, where technically feasible. The rights and freedoms of others cannot be adversely affected thereby.
The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Right to object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data relating to you which is based on point (e) or (f) of Article 6 (1), including profiling based on those provisions. Please direct your objection to the controller.
The controller will no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for purposes of such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to the processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you have the option to exercise your right to object by automated means using technical specifications.

Right to withdraw the declaration of consent to data privacy policies
You have the right to withdraw at any time your declaration of consent to data privacy policies. Legality of processing that was carried out with your consent up until your withdrawal will not be affected thereof.

Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
This does not apply if the decision:
• is necessary for entering into or performing a contract between you and a data controller;
• is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and your legitimate interests; or
• is based on your explicit consent.

Such decisions cannot be based on special categories of personal data referred to in Article 9 (2) 1), unless point (a) or (g) of Article 9 (2) applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
With regards to the first and third of the above exceptions, the data controller implements suitable measures to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your work place or place of the alleged infringement if you consider that the processing of personal data concerning your person infringes the GDPR.
The supervisory authority with which the complaint has been lodged informs the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

D. Data protection in cases of hyperlinks to third-party websites

In cases where you find hyperlinks on our website that route you to websites of other providers (for example noticeable by the change of URL), we assume no responsibility for confidential handling of your data, because we do not have any influence on these companies adhering to the data protection provisions. With regards to the handling of your personal data by these companies please be advised to inform yourself directly on their websites.

E. Data Safety
We employ technical and organisational security measures in order to protect your personal data collected and processed by us, in particular against accidental or wilful manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously being improved in line with technological developments.