FIS-ASP takes data privacy seriously!

The protection of your personal rights is very important to us.

Would you like to give us feedback on data privacy?”

We would be pleased to discuss this topic with you!
We also take your criticism seriously and will answer you as soon as possible.

Data Privacy Statement

 

1. Data Privacy at a Glance

a)     Responsible company:

The company responsible in the sense of the General Data Protection Regulation and other national data protection laws of member states of the European Union as well as other data protection regulations is:

FIS-ASP GmbH

Röthleiner Weg 4

D-97506 Grafenrheinfeld

Germany

Phone: 0049-9723 9188-500

E-mail: datenschutz@fis-asp.de

Website: www.fis-asp.de

 

b)     Data protection officer

The data protection officer of the responsible company can be contacted as follows:

SiDIT GmbH, Langgasse 20, 97261 Güntersleben, info@sidit.de

 

2. Definitions

We have composed our data privacy statement in accordance with the principles of clarity and transparency. If there are nevertheless uncertainties with regard to the use of different terminology, the respective definitions can be viewed here.

 

3. Legal Basis for Data Processing

a) Processing of person-related data in accordance with GDPR

 

We will process your person-related data, such as your surname and first name, your e-mail address and IP address etc. only if a legal basis exists.  Here, the following provisions in accordance with the General Data Protection Regulation will come into particular consideration:

 

  • 6 par. 1 p. 1 lit. a GDPR: The person affected has given their consent to processing person-related data concerning them for one or multiple specific purposes.
  • 6 par. 1 p. 1 lit. b GDPR: The processing of this data is required for the fulfillment of a contract, whose contracting party is the person affected, or for the performance of pre-contractual measures taken at the request of the person affected.
  • 6 par. 1 p. 1 lit. c GDPR: The processing of this data is required for compliance with a legal obligation which the responsible company is subject to
  • 6 par. 1 p. 1 lit. d GDPR: The processing of this data is required for the protection of vital interests of the person affected or of another natural person
  • 6 par. 1 p. 1 lit. e GDPR: the processing of this data is required for the performance of a task that is in the public interest or carried out in the exercise of official authority that has been assigned to the responsible company
  • 6 par. 1 p. 1 lit. f GDPR: the processing of this data is required for the safeguarding of the legitimate interests of the responsible company or of a third party, provided that the interests or fundamental rights and fundamental freedoms of the person affected requiring the protection of person-related data are not overridden, particularly if the person affected is a child

 

At the respective points of this data privacy statement, however, we will point out to you on what legal basis your person-related data is processed.

 

b) Consent of persons having rights of custody in accordance with art. 8 par.1 p.2 alternative2 GDPR

A person having rights of custody has to consent to all data processing operations in the context of this website requiring the approval of a minor under the age of 16. 

Information on the individual data processing operations, their purposes and the data categories concerned here and requiring the consent of the person affected can be referred to in the data privacy statement.

You can revoke your consent at any time by sending the cancelation notice in text form to the contact data of the responsible company. Processing until revocation shall remain lawful. 

 

c) Processing of information in accordance with § 25 par.1 of TTDPA

Furthermore, we process information in accordance with § 25 par.1 of TTDPA by saving information on your terminal equipment or accessing information already saved on your terminal equipment. Here, person-related information as well as non-personal data might be concerned, e.g. cookies, browser fingerprints, advertising IDs, MAC addresses and IMEI numbers. Terminal equipment means each equipment directly or indirectly connected to the interface of a public telecommunication network and used for sending, processing or receiving messages, § 2 par.2 no.6 TTDSG.

As a rule, we process this information on the basis of your consent, § 25 par.1 TTDSG.

As far as an exception exists in accordance with § 25 par.2 no. 1 and no.2 TTDSG, we require no consent. Such an exception is deemed to exist if we exclusively access this information or store it in order to transmit a message via a public telecommunication network or if this is absolutely necessary to enable the provision of a telemedia service expressly requested by you. You can revoke your consent at any time.

We inform you that the revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

 

4. Transfer of Person-Related Data

The transfer of person-related data is also a type of processing within the meaning of the previous figure 3. Here, we would like to inform you separately about data transfers to third parties once more. The protection of your personal data is very important to us. Therefore, we take particular care when it comes to transferring your data to third parties.

As a result, data will only be transferred to third parties if a legal basis for processing exists. For instance, we transfer person-related data to persons or enterprises acting as order processors for us in accordance with art. 28 GDPR. Order processor means any person processing person-related data on our account for us – i.e. particularly in a relationship of instruction and control.

In accordance with the GDPR provisions, we conclude a contract with each of our order processors in order to oblige them to comply with data protection regulations and, as a consequence, provide your data with comprehensive protection.

 

5. Storage Duration and Deletion

We shall delete your personal data insofar as it is no longer required for the purposes for which it has been collected or processed in any other way or its processing is not required for the exercise of freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims.

 

6. SSL or TLS Encryption

This website uses an SSL/TLS encryption for reasons of safety and in order to protect the transmission of confidential contents of inquiries for instance that you send to us as a website operator. You will recognize an encrypted connection when the address line of the browser switches from “http://” to “https://” and the lock symbol appears in your browser line.

If the SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

 

7. Cookies

We use cookies on our website. Cookies are small data packages automatically created by your browser and saved on your terminal when you visit our website. These cookies are used to store information relating to the terminal applied in each case.

When cookies are used, a distinction is made between technically required cookies and “other” cookies. Technically required cookies means that these cookies are absolutely necessary to provide a service of an information society that is explicitly requested by you.

a) Technically required cookies

To make the use of our offer more comfortable for you, we apply technically required cookies; here, “session cookies” (e.g. language and font type selection, shopping cart etc.), “consent cookies”, cookies to ensure server stability and safety or the like might be concerned. The legal basis for these cookies is formed by art. 6 par. 1 p. 1 lit. f) GDPR, our legitimate interest in an error-free operation of our website and our interest in providing our services in an optimized way.

b) Other cookies

“Other cookies” are cookies used for statistical purposes, analysis and marketing purposes as well as retargeting purposes.

These cookies are used on the basis of your consent in accordance with art. 6 par. 1 p. 1 lit. a) GDPR.

Your consent to the use of cookies can be revoked at any time.

We inform you that the revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

For this purpose, you can either edit your cooking settings on our website, deactivate the use of cookies in your browser settings (which might also restrict the functioning of our online offerings) or opt-out the respective service in particular cases.

For the respective services within the data privacy statement, we will inform you about the legal basis for processing this data.

 

8. Cookie Banner

For obtaining the users’ consent to the cookies we use, we apply the cookie banner of service provider Borlabs GmbH, Hamburger Str. 11, Germany. Borlabs GmbH itself uses a “consent cookie” to query and process the respective consent status. This consent cookie is technically required and is therefore used due to our legitimate interest in accordance with art. 6 par.1 p.1 lit. f GDPR, § 25 par.1 TTDPA

 

9. Collection and Storage of Person-Related Data as well as Its Type and Purpose of Use

a) External hosting

Our website is hosted by PureHost IT-Solutions, Münster Straße 14, 48341 Altenberge, Germany . For this reason, all person-related data entered on our website is stored on our hoster’s servers, provided that an external server of a third party is not involved. Here, the IP address, your e-mail address, communication data or the like might be concerned. What specific person-related data is concerned in this case will be communicated to you below where the individual functions and services are explained. If we apply an external service of a third party, this will be pointed out when the respective service or tool is described.

 

The hoster will process your data only on our instruction and as far as it is required for the fulfillment of the services on our website. The hoster will not process your data for their own purposes. We have concluded a contract on order processing[1] with this hoster.

 

b)  Visit of our website

When you call our website, the browser used on your terminal will automatically transmit information to the server of our website. This information will be stored temporarily in a “logfile”. In doing so, the following information is entered without any action on your part and stored until it is deleted automatically:

  • IP address of the requesting computer
  • Access date and time
  • Name and URL of the file retrieved
  • Website from which access is made (referrer URL)
  • Browser used and, if required, the operating system of your computer as well as the name of your access provider

 

We will process the aforementioned data for the following purposes:

 

  • Ensuring a smooth connection setup of the website
  • Ensuring a comfortable use of our website
  • Evaluation of system security and stability
  • Error analysis
  • For further administrative purposes

 

Data allowing conclusions on your person, such as IP address, will be deleted after seven days at the latest. If we store this data beyond this period of time, it will be pseudonymized to ensure that it can no longer be assigned to you.

The legal basis for data processing is art 6 par. 1 p. 1 lit. f GDPR. Our legitimate interest results from the purposes of data collection listed above. On no account will we use the data collected for the purpose of drawing conclusions on your person.

 

c) Newsletter

Newsletters contents and subscription data

The mailing of our newsletters as well as the execution of statistical data collections and analyses as well as logging of the subscription procedure will only take place if you order it from us and have given your respective consent in accordance with art. 6 par. 1 p. 1 lit. a GDPR, § 25 par.1 TTDPA.

The newsletter contents will be precisely described upon subscription. For newsletter subscription, the specification of your e-mail address will be sufficient. If you provide further information on a voluntary basis, e.g. your name and/or sex, it will exclusively be used for personalizing the newsletter addressed to you.

Double opt-in and logging

For subscribing to our newsletter, we use the “double opt-in” procedure for reasons of security, i.e. to ensure that nobody can subscribe by using third-party e-mail addresses. After subscribing to our newsletter, you will therefore receive an e-mail first asking you to confirm your subscription. The subscription will not become effective before you have confirmed your subscription.

Furthermore, your subscription to our newsletter will be logged. Logging includes the storage of the subscription and confirmation time, your specified data as well as your IP address. If you change your data, these changes will be logged as well.

Revocation

If you do not want to receive our newsletter any longer, you can revoke your consent for the future at any time. For this purpose, you can klick on the link for unsubscribing to our newsletter at the end of each newsletter or send us an e-mail to the following e-mail address: datenschutz@fis-asp.de

The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

 

Use of “MailPoet”

We mail our newsletter with the help of newsletter service provider “MailPoet” by Automattic Inc., 60 29th Street ‚343, San Francisco, CA 94110, USA.

For this purpose, your specified data is forwarded to Automattic Inc. and processed there. This tool enables us to evaluate how the newsletters are opened and used.

We have concluded a contract on order processing with Automattic Inc. Automattic Inc. will not acquire any right to pass on your data.

 

Further information on data privacy of Automattic Inc. can be found here:
https://automattic.com/privacy/?utm_medium=automattic_referred&utm_source=mpcom_footer 

 

d) Contact form

On our website, we provide a form that you can use to contact us at any time. The use of this contact form requires the specification of a name for a personal form of address as well as a valid e-mail address for communication so that we know who made this inquiry and that we can process it.

If you send us your inquiries via contact form, your specifications from the inquiry form including your contact data and your IP address will be processed in accordance with art. 6 par. 1 p. 1 lit. b and f GDPR for the implementation of pre-contractual measures based on your inquiry or for claiming our legitimate interest, i.e. for executing our business activity.

The inquiries as well as the associated data will be deleted not later than three months after receipt unless they are required for further contractual relationships.

 

e)  Application form

On our website, we provide a form you can use to apply for a job in our enterprise. Your person-related data contained in your application will be processed according to our privacy notice for applicants[6].

The use of this form[7] results from our legitimate interest in an easy and safe transmission of your application documents, art. 6 par. 1 p. 1 lit. f) GDPR.

f)  Use of Google Maps

Our website uses Google Maps API. By using Google Maps, information on your use of this website (including your IP address) might be transmitted to a Google server (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) in the USA and stored there.

Google will possibly pass on the information obtained by Maps to third parties, provided that this is prescribed by law or third parties process this data on behalf of Google. However, your IP address will on no account be associated with other Google data. We nevertheless have to point out to you that, from a technical point of view, it would indeed be possible for Google to identify individual users on the basis of the data received.

We have no influence on whether your person-related data and personality profiles are processed by Google for other purposes. If you want to prevent this in any case, you can deactivate the Google Maps service and, as a consequence, inhibit the data transfer to Google. For this purpose, you only have to deactivate JavaScript in your browser. In this case, no data will be transmitted; however, you can no longer use the map display on our website either.

We have concluded a contract on order processing with Google.

The Google Privacy Notice can be found here. [https://www.google.com/policies/privacy/?hl=de]

By integrating Google Maps, Google Fonts will dynamically be reloaded as well without actively defining this as a website operator or visitor. [9]These Web Fonts are integrated by means of a server call, i.e. usually a Google server in the U.S. Hereby, the following information might be transmitted to the server and stored by Google:

  • Name and version of the browser used
  • Website where the request was triggered from (referrer URL)
  • Operating system of your computer
  • Screen resolution of your computer
  • IP address of the requesting computer
  • Language settings of the browser or of the operating system applied by the user

 

Further information can be found in the Google Privacy Notice that can be retrieved here:

 

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

 

The use of Google Maps is a service for you to ensure that you can exactly detect our location and are able to better plan your visit with us if required. Google Maps is used on the basis of your consent in accordance with art. 6 par. 1 p. 1 lit. a GDPR.[10]

 

g) Google Tag Manager

On our website, we use Google Tag Manager (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Google Tag Manager is an administration and management tool, where other tracking and/or statistical tools can be centrally managed and exported. 

While visiting our website and if you grant your consent in accordance with art. 6 par.1 p.1 lit. a) GDPR, Google Tag Manager will capture and process your IP address, which can also be transmitted to the U.S. However, Google Tag Manager itself will neither create user profiles nor analyses.

We have concluded a contract on order processing with Google.

The Google Privacy Notice can be found here. [https://www.google.com/policies/privacy/?hl=de]

 

h) Use of Google reCAPTCHA

On our websites, we use the reCAPTCHA service of the Google enterprise (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) for our contact form to enable a distinction of entries made by a person or carried out by automated and abusive machine processing. We have a legitimate interest in protecting our web offers from abusive and automated spying and spam.

During the query carried out by the reCAPTCHA service, your IP address as well as further data that might be required by Google for the reCAPTCHA service will be forwarded to Google and further processed there.

If you use reCAPTCHA, you have to accept the Google Terms of Service. For this purpose, a separate field is available. We have activated IP anonymization on this website to ensure that your IP address will be shortened by Google in advance within member states of the European Union or in other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the U.S. and shortened there.

Google will use this information on our account to evaluate your use of this service. Your IP address transmitted by reCaptcha via your browser will not be combined with any other data held by Google. For this data, the differing privacy policy of the Google enterprise will apply.

We have concluded a contract on order processing with Google.

Further information on the Google Privacy Policy can be found under https://www.google.com/intl/de/policies/privacy/.

By integrating reCAPTCHA, Google Fonts will also be dynamically reloaded by Google without actively defining this as a website operator or visitor. These Web Fonts are integrated by means of a server call, i.e. usually a Google server in the U.S. Hereby, the following information might be transmitted to the server and stored by Google:

  • Name and version of the browser used
  • Website where the request was triggered from (referrer URL)
  • Operating system of your computer
  • Screen resolution of your computer
  • IP address of the requesting computer
  • Language settings of the browser or of the operating system applied by the user

Further information can be found in the Google Privacy Notice that can be retrieved here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

 

Google reCAPTCHA is used on the basis of your consent in accordance with art. 6 par. 1 p. 1 lit. a GDPR. You can revoke your consent at any time.

 

10. Analysis and Tracking Tools

On our website, we use the analysis and tracking tools listed hereinafter. They are used to ensure the continuous optimization of our website and structure it as needed.

We use these tools on the basis of consent granted by you in accordance with art. 6 par. 1 p. 1 lit. a GDPR. You can revoke your consent at any time by changing the Cookie settings. Processing until revocation shall remain lawful.

For the respective data processing purposes and data categories, please refer to the corresponding tools. We point out that we have no influence on whether and to what extent service providers carry out further data processing.

 

a)  Google Analytics

On our website, we use Google Analytics, a Web analysis service by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”).

In this context, Google Analytics uses cookies (see section 7). The information generated by the cookie on your use of this website, such as

  • Name and version of the browser used
  • Operating system of your computer
  • Website from which access is made (referrer URL)
  • IP address of the requesting computer
  • Time of the server request

will usually be transmitted to a Google server in the U.S. and stored there.

Your IP address is automatically anonymized by Google before it is recorded via EU domains and servers. Therefore, your IP address will not be logged or stored.

On our account, Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activities and providing other services relating to website use and Internet usage for us. Your IP address transmitted by Google Analytics via your browser will not be combined with any other data held by Google.

We have concluded a contract on order processing with Google.

Please click here to obtain an overview concerning data privacy at Google. [https://support.google.com/analytics/answer/6004245]

 

b) Google Remarketing

We use the remarketing function by Google Analytics to aim advertising campaigns – including Google AdWords campaigns – at the visitors of our website.

In doing so, relevant advertisements based on your previous calls of our website will be presented to you when visiting other websites of the Google Display Network.

The DoubleClick cookie enables Google to display targeted advertisements to us and other third-party providers, which comply with your interests identified on the basis of your previous visits on our website and/or other websites. These advertisements can be displayed on Google websites and/or on the websites of other operators of the Google advertising network. We also use the Google Analytics advertising functions to analyze the effectiveness of our own advertising campaigns.

If you have declared your consent in your Google account that your Web and app browser history is linked by Google with your Google account and information from your Google account is used for personalizing advertisements, Google will use data from you in combination with Google Analytics data to create target group lists for cross-device remarketing. For this purpose, IDs authenticated by Google, which are linked with your Google account, are entered by Google Analytics on our website first for you as a user. Subsequently, Google Analytics temporarily links these IDs with Google Analytics data to optimize our target groups.

We have concluded a contract on order processing with Google.

Please click here to obtain an overview concerning data privacy at Google. [https://support.google.com/analytics/answer/6004245]

 

c) Google Ads Conversion Tracking

With Google Ads, we use an online advertising program by Google on our website (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), which also includes conversion tracking. With this tool, Google Ads will set a cookie on your terminal if you access our website via a Google advertisement.

The cookie is not used for personal traceability. If you visit our website as a user and the cookie is still activated, it becomes evident to us and Google that you have clicked the corresponding advertisement and have been redirected to our site. Every Google Ads customer is given an individual cookie. As a result, cookies cannot be traced via the websites of Ads customers.

The data collected by conversion cookies is used to create conversion statistics for Ads customers. As customers of Google Ads, we thereby learn the total number of users who responded to our advertisement and were redirected to a website, which was given a conversion tracking tag. As a consequence, we can recognize the success of individual advertising measures. During this procedure, we do not get any information by which we could identify you personally as a user.

If Google Ads is used, your browser will automatically establish a direct connection to the Google server and can assign your visit to your account, provided that you have a Google account and are logged in. If you have no Google account, Google will provide you with a separate identification. We have no influence on what other data is collected and stored by Google.

We have concluded a contract on order processing with Google.

Further details concerning the Google Privacy Policy can be found at http://www.google.de/policies/privacy/.

 

11. Social Media

On our website, the social media plug-ins listed hereinafter are used to make our website better known. The legal basis for using social media plug-ins arises from your consent in accordance with art. 6 par. 1 p. 1 lit. a GDPR.

Responsibility for the operation of social media plug-ins in compliance with data protection must be guaranteed by their corresponding provider.

 

a) Facebook plug-in “Like”

The Facebook plug-in “Like” is integrated in this website. You can recognize it by the blue Facebook logo and the “Like” add-on next to it. The plug-in is operated by Meta Platforms Ireland Limited (Hanover Reach, 5-7 Hanover Quay, Dublin 2 Ireland) and is directly connected with the Meta Platforms servers. Data will not be forwarded to the website operator.

As soon as you activate this plug-in, it will collect, use and transmit data to Meta Platforms irrespectively of this website to the extent and for the purpose specified in the Facebook Privacy Policy at http://www.facebook.com/policy.php (e.g. information that you have visited this website and when). If you actively use this plug-in (e.g. by clicking the “Like” button), this information will also be transmitted to Meta Platforms and used there.

Type, extent and purpose of the collected data depend on whether you are registered with Facebook and/or logged in. However, an assignment of data to your Facebook account will only be made if you are currently logged into Facebook. This means that you should log out of Facebook before visiting this website if you want to prevent an assignment to your Facebook profile. Meta Platforms might also process the collected data in third countries in accordance with the Facebook Data Protection Directives.

Most frequently asked questions concerning the data protection of the plug-in are explained in generally understandable manner at http://www.facebook.com/help.php?page=1068.

 

b) Instagram

On our website, we use functions of the Instagram service operated by Meta Platforms Ireland Ltd. (Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland).

If you click on the Instagram button on our websites, the contents of our website will be linked with your Instagram profile. However, this is only possible if you are logged into your Instagram account.

We would like to point out that we, as the website provider, do not obtain knowledge of the contents of the data transmitted or its use by Instagram.

For further information, please refer to the Instagram Privacy Notice at: http://instagram.com/about/legal/privacy/.

 

c) Xing

On our website, we use functions of the Xing service operated by XING SE
(Dammtorstraße 30, 20354 Hamburg Deutschland).

If you click on the Xing button on our websites, the contents of our website will be linked with your Xing profile. However, this is only possible if you are logged into your Xing account.

We would like to point out that we, as the website provider, do not obtain knowledge of the contents of the data transmitted or its use by Xing.

For further information, please refer to the Xing Privacy Notice:

https://privacy.xing.com/de/datenschutzerklaerung

 

d) LinkedIn

On our websites, we use functions of the LinkedIn service operated by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland).

If you click on the LinkedIn button on our websites, the contents of our website will be linked with your LinkedIn profile. However, this is only possible if you are logged into your LinkedIn account.

We would like to point out that we, as the website provider, do not obtain knowledge of the contents of the data transmitted or its use by LinkedIn.

For further information, please refer to the LinkedIn Privacy Notice:

https://www.linkedin.com/legal/privacy-policy?_l=de_DE

 

12. Integration of Images, Sounds and Videos

a) YouTube

Our website uses the YouTube plug-in operated by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).

If you activate the YouTube plug-in during your visit, a connection to the YouTube servers will be established and the YouTube server is informed as to which one of our sites you have visited. Thereby, YouTube will be enabled to directly assign your surf behavior to your personal profile. You can prevent this by logging out of your member account before visiting our website.

For further information on how to use user data, please refer to the YouTube Privacy Notice at: https://www.google.de/intl/de/policies/privacy

By integrating YouTube, Google Fonts will also be dynamically reloaded by Google without actively defining this as a website operator or visitor. These Web Fonts are integrated by means of a server call, i.e. usually a Google server in the U.S. Hereby, the following information might be transmitted to the server and stored by Google:

  • Name and version of the browser used
  • Website where the request was triggered from (referrer URL)
  • Operating system of your computer
  • Screen resolution of your computer
  • IP address of the requesting computer
  • Language settings of the browser or of the operating system applied by the user

Further information can be found in the Google Privacy Notice that can be retrieved here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

 

The legal basis results from the consent granted by you in accordance with art. 6 par. 1 p. 1 lit. a GDPR. You can revoke your given consent at any time by changing the cookie setting on our website.

 

13. Rights of the Person Concerned

 

You have the following rights:

a)  Information

In accordance with art. 15 GDPR, you have the right to demand information about your person-related data processed by us. In doing so, this right to information includes details on

  • the processing purposes
  • the categories of the person-related data
  • the recipients or categories of recipients your data was or is disclosed to
  • the planned storage duration or at least the criteria for determining the storage duration
  • the existence of a right to correction, deletion, restriction of processing or disagreement
  • the existence of a right of appeal with a supervisory authority
  • the origin of your person-related data, provided that it was not collected by us
  • the existence of an automated decision making including profiling and, if required, meaningful information on their details

b) Correction

In accordance with art. 16 GDPR, you have a right to immediate correction of incorrect or incomplete person-related data stored by us.

  1. Deletion

In accordance with art. 17 GDPR, you have the right to demand the immediate deletion of your person-related data stored by us, provided that further processing is not necessary for one of the following reasons:

  • the person-related data is still required for the purposes it was collected for or processed for in any other way
  • for the exercise of freedom of expression and information
  • for the fulfillment of a legal obligation requiring the processing of this data in accordance with the law of the European Union or its member states which the responsible company is subject to or for the performance of a task that is in the public interest or carried out in the exercise of official authority that has been assigned to the responsible company
  • for reasons of the public interest in the area of public health in accordance with art. 9 par. 2 lit. h and i as well as art. 9 par. 3 GDPR
  • for archiving purposes that are in the public interest, scientific or historical research purposes or for statistical purposes in accordance with art. 89 par. 1 GDPR, as far as the right mentioned under section a) probably makes the achievement of the objectives of this processing impossible or seriously impairs it
  • for the assertion, exercise or defense of legal claims

c)  Restriction of processing

In accordance with art. 18 GDPR, you can demand the restriction of the processing of your person-related data for one of the reasons mentioned hereinafter:

  • You deny the accuracy of your person-related data.
  • The processing is unlawful and you reject the deletion of the person-related data.
  • We do not require the person-related data for processing purposes any longer; however, you require it for the assertion, exercise or defense of legal claims.
  • You appeal against processing in accordance with art. 21 par. 1 GDPR.

 

d) Information

If you have demanded the correction or deletion of your person-related data or a restriction of processing in accordance with art. 16, art. 17 or art. 18 GDPR, we will inform all recipients your person-related data was disclosed to accordingly, unless this proves to be impossible or involves a disproportionate effort. You can demand from us that we communicate these recipients to you.

 

e) Transmission

You have the right to obtain your personal data provided to us in a structured, standard and machine-readable format.

Furthermore, you have the right to demand the transmission of this data to a third party, provided that processing was carried out by means of automated procedures and is based on a given consent in accordance with art. 6 par. 1 p. 1 lit. a or art. 9 par. 2 lit. a or on a contract in accordance with art. 6 par. 1 p. 1 lit. b GDPR.

 

f) Revocation

In accordance with art. 7 par. 3 GDPR, you have the right to revoke your consent granted to us at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. In the future, we are no longer allowed to continue the data processing based on your revoked consent.

 

g) Complaint

In accordance with art. 77 GDPR, you have the right to file a complaint with a supervisory authority if you believe that the processing of your person-related data infringes the GDPR provisions.

 

h) Appeal

If your person-related data is processed on the basis of legitimate interests in accordance with art. 6 par. 1 p. 1 lit f GDPR, you have the right to appeal against the processing of your person-related data in accordance with art. 21 GDPR, provided that there are reasons resulting from your particular situation or your appeal is directed against direct advertising. In the latter case, you have a basic right of objection, which will be implemented by us without specification of your particular situation. If you wish to exercise your right of revocation or right of objection, it will be sufficient to send an e-mail to datenschutz@fis-asp.de.

 

i) Automated decision on a case-by-case basis including profiling

You have the right not to be subjected to a decision exclusively based on automated processing – including profiling – and taking a legal effect on you or significantly affecting you in a similar way. This provision shall not apply if the decision

  1. is required for the conclusion or the fulfillment of a contract between you and us
  2. is permissible due to legal provisions of the European Union or its member states that we are subject to and these legal provisions include appropriate measures for the protection of your rights and freedoms as well as of your legitimate interests
  • is made with your explicit consent

However, these decisions must not be based on specific categories of person-related data in accordance with art. 9 par. 1 GDPR, provided that art. 9 par. 2 lit. a or g GDPR does not apply and appropriate measures for the protection of your rights and freedoms as well as of your legitimate interests have been taken.

With regard to the cases mentioned under i) and iii), we will take appropriate measures in order to protect your rights and freedoms as well as your legitimate interests, which at least include the right of obtaining interference by a person from our side, the right of expression of your own point of view as well as the right of contestation of the decision.

 

14.  Change of Data Privacy Statement

If we make changes to this data privacy statement, we will point it out accordingly on our website.

Version dated: December 07, 2023

anschrift

FIS-ASP Application Service Providing und IT-Outsourcing GmbH
Röthleiner Weg 4
D-97506 Grafenrheinfeld

Tel.: +49 97 23 / 91 88-500
Fax: +49 97 23 / 91 88-600

info@fis-asp.de

IT-SECURITY NEWSLETTER

Wir informieren Sie über aktuelle Änderungen im Bereich der IT-Sicherheit. Melden Sie sich an und verpassen Sie zukünftig keine Informationen mehr.

Sie möchten mehr über uns wissen?

Über den nachfolgenden Link gelangen Sie in unseren Downloadbereich. Hier finden Sie Informationen zum Unternehmen, Whitepapers und Fachberichte.

contact

FIS-ASP Application Service Providing und IT-Outsourcing GmbH
Röthleiner Weg 4
D-97506 Grafenrheinfeld

Phone.: +49 97 23 / 91 88-500
Fax: +49 97 23 / 91 88-600

info@fis-asp.de

aktuelle beiträge

Would you like to know
more about us?

The following link takes you to our download area. Here you can find information about the company, white papers and use cases.

IT-SECURITY NEWSLETTER

We inform you about current changes in the area of IT security. Sign up and don’t miss any more information in the future.