Privacy policy
The protection of personal data is an important concern for us. Therefore, the processing of personal data is carried out in accordance with the applicable European and national legal provisions.
You can of course revoke your declaration(s) of consent at any time with effect for the future. To do so, please contact the person responsible in accordance with § 1.
The following declaration provides an overview of the type of data collected, the way in which this data is used and passed on, the security measures we take to protect your data and the way in which you can obtain information about the information given to us.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6 (1) sentence 1 lit. a) of the EU General Data Protection Regulation (DSGVO) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) S. lit. b) DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as processing of personal data is necessary for compliance with a legal obligation to which we are subject, Article 6 (1) sentence 1 lit. c) DSGVO serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) sentence 1 lit. f) DSGVO serves as the legal basis for the processing.
Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which we are subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or fulfilment of a contract.
§ 1 THE DATA CONTROLLER AND THE DATA PROTECTION OFFICER
(1) Name and address of the data controller
The responsible person within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection provisions is:
IUNworld GmbH
Steinheilstraße 4
85737 Ismaning
Deutschland
Tel.: +49 (0) 89 99979670
E-Mail: info@iunworld.com
Website: www.iunworld.com
(2) Name and address of the data protection officer
The data protection officer of the controller is:
Herr Dieter Grohmann
akwiso
Beethovenstraße 23
87435 Kempten
Deutschland
Tel.: +49 (0) 831 51247030
E-Mail: info@akwiso.de
Website: www.akwiso.de
§ 2 DEFINITIONS
The data protection declaration is based on the terms used by the European legislator when adopting the EU General Data Protection Regulation (hereinafter: “GDPR”). The data protection declaration is intended to be easy to read and understand. To ensure this, the most important terms are explained below:
- a) Personal datas any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
(b) data subject shall mean any identified or identifiable natural person whose personal data are processed by the controller.
‘processing’ means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Profiling means any automated processing of personal data which consists in using personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location.
(e) pseudonymisation means the processing of personal data in such a way that the personal data can no longer be related to a specific data subject without additional information, provided that such additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.
(f) Controller or controller means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.
(g) Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
(h) recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
(i) third party means any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor.
j) consent shall mean any freely given specific and informed indication of his or her wishes, in the form of a statement or other unambiguous affirmative act, by which the data subject signifies his or her agreement to personal data relating to him or her being processed.
§ 3 PROVISION OF THE WEBSITE AND CREATION OF LOG FILES
(1) During the mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we automatically collect the following data and information from the computer system of the calling computer each time the website is called up:
- The IP address of the user
- Information about the type of browser and the version used
- The user’s operating system
- The user’s internet service provider
- Date and time of access
- Websites from which the user’s system accesses the website
- Websites accessed by the user’s system via our website
- Content of the calls (specific pages)
- Amount of data transferred in each case
- Language and version of the browser software
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
(2) The legal basis for the temporary storage of the log files is Art. 6 para. 1 p. lit. f) DSGVO.
(3) The temporary storage of the IP address by the system is necessary in order to
- enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
- to optimise the content of our website as well as the advertising
- for it to ensure the functionality of our information technology systems and the technology of our website
- to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems An evaluation of the data for marketing purposes does not take place in this context.
These purposes also constitute our legitimate interest in data processing according to Art. 6. (1) sentence 1 lit. f) DSGVO.
(4) The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected – in this case at the end of the usage process. In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses are deleted or made anonymous so that it is no longer possible to assign the calling client.
(5) The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website, which is why there is no possibility to object.
§ 4 USE OF COOKIES
(1) This website uses so-called cookies.
Below you will find a list of cookies with a description of which are used.
Cookies are small text files which, as soon as you visit a website, are sent to your browser by a web server and stored locally on your end device (PC, notebook, tablet, smartphone, etc.) and are stored on your computer and provide the user (i.e. us) with certain information. Cookies are used to make the website more customer-friendly and secure, and in particular to collect usage-related information, such as frequency of use and number of users of the pages and behaviour patterns of page use. Cookies do not cause any damage to the computer and do not contain viruses. This cookie contains a characteristic character string (so-called cookie ID), which enables the browser to be uniquely identified when the website is called up again.
Cookies used:
- Google Tag Manager
- Google Maps
- Google Analytics
- Google Web Fonts
- Ezoic
- Facebook Pixel
(2) Cookies remain stored even if the browser session is ended and can be accessed again when you visit the site again. However, cookies are stored on your computer and transmitted from it to our site. Therefore, you also have full control over the use of cookies. If you do not wish data to be collected via cookies, you can set your browser via the menu under “Settings” so that you are informed about the setting of cookies or generally exclude the setting of cookies or can also delete cookies individually. However, please note that the functionality of this website may be limited if cookies are deactivated. As far as session cookies are concerned, these will be automatically deleted after leaving the website anyway.
§ 5 REGISTRATION
(1) We offer you the opportunity to register on our website by providing personal data. The data is entered in an input mask and transmitted to us and stored. As a matter of principle, this data is not passed on to third parties unless there is a legal obligation to pass it on or the passing on serves criminal or legal prosecution purposes.
The following data is collected as part of the registration process:
- E-mail address
- IP address
- Date and time of registration
You can manage and change all details in the protected customer area. Within the
the registration process, the user’s consent to the processing of these
data is obtained.
(2) We use the so-called double-opt-in procedure for registration. This means that after your registration, we will send you an e-mail to the e-mail address you provided in which we ask you to confirm that you wish to register. If you do not confirm your registration within 48 hours, your information will be blocked and automatically deleted after one month. In addition, we store your respective IP addresses used and times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
(3) If the user has given his or her consent, the legal basis for the processing of the data is Art. 6 para. 1 p. 1 lit. a) DSGVO.
If the registration serves the fulfilment of a contract to which you are a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 p. 1 lit. b) DSGVO.
(4) Registration is necessary for the provision of certain contents and services on our website as well as for the prevention of misuse and, if necessary, for the investigation of criminal offences. (further description of the contents and services)
Registration is necessary for the performance of the contract or for the implementation of pre-contractual measures. (further description of the contract; norms according to EGBGB and BGB).
(5) The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
This is the case for the data collected during the registration process as soon as you delete your access. We also store the data provided voluntarily for the time until the account is deleted, unless you delete it yourself beforehand. This is the case for data collected during the registration process for the fulfilment of a contract or for the implementation of pre-contractual measures when the data is no longer required for the implementation of the contract. Even after the conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to fulfil contractual or legal obligations. Continuing obligations require the storage of personal data during the term of the contract. In addition, warranty periods and the storage of data for tax purposes must be observed. The storage periods to be observed cannot be determined in a general way, but must be determined for each individual contract and contracting party.
(6) If the data is required for the performance of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.
Otherwise, you are free to have the personal data provided during registration completely deleted from the data stock of the controller. Upon request, the controller will provide you at any time with information about which personal data is stored about the data subject. Furthermore, the controller shall correct or delete personal data at the request or indication of the data subject, provided that this does not conflict with any statutory retention obligations. You can write to the data controller or the data protection officer in accordance with § 1 at any time by e-mail or post and ask for the deletion/amendment of the data.
§ 6 E-Commerce
(1) If you wish to register for one of our products, it is necessary for the conclusion of the contract that you provide your personal data, which we require for the processing of your registration. Mandatory data required for the processing of contracts are marked separately, other data are voluntary. The data is entered in an input mask and transmitted to us and stored.
The following data is collected during the registration process:
- Name
- Address (billing address if different)
- E-mail address
- Telephone number
- Bank details
- IP address
- Date and time of data entry
Data will only be passed on to third parties if this is necessary for the purpose of processing the contract or for billing purposes or for collecting the fee, or if you have expressly consented to this. In this regard, we only pass on the data required in each case.
The data recipients are:
- Collection companies, insofar as the payment has to be collected (disclosure of name, address, contract details).
- The bank for the collection of the payment, insofar as the payment is made via direct debit
- Accounting
(2) The legal basis is Art. 6 para. 1 p. 1 lit. b) DS-GVO. With regard to the voluntary data, the legal basis for the processing of the data is Art. 6 para. 1 p. 1 lit. a) DSGVO.
(3) The compulsory data collected are necessary for the fulfilment of the contract with the user (for the purpose of sending the goods and confirming the content of the contract). We therefore use the data to answer your enquiries, to process your order, if necessary to check creditworthiness or to recover a debt and for the purpose of technical administration of the websites. The voluntary information is provided to prevent misuse and, if necessary, to investigate criminal offences. We may also process the data you provide to inform you about other interesting products from our portfolio or to send you e-mails with technical information.
(4) The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for a period of ten years after the execution of the contract. However, we restrict processing after two years, i.e. your data is only used to comply with legal obligations. If a continuing obligation exists between us and the user, we store the data for the entire duration of the contract and for ten years thereafter (see above). With regard to data provided voluntarily, we will delete the data upon expiry of two years after execution of the contract, provided that no further contract is concluded with the user during this period; in this case, the data will be deleted upon expiry of two years after execution of the last contract. Statutory retention periods remain unaffected and take precedence.
(5) If the data is required for the performance of a contract or for the implementation of pre-contractual measures, premature deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.
Otherwise, you are free to have the personal data provided during registration completely deleted from the data stock of the controller. The controller will provide you with information about which personal data is stored about you at any time upon request. Furthermore, the controller shall correct or delete personal data at the request or indication of the data subject, provided that this does not conflict with any statutory retention obligations. You may contact the data controller or the data protection officer pursuant to. § 1 at any time via e-mail or postal mail and ask for deletion/modification of the data.
§ 7 DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
Links to external websites
This website contains links to external websites. We are responsible for our own content. We have no influence on the contents of external links and are therefore not responsible for them; in particular, we do not adopt their contents as our own. If you are directed to an external site, the data protection declaration provided there applies. If you notice any illegal activities or content on this site, you are welcome to point this out to us. In this case we will check the content and react accordingly (notice and take down procedure).
Privacy policy on the use and application of Ezoic
This website uses EZOIC, an advertising integration service provided by EZOIC Inc and EZOIC Ltd (“EZOIC”). The provider is EZOIC Inc (Ezoic Inc, 6023 Innovation Way, Carlsbad, CA 92009, United States) and EZOIC Ltd (Ezoic Limited, Northern Design Centre, Gateshead, Tyne and Wear, NE8 3DF United Kingdom).
EZOIC uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. EZOIC also uses so-called web beacons (invisible graphics). Through these web beacons, information such as visitor traffic on these pages can be analysed.
The information generated by cookies and web beacons about the use of this website (including your IP address) and the delivery of advertising formats is transmitted to a server of EZOIC in the USA and United Kingdom and stored there. This information may be shared by EZOIC with EZOIC’s contractors. However, EZOIC will not merge your IP address with other data stored by you.
The storage of EZOIC cookies is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its web offering and its advertising.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by EZOIC in the manner and for the purposes set out above.
You can view the privacy policy of EZOIC Inc. and EZOIC Ltd. at the following link: https://www.ezoic.com/de-lang/privacy-policy/
Privacy policy on the use and application of Facebook Pixel
On this website we use the Facebook Pixel from Facebook, a social media network of the company Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. The code implemented on this page can evaluate the behaviour of visitors who have reached this website from a Facebook advertisement. This can be used to improve Facebook ads and this data is collected and stored by Facebook. The collected data is not visible to us, but can only be used in the context of ad placements. Cookies are also set through the use of the Facebook Pixel code. By using the Facebook pixel, the visit to this website is communicated to Facebook so that visitors can see suitable ads on Facebook. If you have a Facebook account and are logged in, your visit to this website will be assigned to your Facebook user account. The legal basis for the use of the Facebook pixel is Art. 6 para. 1 lit. f DSGVO.
You can learn how the Facebook Pixel is used for advertising campaigns at https://www.facebook.com/business/learn/facebook-ads-pixel. You can adjust your ad preferences on Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.”
modify, provided you are logged into Facebook.
You can manage your preferences for interest-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/ You can disable or enable multiple providers at once there, or adjust settings for individual providers.
You can find more information about Facebook’s data policy at https://www.facebook.com/policy.php.
Transfer to third countries: USA – Refer to the above explanations regarding Webtrends, Google Analytics, and the Facebook Pixel.
Storage duration: 180 days
Privacy provisions regarding the use and deployment of web analytics through Google Analytics (with pseudonymization)
We use the service of Google LLC (Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyze the browsing behavior of our users on our website. The software places a cookie on your computer.
When individual pages of our website are accessed, the following data is stored:
• Two bytes of the IP address of the user’s accessing system
• The accessed webpage
• Entry pages, exit pages,
• The duration of the visit on the website and the bounce rate
• The frequency of webpage access
• Country of origin and regional origin, language, browser, operating system, screen resolution, use of Flash or Java
• Search engines used and search terms used.
The information generated by the cookie about the use of this website by users is typically transmitted to and stored on a server operated by Google in the United States. The legal basis for processing personal data is Art. 6 para. 1 p. 1 lit. a) DSGVO.
On our behalf, Google will use this information to evaluate your use of the website and to compile reports on website activity. Through the analysis of the collected data, we are able to compile information about the usage of the individual components of our website. This helps us continuously improve our website and its user-friendliness. The data is deleted as soon as it is no longer needed for our recording purposes. In our case, this occurs after 18 months.
The cookies used are stored on your computer and transmitted from it to our website. If you do not agree with the collection and evaluation of usage data, you can prevent this by adjusting your browser software accordingly, such as by disabling or restricting the use of cookies. Already stored cookies can be deleted at any time. However, in this case, it may be that you cannot fully utilize all functions of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link. The current link is: http://tools.google.com/dlpage/gaoptout?hl=de .
You have the option to withdraw your consent for the processing of personal data at any time. If you contact us via email, you can object to the storage of your personal data at any time. Regarding the withdrawal of consent/objection to storage, we kindly ask you to contact the data controller via email or postal mail. The data controller is Google Ireland Ltd., Gordon House, 4 Barrow Street, Dublin, Ireland, Fax: +353 (1) 436 1001. Further information can be found in the terms of use at http://www.google.com/analytics/terms/de.html and in the privacy overview at http://www.google.com/analytics/terms/de.html, in der Übersicht zum Datenschutz unter http://www.google.com/intl/de/analytics/learn/privacy.html and in the privacy policy at http://www.google.de/intl/de/policies/privacy
Privacy provisions regarding the use and deployment of Google Tag Manager
This website uses Google Tag Manager. Durch diesen Dienst können Website-Tags über eine Oberfläche verwaltet werden. The Google Tag Manager only implements tags. This means that no cookies are used, and no personal data is collected. The Google Tag Manager triggers other tags, which may, in turn, collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it will persist for all tracking tags implemented through the Google Tag Manager.
Privacy provisions regarding the use and deployment of Google Maps
This page utilizes the Google Maps mapping service through an API. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To utilize the features of Google Maps, it is necessary to store your IP address. This information is typically transmitted to and stored on a server operated by Google in the United States. The provider of this page has no influence over this data transmission. The use of Google Maps is in the interest of presenting our online offerings attractively and making it easy to locate the places we specify on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO For more information on how user data is handled, please refer to Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/
Privacy provisions regarding the use and deployment of Google Web Fonts
This page uses web fonts provided by Google for a consistent presentation of fonts. When you visit a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose, the browser you use must establish a connection to Google’s servers. This allows Google to know that our website was accessed via your IP address. The use of Google Web Fonts is in the interest of a consistent and appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO
If your browser does not support web fonts, a default font from your computer will be used.
For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and see Google’s privacy policy: https://www.google.com/policies/privacy/.
§ 8 Contact form, email contact
Our website includes a contact form that can be used for electronic communication. If you choose to use this option, the data entered into the input form will be transmitted to us and stored.
These data include:
• Salutation, first name, last name, phone number, email address
At the time of sending the message, the following data is also stored:
• User’s IP address
• Date and time of registration
Your consent is obtained during the submission process for the processing of data, with reference to this privacy policy.
Alternatively, contact can be made through the provided email address. In this case, the personal data transmitted via email will be stored.
To the extent that these are contact details (for example, email address, telephone number), you also consent to us potentially contacting you via this communication channel to respond to your inquiry.
In this context, there is no disclosure of data to third parties. The data will be used exclusively for processing the conversation.
The legal basis for processing the data, in case of the user’s consent, is Art. 6 para. 1 S. lit. a) DSGVO. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 S.1 lit. f) DSGVO. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1S. 1 lit. b) DSGVO.
The processing of the personal data from the input mask serves us solely to process the contact. Of course, we will only use the data from your e-mail enquiries for the purpose for which you provide them to us when contacting us. In the case of contact by e-mail, answering them also constitutes the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
You have the option to revoke your consent to the processing of personal data at any time. If you contact us by e-mail, you can object to the storage of your personal data at any time. In such a case, the conversation cannot be continued. With regard to the revocation of consent/objection to storage, we ask you to contact the person responsible or the data protection officer via e-mail or post. In this case, all personal data stored in the course of contacting us will be deleted.
§ 9 Data protection regulations for the use of online lectures
In the case of online lectures, there is the possibility of image and sound recordings. At the start of the online lecture, students will be informed about this in order to ensure their consent to admission. Each student is informed about this when they log in to their course and their consent is formulated. At this point you will also find all the basics for the scope of consent as well as for revocation. Students who enter an online lecture later must make themselves felt in order to ensure consent.
§ 10 DATA PROTECTION INFORMATION ON AN EMPIRICAL STUDY
Participation in the study is voluntary. You have the option at any time to cancel your participation, refuse a subsequent participation, withdraw your consent to participate and request the deletion of your data without causing you any disadvantages. By participating in the study, you confirm that you have read the following data protection information and agree to the data collection, evaluation and storage described. For complaints within the meaning of the GDPR, please contact the authors of the study or the body responsible for them. An overview can be found at the end of this information.
- Performing
Participant Data Protection Notice - If the study is carried out with the participation of third parties
Participant Data Protection Notice - Purpose of the study
Participant Data Protection Notice - Is the study scientific research in the public interest?
Participant Data Protection Notice - Expected duration of the project in which the data will be collected and processed
Participant Data Protection Notice - Form of the collected data
Participant Data Protection Notice - What types of personal data are processed?
Participant Data Protection Notice - Will the data from the study be used for any kind of profiling?
No (automatic decision-making with consequent consequences) Example: Empirical study is prepared for an insurance company that uses this data to create risk profiles. - Form of data processing and storage
Word processing program: MaxQDA (software for qualitative evaluation of interviews in Germany) - What happens to the data after analysis and evaluation?
Student research project: Course instructor (data will be deleted from the online platform in accordance with legal requirements) - Disclosure of data to third parties
No
Only students and university
Type of data: interview guides, transcripts and audio files of the interviews - Contact details in case of interest/revocation
Participant Data Protection Notice - Deletion of data
The deletion of personal data takes place within the statutory periods. All legal requirements for archiving serve as the basis. After expiry of this period, the data will be deleted in accordance with the requirements of the GDPR. - Data integrity
All technical tools are subject to data protection assessment. Persons involved are trained and obliged to handle personal data. - Contact Data Protection Officer in case of complaints
Data protection officer and auditor of the university:
Dieter Grohmann | CEO
Telephone:+49 (0) 831 / 5124-7030
Fax: +49 (0) 831 / 5124-7031
Beethovenstraße 23
87435 Kempten – Berlin – Hamburg – Köln/Bochum
www.akwiso.de
info@akwiso.de
Competent authority:
Bavarian State Office for Data Protection Supervision
Telephone: 0981/180093-0
Fax: 0981/180093-800
Email: poststelle@lda.bayern.de
§ 11 POLLS UNIPARK/QUESTBACK
The server park of our service provider is reliably protected against external access. The extensively certified data center is subject to extremely high data protection and security requirements. according to ISO 27001 (“Information Security Management System Standard”) and SOC II (“Service Organization Control”). These certificates comply with internationally recognized standards for IT security management and guarantee a consistently high quality and security of service provision. The legal requirements for order data processing are fully ensured on the basis of Art 28.
Audits
The data protection measures comply with the highest standards. This high standard is regularly checked by audits by data protection officers and auditors. We and our service provider meet the legal requirements of the BDSG and the DSGVO.
Encryption
State-of-the-art technologies and industry-proven methods are used for data encryption in transit.
Availability and data security
We guarantee the continuous availability of stored data. The production environment has extensive redundancy that ensures availability in the event of a failure.
Quality assurance
An experienced in-house IT and audit team for quality assurance and data protection checks procedures and processes in fixed time windows.
Measures for data protection and data security
Only those persons who are authorized to use a data processing system can only access this data. Personal data cannot be read, copied, changed or removed without authorization. Personal data cannot be read, copied, modified or removed without authorization during electronic transmission or during their storage on data carriers. It can be retrospectively checked and determined whether and by whom personal data has been entered, changed or removed into data processing systems. Personal data processed on behalf of the client can only be processed in accordance with the instructions of the client. Personal data is protected against accidental destruction or loss.
§ 12 DATA PROTECTION INFORMATION FOR ONLINE MEETINGS AND TELEPHONE CONFERENCES VIA MICROSOFT TEAMS
Data protection information: We hereby inform you in accordance with. Art. 13, 14 GDPR about which data we and the provider of Microsoft Teams collect and process from you for what purpose in the context of communication via Microsoft Teams.
PURPOSE OF THE PROCESSING
We use the Microsoft Teams tool to conduct telephone conferences, online meetings and video conferences (hereinafter: “online meetings”). Microsoft Teams is a service provided by Microsoft Corporation.
PERSON IN CHARGE
The person responsible for data processing directly related to the conduct of “online meetings” is
The International Football Institute is a scientific institution of IUNworld GmbH
Steinheilstraße 8
85737 Ismaning
Germany
Tel.: + 49 89 6209 787 100
Mail: beratung@international-football-institute.com
Note: If you access the Microsoft Teams website, the provider of Microsoft Teams is responsible for data processing. However, calling up the website is only necessary for the use of Microsoft Teams in order to download the software for the use of Microsoft Teams.
If you don’t want to or can’t use the Microsoft Teams app, you can also use Microsoft Teams via your browser. In this respect, the service will then also be provided via the Microsoft Teams website.
WHAT DATA IS PROCESSED
When using Microsoft Teams, various types of data are processed. The scope of the data also depends on the information you provide before or during participation in an “online meeting”.
The following personal data are subject to processing:
– User details: e.g. display name, e-mail address if applicable, profile picture (optional), preferred language
– Meeting metadata: e.g. date, time, meeting ID, phone numbers, location
-Text, audio and video data: You may have the option of using the chat function in an “online meeting”. In this respect, the text entries you make will be processed in order to display them in the “online meeting”. In order to enable the display of video and the playback of audio, the data from the microphone of your device and from any video camera of the device will be processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the Microsoft Teams applications.
SCOPE OF PROCESSING
We use Microsoft Teams to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent.
The chat content is logged when using Microsoft Teams. We store the chat content for a fixed period of time. If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content.
Automated decision-making within the meaning of Art. 22 DSGVO is not used.
LEGAL BASIS FOR DATA PROCESSING
Insofar as personal data of employees of The International Football Institute is a scientific institution of IUNworld GmbH is processed, § 26 BDSG is the legal basis for data processing. If, in connection with the use of Microsoft Teams, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of Microsoft Teams, Art. 6 para. 1 lit. f) DSGVO the legal basis for data processing. In these cases, we are interested in the effective implementation of “online meetings”.
In all other respects, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit.a und b) DSGVO, insofar as the meetings are held within the framework of contractual relationships.
insofar as the meetings are held within the framework of contractual relationships. 1 lit. f) DSGVO. Here, too, we are interested in the effective implementation of “online meetings”.
RECIPIENTS / DISCLOSURE OF DATA
Personal data processed in connection with participation in “online meetings” will not be disclosed to third parties unless they are specifically intended for disclosure. Please note that content from “online meetings” as well as from face-to-face meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended for disclosure.
Other recipients: The provider of Microsoft Teams necessarily obtains knowledge of the above-mentioned data, insofar as this is provided for in the context of our order processing contract with Microsoft Teams.
DATA PROCESSING OUTSIDE THE EUROPEAN UNION
Data processing outside the European Union (EU) does not take place as a matter of principle, as we have limited our storage location to data centers in the European Union/Germany. However, we cannot rule out the possibility that data may be routed via Internet servers located outside the EU. This may be the case in particular if participants in “online meetings” are in a third country.
However, the data is encrypted during transport over the Internet and thus protected against unauthorized access by third parties.
DATA PROTECTION OFFICER
We have appointed a data protection officer.
You can reach it as follows:
akwiso Data Protection & Audit
Herr Dieter Grohmann
Beethovenstraße 23
87435 Kempten
Germany
Tel.: +49 (0) 831 51247030
Email: info@akwiso.de
Website: www.akwiso.de
YOUR RIGHTS AS A DATA SUBJECT
You have the right to information about your personal data. You can contact us at any time for information.
In the case of a request for information that is not made in writing, we ask for your understanding that we may require evidence from you to prove that you are the person you claim to be.
Furthermore, you have a right to correction or deletion or to restriction of processing, insofar as you are legally entitled to do so.
Finally, you have the right to object to the processing within the framework of the legal requirements.
A right to data portability also exists within the framework of data protection regulations.
DELETION OF DATA
As a matter of principle, we delete personal data if there is no need for further storage. A requirement may exist in particular if the data is still needed in order to fulfil contractual services, to be able to check and grant or defend warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion can only be considered after expiry of the respective retention obligation.
RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
You have the right to complain about the processing of personal data by us to a supervisory authority for data protection.
CHANGES TO THIS PRIVACY POLICY
We revise this data protection information in the event of changes in data processing or other occasions that make this necessary. The current version can always be found on this website.
§ 13 Rights of the person concerned
If your personal data is processed, you are a data subject within the meaning of the DSGVO and you have the following rights vis-à-vis the controller:
1. Right to information,
2. Right to rectification
3. Right to restriction of processing,
4. Right to deletion
5. Right to information
6. Right to data portability.
7. Right to object to processing
8. Right to revoke consent under data protection law
9. right not to apply an automated decision
10. Right to lodge a complaint with a supervisory authority
- Right to information
(1) You may request confirmation from the controller as to whether personal data concerning you is being processed by us. If this is the case, you can request free information from the person responsible at any time about the personal data stored about you as well as about the following information:
a) the purposes for which the personal data are processed;
b) the categories of personal data that are processed;
c) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
d) the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the duration of storage;
e) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
f) the existence of a right of appeal to a supervisory authority;
g) all available information on the origin of the data, if the personal data are not collected from the data subject;
h) the existence of automated decision-making, including profiling, in accordance with Art. 22 para. 1 and 4 DSGVO and, at least in these cases, meaningful information on the logic involved and the scope and intended effects of such processing on the data subject.
(2) You have the right to request information as to whether your personal data is transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. Art. 46 DSGVO to be informed in connection with the transfer. - Right to rectification
You have a right to immediate correction and/or completion vis-à-vis the person responsible if the processed personal data concerning you is incorrect or incomplete. - Right to restriction of processing
(1) Under the following conditions, you may request the controller to restrict the processing of personal data concerning you without delay:
a) if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to verify the accuracy of the personal data;
b) the processing is unlawful and you refuse the deletion of the personal data and instead request the restriction of the use of the personal data;
c) the controller no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
d) if you object to the processing pursuant to Art. 21 para. 1 DSGVO and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.
(2) If the processing of personal data concerning you has been restricted, such data may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted. - Right to deletion
(1) You have the right to obtain from the controller the erasure of personal data concerning you without undue delay where one of the following grounds applies:
a) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
b) You revoke your consent on which the processing is based pursuant to Art. Art. 6 Abs. 1 lit. a or Art. 9 para. 2 lit. a DSGVO and there is no other legal basis for the processing.
c) You create according to. Art. 21 par. 1 DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. Art. 21 par. 2 DSGVO to object to the processing.
d) The personal data concerning you have been processed unlawfully.
e) The deletion of personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
f) The personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8 para. 1 DSGVO collected.
(2) If the person responsible has made the personal data concerning you public and is obliged to delete the personal data concerning you in accordance with the GDPR. Art. 17 Abs. 1 DSGVO he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
(3) The right to deletion does not exist if the processing is necessary
(a) to exercise the right to freedom of expression and information;
b) for compliance with a legal obligation which requires processing under the law of the Union or of the Member States to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
c) for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 DSGVO;
d) for archival purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. Art. 89 Abs. 1 DSGVO, to the extent that the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of such processing, or
(e) to assert, exercise or defend legal claims. - Right to information
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to communicate this rectification/erasure/restriction of processing to all recipients to whom the personal data concerning you have been disclosed, unless this proves impossible or involves a disproportionate effort. You have the right to be informed of these recipients by the controller. - Right to data portability
(1) You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that
(a) the processing is based on consent pursuant to Art. Art. 6 par. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to. Art. 6 par. 1 lit. b DSGVO is based and
(b) the processing is carried out with the aid of automated procedures.
(2) In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
(3. The right to data portability shall not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
(4) In order to assert the right to data portability, the data subject may at any time contact the controller. - Right of objection
(1) You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 lit. e or f DSGVO; this also applies to profiling based on these provisions.
(2. The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
(3) If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
(4) You have the possibility, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by means of automated procedures using technical specifications.
(5) In order to exercise the right to object, the data subject may contact the controller directly. - Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revocation. You can contact the person responsible for this. - Automated decision in individual cases including profiling
(1) You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision
a) is necessary for the conclusion or performance of a contract between you and the responsible person,
(b) is authorised by Union or Member State legislation to which the controller is subject and that legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
c) is done with your express consent.
(2) However, such decisions shall not be based on special categories of personal data pursuant to Art. 9 para. 1 DSGVO, unless Art. 9 para. 2 lit. a or g DSGVO applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.
(3) With regard to the cases referred to in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms of, and your legitimate interests, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.
(4. If the data subject wishes to exercise rights concerning automated decisions, he or she may, at any time, contact the controller. - Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the DSGVO. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 DSGVO.
§ 12 SSL encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
§ 13 Changes to the privacy policy
We reserve the right to change our privacy practices and this policy to comply with any changes in relevant laws or regulations or to better meet your needs. Possible changes to our data protection practices will be announced here accordingly. Please note the current version date of the privacy policy.
Data protection stand: 27.01.2022