Privacy Policy

1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data
when you visit this website. Personal data are all data with which you can be personally identified. Detailed information on data protection can be found in our data protection declaration listed below this text.

Data collection on this website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. Its contact details can be found in the imprint of this website.

How do we collect your data? This can be, for. For example, it is about
data that you enter in a contact form.
Other data is automatically collected by our IT systems when you visit the website. Above all, this is technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter this website.

What do we use your data for?
Part of the data is collected to ensure that the website is provided correctly. Other data can be used to analyze your user behavior.

What rights do you have regarding your data?
You have the right to information about the origin, recipient and purpose of your personal data stored at any time free of charge to obtain. You also have the right to request that this data be corrected or deleted. You can contact us at any time at the address given in the imprint if you have any further questions about data protection. You also have a right to lodge a complaint with the competent supervisory authority.
You also have the right to request that the processing of your personal data be restricted under certain circumstances. Details on this can be found in the data protection declaration under
'Right to restriction of processing'.

2. Hosting

External hosting, provision of the website and creation of log files

This website is hosted on web server operated by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany, e-mail: info@hetzner.de. An order processing contract (order data processing contract, ADV contract or AV contract) was concluded with Hetzner Online GmbH within the meaning of Article 28 GDPR. When you visit our website, data is collected by the hosting service system. Hetzner Online GmbH states as follows: 'For data protection reasons, the host name or the IP address of the client accessing your website is anonymized in the log files. Only the entries for the client's host or, if this cannot be determined, the client's IP address are anonymized in the log files. Only the last 6 weeks are available for selection.' And for the storage of page views by Hetzner Online GmbH itself, Hetzner Online GmbH states:' When visitors visit your website, the IP addresses of these visitors are recorded and saved in log files. Hetzner (the hoster) stores the IP addresses of the visitors for a maximum of seven days to detect and ward off attacks.' Every time our website is called up, the system (Hetzner server) automatically records data and information from the computer system of the calling computer.
The following data The following are collected:
Information about the browser type and the version used
The user's operating system
The user's Internet service provider
The user's IP address
Date and time of access
Websites from which the user's system accesses our website
Websites accessed by the user's system via our website
Legal basis for data processing The legal basis for the temporary storage of data is Art. 6 para. 1 lit. f GDPR.


Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. To do this, the user's IP address must remain stored for the duration of the session. The log files are saved to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context. Our legitimate interest in data processing according to Art. 6 Para. 1 lit. f GDPR.


Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that it is no longer possible to assign the calling client. According to Hetzner Online GmbH, the log files can be evaluated anonymously for a maximum of the past 6 weeks.


Opposition and elimination options

The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility for the user to object.


3. General information and mandatory information

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your
personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
If you use this website, various personal data are collected.
Personal data are data with which you are personally identified can. This data protection declaration explains what data we collect and what we use it for. It also explains how
and for what purpose.
We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. A complete protection of the data against the access by third parties is not possible.


Note on the repsonsible body


The responsible body for data processing on this website is:


direct x fair Trade UG (haftungsbeschränkt)
Geschwister-Scholl-Straße 12, D-53123 Bonn


Telephone: +49 15225240948
E-Mail: welcome[at]direktrade[dot]de

CEO: Amit Bansod
City Court: Bonn, HRB 24686
Sales tax identification number according to § 27 a sales tax law: DE326144445

Data protection officer is Amit Bansod, welcome[at]direktrade[dot]de.
The responsible body is the natural or legal person who alone or together with others about the purposes and means of processing personal data (e.g. names, email addresses, etc.)
decides.


Revocation of your consent to data processing


Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send an informal email to us.
The legality of the data processing carried out prior to the revocation remains unaffected by the revocation.


Right to object data collection in special cases and against direct marketing (Art. 21 GDPR)


IF DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR
IF YOU HAVE THE RIGHT AT ANY TIME TO SUBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AND OBJECTION; THIS ALSO APPLIES TO A PROFILE BASED ON THESE PROVISIONS. THE RELEVANT LEGAL BASIS ON WHICH THE PROCESSING IS BASED,
TAKE THIS PRIVACY STATEMENT. IF YOU SUBJECT IT, WE WILL NOT PROCESS YOUR PERSONAL DATA, UNLESS WE CAN PROVE EXCUSIVE REASONS FOR THE PROCESSING THAT EXCEED YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING DOES NOT AUTHORIZE, EXERCISE OR DEFEND YOUR RIGHTS (CONTRADICTION IN ACCORDANCE WITH ART. 21 (1) GDPR) OBJECTING THE PROCESSING OF THIS PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING; THIS IS ALSO APPLICABLE TO PROFILING, IN SO FAR AS IT IS IN CONNECTION WITH SUCH DIRECT ADVERTISING. IF YOU DISAGREE, YOUR PERSONAL DATA WILL NOT BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (CONTRADICTION AGAINST ARTICLE 21 (2) GDPR).


Right to lodge a complaint with the competent supervisory authority


In the event of violations of the GDPR, the data subject has the right to lodge a complaint with a supervisory authority, particularly in the Member State of their habitual residence and place of work or the location of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.


Right to data portability


You have the right to which we process automatically on the basis of your consent or in fulfillment of a contract
to be handed over to yourself or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person in charge, this will only take place if it is technically feasible.


SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from 'http: //' to 'https: //' and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.


Information, Deletion and correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correct or delete this data. You can contact us at any time at the address given in the imprint
or for further questions on the subject of personal data.


Right to restriction of processing

You have the right to request the restriction of processing of your personal data.
You can contact us at any time at the address given in the imprint. The right to restrict processing exists in the following cases:
If you dispute the accuracy of your personal data stored with us, we generally need time to check this. For the duration of the examination, you have the right to request that the processing of your personal data be restricted.
If the processing of your personal data happened / happens unlawfully, you can request the restriction of the data processing instead of deletion .
If we no longer need your personal data, but you need it to exercise, defend or assert
legal claims, you have the right to request that the processing of your personal data be restricted instead of being deleted.
If you have lodged an objection under Art. 21 Para. 1 GDPR, you have to weigh up your interests against ours. As long as it is not clear whose interests
predominate, you have the right to request that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, this data may - from
except for their storage - only with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest in the European Union or of a member state.


Objection to advertising emails

The use of within the framework the contact information published for the sending of advertising and information material that has not been expressly requested is hereby contradicted. The operators of the website expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.


4. Data collection on this website


Cookies

In order to make the visit to our website attractive and to enable the use of certain functions to create suitable products so-called cookies are used to display. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in an optimized presentation of our offer in accordance with Art. 6 Para. f GDPR. Cookies are small text files that are automatically saved on your device. Most of the cookies we use are so-called 'session cookies'. They are automatically deleted after your visit. Other cookies remain on your device until you delete them. These cookies enable us to recognize your browser the next time you visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted.

The following essential cookies are needed for functioning of the website.

Data Procesing Purpose
  Storage of chosen option

Used Technologies
  Accept Cookies
  Local storage

Data Attributes
  Chosen Option 'Yes' or 'No'
  Language Selector 'de' or 'en'
  Session Id
  CSRF Token

Cookies that are required to carry out the electronic communication process or to provide certain functions that you require are set on the basis of Art. 6 (1) lit. f GDPR saved. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services.


Server log files

The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
browser type and browser version - operating system used
referrer URL
host name of the accessing computer
time of server request
IP address
This data will not be merged with other data sources This data is collected on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - the server log files must be recorded for this.


Inquiry by email, phone

If you contact us by e-mail, phone, your request, including all personal data resulting from it (name, request), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is based on Art. 6 Para. 1 lit. b GDPR, if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on your consent (Art. 6 Para. 1 lit. a GDPR) and / or on our legitimate interests (Art. 6 Para. 1 lit. f GDPR), since we have a legitimate < br> interest in the effective processing of inquiries addressed to us.
The data you send us via contact inquiries remain with us until you ask us to delete them, revoke your consent to their storage or the purpose for them Data storage is no longer required (eg after your request has been processed). Mandatory legal provisions and especially statutory retention periods remain unaffected.


SSL Certificate

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content that you send to us as the site operator. For this we use a certificate from Let’s Encrypt, a certification body, issued by Internet Security Research Group (ISRG), 1 Letterman Drive, Suite D4700, San Francisco, CA 94129, USA.

In order to query the status of the certificate, your web browser builds when you visit our website connects to the validation service entered in the certificate ('OCSP request'). If your browser makes an OCSP request, ‘Let’s Encrypt’ servers automatically record your IP address, your browser and your operating system in temporary server log files. Let's Encrypt states as follows: 'We do not use data from OCSP requirements to create profiles or to identify people. Temporary server logs are used for operational purposes only and are typically deleted within less than seven days. We may keep a subset of server logs for long periods of time to investigate software errors or misuse. In this case, all saved logs will be deleted when the investigation is complete. We can also calculate, store and publish information collected from server logs, e.g. B. which certificates generate the greatest volume of requirements. We always strive to ensure that these records do not contain information about the activities of identifiable users or devices.'
This is in our legitimate interest in data processing according to Art. 6 Para. 1 lit. f GDPR. For more information, see Let's Encrypt Privacy Policy


5. Links to websites of other providers

Our websites may contain links to websites of other providers. We would like to point out that this data protection declaration only applies to our websites. The content and scope of the data that are collected, processed and stored by the relevant providers, for example when visiting the linked websites, are unknown to us. We have no influence on this and do not control that other providers comply with the applicable data protection regulations. When using linked websites, you must therefore inform yourself independently about the data protection information of the respective other provider.

6. OpenStreetMap

We use the map service from OpenStreetMap (OSM). The provider is the Open-Street-Map Foundation (OSMF), St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS.

If you visit a website that includes OpenStreetMap, it collects information about your browser or your application and your interaction with our website, including your (a) IP address, (b) browser and device type, (c) operating system, (d) referring website, (e) date and time of the Site visits. Details can be found in the data protection declaration of OpenStreetMap under the following link: https://wiki.osmfoundation.org/wiki/Privacy_Policy .

The use of OpenStreetMap is in the interest of an attractive presentation of our online offers and an easy findability of the places we have indicated on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent was requested (e.g. consent to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be revoked at any time.



7. Processing of data (customer and contract data)

We collect, process and use personal data only insofar as they are necessary for the establishment, content or change of the legal relationship (inventory data). This is done on the basis of Art. 6 Para. 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. We only collect, process and use personal data on the use of this website (usage data) if this is necessary to enable or bill the user for the use of the service.

The customer data collected will be available after the order has been completed or termination of the business relationship deleted. Statutory retention periods remain unaffected. Data transmission when the contract is concluded for services and digital content.

We only transfer personal data to third parties if this is necessary as part of the contract processing, for example to the credit institution commissioned with the payment processing.

A further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without express consent, for example for advertising purposes.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.



8. Subject to change

This data protection declaration is currently valid and has the status of May 2020. Due to the further development of our website and offers above or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://willkommen.direktrade.de/.

Source:
https://www.e-recht24.de