Name and contact details of the responsible body
Calle Pau 2
represented by Ulrike Merat
✆ +34 677 668 440
We collect and process the following personal data about you:
- contact and address information if you have provided us with your contact information or registered on our website,
- company data, namely when you use the “ePrivacy Generator” portal or the “ePrivacyaudit”,
- online identifiers (e.g. your IP address, browser type and browser version, the operating system used, the referrer URL, the IP address, the file name, the access status, the transferred data volume, the date and time of the server request),
- social media identifiers.
We process your data for the following purposes:
- for your contacting you,• for carrying out contracts with you (project management, external data protection officer),
- to provide and maintain the “ePrivacy Generator” customer portal,
- for advertising purposes,
- to send you the email newsletter, if you have registered for it,
- for quality assurance, and
- for our statistics.
Legal basis of data processing
Your data will be processed on the following legal bases:
- your consent pursuant to Art. 6(1)(a) GDPR,
- for the performance of a contract with you pursuant to Art. 6(1)(b) GDPR
- to fulfil legal obligations pursuant to Art. 6(1)(c) GDPR or
- from a legitimate interest pursuant to Art. 6(1)(f) GDPR.
If we process your personal data based on legitimate interests under Art. 6(1)(f) GDPR they are for
- the improvement of our service,
- protection against fraud, and
- our statistics.
We receive the data from you (including the equipment you use). If we do not collect personal data directly from you, we will also inform you from which source the personal data originates and, if applicable, whether it originates from public accessible sources.
Recipients or categories of recipients of personal data
When processing your data, we work with the following service providers who have access to your data:
- providers of web analysis tools,
- web hosting providers.
Data is transferred to third countries outside the European Union. This is done on the basis of statutory contractual stipulations which are intended to ensure adequate protection of your data, and which you can view on request.
We store your personal data only as long as it is necessary to achieve the processing purpose or the storage is subject to a legal retention period.
We store your data,
- if you have consented to the processing until you revoke your consent,
- if we require the data for the execution of a contract for a maximum of as long as the contractual relationship with you exists or as long as legal retention periods are in effect,
- if we use the data on the basis of our legitimate interests, only as long as your interest in deletion or anonymisation does not outweigh them.
You have the right – partly under certain conditions,
- to request information about the processing of your data free of charge, as well as the receipt of a copy of your personal data. You can request information on the purposes of the processing, the categories of personal data being processed, the recipients of the data (if they are passed on), the duration of the storage or the criteria for determining the duration;
- to correct your data. Should your personal data be incomplete, you have the right to complete the data, taking into account the processing purposes;
- to delete or block your data. Reasons for the existence of a cancellation/blocking right can be, among others, the revocation of the consent on which the processing is based, the data subject objects to the processing, the personal data were processed unlawfully;
- to restrict the processing;
- to object the processing of your data;
- to revoke your consent to the processing of your data in the future, and
- to complain to the competent supervisory authority about inadmissible data processing.
Requirement or obligation to provide data
Where not expressly stated in the survey, the provision of data is not required or obligatory. Such an obligation may result from legal requirements or contractual regulations.
Further information on data protection
Contact form / Customer support
The contact form on our website is an easy way to contact us quickly. To enable us to contact you, some fields are marked as mandatory. If you fill in the fields and choose “Send”, you agree that your data will be sent to us with the message by email. The data is not stored on the web server.
As part of our customer support for the “ePrivacyGenerator” you have the opportunity to contact us via our website. You voluntarily provide us with your contact data. Your personal data transmitted to us will be stored automatically, whereby the processing serves exclusively the purpose of processing your request to us. The data will not be passed on to third parties.
If you register for our newsletter, we use the required or separately communicated data in order to send you our e-mail newsletter on a regular basis. You can unsubscribe from the newsletter at any time either by sending a message to the contact point described above or via the unsubscribe link provided in the newsletter.
We have taken extensive technical and organizational measures to protect your data against possible dangers, such as unauthorized access, unauthorized knowledge, alteration or distribution, as well as against loss, destruction or misuse.
In order to protect your personal data from unauthorized access by third parties during transmission, we secure the data transmissions, if necessary using SSL encryption. This is a standardized encryption method for online services, especially for the web.
With each access to our website, usage data is transmitted by your web browser and stored in log files, the so-called server log files. The data records stored this way contain the following data: Domain from which the user accessed the website, date and time of access, IP address of the accessing computer, website(s) visited by the user within the scope of the service, data volume transmitted, browser type and version, operating system used, name of the Internet service provider, notification as to whether the access was successful. These log file data records are evaluated in anonymised form in order to improve the offer and make it more user-friendly, to find and correct errors and to control the utilization of servers.
This site uses web fonts provided by Google to uniformly display fonts. When you open a page, your browser loads the required Google Fonts into your browser cache to display texts and fonts correctly.
To do this, your browser must connect to Google’s servers. This gives Google knowledge that our website has been accessed via your IP address. The use of Google Fonts is in the interest of a consistent and user-friendly presentation of our website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Our website uses functionalities of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Every time you access one of our pages that contains functions of LinkedIn, a connection to LinkedIn’s servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the “Recommend button” of LinkedIn and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We point out that we as provider of the pages have no knowledge of the content of the transmitted data and their use by LinkedIn.