We are very pleased that you have shown interest in our company. Data protection has a particularly high priority for the management of Elitco GmbH. The use of the Elitco GmbH website is possible without providing personal data; However, if a data subject wishes to use special business services through our website, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we usually obtain the consent of the person concerned.
The processing of personal data such as the name, address, email address or telephone number of a data subject always takes place in accordance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to Elitco GmbH. With this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. In addition, data subjects are informed of their rights based on this data protection declaration.
As the controller, Elitco GmbH has taken numerous technical and organizational measures to ensure the most comprehensive protection of the personal data processed via this website. However, Internet-based data transmissions can generally have security gaps, so that absolute protection may not be guaranteed. For this reason, every data subject is free to transmit personal data to us in an alternative way, e.g. with the phone.
- Definitions
The data protection declaration of Elitco GmbH is based on the terms used by European lawmakers to adopt the General Data Protection Regulation (GDPR). Our privacy policy should be readable and understandable for the general public as well as for our customers and business partners. To ensure this, we would first like to explain the terminology used.
In this data protection declaration, we use the following terms, among others:
• a) Personal data
Personal data is all information that relates to an identified or identifiable natural person (“data subject”). An identifiable natural person is a person who can be identified directly or indirectly, in particular with reference to an identifier such as a name, an identification number, location data, an online identifier or one or more physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
• b) Affected person
The data subject is an identified or identifiable natural person whose personal data are processed by the person responsible for processing.
• c) processing
Processing is any operation or set of operations performed on personal data or on sets of personal data, whether automated or not, such as: B. Collection, recording, organization, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, distribution or other provision, alignment or combination, restriction, deletion or destruction.
• d) restriction of processing
The restriction of processing is the marking of stored personal data with the aim of restricting their processing in the future.
• e) Profiling
Profiling is any form of automated processing of personal data that consists of using personal data to evaluate certain personal aspects of a natural person, in particular to analyze or predict aspects of the performance of this natural person at work, the economic situation, and health and personal preferences, interests, reliability, behavior, location or movements.
• f) pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.
• g) controller or controller responsible for processing
The person responsible or responsible for processing is the natural or legal person, public authority, agency or other body who, alone or together with others, determines the purposes and means of processing personal data. If the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for his appointment may be determined by Union or Member State law.
• h) processor
The processor is a natural or legal person, an authority, an agency or another body that processes personal data on behalf of the controller
Receiver
The recipient is a natural or legal person, an authority, an agency or another body to which the personal data are passed on, regardless of whether they are third parties or not. However, authorities that can receive personal data in a specific investigation under Union or Member State law are not considered recipients. The processing of this data by these authorities must comply with the applicable data protection regulations in accordance with the purposes of the processing.
j) Third parties
A third party is a natural or legal person, an authority, an agency or a body other than the data subject, the controller, the processor and persons under the direct authority of the controller or the processor for the processing of personal data Data are authorized.
k) consent
The consent of the data subject is any released, specific, informed and unambiguous statement of the wishes of the data subject, by means of which they mean the consent to the processing of personal data concerning them through a declaration or a clear positive action.
Name and address of the controller
Responsible within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the member states of the European Union and other data protection regulations are:
Elitco GmbH
Monschauerstrasse 12th
40549 Dusseldorf
Germany
Telephone: 0211 69990960
Email: info@elit-co.de
Website: www.elit-co.de
Collection of general data and information
The Elitco GmbH website collects a series of general data and information when a data subject or an automated system accesses the website. This general data and information is stored in the server log files. You can collect (1) the browser types and versions used, (2) the operating system used by the access system, (3) the website from which an access system accesses our website (so-called referrer), (4) the sub-websites, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the access system, and (8) other similar data and information that can be used when attacking our information technology systems.
When using this general data and information, Elitco GmbH cannot draw any conclusions about the person concerned. Rather, this information is required to (1) provide the content of our website correctly, (2) optimize the content of our website and its advertising, (3) ensure the long-term viability of our information technology systems and website technology and (4) law enforcement agencies Provide information necessary for criminal prosecution in the event of a cyber attack. Therefore, Elitco GmbH statistically analyzes anonymously collected data and information with the aim of increasing the data protection and data security of our company and ensuring an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
Routine deletion and blocking of personal data
The data controller processes and stores the personal data of the data subject only for the period required to achieve the storage purpose, or to the extent permitted by European lawmakers or other legislators in laws or regulations to which the data controller is subject becomes.
If the storage purpose is not applicable or if a storage period prescribed by the European legislator or another responsible legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
Rights of the data subject
a) Right of confirmation
Every data subject has the right granted by the European legislator to receive confirmation from the data controller as to whether or not personal data concerning them are being processed. If a data subject wishes to exercise this right of confirmation, they can contact an employee of the controller at any time.
• b) Right to information
Every data subject has the right granted by the European legislator to receive free information from the data controller about their personal data stored at any time and a copy of this information. In addition, the European directives and regulations grant the data subject access to the following information:
• •
o the purposes of processing;
o the categories of personal data concerned;
o the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular recipients in third countries or international organizations;
o if possible, the planned period for which the personal data will be stored or, if not possible, the criteria on the basis of which this period is determined;
o The existence of the right to request the controller to correct or delete personal data or to restrict the processing of personal data in relation to the data subject or to object to such processing;
o the right to lodge a complaint with a supervisory authority;
o if the personal data are not collected by the data subject, all available information on their source;
o The existence of automated decision-making, including profiling, in accordance with Article 22 paragraphs 1 and 4 of the GDPR and, at least in these cases, meaningful information about the logic concerned and the meaning and the planned consequences of such processing for the data subject.
In addition, the data subject has the right to receive information about whether personal data is transferred to a third country or to an international organization. In this case, the data subject has the right to be informed about the corresponding protective measures in connection with the transfer.
If a data subject wishes to exercise this right to information, they can contact an employee of the controller at any time.
• c) Right to rectification
Every data subject has the right granted by the European legislator to immediately request the controller to correct inaccurate personal data concerning them. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by providing a supplementary statement.
If a data subject wishes to exercise this right to rectification, they can contact an employee of the controller at any time.
• d) Right to erasure (right to be forgotten)
Every data subject has the right to be granted by the European legislator to have the controller immediately delete personal data, and the controller is obliged to delete personal data immediately if one of the following reasons applies, as long as processing is not necessary:
• •
o The personal data are no longer required for the purposes for which they were collected or otherwise processed.
o The data subject withdraws the consent on which the processing is based in accordance with Article 6 (1) (a) of the GDPR or Article 9 (2) (a) of the GDPR and, unless other legal provisions exist, reason for the processing.
o The data subject objects to the processing in accordance with Article 21 (1) of the GDPR and there are no compelling legitimate grounds for the processing, or the data subject objects to the processing in accordance with Article 21 (2) of the GDPR.
o The personal data was processed illegally.
o The personal data must be deleted in order to comply with a legal obligation in Union or member state law to which the controller is subject.
o The personal data was collected in connection with the provision of information society services in accordance with Article 8 (1) of the GDPR.
If one of the above reasons applies and a data subject wishes to request the deletion of the personal data stored by Elitco GmbH, they can contact an employee of the controller at any time. An employee of Elitco GmbH must immediately ensure that the deletion request is met immediately.
If the controller has published personal data and is obliged to delete the personal data in accordance with Article 17 (1), the controller will take appropriate measures, including technical measures, taking into account the available technology and the costs of implementation to inform others responsible for the processing, who process the deletions of links to these personal data requested by the data subject or their duplication or duplication, unless the processing is necessary. An employee of Elitco GmbH will take the necessary measures in individual cases.
e) Right to restriction of processing
Every data subject has the right granted by the European legislator to receive a processing restriction from the controller if one of the following conditions applies:
The data subject disputes the accuracy of the personal data for a period of time that enables the controller to check the accuracy of the personal data.
The processing is unlawful and the data subject opposes the deletion of the personal data and instead requests that their use be restricted.
The data controller no longer needs the personal data for the purpose of processing, but is required by the data subject to justify, exercise or defend legal claims.
The data subject has objected to processing pursuant to Article 21 (1) of the GDPR until it has been checked whether the legitimate grounds of the controller override those of the data subject.
If one of the above conditions is met and a data subject wishes to request the restriction of the processing of personal data stored by Elitco GmbH, they can contact an employee of the controller at any time. The employee of Elitco GmbH will arrange for the processing to be restricted.
f) Right to data portability
Every data subject has the right granted by the European legislator to receive the personal data concerning them, which have been made available to a data controller, in a structured, commonly used and machine-readable format. He or she has the right to transfer this data to another controller without hindrance to the controller to whom the personal data has been transferred, provided that the processing is based on the consent in accordance with Article 6 paragraph 1 letter a of the GDPR or Article 9 paragraph 2 letter a of the GDPR or a contract pursuant to Article 6 paragraph 1 letter b of the GDPR, and processing is automated, as long as processing is not necessary to perform a task that is in the public interest or to exercise the official authority assigned to the controller.
In addition, when exercising their right to data portability in accordance with Article 20 paragraph 1 of the GDPR, the data subject has the right to have personal data transmitted directly from one controller to another, provided this is technically feasible and this is not the case Adversely affect the rights and freedoms of others.
In order to assert the right to data portability, the data subject can contact an employee of Elitco GmbH at any time.
g) Right to object
Every data subject has the right granted by the European legislator to object to the processing of personal data based on point (e) or (f) of Article 6 (1) of the GDPR at any time for reasons relating to their particular situation. This also applies to the creation of profiles in accordance with these provisions.
Elitco GmbH no longer processes the personal data in the event of an objection, unless we can demonstrate compelling legitimate reasons for the processing that override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims.
If Elitco GmbH processes personal data for direct marketing purposes, the person concerned has the right to object to the processing of personal data relating to them at any time for such marketing. This applies to profile creation insofar as it is related to such direct marketing. If the data subject of Elitco GmbH objects to processing for direct marketing purposes, Elitco GmbH will no longer process the personal data for these purposes.
In addition, the person concerned has the right to object to the processing of personal data by Elitco GmbH for scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) of the GDPR, unless the processing is for Fulfillment of a task carried out for reasons of public interest.
To exercise the right to object, the data subject can contact any employee of Elitco GmbH. In addition, within the framework of the use of information society services and regardless of Directive 2002/58 / EC, the data subject is free to use their right to object by automated means using technical specifications.
h) Automated individual decision making, including profiling
Every data subject has the right granted by European legislature not to be subject to a decision that is based solely on automated processing, including profiling, that has a legal impact on them or similarly significantly influences them, as long as the decision is taken (1) is not required to conclude or fulfill a contract between the data subject and a controller, or (2) is not permitted under Union or Member State law to which the controller is subject and that is also to take appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject or (3) not to be based on the express consent of the data subject.
If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and a data controller or (2)
Based on the express consent of the data subject, Elitco GmbH takes appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, at least the right to human intervention by the data controller, to express their point of view and to contest the decision.
If the data subject wishes to exercise the rights for automated individual decision-making, they can contact an employee of the
Contact Elitco GmbH.
i) Right to withdraw consent under data protection law
Every data subject has the right granted by the European legislator to revoke their consent to the processing of their personal data at any time.
If the data subject wishes to exercise their right to withdraw their consent, they can contact an employee of Elitco GmbH at any time.
- Data protection regulations for the application and use of Jetpack for WordPress
The legitimate interests of the controller or a third party if the processing of personal data is based on Article 6 (1). f GDPR Our legitimate interest is to run our business for the benefit of all of our employees and shareholders.
Time period for which the personal data is stored
The respective statutory retention period applies as a criterion for the duration of the storage of personal data. After this period has expired, the corresponding data will be routinely deleted if this is no longer necessary to fulfill the contract or to start the contract.
Provision of personal data as a legal or contractual requirement; Prerequisite for the conclusion of a contract; Obligation of the data subject to provide personal data; possible consequences of not providing such data
We make it clear that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information about the contractual partner). Sometimes it may be necessary to conclude a contract in which the person concerned provides us with personal data that we then have to process. For example, the data subject is obliged to provide us with personal data when our company signs a contract with them. Failure to provide personal data would mean that the contract could not be concluded with the data subject. Before the data subject provides personal data, the data subject must contact an employee. The employee clarifies to the data subject whether the disclosure of the personal data is required by law or contract or is required for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of not providing the personal data.
Having automated decisions
As a responsible company, we do not use automatic decision making or profiling.
This data protection guideline was created by the data protection guideline generator of DGD – your external data protection officer – which was developed in cooperation with German lawyers from WILDE BEUGER SOLMECKE, Cologne. In addition, the data subject has the option to object to and exclude a collection of data in connection with the use of this website, which is generated by the Jetpack cookie, and the processing of this data by Automattic / Quantcast. For this purpose, the person concerned must click on the “Opt-out” button at https://www.quantcast.com/opt-out/ to set an opt-out cookie. The opt-out cookie set for this purpose is stored on the information technology system used by the data subject. If the cookies in the data subject’s system are deleted, the data subject must open the link again and set a new opt-out cookie.
By setting the opt-out cookie, however, there is a possibility that the controller’s websites can no longer be fully used by the data subject.
The applicable data protection regulations of Automatik can be accessed at https://automattic.com/privacy/. Quantcast’s current privacy policy can be found at https://www.quantcast.com/privacy/.
Legal basis for processing
Art. 6 (1) lit. A GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary to fulfill a contract in which the data subject is involved, as is the case, for example, if processing operations for the delivery of goods or the provision of other services are required, the processing is carried out on the basis of Article 6 paragraph 1 lit. b GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example inquiries about our products or services. If our company is subject to a legal obligation that requires the processing of personal data, for example to fulfill tax obligations, the processing is based on Art. 6 (1) lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were injured and their name, age, health insurance data or other important information had to be passed on to a doctor, a hospital or another third party. Then the processing would be based on type. 6 (1) lit. d GDPR. Finally, processing operations could be based on Article 6 (1). f GDPR. This legal basis is used for processing operations that do not fall under one of the above-mentioned legal grounds if processing is necessary for the legitimate interests of our company or a third party, unless these interests are overridden by the interests or fundamental rights and freedoms the data subject who require the protection of personal data. Such processing operations are particularly permissible because they have been expressly mentioned by the European legislator. He was of the opinion that a legitimate interest could be accepted if the data subject is a customer of the controller (recital 47 sentence 2 GDPR).
The legitimate interests of the controller or a third party
If the processing of personal data is based on Article 6 paragraph 1. f GDPR Our legitimate interest is to run our business for the benefit of all of our employees and shareholders.
Time period for which the personal data is stored
The respective statutory retention period applies as a criterion for the duration of the storage of personal data. After this period has expired, the corresponding data will be routinely deleted if this is no longer necessary to fulfill the contract or to start the contract.
Provision of personal data as a legal or contractual requirement; Prerequisite for the conclusion of a contract; Obligation of the data subject to provide personal data; possible consequences of not providing such data
We make it clear that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information about the contractual partner). Sometimes it may be necessary to conclude a contract in which the person concerned provides us with personal data that we then have to process. For example, the data subject is obliged to provide us with personal data when our company signs a contract with them. Failure to provide personal data would mean that the contract could not be concluded with the data subject. Before the data subject provides personal data, the data subject must contact an employee. The employee clarifies to the data subject whether the disclosure of the personal data is required by law or contract or is required for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of not providing the personal data.
Having automated decisions
As a responsible company, we do not use automatic decision making or profiling.
This data protection guideline was created by the data protection guideline generator of DGD – your external data protection officer – which was developed in cooperation with German lawyers from WILDE BEUGER SOLMECKE, Cologne.
