DATA PROTECTION

Your trust is very important to us and the protection of your data is a matter of trust. We respect your / private information and privacy. We therefore observe the legal provisions when processing your personal data.

 
Responsible body
​
The responsible body within the meaning of the data protection laws is:
​
Kohldampf  UG (limited liability)
Blumenstrasse 16
40667 Meerbusch
E-mail address:  marketing@kohldampf.io
Data Protection Officer: Alexander Laugomer
​
Websites: kohldampf.io
​
The provider is responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations.
​
With the following declaration we inform you about the type, scope and purpose of the collection, processing and use of your data in connection with visiting the website and any further use of the content and services.
​
Summary
​
The provider saves and processes your personal data (hereinafter summarized processing) in compliance with the relevant data protection regulations, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG).
​
When you call up the provider's website, the provider processes certain usage data in order to enable you to use its offer. The provider processes further data if you communicate this to him or if you give your consent.
 
See below for more information.
​
I. General information on data processing
​
​
1. Definitions
​
a. Personal Data
Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more special features that express the physical , physiological, genetic, psychological, economic, cultural or social identity of that natural person.
​
b. inventory data
Inventory data is a user's personal data that is required for the establishment, content design or change of a contractual relationship between the service provider and the user regarding the use of telemedia.
​
c. usage data
Usage data is a user's personal data that is required to enable and bill the use of telemedia. This includes in particular features to identify the user, information about the beginning and end as well as the scope of the respective use and information about the telemedia used by the user.
​
i.e. processing
Processing is any process carried out with or without the help of automated procedures or any such series of processes in connection with personal data such as collecting, recording, organizing, organizing, storing, adapting or changing, reading out, querying, using, disclosure by transmission, distribution or any other form of making available, matching or linking, restriction, deletion or destruction.
​
e. pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organizational measures that ensure that the personal data is not assigned to an identified or identifiable natural person;
​
f.Cookies
Cookies are small text files that are stored on your computer. Cookies always have a validity period that can be limited to the end of the user session (so-called session cookies) or can exist for a longer period of time (so-called permanent cookies). These permanent cookies remain on your computer and enable the provider or its partner companies (so-called third-party cookies) to recognize your computer on your next visit. You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or reject the setting of cookies for certain cases or in general. If cookies are not accepted, the functionality of the website may be restricted.
​
G. site
A website, also web presence, is the presence of a private or corporate provider of telemedia in the global network (World Wide Web) summarized under a specific Internet address. The website includes individual websites and optionally available downloadable documents as well as other audiovisual media services that can be called up.
 
2. Existence of appropriate guarantees
​
a. pseudonymization
Insofar as the provider collects usage data, he always saves this under pseudonyms (in the case of cookies, for example, using a unique session key). The provider does not merge pseudonymous data with data about the bearer of the pseudonym (such as inventory data).
​
b. Use of encryption technologies
When transferring data between your computer or mobile device and the provider's server, the provider uses the SSL security system (Secure Socket Layer).
This technology is intended to protect your data from being read by unauthorized third parties and offers a very high standard of security. You can tell that your data is being transmitted in encrypted form by the closed representation of a key or lock symbol in the lower status bar of your browser.
​
c. Principles for determining storage periods
If you enter data in the provider's contact, order or registration forms, the provider will only process them for the purposes stated in each case. All processed personal data will be deleted by the provider after the storage period has expired.
​
i.e. principle of data minimization
The provider observes the principle of data minimization. This means that data is processed to the extent necessary for the purposes of processing, as is appropriate and necessary to provide a functional website and with regard to the content and services offered. The processing takes place either on the basis of prior consent or if this is permitted by statutory provisions.
​
II. Processing
 
​
1. Processing in the case of the use of forms (newsletter registration, download of documents and content, contact form)
As part of customer relationship management, the provider has various contact forms available, which you can use to receive documents from the provider as a one-time purchase or as well as the newsletter on a permanent basis and to find out about other services provided by the provider.
​
Data collection (inventory data)
- Salutation, first name and last name
- Company or company
- Address of the company
- job function
- E-mail address
- phone number
- Information about the company, such as the size of the company, industry information and the organizational structures and needs
​
The legal basis for processing the data is Art. 6 (1) (a) GDPR if you have given your consent to the provider, and also Art. 6 (1) (f) GDPR. If the purpose of contacting you is to initiate a contract, Art. 6 (1) (b) GDPR is also a legal basis for data processing.
​
Data provided by you will be deleted immediately after your request has been dealt with, or if it has not been dealt with at the latest after 12 months have elapsed since the last contact. The request is settled when it can be inferred from the circumstances that the facts in question have been finally clarified. However, the provider will not delete your data if another reason for the processing of your data (e.g. the fulfillment of a contract) arises in the meantime.
​
You have the option at any time to revoke your consent to the processing of personal data or to object to data processing that is not based on consent. The exercise of the revocation or objection can be made in particular by e-mail to the above contact e-mail address. All personal data that the provider has stored in the course of your contact will be deleted in this case.
In principle, your right of revocation does not relate to such data that the provider requires in the context of the fulfillment of a contract or pre-contractual measures. However, you may have other rights.
​
2. Processing in the case of sending e-mails
You can contact the provider via the email addresses given on the website. The provider processes the data you have provided to answer your contact request.
​
Data collection (inventory data)
- First and Last Name
- company
- Street
- POSTCODE
- Location
- country
- phone
- fax
- email
- Web
​
If an e-mail is sent, only the aforementioned inventory data will be processed if you communicate this to the provider.
​
The legal basis for processing the data is Art. 6 (1) (a) GDPR if you have given your consent to the provider, and also Art. 6 (1) (f) GDPR. If the purpose of contacting you is to initiate a contract, Art. 6 (1) (b) GDPR is also a legal basis for data processing.
​
Data provided by you will be deleted immediately after your request has been dealt with, or if it has not been dealt with at the latest after 12 months have elapsed since the last contact. The request is settled when it can be inferred from the circumstances that the facts in question have been finally clarified. However, the provider will not delete your data if another reason for the processing of your data (e.g. the fulfillment of a contract) arises in the meantime.
​
You have the option at any time to revoke your consent to the processing of personal data or to object to data processing that is not based on consent. The revocation or objection can be exercised in particular by e-mail to the contact e-mail address given above. All personal data that the provider has stored in the course of your contact will be deleted in this case.
​
In principle, your right of revocation does not relate to such data that the provider requires in the context of the fulfillment of a contract or pre-contractual measures. However, you may have other rights.
​
3. Processing of log data
When you access the provider's website or the telemedia used by the provider (described below), your internet browser automatically transmits certain data to the provider's server or to the third parties named below for technical reasons. The following data is collected by the provider or third parties separately from other data that you may transmit to the provider and used for the aforementioned purposes:
​
Data collection (usage data)
- Name of the accessed website or URL,
- date and time of retrieval,
- access status / Http status code,
- each transmitted amount of data,
- Website through which the request comes,
- browser software and software version,
- operating system and version,
- IP address (anonymized, shortened by the last 3 digits),
- randomly generated key number of the cookie or session.
​
The legal basis for storing the data and log files is Art. 6 (1) (f) GDPR.
​
If the data is stored in log files, the usage data will be deleted after 7 days at the latest. Storage that goes beyond this is possible in accordance with data protection permits. In this case, the IP addresses are deleted or alienated so that it is no longer possible to assign the website access to your computer.
​
The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.