Privacy Policy

Thank you very much for your interest in our company. Data protection has especially high priority for the management of icgood GmbH. A use of the Internet pages of the icgood GmbH is basically possible without any indication of personal data. Provided one person concerned special services provided by our company via our website in pretension but may require the processing of personal data in order to be carried out. Is the processing of personal data and exists for such processing.

If there is no legal basis for this, we generally obtain the consent of the person concerned.

This privacy policy clarifies the nature, scope and purpose of the collection and use of Data of visitors and users (hereinafter collectively referred to as “Users”) by Icgood GmbH (hereinafter referred to as “provider”) as the body responsible for data protection. If you have any questions about You can reach us on weekdays from 9:00 am to 6:00 pm by e-mail at info(at)icgood.de

Naming of the responsible office

The person responsible within the meaning of the Basic Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:

Icgood GmbH
Kolpingstr. 16
68165 Mannheim
Germany

E-mail: info@icgood.de

Websites:
www.online-visiontraining.com
www.onlineaugentraining.de

The responsible body alone or jointly with others shall decide on the purposes and means of the Processing of personal data (e.g. names, contact data, etc.).

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, which you send to us as the site operator our website uses SSL or TLS encryption. This means that data that you have transmitted via this Website, not readable by third parties. You recognize an encrypted connection by the “https://” address line of your browser and the lock symbol in the browser line.

Scope of the processing of personal data

We process personal data of our users in principle only, as far as this is necessary for the provision of an website as well as our content and services. The processing personal data of our users is regularly only provided with the consent of the user. An exception in cases where prior consent has not been obtained for factual reasons, the following shall apply and the processing of the data is permitted by legal regulations.

Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing personal data, Art. 6 Para. 1 lit. a EU Data Protection Basic Regulation (DSGVO) serves as the legal basis.

Art. 6 para. 1 lit. b DSGVO serves as the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f DSGVO serves as the legal basis for the processing.

Data deletion and storage period

The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. In addition, the data may be stored if the European or national legislator has provided for this in Union regulations, laws or other provisions to which the person responsible is subject. The data shall also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless it is necessary for further storage of the data for the conclusion or performance of a contract.

Description and scope of data processing

Each time you access our website, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:

• Information about the browser type and the version used
• The user’s operating system
• The Internet service provider of the user
• The IP address of the user
• Date and time of access
• Websites from which the user’s system accesses our website

The data is also stored in the log files of our system. These data are not stored together with other personal data of the user.

Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO.

Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session.

The data is stored in log files to ensure the functionality of the website. The data is also used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also include our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f DSGVO.

Duration of storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data to provide the website, this is the case when the session in question has ended.

If the data is stored in log files, this is the case after seven days at the latest. A storage going beyond this is possible. In this case the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

Objection and removal option

The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no possibility for the user to object.

Collection of access data

The provider collects data about each access to the online offer (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider. The provider uses the protocol data without allocation to the person of the user or other profiling according to the legal regulations only for statistical evaluations for the purpose of operation, security and optimization of the online offer. However, the provider reserves the right to subsequently check the log data if there are concrete indications of justified suspicion of illegal use.

Integration of services and contents of third parties

It may happen that contents of third parties, such as videos from YouTube, RSS feeds or graphics from other websites are integrated within this online offer. This always presupposes that the providers of this content (hereinafter referred to as “third-party providers”) use the IP address of the user. Without the IP address, they would not be able to send the content to the browser of the respective user. The IP address is therefore required for the presentation of this content. We make every effort to use only those contents whose respective providers only use the IP address to deliver the contents. However, we have no influence on whether the third party providers store the IP address for statistical purposes, for example. As far as this is known to us, we inform the users about it.

Collection and use of personal data

Personal data will only be collected and used by the provider if this is permitted by law or if the user consents to the collection of such data. As a rule, when using the service, users can see which data is stored, such as name, e-mail address and message when using the registration form for newsletter registration or use of the contact form. The personal data provided for the purpose of registration for online eye training (such as name, e-mail address, address, payment data) will be used by the provider to fulfill and process the contract. This data is treated confidentially, transmitted in encrypted form and not passed on to third parties who are not involved in the ordering, delivery or payment process. When contacting the provider (by email), the user’s details are stored for the purpose of processing the enquiry and in the event that follow-up questions arise. The provider has taken organizational, contractual and technical security measures to ensure that the provisions of data protection laws are complied with and that accidental or intentional manipulation, loss, destruction or access by unauthorized persons are prevented.

Data forwarding to third parties

User data will only be forwarded to third parties if this is permitted by law or if a user has consented to this forwarding. This is the case, for example, if the forwarding of data serves the fulfilment of contractual obligations towards the user. Or if the data is requested by competent authorities such as law enforcement authorities. The personal data of the users are not sold or passed on to third parties for advertising purposes or for the purpose of creating user profiles.

Cookies

The provider uses “cookies” within the scope of his online offer. Cookies are small files that are stored on the user’s computer and can store information for providers. Temporary cookies are deleted after closing the browser, permanent cookies are retained for a specified period of time and can make the stored information available when the online offer is called up again. Cookies are used on the one hand to facilitate the use of the service. A cookie saves the shopping cart status of a user. The user can influence the use of cookies. Most browsers have an option that restricts or completely prevents the storage of cookies. The provider endeavours to design the online offer in such a way that the use of cookies is not necessary. However, it is pointed out that the use and in particular the comfort of use are restricted without cookies.

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user calls up a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.

The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data are not stored together with other personal data of the user.

When calling up our website, users are informed by an information banner about the use of cookies for analysis purposes and referred to this data protection declaration. In this context, there is also an indication as to how the storage of cookies in the browser settings can be prevented.

When calling up our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of the personal data used in this context is obtained. In this context, there is also a reference to this data protection declaration.

Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f DSGVO.

Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized also after a page change.

We need cookies for the following applications:

1. Registration for training
2. Remembering search terms

The user data collected by technically necessary cookies are not used to create user profiles.

In these purposes, our legitimate interest lies in the processing of personal data in accordance with Art. 6 para. 1 lit. f DSGVO.

Duration of storage, possibility of objection and removal

Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that all functions of the website can no longer be used to their full extent.

Contact form and e-mail contact

A contact form is available on our website, which can be used for electronic contact. If a user makes use of this possibility, the data entered in the input mask will be transmitted to us and stored. These data are:

The following data will also be stored at the time the message is sent:

• The IP address of the user
• Date and time of registration

Alternatively, you can contact us via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be stored.

The data will not be passed on to third parties in this context. The data will be used exclusively for the processing of the conversation.

Legal basis for data processing

The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f DSGVO. If the purpose of the e-mail contact is to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.

Purpose of data processing

The processing of the personal data from the input mask serves us exclusively for the processing of the establishment of contact. If you contact us by e-mail, this is also the necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

Duration of storage

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the relevant facts have been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

Sending information by newsletter

E-Mail Newsletter (Mailchimp & Sendinblue)

E-mails with general, topic-specific and advertising information about the provider and its services will only be sent with the express consent of the user. Users may object to the receipt of the newsletter at any time. An objection possibility can be found, among other things, in every e-mail. Before the newsletter is sent, the e-mail owner receives a confirmation e-mail in which he must confirm the newsletter registration. Subscriptions that have not been confirmed are automatically deleted. Messages within the framework of the contractual relationship with the user do not belong to advertising information. This includes the dispatch of technical information, information on payment processing, queries on orders and comparable messages. Users can subsequently request to be removed from the notification list by sending an e-mail to the above-mentioned contact person. Within the scope of registration, the provider stores the registration and confirmation time as well as the IP address of the user. The provider is legally obliged to log the registrations in order to be able to prove a proper registration.

If you would like to receive the newsletter, free test or free exercise offered on the website, we need an e-mail address from you as well as information which allows us to check that you agree with the owner of the e-mail address provided and with the receipt of the subsequent newsletter.

We use the so-called double opt-in procedure to ensure that the newsletter is sent in an agreed manner. In the course of this procedure, the potential recipient can be added to a mailing list. The user then receives a confirmation e-mail to confirm the registration in a legally secure manner. Only if the confirmation takes place, the address is taken up actively in the distributor.

We use these data exclusively for the dispatch of the requested information and offers.

You can revoke your consent to the storage of data, e-mail address and their use to send the newsletter at any time, for example via the “Unsubscribe” link in the newsletter.

For this reason, we ask you to inform yourself about our data protection measures at regular intervals by inspecting our data protection declaration.

This website uses the services of MailChimp and Sendinblue to send newsletters. Providers are Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA and Sendinblue SAS, 55 Rue dÁmsterdam, 75008 Paris, France.

MailChimp and Sendinblue are services that can be used, among other things, to organize and analyze the sending of newsletters. If you enter data for newsletter subscription purposes (e.g. e-mail address), it will be stored on the MailChimp and Sendinblue servers.

MailChimp is certified according to the “EU-US-Privacy-Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA which is intended to ensure compliance with European data protection standards in the USA.

With the help of MailChimp and Sendinblue we can analyze our newsletter campaigns. When you open an e-mail sent with MailChimp or Sendinblue, a file contained in the e-mail (so-called web beacon) connects to the servers of MailChimp or Sendinblue. This allows you to determine whether a newsletter message has been opened and which links have been clicked. Technical information is also recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.

If you do not want an analysis by MailChimp or Sendinblue, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. You can also unsubscribe directly on the website.

Data processing is based on your consent in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke this consent at any time by unsubscribing the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted both from our servers and from the servers of MailChimp and Sendinblue after unsubscribing from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

You can find more details in the data protection regulations of MailChimp and Sendinblue.

https://mailchimp.com/legal/terms/

https://de.sendinblue.com/dsgvo/

You can revoke your consent to the storage of your data and its use to send the newsletter at any time. You can revoke your consent at any time by sending an e-mail to info@icgood.de or by clicking on the link provided for each newsletter.

Google Analytics

Based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offering), we use Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transferred to a Google server in the USA and stored there.

Google will use this information on our behalf in order to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. Pseudonymous user profiles can be created from the processed data.

We use Google Analytics only with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user’s browser is not merged with other Google data. Users may refuse the use of cookies by selecting the appropriate settings on their browser, they may also refuse the use of cookies by selecting the appropriate settings on their browser, they may refuse the use of cookies by selecting the appropriate settings on their browser, and they may refuse the processing of cookies by selecting the appropriate settings on Google, and they may refuse the processing of cookies by selecting the appropriate settings on Google, and they may refuse the processing of cookies by Google, by downloading and installing the browser plugin available from the following link: https://tools.google.com/dlpage/gaoptout.

Further information about the use of data by Google, setting and objection possibilities can be found on the web pages of Google:https://www.google.com/policies/privacy/partners/(“Use of data by Google when using websites or apps of our partners”), https://www.google.com/policies/technologies/ads(“Use of data for advertising purposes”), https://www.google.com/settings/ads(“Manage information that Google uses to show you advertising”)

Using Facebook Social Plugins

Due to our legitimate interests in the analysis, optimisation and economic operation of our online service, the so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used within our online service for these purposes.

Using the Facebook pixel, Facebook is able to determine the visitors of our offer as a target group for the display of ads, so-called “Facebook ads”. Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to Facebook users who have shown an interest in our website or who have certain features that we transmit to Facebook (also referred to as “pixel events” and e.g. including the e-mail address of the users). This means that by using the Facebook pixel, we want to ensure that our Facebook ads match the potential interest of users and are not annoying. The Facebook pixel also enables us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing if users were directed to our website after clicking on a Facebook ad.

The Facebook pixel is directly integrated by Facebook when our web pages are accessed and can store a so-called cookie, i.e. a small file, on your device. If you then log in to Facebook or visit Facebook when logged in, the visit to our offer is noted in your profile. The data collected about you is anonymous to us and does not give us any information about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible. If we transmit data to Facebook for comparison purposes, this data is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of comparing it with the data encrypted by Facebook.

If we transmit data to Facebook for comparison purposes, this data is encrypted locally on the browser and only then sent to Facebook via a secure https connection. This is done solely for the purpose of comparing the data with the data encrypted by Facebook.

Facebook processes the data in accordance with Facebook’s data usage guidelines. Accordingly, general information on the presentation of Facebook ads can be found in Facebook’s data usage guideline: https://www.facebook.com/policy.php. Specific information and details about Facebook pixels and how they work can be found in the Facebook help section: https://www.facebook.com/business/help/651294705016616.

You may opt out of Facebook pixel collection and use of your information to display Facebook ads. To do this, you can go to the page set up by Facebook and follow the instructions there on the settings for usage-based advertising: https://www.facebook.com/settings?tabs=adsoder the contradiction about the EU page https://www.youronlinechoices.com/uk/your-ad-choices/erklären. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.

Instagram

On our pages functions of the service Instagram are integrated. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate visiting our pages with your user account. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Instagram.

For more information, please refer to Instagram’s privacy policy: https://instagram.com/about/legal/privacy/

Legal basis: Art. 6 (1) b DSGVO

Revocation, amendments, corrections and updates

The user has the right, upon request and free of charge, to obtain information about the personal data stored about him by the provider. Contact data can be found in the imprint of the provider. In addition, the user has the right to correction of incorrect data, blocking and deletion of his personal data, unless there is no legal obligation to retain.

Changes to the data protection declaration

The provider reserves the right to change the data protection declaration in order to adapt it to changed legal circumstances or in the event of changes to the service or data processing.

Facebook Remarketing

Remarketing tags of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our pages. When you visit our pages, remarketing tags establish a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our site with your IP address. This allows Facebook to associate visiting our pages with your user account. We can use the information obtained in this way to display Facebook Ads. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the data transmitted or its use by Facebook. Further information on this can be found in facebook’s privacy policy at https://www.facebook.com/about/privacy/ . If you do not wish Custom Audience data to be collected, you can deactivate Custom Audiences here.

Payment provider

PayPal

On our website we offer payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).

If you choose to pay via PayPal, the payment details you enter will be sent to PayPal.

The transfer of your data to PayPal is based on Art. 6 Para. 1 lit. a DSGVO (consent) and Art. 6 Para. 1 lit. b DSGVO (processing to fulfil a contract). You have the possibility to revoke your consent to data processing at any time. A revocation has no effect on the effectiveness of past data processing operations.

Rights of the data subject

If personal data is processed by you, you are the data subject within the meaning of the DSGVO and you are entitled to the following rights vis-à-vis the person responsible.

Right to information

You can request confirmation from the person responsible as to whether personal data relating to you will be processed by us.

In the event of such processing, you may request the following information from the data controller:

1. the purposes for which the personal data will be processed;
2. the categories of personal data processed;
3. the recipients or categories of recipients to whom the personal data relating to you has been or will be disclosed;
4. the planned duration of the retention of the personal data relating to you or, if it is not possible to provide specific information in this regard, criteria for determining the retention period;
5. the existence of a right to rectify or delete personal data concerning you, a right to limit the processing by the controller or a right to object to such processing;
6. the existence of a right of appeal to a supervisory authority;
7. all available information on the origin of the data, if the personal data are not collected from the data subject;
8. the existence of automated decision-making including profiling in accordance with Art. 22 (1) and (4) DSGVO and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing on the data subject.

You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 DSGVO in connection with the transfer.

Right to rectification

You have the right to have your personal data corrected and/or completed by the data controller if the personal data processed concerning you is inaccurate or incomplete. The data controller must carry out the rectification immediately.

Right to limit the processing

Under the following conditions, you may request that the processing of your personal data be restricted:

1. if you dispute the accuracy of the personal data concerning you for a period of time which allows the controller to verify the accuracy of the personal data;
2. the processing is unlawful and you refuse to erase the personal data and instead request that the use of the personal data be restricted;
3. the controller no longer needs the personal data for the purposes of the processing, but you need them for the assertion, exercise or defence of legal claims, or
4. if you have objected to the processing pursuant to Art. 21 para. 1 DSGVO and it has not yet been established whether the legitimate reasons of the data controller outweigh your reasons.

If the processing of personal data concerning you has been restricted, such data – apart from their storage – may only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State.

If the processing restriction has been limited in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

Right to deletion

(a) Duty to delete

You may request the data controller to delete the personal data concerning you immediately and the data controller is obliged to delete this data immediately if one of the following reasons applies:

Personal data relating to you shall no longer be necessary for the purposes for which they were collected or otherwise processed.

1. You revoke your consent on which the processing pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO was based and there is no other legal basis for the processing.
2. You object to the processing pursuant to Art. 21 para. 1 DSGVO and there are no overriding legitimate reasons for the processing or you object to the processing pursuant to Art. 21 para. 2 DSGVO.
3. The personal data concerning you have been processed unlawfully.
4. The deletion of your personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.
5. The personal data relating to you have been collected in relation to information society services offered pursuant to Article 8(1) DSGVO.

b) Information to third parties

If the person responsible has made the personal data concerning you public and is obliged to delete them in accordance with Art. 17 (1) DSGVO, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform the persons responsible for data processing who process the personal data that you, as the person concerned, have requested them to delete all links to this personal data or copies or replications of this personal data.

c) Exceptions

The right to deletion does not exist insofar as processing is necessary:

1. to exercise the right to freedom of expression and information;
2. to fulfil a legal obligation which the processing requires under the law of the Union or of the Member States to which the controller is subject or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller;
3. for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 DSGVO;
4. for archive purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 DSGVO, insofar as the law referred to under a) is likely to make it impossible or seriously impair the attainment of the objectives of such processing, or
5. to assert, exercise or defend legal claims.

Right to information

If you have exercised your right to rectify, cancel or limit the processing of your personal data against the controller, the latter is obliged to notify all recipients to whom the personal data concerning you have been disclosed of such rectification, cancellation or limitation, unless this proves impossible or involves a disproportionate effort.

You have the right to be informed of such recipients by the data controller.

Right to data transfer

You have the right to receive the personal data concerning you that you have provided to the responsible person in a structured, common and machine-readable format. In addition, you have the right to communicate these data to another data controller without being hindered by the controller to whom the personal data was provided, provided that

1. the processing is based on a consent pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to Art. 6 para. 1 lit. b DSGVO and
2. the processing is carried out by automated means.

In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one responsible person to another responsible person, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.

The right to data transfer does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Right of objection

You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data on the basis of Art. 6 para. 1 lit. e or f DSGVO; this also applies to profiling based on these provisions.

The person responsible will no longer process the personal data concerning you unless he can prove compelling grounds for processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is connected with such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.

You have the possibility to exercise your right of objection through automated procedures using technical specifications in connection with the use of Information Society services, notwithstanding Directive 2002/58/EC.

Right to revoke the declaration of consent under data protection law

You have the right to revoke your declaration of consent under data protection law at any time. The revocation of your consent does not affect the legality of the processing carried out on the basis of your consent until you revoke it.

Automated decision in individual cases including profiling

You have the right not to be subject to any decision based solely on automated processing, including profiling, that has any legal effect on you or similarly significantly affects you. This does not apply if the decision

1. is necessary for the conclusion or performance of a contract between you and the person responsible,
2. is authorised by legislation of the Union or of the Member States to which the person responsible is subject and contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
3. with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 DSGVO unless Art. 9 para. 2 lit. a or g DSGVO applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

With regard to the cases referred to in (1) and (3), the person responsible shall take appropriate measures to protect the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the person responsible, to state his own position and to challenge the decision.

Right to appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of your residence, place of work or place of presumed infringement, if you consider that the processing of your personal data is in breach of the DSGVO.

The supervisory authority with which the complaint was lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 DSGVO.

Status November 2019