In accordance with the General Data Protection Regulation and other national data protection laws of the Member States and other data protection guidelines, the party responsible is:
The security of your personal data is an important concern for us. We therefore conduct our Internet activities in accordance with the laws on data protection and data security. ajando GmbH takes precautions to ensure the security of your personal data. Your data will be conscientiously protected against loss, destruction, falsification, manipulation, and unauthorized access or disclosure. The following will explain what information we collect and how we handle it.
We only collect and use the personal data of our users insofar as this is necessary to provide a functional website and our content and services. The regular collection and use of the personal data of our users takes place only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for practical reasons and the processing of the data is permitted by law.
Insofar as we obtain consent for the processing of personal data from the person affected, Art. 6 para. 1 (a) EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.
In the processing of personal data required to fulfill a contract for which the contractual party is the person affected, Art. 6 para. 1 (b) GDPR serves as the legal basis. This also applies to data processing that is necessary to carry out precontractual measures.
Insofar as the processing of personal data is required to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 (c) GDPR serves as the legal basis.
In the event that the vital interests of the person affected or of another natural person require the processing of personal data, Article 6 para. 1 (d) GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights, and freedoms of the person affected do not outweigh the first-mentioned interest, Art. 6 para. 1 (f) GDPR serves as the legal basis for processing.
The personal data of the person affected will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislature in EU regulations, laws, or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
Most browsers automatically accept cookies, but the browser can be configured so that no cookies are stored on the user’s computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies can lead to the circumstance that not all functions of our website can be used.
The following data is stored and transmitted in the cookies:
In this way, the following data can be transmitted:
This means that information is stored in the cookie that results in connection with the terminal device being used. However, this does not mean that we gain direct knowledge of the user’s identity.
Technical precautions are taken to make sure the user data collected in this way is anonymous. Therefore, it is no longer possible to connect the data back to the accessing user. The data will not be stored together with other personal data of the users.
We need cookies for the following applications:
The user data collected by technically necessary cookies are used to create user profiles.
The analysis cookies are used to improve the quality of our website and its content. The analysis cookies give us information about how the website is used, and we can use this to continually optimize our offerings.
For these purposes, our legitimate interest also lies in the processing of personal data in accordance with Art. 6 para. 1 (f) GDPR.
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 (f) GDPR. The legal basis for the processing of personal data using cookies for analytical purposes if the user has given his or her consent in this regard is Art. 6 para. 1 (a) GDPR.
If you have any questions, you may contact us using the form provided on the website. It is necessary to provide a valid email address so that we know who sent the request and we can respond to it. Further information can be provided voluntarily.
Your data will be processed to process your contact.
The data processing for the purpose of contacting us is in accordance with Art. 6 para. 1 sentence 1 (a) GDPR and is on the basis of your voluntary consent.
The personal data collected by us for the use of the contact form will be automatically deleted after your request has been processed.
is usually transferred to a Google server in the United States and stored there. The information is used to evaluate the use of the website, compile reports on the website activities, and provide further services associated with the use of the website and the Internet for the purposes of market research and customized design of these Internet pages.
This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymized so that it is not possible to associate the data with a user (IP masking). However, if IP anonymization is activated on this website, Google will first shorten your IP address within Member States of the European Union and in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there. The IP address transmitted by your browser for Google Analytics is not merged with other Google data. We would like to point out that this website uses Google Analytics with the extension “_anonymizeIp ()” and therefore IP addresses are only processed in shortened form in order to exclude a direct personal association.
If your personal data is processed, you are the person affected in the sense of GDPR and you have the following rights in regard to the person responsible:
In accordance with Art. 15 GDPR, you can request information about your personal data that we process. In particular, you may request information about the following:
(1) The purposes for which the personal data is processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom your personal data has been or will be disclosed;
(4) the planned duration of storing your personal data, or if specific information on this is not possible, the criteria for determining the storage period;
(5) the existence of a right to have your personal data corrected or deleted, a right to have processing restricted by the person responsible, or a right to object to such processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) any available information concerning the origin of the data if the personal data is not collected from the person affected;
(8) the existence of automated decision-making, including profiling in accordance with Art. 22 para. 1 and 4 GDPR and — at least in these cases — meaningful information on the logic involved and the scope and intended effects of such processing for the person affected. You have the right to request information as to whether your personal data is transferred to a third country or an international organization. In this context, you may request to be informed of the appropriate guarantees in connection with the transfer of your data pursuant to Art. 46 GDPR.
If your personal data is incorrect or incomplete, pursuant to Art. 16 GDPR you have the right to have your data that is stored by us corrected and/or completed without delay.
In accordance with Art. 18 GDPR, you may request that the processing of your personal data be restricted under the following conditions:
(1) if you dispute the accuracy of your personal data and provide sufficient time for the person in charge to verify the accuracy of the personal data;
(2) if the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
(3) if the person responsible no longer needs the personal data for the processing purposes, but you need it to assert, exercise, or defend legal claims or
(4) if you have lodged an objection to the processing pursuant to Art. 21 para. 1 GDPR and it is not yet clear whether the legitimate reasons of the person responsible outweigh your reasons. If the processing of your personal data has been restricted, this data may only be processed — apart from its storage — with your consent or to assert, exercise, or defend legal claims or to protect the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State. If the processing restriction has been restricted in accordance with the above conditions, you will be informed by the person responsible before the restriction is lifted.
Pursuant to Art. 17 GDPR, you may request that your personal data be deleted without delay, and the person responsible is then obliged to delete this data immediately, provided that one of the following reasons applies:
(1) Your personal data is no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 (a) or Art. 9 para. 2 (a) GDPR, and there is no other legal basis for the processing of the data.
(3) You file an objection to the processing pursuant to Art. 21 para. 1 GDPR, and there are no overriding legitimate grounds for processing the data, or you file an objection to the processing pursuant to Art. 21 para. 2 GDPR.
(4) Your personal data has been processed unlawfully.
(5) The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
(6) Your personal data has been collected in relation to information society services pursuant to Art. 8 para. 1 GDPR.
If the person in charge has made your personal data public and is obliged to delete it pursuant to Art. 17 para. 1 GDPR, he or she shall take appropriate measures, including technical measures — taking into account the available technology and implementation costs — to inform the person in charge of processing data that you as the person affected have requested that all links to and copies or replications of this personal data be deleted.
The right to deletion does not exist insofar as the processing is necessary
(1) to exercise freedom of expression and information;
(2) to perform a legal obligation required for processing the data under the law of the Union or of the Member States to which the person in charge is subject or to perform a task in the public interest or to exercise official authority that is conferred to the person in charge;
(3) for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 (h) and (i) and Art. 9 para. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the law referred to under a) is likely to render impossible or seriously impair the attainment of the objectives of such processing; or
(5) to assert, exercise, or defend legal claims.
If you have exercised your right to have the person in charge correct, delete, or limit the processing of your data, he or she is obliged to inform all recipients to whom your personal data has been disclosed of this correction or deletion of the data or restriction of data processing, unless this proves impossible or involves a disproportionate amount of effort.
You have the right to have the person responsible inform you of such recipients.
In accordance with Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, current, and machine-readable format. In addition, you have the right to transfer this data to another person in charge without obstruction by the person in charge to whom the personal data was provided, provided that
(1) the data processing is based on consent pursuant to Art. 6 para. 1 (a) GDPR or Art. 9 para. 2 (a) GDPR or on a contract pursuant to Art. 6 para. 1 (b) GDPR and
(2) processing is carried out using automated methods. In exercising this right, you also have the right to request that your personal data be transferred directly from one person in charge to another person in charge, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to transferability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred to the person in charge.
Pursuant to Art. 21 GDPR, you have the right to object at any time for reasons arising from your particular situation to the processing of your personal data based on Art. 6 para. 1 (e) or (f) GDPR; this also applies to profiling based on these provisions.
The person in charge no longer processes your personal data, unless he or she can prove compelling reasons for processing the data that outweigh your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.
If you object to the processing of your data for direct marketing purposes, your personal data will no longer be processed for these purposes.
You have the possibility to exercise your right of objection in connection with information society services — notwithstanding Directive 2002/58/EC — by means of automated procedures that use technical specifications.
If you would like to make use of your right to revoke or object, simply send an email to firstname.lastname@example.org
Pursuant to Art. 7 para. 3 GDPR, you have the right to at any time revoke your data protection declaration of consent. The revocation of consent shall not affect the legality of the processing of your personal data carried out on the basis of the consent until revocation. For the future, however, we may no longer continue the processing of data based on this consent.
You have the right not to be subject to a decision based exclusively on automated processing — including profiling — that has legal effect against you or significantly impairs you in a similar manner. This does not apply if the decision
(1) is necessary to conclude or fulfill a contract between you and the person responsible,
(2) is admissible by law of the Union or of the Member States to which the person responsible is subject and that law contains appropriate measures to safeguard your rights, freedoms, and legitimate interests or
(3) with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 (a) or (g) applies and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests
In the cases referred to in (1) and (3), the person responsible shall take reasonable measures to safeguard your rights, freedoms, and legitimate interests, including at least the right to obtain the intervention of a person on the part of the person responsible, to state his or her own position, and to challenge the decision.
Regardless of any other administrative or judicial remedy, Article 77 GDPR gives you the right to appeal to a supervisory authority, in particular, in the Member State where you reside and work or the place of the presumed infringement, if you believe that the processing of your personal data violates the GDPR.
The supervisory authority to which the appeal has been lodged shall inform the appellant of the status and results of the appeal, including the possibility of a judicial remedy pursuant to Article 78 GDPR.
When you connect to our website, we use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. When a page on our website is transmitted in encrypted form, this is indicated by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, and unauthorized access by third parties. Our security measures are continuously improved to be in line with technological developments.
This data protection declaration is currently valid and was last updated in May 2018.
Given the further development of our website and offerings or amended legal or official requirements, it may become necessary to update this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://www.ekkub.de/en/privacy/