- Responsible body and data protection officer
The person responsible for data processing within the meaning of the General Data Protection Regulation (DSGVO) and other data protection regulations is:
Managing Director: Marco Breier, Stephan Renninger.
Bamberg street 9
Phone: +49 6021 8623600
- The data protection officer of the responsible person is:
Lawyer Horst Speichert
esb attorneys at law
- Protection of your personal data
Data protection and the protection of your privacy are important to us. Accordingly, we process personal data only in accordance with the applicable legal provisions for data protection and data security, in particular the General Data Protection Regulation (DSGVO), the Federal Data Protection Act (BDSG) and the Telecommunications Telemedia Data Protection Act (TTDSG). In doing so, we are guided by the principle of data avoidance and data economy. We require our employees to maintain confidentiality and secrecy.
Further information on the processing of customer data beyond the web presence can be found here.
III. general principles for the processing of personal data
- Description of the processing of personal data
We use IT systems on our websites to provide services to our users and customers, where we process the personal data described in more detail below.
- Legal bases for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) lit. a DSGVO serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c DSGVO serves as the legal basis in conjunction with a concretizing special enabling norm.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) lit. f DSGVO serves as the legal basis for the processing.
- Disclosure of data, processors, external providers
Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your personal data to third parties
- if you have given your express consent to this in accordance with Art. 6 (1) p. 1 lit. a DSGVO,
- if the disclosure is necessary for the assertion, exercise or defense of legal claims pursuant to Art. 6 (1) p. 1 lit. f DSGVO and there is no reason to assume that you have an overriding interest in not disclosing your data that is worthy of protection
- in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 p. 1 lit. c DSGVO,
- if this is necessary for the processing of contractual relationships with you according to Art. 6 para. 1 p. 1 lit. b DSGVO.
The transfer of your data to order processors only takes place within the framework of the legal provisions, in particular in accordance with Art. 28 DSGVO. We have concluded a service agreement and a valid contract for commissioned processing with all processors. The order processor will only process the personal data on our instructions and for the purposes described, in particular for the fulfillment of the contract.
Your data is protected against loss, misuse and unauthorized or unauthorized access, disclosure, modification or deletion. We log accesses, collect access passwords and encrypt data unless this fundamentally affects our services.
External providers and links
On this website you will also find information and services from other providers who collect personal data as part of their offers. Please note that we are not responsible for the processing of this data, but only the external provider, where other conditions may apply.
- Data deletion and storage period
The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage no longer applies, e.g. the storage of the data is no longer necessary for the performance of a contract or for an overriding legitimate interest. Storage may also take place if this is provided for by the European or national legislator in regulations, laws or other provisions to which the responsible party is subject. Accordingly, a deletion or blocking of the data takes place when a storage period prescribed by the aforementioned standards expires.
- Visit our website
- Description and scope of data processing
When you visit our website www.kom4tec.de, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until automated deletion:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which the access is made (referrer URL)
- Browser used and, if applicable, the operating system of your computer
- Name of your access provider
The log files contain IP addresses or other data that allow an assignment to a user.
- Purpose of data processing
The aforementioned data will be processed by us for the following purposes:
- Ensuring a smooth connection of the website
- Ensuring a comfortable use of our website
- Evaluations of system security and stability
- Evaluation of user behavior
- other administrative purposes
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session. The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. In this specific context, we do not use the collected data for the purpose of drawing conclusions about your person for marketing purposes.
- Legal basis of data processing
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. b DSGVO, as a user relationship is given, as well as Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the purposes for data collection described above.
- Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is generally the case when the respective session has ended. If IP addresses are stored in log files in an unabbreviated form, the personal data is deleted or anonymized after seven days at the latest. Storage beyond this is possible in connection with cookies or analysis services. In this case, the IP addresses of the users are deleted or shortened, so that an assignment of the calling client is not possible. You can find more detailed explanations of this in section VI of this data protection declaration.
- Forms on the website, newsletter, information
- Description and scope of data processing
All personal data collected in connection with forms on our website are provided voluntarily by the user.
We use a form on our website through which you can contact us. In doing so, we collect the following personal data: Name, address, e-mail address, telephone number and individual message.
We collect the following personal data with the comment function: individual comment, name and e-mail address, insofar as they were provided to us by the user. Only the name is published (unless written under a synonym).
Subject to your separate consent, we will also use the personal data stored by us to inform you about our products, services and events. We will only send you corresponding information electronically if you have expressly given your consent to this in writing or in the double opt-in process.
In the double opt-in process (double consent), the verified user gives the website operator permission to send him newsletter e-mails. After the first act of consent, the user receives a confirmation mustThis process forms the basis for legally secure e-mail marketing
You can revoke your consent at any time with effect for the future, both via the unsubscribe link in the individual mailings and informally, e.g. to Hello@KOM4TEC.de. You can find more information on consent in the chapter "Rights of the data subject".
- Purpose of data processing
We process the personal data to process your inquiries, to provide the services you have requested, to ensure compliance with laws and regulations, and to enforce legal claims.
- Legal basis of data processing
The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. a and b DSGVO, as in each case your consent for the use of a form or the sending of information is present and/or a contractual service is provided.
- Duration of storage
The personal data collected will be stored as long as it is necessary for the purposes outlined, in particular the processing of your requests. As a rule, the data will be deleted after completion of your inquiry. Insofar as the data is subject to statutory storage obligations, for example in accordance with the AO or the HGB, it must be stored for six or ten years. Otherwise, the general storage principles described above apply.
- Cookies, plugins and web analytics
In the following, we describe in detail which cookies, analysis tools and plugins we use, which data is processed and how you can deactivate the analysis tools. The term "cookies" may also be used as a generic term for plugins and analysis tools of all kinds.
- What are cookies ?
Cookies are sometimes used when using our website. Cookies are small files that are automatically created by the browser and stored on the end device (laptop, tablet, smartphone or similar) of the user when visiting the website. Cookies do not cause any damage to the end device, do not contain viruses, Trojans or other malware. In the cookie, information is stored that arises in each case in connection with the specific end device used. Cookies can be automatically recognized and read during a current visit or during the next visit. This does not mean, however, that the site operator gains immediate knowledge of the user's identity.
Cookies make the visit to the website more user-friendly by remembering personal settings or serve the advertising interests of the site operator. Cookies make it possible, in particular, to determine the frequency of use and number of users of the pages, to analyze behavior patterns of page use, but also to make our offer more customer-friendly. So-called session cookies are used, among other things, to recognize that the user has already visited individual pages of the website. These are automatically deleted after leaving the page.
When you leave our site and go to third party sites, cookies may also be set by the target site. We are not legally responsible for these cookies. For the use of these cookies by third parties and the information stored therein, please compare the privacy statements there.
- Legal basis for cookies, analytics tools and plugins
We may store cookies on your device if they are technically necessary for the operation of the website. Necessary cookies help to make a website usable by enabling basic functions such as page navigation or language selection. The website cannot function in part without such cookies. The data thereby processed for the named purposes serve to protect legitimate interests that prevail in the context of a balancing of interests and are therefore necessary in accordance with the principle of proportionality. The legal basis for technically necessary cookies is Art. 6 para. 1 p. 1 lit. f DSGVO in conjunction with. § Section 25 (2) No. 2 TTDSG.
For all other cookie types, we require your consent. You can specifically select these as explicit opt-in consents in a dialog window (cookie consent window) during your first visit to our website. This sets a cookie in your system that contains your cookie settings and signals to our system which cookies have been accepted each time you visit our website. You can change or revoke your cookie settings on our website at any time. Instructions on how to disable cookies can be found below. The legal basis for all other cookie types is Art. 6 para. 1 p. 1 lit. a DSGVO, § 25 para. 1 TTDSG, insofar as you have given your consent.
If you delete all cookies, this will have the effect that the cookie with your cookie settings will also be deleted, so you will have to set your cookie preferences again. Limiting cookies may result in limited functionality of the website.
Within the scope of cookies, analysis tools and plug-ins, the name of the Internet service provider, requested files, IP address, access to individual pages, browser type, screen resolution, color depth, operating system, search terms and reference pages from which you have reached our websites are processed, among other things.
The data contained in session cookies or other cookies are processed by us for the following purposes:
- Ensuring the smooth operation of the website
- Ensuring a comfortable use of our website
- System security and stability
- for other administrative or promotional purposes
We process and use the resulting data to improve the marketing of our websites, to increase the user-friendliness of the websites and for other optimization purposes. The analysis required for marketing and optimization purposes generally does not allow us to draw any direct conclusions about your person or personal data. In particular, no names, addresses, telephone numbers or other data are stored that can be directly assigned to individuals. The analysis only provides aggregated data, such as the number of visitors and page views.
Cookies allow us, among other things, to adapt our website to your wishes, to establish connections between different calls to our website or to store your password in the browser so that you do not have to re-enter it each time.
- Duration of storage
- Cookies deactivation
You can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. Complete deactivation of cookies may mean that you cannot use all the functions of a website.
If you want to exclude cookies from being used, set your browser to delete cookies from your hard drive, block all cookies, or warn you before a cookie is stored so that you can decide on a case-by-case basis whether you want the cookie. Each browser differs in the way it manages cookie settings. They are described in more detail in the help menu of each browser. There it is explained how you can change your cookie settings. You can find the respective browser information, for example, under the following links:
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
You will also find the options for deactivation directly in the description of the cookies, plugins and tracking measures.
- Google Analytics
This website uses under certain circumstances Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (https://www.google.de/contact/impressum.html) or Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google"). In this context, pseudonymized usage profiles are created and cookies are used. The information generated by cookies about your use of this website, such as browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), date, time of server request, number of visits and the pages viewed are transmitted to a Google server in the USA and stored there.
The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and Internet use for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. By activating IP anonymization on this website, the IP address is shortened before transmission within the EU or EEA (IP masking). Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The anonymized IP address transmitted by your browser within the scope of Google Analytics is generally not merged with other Google data.
The legal basis for the processing of personal data is Art. 6 para. 1 sentence 1 lit. a DSGVO, insofar as you have given your consent.
The processing of personal data by Google also takes place in the USA. To ensure an adequate level of data protection for data transfers to the USA, Google concludes the EU standard contractual clauses with its customers, see here https://business.safety.google/gdpr/ and here https://policies.google.com/privacy/frameworks?hl=de. The wording of the EU standard data protection clauses can be found at https://gsuite.google.com/terms/mcc_terms.html. Google is also certified under the EU-US Privacy Shield. A current certificate can be here can be viewed here. Google thereby undertakes to comply with the standards and regulations of European data protection law. In a ruling by the ECJ, the Privacy Shield was declared invalid because it cannot ensure an adequate level of data protection in the USA.
For sending our newsletter we use a plugin from MailChimp, a product of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308, USA (hereinafter "MailChimp"). This allows us to contact subscribers directly. In addition, we analyze your usage behavior in order to optimize our offer. The user is provided with a form to subscribe to a newsletter. The personal data (name, email address) that we pass on to MailChimp is stored directly on MailChimp's servers in the USA.
In addition, MailChimp processes the following personal data using cookies and other tracking technologies: Information about your terminal device (IP address, device information, operating system, browser ID, information about the application you use to read your emails, and other information about hardware and Internet connection. In addition, usage data is collected such as date and time, when you opened the email or campaign, and browser activity (e.g., which emails or web pages were opened). MailChimp also evaluates performance data, such as the delivery statistics of emails and other communication data.
MailChimp additionally collects information about you from other sources. In an unspecified period and scope, personal data is collected via social media and other third-party data providers. We have no precise knowledge of this and cannot influence this process.
For the dispatch of our newsletter, we conclude a contract with MailChimp for order processing according to Art. 28 DSGVO to ensure the proper processing of your personal data. MailChimp states to implement the requirements of the DSGVO for international data transfers. These measures are based on the conclusion of the new EU Standard Contractual Clauses (SCC). For more information on how to enter into the SCC, please visit: https://mailchimp.com/legal/data-processing-addendum/
In addition to the registration for the newsletter with consent on the website, the user must confirm the registration via an e-mail (double opt-in procedure). Only then will the user receive the corresponding newsletter from MailChimp on our behalf. You can revoke your consent to the processing of your personal data at any time. A corresponding link can be found in all newsletters. In addition, the revocation can be made via the specified contact options. The declaration of revocation does not affect the lawfulness of the processing carried out so far.
For more information on opt-out and removal options vis-à-vis MailChimp, please visit: https://mailchimp.com/legal/privacy/#3._Privacy_for_Contacts.
You are neither legally nor contractually obligated to provide us with your data, but without your consent and the transmission of your personal data, we cannot send you a newsletter. The newsletter contains a link that allows you to update your personal data if necessary.
Your data will only be stored and processed as long as your corresponding consent is available. Regardless of this, your data will be deleted after the termination of the contract between us and MailChimp, unless legal requirements make further storage necessary.
This website uses the external video provider Vimeoa service of Vimeo Inc, Legal Department, 555 West 18th Street New York, New York 10011, USA (hereinafter "Vimeo"). When you call up pages in which videos from Vimeo are embedded, a connection is established to the servers of Vimeo and your IP address and which of our pages you have visited are transmitted to Vimeo in the USA. The videos from Vimeo are generally integrated in the "Do Not Track" variant, so that Vimeo will not track your user activities and will not set any cookies.
The legal basis for the integration of the videos from Vimeo and for the transmission of the technically required data to Vimeo is Art. 6 para. 1 lit. a DSGVO, insofar as the corresponding consent of the user has been obtained. The processing is based on Art. 6 para. 1 lit. b DSGVO, insofar as a contractual relationship exists with the user. In addition, Art. 6 para. 1 lit. f DSGVO is the legal basis for the processing, as the integration is necessary to make videos available to users. The use of Vimeo is in the interest of an appealing design of our website, which is a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
Our website uses plugins and videos of the social network YouTube. YouTube is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google").
When you visit a page with a YouTube plugin, a connection to the YouTube server is established and communicated which of our pages you are visiting. Videos from YouTube are displayed on our website using a framing technology and can be played directly there. This service is inactive by default, but you can activate and deactivate it at any time by giving your consent. As soon as you activate the consent button with a click and thus declare your consent to view the content from YouTube, the connection to YouTube is established.
Through the embedding technique, framework data such as your IP address may be transmitted to Google. The data collected about you when using the service is processed by Google and may be transferred to countries outside the European Union. We have no influence on the type and scope of the data processed by Google, the use or the transfer of this data to third parties, in particular to countries outside the European Union.
This transmission takes place regardless of whether you have a user account with Google or not. If you are logged in to a Google user account, your data will be directly assigned to this account. If you do not wish this, you must log out of your user account before playing the video. The data transmitted to Google is stored by Google in the form of usage profiles and used for advertising and market research purposes as well as for personalized design. With the help of this evaluation, Google can generate demand-optimized advertising (even for users who are not logged in) and inform other YouTube users about your visit to our portal. You can object to the creation of these user profiles. To do so, you must contact Google.
The legal basis for the processing of the data is your consent pursuant to Art.6 para. 1 lit. a DSGVO.
VII. rights of the data subject
Based on the data protection regulations, you have the various rights outlined below.
- Right to information
You have the right to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details.
- Right to rectification
In accordance with Art. 16 DSGVO, you have the right to demand the immediate correction of incorrect or completion of your personal data stored by us.
- Right to deletion
You have the right to request the deletion of your personal data stored by us in accordance with Art. 17 DSGVO, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims.
- Right to restriction of processing
You have the right to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, provided that the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure, we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO.
- Right to data portability
You have the right, in accordance with Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller.
- Right to revoke the declaration of consent under data protection law
In accordance with Art. 7 (3) DSGVO, you have the right to revoke your declaration of consent under data protection law at any time. As a result, we may no longer continue the data processing based on this consent in the future. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
If you wish to exercise your right of revocation, it is sufficient to notify us accordingly via all known communication channels, in particular also by e-mail to Datenschutz@KOM4TEC.de.
- Right to complain to a supervisory authority
You have the right to complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose. In Bavaria, this is the
Bavarian State Office for Data Protection Supervision
Phone: +49 (0) 981 180093-0
Fax: +49 (0) 981 180093-800
- Right of objection
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.
If you wish to exercise your right of objection, it is sufficient to notify us accordingly via all known communication channels, in particular also by e-mail to Datenschutz@KOM4TEC.de.
After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims. This does not apply if the processing is for direct marketing purposes. Then we will not further process your personal data for this purpose.
- Automated decision in individual cases including profiling
You have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for the conclusion or performance of a contract between you and the controller,
(2) is permitted by legislation of the Union or the Member States to which the controller is subject and that legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
(3) is done with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Article 9(1) of the GDPR, unless Article 9(2)(a) or (g) of the GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.
With regard to the cases referred to in (1) and (3), the controller shall take reasonable steps to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain the intervention of a person from the controller, to express his or her point of view and to contest the decision.
- Data security
We use the widespread SSL encryption (Secure Socket Layer) in the TLS standard (Transport Layer Security) in connection with the highest encryption level supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Wordfence Security is a security tool that we use to protect our websites from spam and especially viruses and malware. In order to prevent the website from being used illegally by third parties, IP addresses that, for example, try to log in with false credentials or access the website very often in a very small period of time (DOS attacks) are specifically blocked. Therefore, for the security of the websites and their users, it is necessary for this extension to store potentially dangerous IP addresses. Furthermore, IP addresses are transferred to servers in the USA and retrieved so that they can be compared with a database. This database can collect dangerous IP addresses from various websites, which increases the security of the site and the effectiveness of the extension.
Purpose and legal basis of data processing
The security measures described are used on the basis of Art. 6 (1) sentence 1 lit. f, Art. 32 DSGVO. The data processed in this way is necessary for security purposes to protect our legitimate interests as well as the interests of third parties in accordance with Art. 6 (1) p. 1 lit. f DSGVO.