1. General information on the processing of personal data
(1) Protecting your personal data (“Data”) is particularly important to us. Therefore, we hereby wish to inform you in detail which Data are processed when you use our websites and services (“Data Processing Activities”).
(2) In accordance with Art. 4 Nr. 7 of the General Data Protection Regulation (“GDPR”), the controller is
ctrl QS GmbH Rollout Management For Digital Projects
10117 Berlin, Germany
Phone: +49 (0)30 440 325 20
(Hereinafter: “We”). More detailed information can be found in our imprint.
(3) You can reach our Data Protection Officer at firstname.lastname@example.org or by written mail to our address with the addition “Data Protection Officer”
2. Data Processing Activities when visiting our websites
(1) If you use our websites for informational purposes only, we only collect the Data that your browser transmits to our server. If you wish to view our websites, we collect the following Data, which are technically necessary in order for us to display our websites to you and to guarantee stability and security:
– Date and time of the request,
– Time zone difference to Greenwich Mean Time (GMT),
– Content of the request (specific site/page),
– Access status/HTTP-status code,
– Respective data amount transferred,
– Website that the request is coming from,
– Server Log Files,
– Operating system and its interface,
– Language and version of the browser software.
(2) The legal basis is Art. 6 para. 1 sent. 1 lit. f) GDPR
(1) In addition to the aforementioned Data, cookies are saved to your device when you use our websites. Cookies are small text files which are saved on your hard drive in association to the browser you are using and via which information is sent to us. Cookies cannot be used to launch programs or to transfer viruses to your device. They serve to make your internet experience more user-friendly and effective. The legal basis is Art. 6 para. 1 sent. 1 lit. f) GDPR.
(2) You can configure your browser settings to meet your preferences, for instance by refusing to accept cookies. We do point out that you may not be able to use all of the functions and features of our websites.
3.1 Google Analytics
(2) If IP-anonymization is activated, Google shortens your IP-address within member states of the European Union and other parties to the Agreement on the European Economic Area. Only in exceptional cases the full IP-address is transmitted to a Google server in the USA and shortened there. Upon our request, Google shall use this information to analyse the use of our websites, to compile activity reports and to provide us with other services related to the use of our websites and the internet.
(3) According to Google, the IP-address that your browser passes on to Google Analytics is not combined with any other Google data. You can prevent that cookies are saved by changing the appropriate settings in your browser software. Moreover, you can prevent Google from capturing and subsequently processing the Data generated by the cookie and which refer to your usage (including your IP-address) by downloading and installing the browser plug-in available under the following link:
3.2 Google Tag Manager
We use the “Google Tag Manager” provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. This service allows website tags to be managed through an interface. The Google Tag Manager only implements tags. This means that no cookies are used and no personal data is stored. The Google Tag Manager triggers other tags, which in turn collect data if necessary. However, the Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains valid for all tracking tags if they are implemented with the Google Tag Manager.
3.3 Google Fonts
(1) We use “Google Web Fonts” on our website, a service provided by Google Ireland Ltd., Google House, Barrow Street, Dublin 4, Ireland. Google Web Fonts enables us to use external fonts, so-called Google Fonts. For this purpose, the required Google Font is loaded into the browser cache by your web browser when you call up our website. This is necessary so that your browser can display a visually improved representation of our texts. If your browser does not support this function, a standard font will be used by your computer for display. The integration of these web fonts takes place via a server call, usually at a Google server in the USA. This transmits to the server which of our Internet pages you have visited. The IP address of your browser is also stored by Google. We have no influence on the scope and further use of the data collected and processed by Google through the use of Google Web Fonts.
(2) We use Google Web Fonts for optimisation purposes, in particular to improve the use of our website for you and to make its design more user-friendly. The legal basis is Art. 6 para. 1 sent. 1 lit. f) GDPR.
4. Data Processing Activities when you contact us
When you contact us via e-mail, telephone or a contact form, we process the Data you provide (f. ex. e-mail address, name and/or telephone number) in order to respond to your questions or to process your requests. The Data you provide can be stored in our Customer Relationship Management System or comparable query organization. The consent you give in the course of contacting us provides the legal basis for such data processing activities (Art. 6 Para. 1 lit. b) GDPR).
Should you have given your consent to receive our promotions (newsletters, SMS, E-mail, by post, etc.), we shall use your personal data to inform you of our offers via the respective means of communication. You can revoke your approval of being approached in a promotional manner at any time.
6. Your rights
(1) You have the following rights in relation to us with regard to the personal data concerning you:
– Right of access (Art. 15 GDPR),
– Right to rectification and erasure (Art. 16 and 17 GDPR),
– Right to restriction of processing (Art. 18 GDPR),
– Right to object processing (Art. 21 GDPR),
– Right to data portability (Art. 20 GDPR).
(2) Furthermore, you have the right to complain to a supervisory authority for data protection about the processing of your Data by us.
(3) We would like to point out that any possible consent you have given pertaining to data protection can be revoked at any time, effective immediately. The same applies when you have given consent to be approached in a promotional manner. To do so, please contact us informally via e-mail at: email@example.com. Such revocation can result in our services no longer being available at all, or only with restrictions.
7. Data erasure, storage period
The Data we store shall be deleted as soon as they are no longer needed for the purpose for which they are being stored and the law does not prescribe a statutory duty for the Data to be retained. In the event that user Data are not deleted on grounds that they are still required for other or legally admissible reasons, their processing shall be restricted. This means that the Data shall be blocked and shall not be processed for other purposes. This applies, for instance, for user Data that have to be kept for reasons pertaining to trade or tax law.
8. Transfer of Data to third parties
(1) Data are only transmitted to third parties in a manner that is in compliance with the applicable statutory provisions. We only transmit user Data to third parties if, for example, doing so is necessary for contractual purposes pursuant to Article 6 Para. 1 lit. b. GDPR or on the basis of legitimate interests in economic and effective business operation within the meaning of Art. 6 Para. 1 lit. f. GDPR.
(2) In the event that we employ subcontractors in order to provide our services, we shall take appropriate legal precautions and corresponding technical and organisational measures in order to ensure that your Data are protected in accordance with the applicable statutory provisions.
9. Final provisions
(1) We use technical and organizational security measures to protect the Data we have gathered, especially against accidental or deliberate manipulation, loss, destruction or attack by unauthorized persons. Our security measures are subject to continuous improvement in line with technological advances and development.