Data privacy
Version 03 2023
Table of contents:
- Name and address of the data controller
- Contact details of the data protection officer
- General information on data processing
- Rights of the data subject
- Provision of the website and creation of log files
- Use of cookies
- E-mail contact
- Contact form
- Company presences
- Use of company presences in professional networks
- Hosting
- Plugins used
1. Name and address of the responsible person
The responsible person within the meaning of the General Data Protection Regulation (DSGVO) and other data protection regulations is:
Security Robotics Development & Solutions GmbH
Landsberger Allee 366
12681 Berlin, Germany
Phone: +49 341 2569 3369
Mail: info@security-robotics.de
Web: www.security-robotics.de
2. Contact details data protection officer
The data protection officer of the data controller is:
DataCo GmbH
Dachauer Street 65
80335 Munich, Germany
Phone: +49 89 7400 45840
Web: www.dataguard.de
3. General information on data protection
1. scope of the processing of personal data
As a matter of principle, we only process personal data of our users to the extent that this is necessary for the provision of a functional website as well as our contents and services. The processing of personal data of our users is regularly only carried out with the consent of the user. An exception applies in cases where it is not possible to obtain prior consent for actual reasons and the processing of the data is required by legal regulations.
2 Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) p. 1 lit. a DSGVO serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) p. 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) sentence 1 lit. c DSGVO serves as the legal basis.
In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) sentence 1 lit. d DSGVO serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) sentence 1 lit. f DSGVO serves as the legal basis for the processing.
3 Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a necessity for the continued storage of the data for the conclusion or fulfilment of a contract.
4. Rights of data subjects
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the data controller:
1. the right to information (Art. 15 DSGVO).
You have the right to request confirmation from us as to whether personal data relating to you is being processed. If this is the case, you have a right of access to this data and to the following information:
o Purposes of processing
o categories of personal data
o Recipients or categories of recipients
o the intended storage period or the criteria for determining this period
o the existence of the rights of rectification, erasure or restriction or opposition
o Right to lodge a complaint with the competent supervisory authority
o If applicable, origin of the data (if collected from a third party)
o If applicable, existence of automated decision-making, including profiling, with meaningful information about the logic involved, the scope and the effects to be expected.
o If applicable, transfer of personal data to a third country or international organisation.
2. right of rectification (Art. 16 DSGVO)
If your personal data is inaccurate or incomplete, you have the right to request that the personal data be corrected or completed without delay.
3. right to restriction of processing (Art. 18 DSGVO)
If one of the following conditions is met, you have the right to request restriction of the processing of your personal data:
o You dispute the accuracy of your personal data, for a period of time that allows us to verify the accuracy of the personal data.
o In the context of unlawful processing, you object to the erasure of the personal data and request instead the restriction of the use of the personal data.
o We no longer need your personal data for the purposes of processing, but you need your personal data to assert, exercise or defend your legal rights; or
o after you have objected to the processing, for the duration of the examination as to whether our legitimate grounds outweigh your grounds.
4. right to erasure (“right to be forgotten”) (Art. 17 DSGVO).
If one of the following reasons applies, you have the right to request immediate erasure of your personal data:
o Your data is no longer necessary for the processing purposes for which it was originally collected.
o You withdraw your consent and there is no other legal basis for the processing.
o You object to the processing and there are no overriding legitimate grounds for the processing or you object pursuant to Art. 21 (2) DSGVO.
o Your personal data are processed unlawfully.
o Erasure is necessary for compliance with a legal obligation under Union law or the law of the member state to which we are subject.
o The personal data has been collected in relation to information society services offered in accordance with Article 8(1) of the GDPR.
Please note that the above grounds do not apply insofar as the processing is necessary:
o For the exercise of the right to freedom of expression and information;
o For compliance with a legal obligation or for the performance of a task carried out in the public interest to which we are subject.
o For reasons of public interest in the field of public health.
o For archival, scientific or historical research purposes in the public interest or for statistical purposes.
o For the assertion, exercise or defence of legal claims.
5. right to data portability (Art. 20 DSGVO).
You have the right to receive your personal data in a structured, common and machine-readable format or to request that it be transferred to another controller.
6. right to object to certain data processing (Art. 21 DSGVO)
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) sentence 1 lit. e or f DSGVO. This also applies to profiling based on these provisions.
If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
7. right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. A list of the locally competent supervisory authorities in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html.
You have the right to complain about the processing of your personal data to a data protection supervisory authority. Austrian Data Protection Authority Barichgasse 40-42 1030 Vienna Phone: +43 1 52 152-0 E-mail: dsb@dsb.gv.at
5. Provision of the website and creation of log files
1. description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
o Information about the browser type and the version used.
o The user’s operating system
o The IP address of the user
o Date and time of access
o Websites from which the user’s system accesses our website
o Web pages that are accessed by the user’s system via our website.
This data is stored in the log files of our system. This data is not stored together with other personal data of the user.
2. purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes are also our legitimate interest in data processing according to Art. 6 Para. 1 S. 1 lit. f DSGVO.
3. Legal basis for data processing:
The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 p. 1 lit. f DSGVO.
4. Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
5. possibility of objection
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. The user can object to this. Whether the objection is successful is to be determined within the framework of a balancing of interests.
6. Use of cookies
1. description and scope of data processing
When you visit our website, we use technical aids for various functions, in particular cookies, which can be stored on your terminal device. When you call up our website and at any time later, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the body that sets the cookie. Below we describe the types of cookies we use:
We use technically necessary cookies, which are required for the technical structure of the website. Without these cookies, our website cannot be displayed (completely correctly) or the support functions are not possible.
The following data is stored and transmitted by the technically necessary cookies:
- Language settings
- Use of website functions
2. purpose of data processing
The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change.
We require the technically necessary cookies for the following applications:
- Acceptance of language settings
- Functionality of the website
3. legal basis for data processing
The provisions of the Telecommunications Telemedia Data Protection Act (TTDSG) are relevant for the storage of information in the end user’s terminal equipment and/or access to information already stored in the end user’s terminal equipment. If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, the storage of and access to cookies on your terminal equipment is carried out on the basis of § 25 para. 2 no. 2 TTDSG. This storage of and access to the information in your terminal equipment serves to facilitate your use of our website and to be able to offer you our services as you have requested. Some functions of our website also do not work without the use of these cookies and could therefore not be offered. The cookies are generally deleted after the session ends (e.g. logging out or closing the browser) or after the expiry of a specified duration. Information on different storage periods for cookies can be found in the following sections of this data protection declaration.
7. E-mail contact
1. description and scope of data processing
On our website, it is possible to contact us via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.
The data is used exclusively for processing the conversation.
2. Purpose of the data processing
In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.
3. legal basis for data processing
The legal basis for processing the data transmitted in the course of sending an email is Art. 6 (1) lit. f DSGVO. Our legitimate interest is to optimally answer your enquiry that you send by e-mail.
If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted at the latest after a period of seven days.
5. possibility of objection
If the user contacts us by email, he or she can object to the storage of his or her personal data at any time. An email to info@security-robotics.de is sufficient for this purpose.
In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.
8. Contact form
1. Description and scope of data processing
Our website contains a contact form which can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored.
At the time the message is sent, the following data is stored:
Email address
Name
First name
Telephone / mobile phone number
Date and time of contact
2. purpose of data processing
The processing of personal data from the input mask of the contact form or via the e-mail address provided serves us solely to process the contact.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
3. Legal basis for data processing
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest is to optimally answer your enquiry that you send to us via the contact form. If the email contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 p. 1 lit. b DSGVO.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5. possibility of objection
If the user contacts us via the input mask in the contact form, he can object to the storage of his personal data at any time.
According to the Federal Data Protection Act, you have a right to free information about your stored data and, if applicable, a right to correction, blocking or deletion of this data. Your data will then be deleted if this does not conflict with legal regulations. You can revoke a permission granted to us to use your personal data at any time. You can send requests for information, deletion and correction of your data and also suggestions at any time to the following address: info@security-robotics.de.
All personal data stored in the course of contacting us will be deleted in this case.
9. Corporate presences
Use of corporate presences in social networks
Twitter:
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland.
On our company website, we provide information and offer Twitter users the opportunity to communicate. If you carry out an action on our Twitter company website (e.g. comments, posts, likes, etc.), it is possible that you will make personal data (e.g. your full name or a photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by the company Twitter, which is jointly responsible for the Security Robotics Development & Solutions GmbH corporate presence, we cannot provide any binding information on the purpose and scope of the processing of your data.
We use our corporate presence in social networks for communication and information exchange with (potential) customers. In particular, we use the corporate presence for:
Presentation of the service and product portfolio.
The publications on the company website may contain the following content:
- Information about products
- Information about services
- Customer contact
Every user is free to publish personal data through activities.
Insofar as we process your personal data in order to evaluate your online behaviour, offer you competitions or conduct lead campaigns, this is done on the basis of your express declaration of consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 DSGVO. The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest here is to answer your enquiry in the best possible way or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.
The data generated by the company website is not stored in our own systems.
For the processing of your personal data in third countries, we have provided suitable guarantees in the form of standard data protection clauses pursuant to Art. 46 (2) lit. c DSGVO. A copy of the standard data protection clauses can be requested from us.
You can object at any time to the processing of your personal data that we collect in the course of your use of our Twitter corporate presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to info@security-robotics.de. \n For more information on the processing of your personal data by Twitter and the corresponding objection options, please click here: https://twitter.com/de/privacy
YouTube:
YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, United States.
On our company website, we provide information and offer YouTube users the opportunity to communicate. If you carry out an action on our YouTube corporate site (e.g. comments, posts, likes, etc.), you may make personal data (e.g. your real name or a photo of your user profile) public. However, as we generally or to a large extent have no influence on the processing of your personal data by YouTube, the company jointly responsible for the Security Robotics Development & Solutions GmbH corporate presence, we cannot provide any binding information on the purpose and scope of the processing of your data.
We use our corporate presence in social networks for communication and information exchange with (potential) customers. In particular, we use the corporate presence for:
Presentation of the service and product portfolio.
The publications on the company website may contain the following content:
- Information about products
- Information about services
- Customer contact
Every user is free to publish personal data through activities.
Insofar as we process your personal data in order to evaluate your online behaviour, offer you competitions or conduct lead campaigns, this is done on the basis of your express declaration of consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 DSGVO. The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest here is to answer your enquiry in the best possible way or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.
The data generated by the company website is not stored in our own systems.
For the processing of your personal data in third countries, we have provided suitable guarantees in the form of standard data protection clauses pursuant to Art. 46 (2) lit. c DSGVO. A copy of the standard data protection clauses can be requested from us. You can object at any time to the processing of your personal data that we collect in the course of your use of our YouTube corporate presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to info@security-robotics.de. \n For more information on the processing of your personal data by YouTube and the corresponding objection options, please click here: https://policies.google.com/privacy?gl=DE&hl=de
10. Use of company presences in job-oriented networks
1. scope of data processing
We use the possibility of company presences in profession-oriented networks. We maintain a company presence on the following professional networks:
LinkedIn: LinkedIn, Unlimited Company Wilton Place, Dublin 2, Ireland
XING: XING SE, Dammtorstraße 30, 20354 Hamburg, Germany
On our site, we provide information and offer users the opportunity to communicate.
The company website is used for job applications, information/PR and active sourcing.
We have no information on the processing of your personal data by the companies jointly responsible for the company website. For more information, please see the privacy policy of:
LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
XING: https://privacy.xing.com/de/datenschutzerklaerung
If you carry out an action on our company website (e.g. comments, posts, likes, etc.), you may make personal data (e.g. your full name or a photo of your user profile) public.
2. Legal basis for data processing
The legal basis for the processing of personal data for the purpose of communicating with customers and interested parties is Art. 6 (1) sentence 1 lit. f DSGVO. Our legitimate interest here is to answer your enquiry in the best possible way or to be able to provide the requested information. If the aim of contacting you is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) lit. b of the German Data Protection Act. 3.
3. Purpose of data processing
The purpose of our corporate website is to inform users about our services. In doing so, every user is free to publish personal data through activities.
4. duration of storage
We store your activities and personal data published via our company website until you revoke your consent. In addition, we comply with the statutory retention periods.
5. possibility of objection
You can object at any time to the processing of your personal data that we collect in the course of your use of our corporate presence and assert your data subject rights as stated under IV. of this data protection declaration. To do so, send us an informal email to the email address stated in this data protection declaration.
Further information on exercising your rights can be found here:
LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
XING: https://privacy.xing.com/de/datenschutzerklaerung
11. Hosting
The website is hosted on servers of the following service providers commissioned by us.
STRATO AG, Pascalstraße 10, 10587 Berlin, Germany
The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is:
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Date and time of the server request
IP address
This data is not merged with other data sources. The collection of this data is based on Art. 6 para. 1 lit. f DSGVO. Our legitimate interest for processing this data is to display our website without errors and to optimise its functions.
The location of the website’s server is geographically in Germany.
CloudFlare
1. description and scope of data processing
We use functions of the CloudFlare content delivery network of CloudFlare Germany GmbH, Rosental 7, 80331 Munich, Germany (hereinafter referred to as: CloudFlare) on our website. A Content Delivery Network (CDN) is a network of regionally distributed servers connected via the Internet, which is used to deliver content – in particular large media files such as videos. CloudFlare provides web optimisation and security services that we use to improve the loading times of our website and to protect it from misuse. When you visit our website, a connection is established to CloudFlare’s servers in order to retrieve content, for example. Personal data may be stored and analysed in server log files, especially the user’s activity (in particular which pages have been visited) and device and browser information (in particular the IP address and the operating system). Further information on the collection and storage of data by CloudFlare can be found here:
https://www.cloudflare.com/de-de/privacypolicy/
2. Purpose of data processing
The use of CloudFlare’s functions serves to deliver and accelerate online applications and content.
3. Legal basis for data processing
The collection of this data is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website – for this purpose, the server log files must be collected.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfil the purposes described in this privacy policy or as required by law.
5. possibility to object
Information on how to exercise your rights against CloudFlare can be found at:
https://www.cloudflare.com/de-de/privacypolicy/
12. Plugins used
We use plugins for various purposes. The plugins we use are listed below:
Contact Form 7
1. scope of the processing of personal data
We use the WordPress plugin Contact Form 7 from RockLobster LLC, Sakai 810-0001 Fukuoka Prefecture Chuo-ku Tenjin 1-chome 8-1, Fukuoka City Hall, Japan (hereinafter: RockLobster)to manage contact forms on our online presence. Form data entered is transmitted by email. Personal data can be stored and evaluated, especially the activity of the user (in particular which pages have been visited and which elements have been clicked on) and device and browser information (in particular the IP address and the operating system). Data may be transmitted to RockLobster servers in Japan. Regarding Japan, there is an adequacy decision of the European Union. You can find it here:
https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=OJ:L:2019:076:TOC
Further information on the processing of data by Contact Form 7 can be found here:
https://contactform7.com/privacy-policy/
2. Purpose of the data processing
The use of the Contact Form 7 plug-in serves to improve the user-friendliness of our online presence. We use this plug-in to be able to easily create, integrate and attractively display contact forms.
3. Legal basis for the processing of personal data
The legal basis for the processing of the users’ personal data is always the user’s consent in accordance with Art. 6 Para. 1 S.1 lit. a DSGVO.
4. Duration of storage
Your personal information will be stored for as long as necessary to fulfil the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.
5. possibility of revocation and removal
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You can prevent the collection as well as the processing of your personal data by Contact Form 7 by preventing the storage of third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
For more information on how to object to and remove Contact Form 7, please visit: https://contactform7.com/privacy-policy/.
WPML
1. scope of the processing of personal data
We use WPML provided by OnTheGoSystems Limited, 22/F 3 Lockhart Road, Wanchai, Hong Kong (hereinafter referred to as WPML). WPML is a multi-language plugin for WordPress. We use WPML to display our online presence in different languages. When you visit our online presence, WPML stores a cookie on your terminal device to save the language setting you have selected. This allows personal data to be stored and analysed, in particular the user’s activity (especially which pages have been visited and which elements have been clicked on) as well as device and browser information (especially the IP address and the operating system).
Further information on the processing of data by WPML can be found here:
https://wpml.org/de/documentation-3/privacy-policy-and-gdpr-compliance/
2. Purpose of the processing of personal data
The use of WPML serves to be able to present our online presence in several languages.
3. legal basis for the processing of personal data
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest lies in addressing visitors to our online presence in their native language.
4. Duration of storage
WPML stores cookies on your terminal device. Information on the storage period of the cookies can be found at: https://wpml.org/documentation/privacy-policy-and-DSGVO-compliance.
5. possibility of objection and elimination
You can prevent the collection as well as the processing of your personal data by WPML by preventing third-party cookies from being stored on your computer, by using the “Do Not Track” function of a supporting browser, by disabling the execution of script code in your browser or by installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
For more information on objection and removal options vis-à-vis WPML, please visit:
https://wpml.org/de/documentation-3/privacy-policy-and-gdpr-compliance/