Content of this Privacy Policy

1 General information

This privacy policy intends to inform users of this website about the nature, extent and purpose of the collection and use of personal data by the website operator.
The website operator takes your privacy very seriously and keeps your personal data confidential in accordance with the law. Because of new technologies and the continuous development of this website changes to this privacy policy may occur. We recommend that you check the privacy policy in regular intervals.
You may find definitions of the terms used (eg “personal data” or “processing”) in art. 4 GDPR.

2 Provision of the website and storage of server log files

When you visit our website www.boehm-exler-kuptsch.de, your device automatically sends information to the server of our website through the used browser. This information is temporarily stored in a so-called log file.
The following information will be collected without your intervention and until automated deletion:

  • Visited pages (name and URL of the page visited)
  • Time of the access
  • Amount of data sent in bytes
  • Source / reference from which you came to the page (Referrer URL)
  • Browser used
  • Operating system used
  • Used IP address

The above-mentioned data are processed by us for the following purposes:

  • ensuring a smooth connection of the website,
  • ensuring comfortable use of our website,
  • evaluation of system security and stability
  • further administrative purposes.

The legal basis for this data processing is art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is derived from the purposes listed above. The data collected can not be assigned to individual persons. A merge of this data with other data sources will not be executed. We reserve the right to analyse this data later if we are aware of concrete indications of unlawful use.
The data will be deleted as soon as they are no longer needed to achieve the purpose of its collection. In the case of collecting the data for the provision of the website this is the case when the session is over. In the case of storing the data in log files, this is the case after no more than seven days.
If data must be kept for reasons of proof, the deletion will be postponed until the incident is finally resolved.
The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. It therefore exists no option to of disagree by user.

3 Transmission of e-mails

If you contact us through the offered contact options (e-mail link), your details will be stored in order to be able to process and answer to your request. The data is exclusively used for the requested communication with you. Without your consent, these data will not be passed on to third parties.
Legal basis for the processing of data in the course of sending an e-mail is art. 6 para. 1 lit. f GDPR. If the e-mail contact aims at the conclusion of a contract, additional legal basis for processing is art. 6 para. 1 lit. b GDPR.

4 Use of cookies or tracking

This website uses no cookies and no anonymous “tracking” of users by external services such as Google Analytics or other services. You can visit this page without sign up and without allowing cookies.

5 Rights of the user

a) Right to information
As a user, you have the right to request and to receive free information on which personal data about you were processed.
If personal data is processed about you, you can request information about the following data:

  1. the purposes for which the personal data are processed;
  2. the categories of personal data that are processed;
  3. the recipients or categories of recipients to whom your personal information has been disclosed or will be disclosed;
  4. the planned duration of the storage of your personal data or – if specific information is not  available – the criteria for determining the storage time;
  5. the existence of a right to rectification or erasure of you personal data, a right to restriction of processing or a right of objection to such processing;
  6. the existence of a right of appeal to a supervisory authority;
  7. all available information about the origin of the data, if the personal data were not collected from the person itself;
  8. the existence of automated decision making including profiling according to art. 22 (1) and (4) GDPR and – at least in these cases – meaningful information about the involved logic as well as the consequences and the desired effects of such processing on the data subject.

You have the right to request information about whether your personal data is transmitted to a third country or to an international organization. In this context, you may request to be informed about the appropriate warranties in accordance with art. 46 GDPR in connection with the transmission.

b) Right to rectification
You have the right according Art. 16 GRPR to obtain form the controller the rectification and/or completion of incorrect personal data about you. The person in charge must make the correction without undue delay.

c) Right to restriction of processing
You can obtain from the person in charge the restriction of processing your personal data under the following conditions:

  1. if you deny the accuracy of your personal data, the restriction of processing applies for a duration that allows the person in charge to verify the accuracy of the personal data;
  2. if the data processing is unlawful and you refuse the deletion of the personal data and request the restriction of processing instead;
  3. if the person in charge for the personal data no longer needs your data for the purpose of processing, you may need the data however for assertion, pursuit or defense of any legal claims, or
  4. if you did object to the processing according to Art. 21 (1) GDPR and it is not established yet whether the legitimate reasons of the person in charge outweigh your reasons.

If the processing of your personal data has been restricted, this data – apart from their storage – can only be processed with your consent or in order to assert, exercise or defence any legal claims or for the protection of rights of another natural or legal person or for the sake of an important public Interest of the European Union or of a Member State. If the restriction on processing has been practiced in accordance with the above conditions, you will be informed by the person in charge before the restricted processing is terminated.

d) Right to erasure of data
You may request the deletion of your personal data without undue delay from the person in charge if one of the following reasons applies:

  1. Your personal data is no longer needed for the purposes for which it was collected or processed;
  2. You revoke your consent allowing the processing according Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. GDPR and therefore the legal basis for the processing no longer exists;
  3. You object  to the processing according Art. 21 para. 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing according Art. 21 para. 2 GDPR;
  4. Your personal data has been processed unlawfully;
  5. The deletion of your personal data is requested to comply with a legal obligation under Union or national law applicable to the person in charge;
  6. Your personal data has been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.

If deletion can not be done as the data is for legal legal purposes are required, there is a limitation of data processing. In this case, the data is locked and not processed for other purposes.

Exceptions
The right to erasure of data does not apply if the processing is necesary:

  1. to exercise the right to freedom of expression and information;
  2. to fulfill a legal obligation that is requiring the processing by Union or Member States law to which the controller is subject, or for the performance of a task carried out in the public interest or in exercise of official authority delegated to the person in charge;
  3. for reasons of public interest in the field of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 (3) GDPR;
  4. for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes acc. Art. 89 para. 1 GDPR, as far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing;
  5. to establish, exercise or defend legal claims.

e) Right to data transferability
You have the right to receive your personal data in a structured, commonly used and machine-readable format. In addition, you have the right to transfer this data to another person in charge without obstruction by the person in charge who provided the personal data, where:

  • the processing is based on a consent according Art. 6 para. 1 lit. a GDPR or Art. 9 (2) lit. a GDPR or on a contract acc. Art. 6 para. 1 lit. b GDPR and
  • the processing is carried out by automated procedures.

In exercising this right, you also have the right to request the transmission of your personal data directly from one person in charge to another person in charge as far as technically feasible.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task which is in the public interest or in exercise of official authority vested to the person in charge.
Freedoms and rights of others may not be affected by this right to data portability.

f) Right to object
You always have the right to revoke your consent to the processing of personal data with effect for the future processing and to obtain deletion or correction of your personal data. If the data are necessary to to fulfill the contract or to carry out precontractual measures, premature deletion of the data is only possible if contractual or statutory obligations allows deletion.

g) Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial recourse, you have the right to place a complaint to the supervisory authority if you believe that the processing of your personal data violates the GDPR.

Responsible supervisory authority regarding the GDPR provisions for data processing is the state officer of the federal state, in our case Bavaria. The link to the supervisory authority can be found here: https://www.bfdi.bund.de/SharedDocs/Adressen/DE/LfD/Bayern.html?nn=304054

The supervisory authority to which the complaint has been submitted shall inform the Complainant on the status and results of the complaint, including the possibility of a judicial recourse according Art. 78 GDPR.

6 Contact

If you have a request regarding correction, blocking, deletion or disclosure about your personal data or you have any questions regarding the collection, processing of your personal data or you wish to revoke any given consent, you may declare this informally:
 

by sending a letter to:

Böhm Exler Kuptsch GbR
Metzstraße 19
81667 München



last update: January, 31st 2023

Scroll to Top