Data protection information

1. Person responsible

Responsible person according to Art. 4 Abs. 7 DSGVO and other national data protection laws of the member states of the European Union as well as other data protection regulations is the

eEntwicklung.net GmbH
Freiheitstraße 124-126
15745 Wildau

Telephone +49 3375 527366
Fax +49 3375 527365
E-Mail webmaster@eentwicklung.net

2. Data Protection Officer

For questions, suggestions or comments on data protection and the enforcement of your rights, please contact our data protection officer:

Christian Asmus
Privacy Policy
eEntwicklung.net GmbH
Freiheitstraße 124-126
15745 Wildau

E-Mail datenschutz@eentwicklung.net

3. Definitions

We would like to explain some of the terms used and defined in the GDPR.

3.1 Personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter the "data subject").
A natural person is regarded as identifiable, directly or indirectly, in particular by association with an identifier such as a name, with an identification number, with location data, with an online identifier (eg IP address or cookies) or with one or more special features that are expressions of the physical, physiological, genetic, mental, economic, cultural, or social identity of this natural person can be identified.

3.2 Processing

Processing is any process performed with or without the aid of automated procedures or any such process associated with personal data.
# Basically, this includes any handling of personal data such as collecting, storing, altering, using, transmitting, disseminating, deleting or destroying, etc.

3.3 Responsible

The person responsible is the natural or legal person, public authority, body or other body that, alone or in concert with others, decides on the purposes and means of processing personal data.
The responsible person must ensure the permissibility of the data processing by the use of regularly to be examined technical and organizational measures.

3.4 Pseudonymization

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without additional information being provided, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.

3.5 Processor

A processor is a natural or legal person, agency, agency or other body that processes personal data on behalf of the controller.

3.6 Receiver

Recipient is a natural or legal person, agency, agency or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities that may receive personal data under a particular mission under Union or national law may not be considered beneficiaries.

3.7 Third party

Third party is a natural or legal person, public authority, body or agency other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or processor to process the personal data />
3.8 Consent

The consent is an expression of the data protection self-determination. It is the voluntary statement of intent, in an informed and unequivocal manner, in the form of a statement or other unambiguous confirmatory act, which indicates to the data subject that he / she agrees to the processing of the personal data concerning him.
A given consent can be revoked at any time.


4. General information on data processing

4.1 Scope of processing of personal data

Basically, we process your personal data only to the extent necessary to provide our online offers, content and services.
The collection and use of your personal data takes place regularly only after a consent or if the processing of the data is permitted by law.

4.2 Legal basis for the processing of personal data

In the data protection the so-called prohibition with reservation of permission applies. Accordingly, the processing of personal data is fundamentally unlawful, unless it is the consent of the person concerned or it is legitimized by a legally regulated reason for permission.
We are obliged to inform you about the legal basis of the data processing.
If we obtain your consent for the processing of personal data, Art. 6 para. 1 lit. a DSGVO as legal basis.

For processing operations that are necessary to fulfill a contract between you and us or to carry out pre-contractual measures, Art. 6 para. 1 lit. b DSGVO as legal basis.
If the processing of personal data is required to fulfill a legal obligation that we are subject to, such as statutory storage and storage obligations, Art. 6 para. 1 lit. c DSGVO as legal basis.

In the event that vital interests of the data subject or any other natural person require the processing of personal data, Art. 6 (1) lit. d DSGVO the legal basis.
If the processing is necessary for the protection of our or the legitimate interests of a third party and your interests, fundamental rights and fundamental freedoms do not outweigh the former interest, the processing of personal data by Art. 6 para. 1 lit. f DSGVO legitimized.

4.3 Disclosure of personal data to third parties and processors

Basically, we do not disclose any personal data to third parties without your express consent. If, in the course of the processing, we nevertheless disclose your data to third parties, forward them to them or otherwise grant them access to the data, this will also be done exclusively on the basis of one of the legal bases mentioned.
If required by law or court order, we must submit your information to authorized sources.

In part, we use to process your data carefully selected external service providers. Should data be passed on to service providers as part of a so-called order processing, this is done on the basis of Art. 28 DSGVO.
Our processors are carefully selected, follow our instructions and are regularly audited by us. We only commission those processors who have reasonable guarantees that appropriate technical and organizational measures are taken to ensure that the processing is carried out in accordance with the requirements of DSGVO and BDSG-new and that the rights of the user are protected.


4.4. Data transmission in third countries

The GDPR guarantees an equally high level of data protection within the European Union.
When selecting our service providers and cooperation partners, we therefore rely on European partners, if possible, to process your personal data.
Only in exceptional cases will we have data processed outside the European Union or the European Economic Area in the context of the use of third party services.

We only permit processing of your data in a third country if the special requirements of Art. 44 et seq. DSGVO are met.
This means that the processing of your data can then only be based on special guarantees, such as the officially recognized by the EU Commission establishing an EU level of data protection compliance with officially recognized special contractual obligations, the so-called "standard contractual clauses". We require US service providers to use these standard terms or to submit to the Privacy Shield, the privacy agreement negotiated between the European Union and the United States (privacyshield.gov).

4.5 Deletion of data and storage time

Once the purpose for storage is removed, we will delete or block your personal information. In addition, however, such storage may be made as provided for by the European or national legislature in EU regulations, laws or other regulations to which we are subject. This concerns z. For example, data that must be kept for commercial or tax reasons, such as billing data for subscriptions. A blocking or deletion of your data takes place when a storage period prescribed by these regulations expires, unless there is a need for further storage of the data for a contract or fulfillment of the contract.

4.6 Existence of Automated Decision Making

We completely dispense with automatic decision-making or profiling.

5. Affected rights

If personal data are processed by you, you are a victim within the meaning of the GDPR. The person responsible to us has the following rights:

5.1 Right to revoke a data protection consent declaration

If the processing of the personal data is based on a given consent, you have the right at any time to revoke this consent.
The revocation does not affect the legality of the processing carried out on the basis of the consent until the revocation.


5.2 Right to information

You have the right to ask us to confirm that we are processing personal information concerning you.
If this is the case, you can request information about the following information:

the processing purposes;
the categories of personal data being processed;
the recipients or categories of recipients to whom the personal data have been disclosed or are yet to be disclosed, in addition to whom you have the right to provide the appropriate safeguards in accordance with Art. 46 GDPR in connection with the transfer to a third country or an international organization to become;
if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration;
the existence of a right to rectification or deletion of personal data concerning you or to restriction of our processing or of a right to object to such processing;
the existence of a right of appeal to a supervisory authority;
if the personal information is not collected from you, all available information about the source of the data;
the existence of automated decision-making including profiling in accordance with Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, and the scope and intended impact of such processing on the data subject.

We will provide you with a copy of the personal data subject to processing within one month of receipt of your request for information. For any additional copies you request, we may charge a reasonable fee based on administrative costs. If you submit the application electronically, we will provide you with the information in a standard electronic format, unless you specify otherwise.

5.3 Right to correction

You have the right to demand immediate correction of your personal data from us if it is incorrect. In consideration of the purposes of processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary statement.


5.4 Right to cancellation ("right to be forgotten")

You have the right to request that personal data relating to you be deleted immediately, and we are obliged to delete personal data immediately if one of the following reasons applies:

The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
They revoke their consent, on which the processing was based, and lack any other legal basis for processing.
You object to the processing and there are no prime legitimate grounds for processing, or you object to the processing.
The personal data was processed unlawfully.
The deletion of personal data is required to fulfill a legal obligation under EU or national law.
The personal data were collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.

If we have made public the personal data relating to you and we are obliged to delete them, we shall take appropriate measures, including technical means, to inform data controllers who process the personal data, taking into account available technology and implementation costs that you have requested that you delete any links to this Personal Information or copies or replications of such Personal Information.

The right to cancel ("right to be forgotten") does not exist if the processing is required:

to exercise the right to freedom of expression and information;
to fulfill a legal obligation that requires the processing under the law of the Union or the Member States to which we are subject, or to perform a task of public interest or in the exercise of official authority that has been delegated to us;
for reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) GDPR;
for archival purposes of public interest, for scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) GDPR, in so far as the right to erasure is likely to render impossible or seriously affect the achievement of the objectives of that processing, or
to assert, exercise or defend legal claims.

5.5 Right to restriction of processing

You have the right to request that we restrict the processing of your personal data if any of the following conditions apply:

You deny the accuracy of your personal information for a period of time that enables us to verify the accuracy of your personal information;
the processing is unlawful and you request the restriction of the use of your personal data instead of the deletion;
We no longer need your personal information for processing purposes, but you do need it to assert, exercise, or defend your rights, or
You have objected to the processing, as long as it is not certain that our legitimate reasons prevail over your reasons.

If the processing has been restricted in accordance with the above-mentioned conditions, these personal data will only be stored with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important reasons public interest of the Union or of a Member State.

If the restriction on processing has been restricted in accordance with the above requirements, we will inform you before the restriction is lifted.


5.6 Data transferability right

You have the right to receive the Personal Data You provide to us in a structured, common and machine-readable format, and you have the right to transfer that information to any other person without hindrance from us, provided the processing based on consent or on a contract, using automated procedures.

In exercising the right to data portability, you may obtain that personal information be transmitted directly by us to another controller, as far as technically feasible. The exercise of the right to data portability is without prejudice to the right of cancellation (the right to be forgotten). This right does not apply to any processing necessary for the performance of a task assigned to us which is in the public interest or in the exercise of official authority.

5.7 Right to object

For reasons arising from your particular situation, you have the right at any time against the processing of personal data relating to you which, on the basis of Art. 6 para. 1 lit. e or f DSGVO takes an objection. This also applies to profiling based on these provisions. We will then no longer process your personal information unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.

5.8 Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, employment or the place of alleged infringement, if you believe that the processing of your personal data is contrary to the GDPR violates.

6. Use of our online offers

As a matter of principle, you can not use our online offer without disclosing your identity. In this section we will explain to you when and in which context we process data when using our online services,
which offers from service providers and cooperation partners we have implemented, how they work and what happens to your data.

6.1 Data collection when visiting our websites

When accessing our websites, we collect the following data, which is technically necessary for us to be able to display our websites and to ensure stability and security.

IP address of the user
Date and time of inquiry
Content of the request (concrete page)
Access status / HTTP status code
each transferred amount of data
Website that receives the request
Operating system of the user
Language and version of the browser software.

This data is temporarily stored in the log files of our system for a maximum of ten days.
Further storage is possible, but in this case the IP addresses are partially deleted or alienated, so that an assignment of the calling client is no longer possible.
The legal basis for these processing operations is Art. 6 (1) lit. f DSGVO.

Since the collection of the data for the display of the websites and the storage of the data in log files for the operation of our websites and the preservation of the IT security is absolutely necessary, you have no possibility to contradict.

6.2 Use of Cookies

In addition to the above-mentioned data, when using our websites, cookies are stored on your device during or after your visit to our online services.
These are small text packages that can be sent from a website to the browser and stored by it and then sent back.
In cookies, different information can be stored, which is read by the body that sets the cookie.
They usually contain a characteristic string (ID) that allows the browser to be uniquely identified when the website is called again or when a page break occurs.
First and foremost, they serve to make our online offers more user-friendly and effective overall.
The data collected in cookies of the users are pseudonymized by technical precautions, whereby an assignment of the data to the calling user is usually no longer possible.

We use different types of cookies:

Transient cookies, also referred to as temporary or "session cookies", are cookies that are deleted after you leave our online offering and close your browser. In such cookies z. Eg language settings or the contents of a shopping cart.
Persistent or permanent cookies, even after closing the browser saved. So z. B. the login status or entered search terms are stored. We use such cookies among other things for range measurement or marketing purposes. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. However, you can always delete these cookies in the security settings of your browser.

In addition to so-called "first-party cookies", which are set by us as the data controller, "third-party cookies" are used, which are offered by other providers.
An example of "third party cookies" are the cookies resulting from the use of BING cards.

The legal basis for the processing of personal data using cookies is Article 6 (1) lit. f DSGVO.

6.3 Use of the email address

In the user account an eMail address can be deposited. This email address will be used to send you status change notifications.
A transfer of the eMail address to third parties is excluded. You can also use our online offers with a customer account without a stored email.
A notification of status changes made will not be executed if no eMail is stored.

6.4 Registration function / customer account

To use our online offers a user account is required.
Which personal data is transmitted to us and stored, results from the respective input mask and the information provided during the registration.
The data entered during registration will be used for the purpose of using our offers.
Offer or registration-relevant information, such as changes in the scope of the offer or technical circumstances, you will receive by e-mail.
You have the possibility to cancel your user account at any time. In this case your data will be deleted, unless we are obliged to keep for commercial or tax reasons.

Legal basis for the processing of the data is in the presence of your consent Art. 6 para. 1 lit. a GDPR.
If the registration serves the fulfillment of a contract of which you are a party or the implementation of pre-contractual measures, then additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

In the context of the use of our registration and registration functions as well as the use of the user account, we may store the IP address and the time of the respective user action. The storage is based on our legitimate interests, and serves to protect against misuse and other unauthorized use. A transfer of these data to third parties does not take place, unless it is necessary for the prosecution of our claims or there is a legal obligation. The legal basis for this collection and storage is Art. 6 para. 1 lit. c DSGVO.
The IP addresses will be anonymized or deleted after 7 days at the latest.

6.5 Contact Forms and Email Contact

On our online offers you will find contact forms and a "contact widget" that can be used for electronic contact.
Among other things, we fulfill the legal requirement to enable a fast electronic contact with us.
If you use this option, your details will be used for the purpose of answering the request in accordance with Art. 6 para. 1 lit. c DSGVO processed and stored automatically.
We delete the requests, if these are no longer necessary and no legal archiving obligations apply.

6.6 User Activities

As a registered user, you have the opportunity to do certain actions on our online offer. This includes, in particular, uploading and downloading data and changing configurations. We will then determine the timing of the actions together with your account on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f. Save DSGVO.
This is done for reasons of traceability, if these actions violate the rights of third parties.
In this case, we as the operator ourselves can be prosecuted for the action and are therefore interested in the identity of the author. There is no disclosure of this data to third parties, unless such disclosure is not required by law or serves our legal defense.
Basically, you will also see all the records you have prompted in the log.
Bear in mind that these records can also be viewed in the log by other authorized persons - especially administrators.

6.7 eBug

As a registered user you may have the opportunity to leave comments, requests and errors in the eBug system. We will then determine the date of publication together with your account on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f. Save DSGVO.
This is done for reasons of comprehensibility, if the contributions infringe the rights of third parties or leave illegal content (insults, defamation, inciting content, etc.).
In this case, we ourselves can be prosecuted for the post and are therefore interested in the identity of the author. There is no disclosure of this data to third parties, unless such disclosure is not required by law or serves our legal defense.
Keep in mind that posts are accessible to each logged in user. You should carefully review your posts before publication to see if they contain information that is not intended for other users.

6.8 Newsletter

In some areas of our online offers we offer you the opportunity to subscribe to one of our free e-mail newsletters.
We only send these newsletters with your consent or on the basis of a legal permission. When registering for a newsletter, the data from the input mask (name and e-mail address) are transmitted to us and stored as long as the subscription to the newsletter is active.

For the processing of this data for the purpose of sending a newsletter, your consent will be obtained and referred to this Privacy Policy.
The legal basis for processing your data if you have given your consent to receive newsletters is Article 6 (1) lit. a DSGVO.

6.9 External Links

Our online offer contains links to card service providers. We have no control over their operators adhering to the privacy policy.

7. Children

Our offer is basically for adults. Persons under the age of 16 may not submit any personal data to us without the consent of their parents or guardians.

8. Changes

The rapid development of the Internet requires from time to time adjustments in our privacy policy. You will be informed about the changes at this point.

Wildau, May 25, 2018