We are pleased about your visit on our Internet presence. We take the protection of your personal data seriously and adhere to the rules of the legal regulations, in particular the data protection laws. The terms used in this declaration are to be understood in a gender-neutral way and include both the female and male form.
1. Information on the collection of personal data
1.2. Responsible according to article 4 paragraph 7 of the EU data protection basic regulation (GDPR) are we, Dr. phil. Jörg Berchem, OMIMEE Ltd., Tanga, Tanzania, email@example.com. You can find all information about us in our imprint. You can reach our responsible employees for data protection officers at: firstname.lastname@example.org or our postal address with the addition "the data protection officer".
1.3. To contact us, you can send us an e-mail or use the contact form provided on our website. In order to be able to answer your inquiry, a valid e-mail address is required. If you wish, you can use an e-mail address that does not allow any conclusions about your person. If you write us an e-mail or send us a message via the contact form, we store the data you provide (e.g. your e-mail address, your name and telephone number if applicable) in order to answer your questions. If storage is no longer necessary, we delete the personal data collected. If there is a legal obligation to retain data, we will restrict the processing. The legal basis for data processing for the purpose of contacting you is Art. 6 Paragraph 1 S. 1 lit. f GDPR.
1.4 We would like to point out that data transmission by e-mail can have security gaps. A complete protection of data against access by third parties is not possible here. We therefore recommend not to transmit health-related data by e-mail. If you are interested in encrypted e-mail correspondence, please let us know.
1.5 For individual functions of our website we require the cooperation of external service providers. We will inform you about the respective processes in the further course of this declaration.
2. Collection and storage of personal data when accessing our website
2.1 If you use our Internet presence for information purposes - i.e. merely view it - we collect the personal data that your browser automatically transmits to the server of our website when you call it up. This information is temporarily stored in a so-called "log file". The following information is recorded without your intervention and stored until it is automatically deleted:
IP address of the requesting computer,
Date and time of the request or access,
Time zone difference to Greenwich Mean Time (GMT),
Content of the request (concrete page),
Name and URL of the retrieved file,
Access status/HTTP status code,
amount of data transferred in each case,
Website from which the request or access is made (referrer URL),
Operating system of your computer and its interface as well as the name of your access provider,
Language and version of the browser software.
2.2 We process the above-mentioned data in order to display our website for you and to ensure stability and security. In particular to ensure a smooth connection and comfortable use of our website as well as for an evaluation of the system security or system stability and for other administrative purposes.
2.3 The legal basis for data processing is Art. 6 Paragraph 1 S. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above.
3. Transfer of data / data transmission
We only transfer your personal data to third parties in the following cases:
3.1 - after granting an explicit consent according to art. 6 para. 1 sentence 1 lit. a GDPR,
3.2 - according to Art. 6 para. 1 sentence 1 lit. f GDPR the disclosure is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
3.3. if there is a legal obligation to pass on the data in accordance with Art. 6 Para. 1 S. 1 lit. c GDPR,
3.4. to the extent permitted by law and required by Art. 6 para. 1 sentence 1 lit. b GDPR for the processing of contractual relationships with you.
4. Your rights
You have rights against us with regard to the personal data concerning you. This concerns the:
4.1 - Right of access: in accordance with art. 15 of the GDPR, you have the right to request information about your personal data processed by us.
4.2 - Right of rectification: in accordance with Article 16 of the GDPR, you may request without delay the rectification of incorrect or incomplete personal data held by us.
4.3 - Right of deletion: according to art. 17 of the GDPR, you can request the deletion of your personal data held by us.
4.4 - Right to limit processing: in accordance with Art. 18 of the GDPR, you can request that the processing of your personal data held by us be limited.
4.5 - Right to object to processing: according to Art. 7 para. 3 of the GDPR, you may revoke your consent to our processing at any time.
4.6 - Right to data transfer: in accordance with Art. 20 of the GDPR, you can request to receive your personal data that you have provided us with in a structured, common and machine-readable format, or you can request that they be transferred to another responsible party.
4.7 - You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us in accordance with Article 77 of the GDPR.
5. Cookies5.1 In addition to the data mentioned in point 2, so-called cookies are stored on your end device (laptop, tablet, smartphone or similar) when you use our website. These are small text files that are stored on your hard disk assigned to the browser you are using; cookies provide the party that sets the cookie with certain information. Cookies are used to make our Internet offer more user-friendly and effective. We do not gain direct knowledge of your identity through cookies. Cookies cannot execute programs or transfer viruses to your computer.
Why are cookies needed for the order function? If you use the shopping cart function, e.g. if you place goods in the shopping cart, the use of cookie technology prevents the information from the shopping cart from being transmitted to our server. Instead, the contents of the shopping cart and any other data entered during the ordering process are stored on your computer as cookies. Temporary storage is essential, because your shopping cart should only be accessible to you and at the same time the goods you have ordered or the data you have entered must be noted / stored somewhere until the order is sent to us. For reasons of data security, this storage takes place as a cookie on your computer.
5.3.2 You can also visit our website without cookies. To do so, you must configure your browser settings so that they do not accept cookies. In this case, you may not be able to use all functions of our website.
5.4 The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.
5.5. We will inform you about cookies that are set by integrated services (e.g. Vimeo) under point 6 of this statement.
6. Further functions and offers of our website / integration of services and contents of third parties (plug-in providers)
In addition to the purely informative (viewing) use of our website, we offer various services which you can actively use if you are interested. This will trigger further data processing procedures. As a rule, you will have to provide further personal data; these will be used to provide the respective service. The use of the following services requires that the third party providers learn your IP address; without the IP address, the content cannot be transmitted to your browser.
The following offers / services from third parties are integrated into our Internet presence. The data processing described below is necessary to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. These lie in particular in the optimisation and convenient use of our website and the design of our Internet presence. The integration is necessary in each case in order to be able to use the offers of the third parties on our website.
6.1 Integration of Vimeo videos (a service of Vimeo Inc)
6.1.2 All videos are integrated by us via an html code provided by Vimeo. We have no influence on any data transmission. When you visit a website with the plugin, a connection to the Vimeo servers is established. Vimeo is informed that you have called up a page on which the corresponding video is linked and displayed. When you click on the play button of a video, this information is also associated with your Vimeo user account, if you have one and are logged in. If you do not wish to be associated with your Vimeo profile, you will need to log out of your account before playing the video and delete any cookies that may have been set.
6.1.3 When you visit the website, Vimeo receives information that you have visited the corresponding subpage of our website. In addition, the data mentioned in point 2 of this statement will be transmitted. This is done even if you do not have a Vimeo user account or are not logged in.
If you are logged into your Vimeo account, your data will be associated with your Vimeo account. If you don't want your profile to be associated with Vimeo, you will need to log out of your account before you can play the video.
6.1.5 You have the right to object to the creation of these user profiles. To exercise this right, please contact Vimeo.
Vimeo also processes your personal data in the USA.
6.2 Integration of Google Maps
We refrain from integrating Google Maps to prevent the transmission of data to Google.
6.3 Use of social media plug-ins
6.3.1 We deliberately do not use social media plug-ins.
6.3.2 Should you come across our pages on so-called "social media" (e.g. Facebook) on your own ways, the following applies: We have no influence on the data and data processing procedures collected when visiting these pages, nor are we aware of the full extent of the data collection, the purposes of processing, the storage periods. We also have no information about the deletion of the collected data by the social media provider. Should you have any concerns regarding data protection at social media, we advise against visiting these pages.
6.4 Use of Google Analytics
We do not use Google Analytics or similar services to prevent the transmission of data to such companies.
7.1 If you would like to receive the free newsletter available on our website, a one-time registration is required, stating your e-mail address. If you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, we will use your e-mail address to send you our newsletter on a regular basis.
Within the framework of a registration for the newsletter, we describe its contents. If goods and services are advertised, we will mention these in the declaration of consent. This information is decisive for your consent. In addition, we inform you in our newsletter about the following topics: our services; further education, regional groups, congresses, seminars, offers, promotions, news; information about our company.
7.2 For the registration to our newsletter we use the so-called double-opt-in procedure. After your registration, we will send you an e-mail to the e-mail address you provided. In this confirmation e-mail you will be asked to confirm that you wish to receive the newsletter at the address you have provided. This procedure serves to avoid accidental registrations or unwanted registrations by unauthorized persons. If you do not confirm your registration within 24 hours, your data will be blocked and deleted after one month. In addition, we store your IP addresses and the time of registration and confirmation. This serves to prove your registration and to be able to clarify a possible abuse of your personal data.
7.3 Your e-mail address is the only compulsory information for the sending of the newsletter. The indication of further, separately marked data is voluntary. For example, you can enter a name that we use to address you personally. After your confirmation we will save your e-mail address for the purpose of sending you the newsletter. The legal basis for this is Art. 6 Paragraph 1 S. 1 lit. a GDPR.
7.4 You can revoke your consent to receive our newsletter at any time and unsubscribe from the newsletter. You can revoke your consent by clicking on the link provided in every newsletter e-mail, by e-mail to email@example.com or by sending a message to the contact details given in the imprint.
8. Use of our webshop and/or booking system
8.1 If you want to order in our booking system/webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order. Mandatory data necessary for the processing of the contracts are marked separately, other data are voluntary. We process the data provided by you to process your booking. For this purpose we can pass on your payment data to our house bank. The legal basis for this is Art. 6 para. 1 p. 1 lit. b GDPR.
You can also voluntarily create a customer account, through which we can store your data for further purchases at a later date. When you create an account under "My account", the data you provide will be stored revocably. You can always delete all other data, including your user account, in the customer area.
8.2 We may also process the data you have provided in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information, provided this is legally permissible.
8.3 We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. However, after two years we will restrict the processing, i.e. your data will only be used to comply with the legal obligations.
8.4 To prevent unauthorised access by third parties to your personal data, in particular financial data, the ordering process is encrypted using TLS technology.
9. Use of our portal / password protected customer area
9.1 If you wish to use our newsletter and customer area, you must register by entering your membership number, a password of your own choice and your freely selectable user name. There is no obligation to use clear names, pseudonymous use is possible. We use the so-called double-opt-in procedure for registration, i.e. your registration is only complete once you have confirmed your registration by clicking on the link contained in a confirmation e-mail sent to you for this purpose. If your confirmation is not received within 24 hours, your registration will be automatically deleted from our database. The provision of the above-mentioned data is obligatory; you can provide all further information voluntarily by using our portal.
9.2 If you use our portal, we store your data required for the fulfilment of the contract, including details of the method of payment, until you finally delete your access. Furthermore, we store the voluntary data provided by you for the time of your use of the portal, unless you delete them first. You can manage and change all data in the protected customer area. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR.
9.3 In order to prevent unauthorised access to your personal data by third parties, the connection is encrypted using SSL/TLS technology.
9.5. DHL. To ship your physical goods we use the services of the shipping logistics company DHL. In order to send you the physical goods you have ordered, we transmit your name, address and the weight of the shipment to DHL either by means of an address label alone or by using a module for automatically creating parcel labels. Without transmitting this data to DHL, we will not be able to send you your ordered goods. How the company DHL stores and processes your data is beyond our influence, please refer to the data protection information of Fiorma DHL.
10. Auftragsverarbeitung durch Server ProviderOur website and our e-mails are maintained by
1&1 Internet SE
Elgendorfer Street 57
E-mails sent to us and data entered on the website are therefore stored and processed on the servers of 1&1 Internet SE. A contract for order processing exists between us and 1&1 Internet SE in accordance with Art. 28 GDPR.
The contact person for all data protection issues arising within the scope of this contract is
1&1 Internet SE
The Data Protection Officer
Elgendorfer Str. 57
11. Objection or revocation against the processing of your data
11.1 Insofar as we process your personal data on the basis of legitimate interests pursuant to Art. 6 Para. 1 sentence 1 lit. f GDPR, you may object to the processing of your personal data pursuant to Art. 21 GDPR. In this case, please inform us of the reasons - arising from your particular situation - why we should not process your personal data. After examining your objection, we will either stop processing your data, adapt it or continue processing. In the latter case, we will inform you of our compelling reasons worthy of protection.
11.2 You may object to the processing of your personal data for the purposes of advertising and/or data analysis at any time without giving reasons. We will implement your right of objection in this respect; it is not necessary to state reasons for this.
11.3 If you have given your consent to the processing of your data, you can revoke it at any time with effect for the future.
11.4 To exercise your right of revocation or objection, please send an e-mail to the following address: firstname.lastname@example.org. You can also inform us of your objection or revocation by using the following contact details: contact.
We use SSL encryption on our website to protect your data. Certificates for the use of SSL encryption are regularly renewed by us. You can tell whether a page on our website is being transmitted in encrypted form by the closed display of the key/lock symbol in the status bar of your browser.
13. Further questions
This data protection declaration is valid as of 15 June 2018.