Datenschutzinformation

With this information, the responsible entity designated under number 1 informs the user of the website (“you” or “user”) according to Art. 13 and 14 of the General Data Protection Regulation (GDPR) about the collection and processing of personal data. We also inform you when we store information in the terminal device that you use when accessing our websites or when we access information that is already stored in your terminal device.

For the use of websites of other providers, to which reference is made e.g. via links, the data protection information there applies.

A General information

1 Controller and data protection officer

1.1 The controller for the processing of data for this website is: Gisela Walter, 71229 Leonberg, Im Mahdental 58, cf. Art. 13 para. 1 a and Art. 14 GDPR.]

1.2 You can contact the data protection officer by e-mail at giw@myprint-online.de, or at the address given under number 1.1. with the addition “for the attention of the data protection officer”.

1.3 Our website is hosted by ALL-INKL.COM (www.all-inkl.com), i.e. it is technically made available on the web servers of this web host.

2 Rights of data subjects

If we collect personal data from you, you have, as a “data subject”, the following rights:

2.1 Right to information

You can request information according to Art. 15 GDPR about your personal data that we process.

2.2 Right to object

You have the right to object for the special reasons of Art. 21 para. 1 DS-GVO. We will inform you separately about this under “B”.

2.3 Right to rectification

If the information concerning you is not (no longer) correct, you can request rectification in accordance with Art. 16 DS-GVO. If your data is incomplete, you can request completion.

2.4 Right to erasure

Under the conditions of Art. 17 DS-GVO, you can request the erasure of your personal data.

2.5 Right to restriction of processing

In the cases of Art. 18 DS-GVO, you have the right to request a restriction of the processing of your personal data (“blocking”).

2.6 Right to lodge a complaint

If you believe that the processing of your personal data violates data protection law, you have the right under Art. 77 para. 1 DS-GVO to lodge a complaint with a supervisory authority of your choice.

2.7 Right to data portability

In the event that you have provided us with personal data in accordance with Art. 20 para. 1 DS-GVO, you have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties in a structured, common and machine-readable format. The collection of data for the provision of the website and the storage of log files (see section 3.1 below) is mandatory for the operation of the website. They are therefore not based on consent pursuant to Art. 6 para. 1 letter a DS-GVO or on a contract pursuant to Art. 6 para. 1 letter b DS-GVO, but on Art. 6 para. 1 letter f DS-GVO. The requirements of Art. 20 para. 1 DS-GVO are therefore not fulfilled in this respect.

3 Procedure: Provision of the website and creation of log files

3.1 What data is processed for what purpose?

When accessing content on the website, information (data) is temporarily collected and stored by the web server of our web host, where our website is stored, from the internet browser of the calling computer or end device of the user. This data may enable identification of the user and is therefore personal data.

3.1.1 The following data is collected and stored by our web host:

• IP address of the user,
• Date and time of the call to the website,
• the protocol, e.g. HTTP,
• the request method “Get” or “Post”,
• Content for the request or specification of the retrieved file that was transmitted to the user,
• the access status (successful transmission, error, etc.),
• the amount of data transferred in bytes,
• incoming and outgoing data traffic (“traffic”),
• a process identification number (“process ID”),
• the time it took for the web server to respond to the user’s request,
• the website from which the user accessed the website,
• the browser used by the user, the operating system, the interface, the language of the browser, and the version of the browser software.
  
  

3.1.2 The temporary storage of this user data is necessary for the duration of a website visit in order to enable delivery of the website. For this purpose, the IP address of the user must necessarily be stored for the duration of the session (i.e. the website visit).

3.1.3 Further storage of the IP address with the aforementioned data from the above list beyond this purpose is carried out in log files. This is done so that our web host can ensure the functionality of the website and the security of the information technology systems.

3.2. On what legal basis is this data processed?

The data from section 3.1 are collected and processed by our web host for the stated temporary storage purpose and also for the further storage purpose according to Art. 6 para. 1 letter f GDPR. This purpose also includes the legitimate interest in data processing. This legitimate interest is the interest of our web host, but also our legitimate interest in a functional website.

3.3. Are there any recipients of the aforementioned data other than the controller?

Our web host has technical access to the data mentioned in 3.1 as our processor.

3.4. How long are the data stored?

The data from 3.1.1 are deleted as soon as they are no longer required for the purpose of their collection. When providing the website, this is the case when the respective session is terminated. The log files are stored for a maximum of 7 days, unless a security event requires longer storage.

3.5. Is there an obligation to provide the data?

You must provide the data from 3.1 to our web host. Otherwise, you will not be able to use our website technically and our web host will not be able to guarantee secure technical operation.

4 Procedures of data processing

4.1 Data and information processing requiring consent

Insofar as we may only collect and process personal data with your consent, we will inform you about this in our consent banner (consent banner) in the context of the consent dialogue.

4.2 Use of e-mail address and contact form data based on legitimate interests

4.2.1 Which data are processed for what purpose?

Insofar as we provide you with an e-mail address and a contact form with input fields, this serves the purpose that you can contact us. If you transmit personal data to us, these will be stored by us and used for the purpose of contact.

4.2.2 On what legal basis are these data processed?

The data from section 4.2.1 are processed on the basis of Art. 6 para. 1 letter f GDPR (legitimate interest of us as the responsible party). If your request is aimed at concluding a contract, then Art. 6 para. 1 letter b GDPR is an additional legal basis (initiation, conclusion and execution of a contract).

4.2.3 Are there any recipients of the aforementioned data besides the controller?

Our web host has technical access to the data in 4.2.1 as our processor.

4.2.4 How long are the data stored?

The data from 4.2.1 are deleted as soon as they are no longer necessary for the achievement of the purpose for which they were collected. For the personal data that were sent to us by e-mail or via the contact form, this is the case when the respective correspondence with the user is terminated and the storage is not required for other reasons. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

4.2.5 Is there an obligation to provide data?

You are not obliged to provide us with data from 4.2.1. You do not have to communicate with us.

4.3 Use of the session cookie “wbk_sid” due to legitimate interests

4.3.1 What data is processed for what purpose?

As soon as you use the login form or the contact form, the session cookie “wbk_sid” is stored on your device by default. This cookie contains a long combination of numbers and letters (“ID”). The purpose of the cookie is to recognize the user as such in the event of a call to submit login data or contact information and to distinguish it from abusive users (e.g. SPAM bots).

4.3.2 On what legal basis are this data processed?

Although the information in this cookie constitutes personal data, the use of the “wbk_sid” cookie does not require data protection consent, because the data processing is necessary to safeguard the legitimate interests of the website operator and because the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data do not outweigh them. The legal basis for data processing is therefore Art. 6 para. 1 sentence 1 letter f DS-GVO.

4.3.3 Are there any other recipients of the aforementioned data?

Our web host has technical access to the data mentioned in 4.3.1 as our processor on behalf of us.

4.3.4 How long will the data be stored?

If the user closes the browser, the cookie is automatically deleted from the user’s operating system. It therefore only applies for the duration of the visit to the website (session cookie).

4.3.5 Is there an obligation to provide data?

You are obliged to provide us with data from 4.3.1. Otherwise, you cannot use the login form or the contact form.

4.3.6 Consent to the use of cookies?

Your consent to the storage of information about the “wbk_sid” cookie on your end device or our access to this information stored on your end device is unnecessary because storage and/or access is absolutely necessary for you to use the login form or the contact form (§ 25 para. 2 no. 2 TTDSG).

5 Processing of information from your devices

5.1 Insofar as we wish to store information in the end device that you use when visiting our websites and/or wish to access information that is already stored on your end device, we ask you for your consent on the basis of clear and comprehensive information. This is done via a consent banner used by us. We obtain any necessary consent before accessing your device. Your consent can be revoked by you at any time. However, for certain purposes specified by law, your consent is not required, so we do not ask for it in these cases. Consent is not required if the sole purpose of storing information in the end device of the end user or the sole purpose of accessing information already stored in the end device of the end user is to transmit a message over a public telecommunications network. On the other hand, consent to the use of your device is not required if the storage of information in the end device of the end user or the access to information already stored in the end device of the end user is absolutely necessary so that we, as a provider of a telemedia service, can provide a telemedia service expressly requested by the user.

5.2 Such accesses to end devices are possible via certain technologies. The best-known technology concerns cookies. Cookies are objects that can be stored in the Internet browser or by the Internet browser on the user’s end device. When a user accesses a website, the server of the operator of the website or a third party can read the cookie stored there via the user’s operating system and thus the information stored therein. A cookie may, but does not have to, contain a characteristic string that enables the unique identification of the user’s browser when the website is accessed again.

5.3 The user can prevent or restrict the installation of cookies by adjusting his browser settings accordingly. Cookies that have already been stored can also be deleted by the user at any time via his browser. The settings for this depend on the respective browser. However, if the user prevents or restricts the installation of cookies, this may result in not all functions of the website being fully usable. What applies to cookies also applies to other technologies that use the user’s end device.

5.4 Consent-requiring cookies and similar technologies: Our consent banner (consent banner) on the website informs about the consent-requiring cookies and similar technologies.

5.5 Non-consent-based cookies and similar technologies: We have internally documented that consent is not required under § 25 (2) TTDSG for the non-consent-based cookies and similar technologies.

6 Consent banner (Consent-Banner)

6.1 In order to obtain your legally required consent for certain services or functions or to respect your revocation in this regard, a consent banner will be displayed to you (Consent-Banner). Your consent or non-consent concerns our use of your terminal device (computer, laptop, smartphone, tablet) by cookies or similar technologies, whereby information can be stored on or read from your terminal device. Your consent may also be required for the processing of personal data by us or third parties pursuant to Art. 6 (1) sentence 1 letter a DS-GVO, which is connected with your use of our websites. In certain cases, the law allows us to use your terminal device without your consent and/or to process your personal data subsequently without your consent.

6.2 Via the consent banner, we inform you about all services or functions that require your consent before we use the service or function. The consent banner consists of an overview of all consent-based processing operations and describes details for each one, so that you as a user can assess the meaning and scope of your consent. You can consent to each operation by activating a button/click area or reject it by deactivating it. There are three possibilities of decision:

- Choosing “Make and save selection” means that the user’s decision is saved as he made it through his selection via the buttons/click area. All services and functions that require consent and that the user agrees to are active and can be used. The services and functions that cannot be used without consent are not integrated on the website.

• Choosing “Reject all and save” means that this decision is not saved. The user’s decision is thus that he does not consent to anything that requires his consent and has the consequence that all services and functions that require consent do not work for this user. The banner is hidden.

• Choosing “Accept all and save” means that all services and functions that require consent are “sharp”. This means that you have given consents according to the DS-GVO and also agree to the use of your end device. The banner is then hidden.
  
  In the course of his further use of the websites, the user can actively cause the consent banner to appear by revoking a consent he has given or by obtaining a consent that was not initially required. To do this, he clicks on the link “Consent Settings”. The consent banner appears again.

Your consent can thus be revoked at any time with effect for the future. A later revocation no longer affects the legality of the access or the storage of information that took place until the revocation.

6.3 All three decisions of the user (“Make and save selection”, “Reject all and save” or “Accept all and save”) are each stored on the user’s end device via the browser of the user’s end device in the so-called “Local Storage”. The storage there is permanent. The information is stored in the object “wbkConsent”. This technique is not a cookie in the proper sense. The information in the “wbkConsent” also has no personal reference, i.e. the user is not recognized again when he calls up the website of the WBK user again. The selection decision for consent is not stored on our server. This use of the user’s end device is free of consent according to § 25 para. 2 no. 2 TTDSG (user request).

7 Technical measures

7.1 SSL/TSL

Our websites are equipped with an active SSL or TLS encryption for security reasons and to protect the transmission of confidential content, for example by means of requests that you send to us as the site operator. An encrypted connection can be recognized by the fact that the address line of the browser changes from “http://” to “https://” and a lock symbol is visible in the browser line. As a result of this encryption, data that you transmit to us cannot be read by third parties.

7.2 End-to-end communication

If you contact us via an e-mail address provided on our websites, the transport of the content of the e-mail to us is not end-to-end encrypted. This means that the e-mails are usually encrypted during the transport via the involved e-mail providers, but are stored unencrypted on their servers. The contact to us via the provided contact form is therefore a secure communication from a technical point of view.

7.3 Video integration

As far as you can watch videos on our websites, which are marked as external links to third-party websites, this happens exclusively via the technique of linking to the respective referenced website or to a video portal of a third-party provider. There, these videos are stored in the data protection responsibility of the respective third-party provider. The respective referenced website or the respective video portal is thus not directly embedded in our websites. This ensures that information of the user is not transmitted to the portal when loading the website on which the video is integrated. It is also ensured that cookies or similar technologies for tracking user activities of the portals or their advertising partners cannot be set on your end device via the mere linking. Only after your conscious clicking on the video preview image a connection to the portal of the third-party provider is established and the associated data processing is triggered. This and the possible data processing of your user data on the linked portal then happens however exclusively by your wish to see the video there. The data processing triggered by this is beyond our control and is subject to the responsibility of these third-party providers, who inform more or less extensively about their data processing. If you do not agree with the data processing by the third party, please do not click on the video preview image.

B Special Information

Special right of objection according to Art. 21 para. 1 DS-GVO

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which is based on Article 6 (1) letter f DS-GVO (processing for the purposes of the legitimate interests of us or of a third party). You can address your objection to the address in section 1.1.

We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights and freedoms of the data subject, or the processing serves us to assert, exercise or defend legal claims.

In the event of your objection, you must explain to us your possible interests (your “particular situation”) in detail, so that we can carry out a renewed balancing of interests. If our interests in further storage do not outweigh, the personal data that were stored in the course of contacting us will be deleted. If they still outweigh, the data processing by us will be continued.

Status: October 2023