Datenschutz - PRYME|Solutions

# Privacy Policy

This privacy policy informs you about the type, scope, and purpose of processing personal data (hereinafter referred to as „data“) within our online service and its associated websites, functions, and content, as well as external online presences, such as our social media profiles (collectively referred to as „online service“). Regarding the terms used, such as „processing“ or „controller,“ we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

## Controller

PRYME|Solutions

Kappel, Tim
Am Winterhafen 24
55131 Mainz
Germany

Owner and Founder: Tim Kappel

## Types of Data Processed

– Inventory data (e.g., names, addresses)
– Contact data (e.g., email, phone numbers)
– Content data (e.g., text entries, photographs, videos)
– Usage data (e.g., websites visited, interest in content, access times)
– Meta/communication data (e.g., device information, IP addresses)

## Categories of Data Subjects

Visitors and users of the online service (hereinafter collectively referred to as „users“).

## Purpose of Processing

– Provision of the online service, its functions, and content
– Responding to contact requests and communication with users
– Security measures
– Reach measurement/Marketing

## Terms Used

„Personal data“ means any information relating to an identified or identifiable natural person (hereinafter „data subject“); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

„Processing“ means any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and encompasses practically any handling of data.

„Controller“ means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

## Relevant Legal Bases

In accordance with Article 13 GDPR, we inform you about the legal bases of our data processing. Unless the legal basis is mentioned in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 GDPR, the legal basis for processing to fulfill our services and implement contractual measures and respond to inquiries is Article 6(1)(b) GDPR, the legal basis for processing to fulfill our legal obligations is Article 6(1)(c) GDPR, and the legal basis for processing to protect our legitimate interests is Article 6(1)(f) GDPR. In case vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

## Cooperation with Processors and Third Parties

If we disclose data to other persons and companies (processors or third parties) as part of our processing, transmit it to them, or otherwise grant them access to the data, this will only be done based on legal permission (e.g., if transmission of the data to third parties, such as payment service providers, is necessary for contract fulfillment pursuant to Article 6(1)(b) GDPR), if you have consented, if a legal obligation provides for this, or based on our legitimate interests (e.g., when using agents, web hosts, etc.).

If we commission third parties to process data based on a so-called „data processing agreement,“ this is done based on Article 28 GDPR.

## Transfers to Third Countries

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosure or transfer of data to third parties, this will only take place if it is necessary to fulfill our (pre)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Article 44 ff. GDPR are met. That means the processing takes place, for example, based on special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU (e.g., for the USA through the „Privacy Shield“) or compliance with officially recognized special contractual obligations (so-called „standard contractual clauses“).

## Rights of Data Subjects

You have the right to request confirmation as to whether relevant data is being processed and information about this data as well as further information and copy of the data in accordance with Article 15 GDPR.

You have the right, in accordance with Article 16 GDPR, to request the completion of data concerning you or the correction of incorrect data concerning you.

You have the right, in accordance with Article 17 GDPR, to demand that relevant data be deleted immediately, or alternatively, in accordance with Article 18 GDPR, to demand restriction of the processing of the data.

You have the right to receive the data concerning you that you have provided to us in accordance with Article 20 GDPR and to request their transmission to other controllers.

Furthermore, you have the right to file a complaint with the competent supervisory authority in accordance with Article 77 GDPR.

## Right of Withdrawal

You have the right to withdraw granted consent pursuant to Article 7(3) GDPR with effect for the future.

## Right to Object

You can object to the future processing of data concerning you in accordance with Article 21 GDPR at any time. The objection may be made in particular against processing for direct marketing purposes.

## Cookies and Right to Object to Direct Marketing

„Cookies“ are small files that are stored on users‘ computers. Different information can be stored within the cookies. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after their visit within an online service. Temporary cookies, or „session cookies“ or „transient cookies,“ are cookies that are deleted after a user leaves an online service and closes their browser. In such a cookie, the contents of a shopping cart in an online shop or a login status can be stored. Cookies are referred to as „permanent“ or „persistent“ if they remain stored even after the browser is closed. For example, the login status can be saved if users visit it after several days. Similarly, users‘ interests can be stored in such a cookie, which is used for reach measurement or marketing purposes. Third-party cookies“ are cookies that are offered by providers other than the controller who operates the online service (otherwise, if they are only the controller’s cookies, they are referred to as „first-party cookies“).

We may use temporary and permanent cookies and clarify this as part of our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in their browser’s system settings. Stored cookies can be deleted in the browser’s system settings. The exclusion of cookies can lead to functional limitations of this online service.

A general objection to the use of cookies used for online marketing purposes can be declared for many of the services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that in this case, not all functions of this online service may be usable.

## Data Deletion

The data processed by us will be deleted or restricted in their processing in accordance with Articles 17 and 18 GDPR. Unless explicitly stated in this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory storage obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

According to legal requirements in Germany, storage is maintained in particular for 6 years pursuant to § 257(1) HGB (trading books, inventories, opening balance sheets, annual financial statements, trade letters, accounting documents, etc.) and for 10 years pursuant to § 147(1) AO (books, records, management reports, accounting documents, trade and business letters, documents relevant for taxation, etc.).

According to legal requirements in Austria, storage is maintained in particular for 7 years pursuant to § 132(1) BAO (accounting documents, receipts/invoices, accounts, vouchers, business papers, statement of income and expenses, etc.), for 22 years in connection with real estate, and for 10 years for documents in connection with electronically supplied services, telecommunications, radio and television services provided to non-entrepreneurs in EU member states and for which the Mini-One-Stop-Shop (MOSS) is used.

## Hosting

The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services, and technical maintenance services that we use for the purpose of operating this online service.

In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties, and visitors to this online service based on our legitimate interests in an efficient and secure provision of this online service pursuant to Article 6(1)(f) GDPR in conjunction with Article 28 GDPR (conclusion of data processing agreement).

## Collection of Access Data and Log Files

Based on our legitimate interests within the meaning of Article 6(1)(f) GDPR, we, or our hosting provider, collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

Log file information is stored for security reasons (e.g., to investigate abuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is required for evidential purposes is exempt from deletion until the respective incident is finally clarified.

## Contact

When contacting us (e.g., via contact form, email, telephone, or social media), the user’s information for processing the contact request and its handling pursuant to Article 6(1)(b) GDPR is processed. The user’s information may be stored in a Customer Relationship Management System („CRM System“) or comparable request organization system.

We delete the requests if they are no longer necessary. We review the necessity every two years; furthermore, the statutory archival obligations apply.

## Akismet Anti-Spam Check

Our online service uses the „Akismet“ service, which is offered by Automattic, Inc. 132 Hawthorne Street San Francisco, CA 94107, USA. The use is based on our legitimate interests within the meaning of Article 6(1)(f) GDPR. With the help of this service, comments from real people are distinguished from spam comments. For this purpose, all comment information is sent to a server in the USA, where it is analyzed and stored for comparison purposes for four days. If a comment has been classified as spam, the data will be stored beyond this time. This information includes the entered name, email address, IP address, comment content, referrer, information about the browser used as well as the computer system and the time of entry.

Automattic is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active).

More information about the collection and use of data by Akismet can be found in Automattic’s privacy policy: https://automattic.com/privacy/.

Users are welcome to use pseudonyms or refrain from entering their name or email address. You can completely prevent the transfer of data by not using our comment system. That would be a shame, but unfortunately, we see no alternatives that work just as effectively.

## Jetpack (WordPress Stats)

We use the Jetpack plugin (specifically the „WordPress Stats“ subfunction) based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online service within the meaning of Article 6(1)(f) GDPR), which incorporates a tool for statistical evaluation of visitor access and is provided by Automattic, Inc. 132 Hawthorne Street San Francisco, CA 94107, USA. Jetpack uses cookies, which are text files stored on your computer and enable an analysis of your use of the website.

The information generated by the cookie about your use of this online service is stored on a server in the USA. User profiles can be created from the processed data, whereby these are only used for analysis purposes and not for advertising. Further information can be found in Automattic’s privacy policy: https://automattic.com/privacy/ and information about Jetpack cookies: https://jetpack.com/support/cookies/.

## Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC („Google“), based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online service within the meaning of Article 6(1)(f) GDPR). Google uses cookies. The information generated by the cookie about the use of the online service by users is usually transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online service by users, to compile reports on the activities within this online service, and to provide us with other services related to the use of this online service and internet usage. In this process, pseudonymous usage profiles of users may be created from the processed data.

We only use Google Analytics with IP anonymization activated. This means that the IP address of users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user’s browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and related to their use of the online service and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en or by clicking on this link to deactivate tracking with Google Analytics.

Further information about Google’s data usage, settings and opt-out options can be found on Google’s websites: https://www.google.com/intl/en/policies/privacy/partners („How Google uses data when you use our partners‘ sites or apps“), http://www.google.com/policies/technologies/ads („Data usage for advertising purposes“), http://www.google.com/settings/ads („Manage information Google uses to show you ads“).

## Online Presence in Social Media

We maintain online presences within social networks and platforms to communicate with customers, interested parties, and users active there and to inform them about our services. When calling up the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process users‘ data if they communicate with us within the social networks and platforms, e.g., write posts on our online presences or send us messages.

## Google Fonts

We incorporate the fonts („Google Fonts“) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Created with Privacy Policy Generator by Attorney Dr. Thomas Schwenke

Links

PRYME|Solutions

Follow us on Facebook