Data Privacy – FindWord SoftwareThank you for your interest in my internet website. I place great value on the protection of your data and privacy. Here I inform you, the user, about the kinds of data, the extent and purpose of the data collection and the usage of personal data on this website by myself, the data controller. With regard to the terminology used, e.g. "controller" or "processor", please refer to the definitions in Article 4 General Data Protection Regulation (GDPR). Data Controller, Data Protection OfficerResponsible authority according to the Data Protection Laws, in particular the EU-General Data Protection Regulation, (GDPR) is: Andreas Rippich E-Mail:
I do not have an appointed representative or data protection officer. 1. Data protectionLegal basisMy privacy and data protection policy is based on the General Data Protection Regulation (GDPR) of the European Union. For German citizens and authorities it is extended by the new version of the Bundesdatenschutzgesetzes (BDSG). Both laws came into force on the 25. May 2018. Which data is protected?Article 4 GDPR and § 46 BDSG both define data to be protected as: any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This also includes IP addresses and content data such as comments on blog articles. Your rights as data subjectBy way of the above contact data you may exercise the following rights at any time:
2. Personal data gathered by this websiteVoluntary input by way of this websiteEstablishment of contactOur exchange of emails contains personal data. This data will be used and recorded solely for the purpose of dealing with your concern or for the establishment of contact and the related technical administration. The legal basis for my processing of your data is my legitimate interest in dealing with your concern in accordance with Article 6 Section 1 Clause f GDPR. If the conclusion of a contract is at issue, a further legal basis for processing is Article 6 Section 1 Clause b GDPR. The data provided by you remains with me until you request its deletion, revoke your consent to the recording of the data, or the need for the data recording lapses. Mandatory legal provisions - especially retention periods - retain precedence. Duration of data storageThe criteria for the duration of data storage differ for the various types of data. Please refer to the relevant sections and the paragraph "business-related processing" below. TrackingTracking in this context means recording activities of a specific user, e.g. how a user navigates through a website, what she/he downloads or buys, and when she/he revisits the website. When large, centralised services such as Google Analytics are used for this purpose, the possibility for the service provider to track a particular persons activities across many websites arises. I find this kind of tracking excessive and disrespectful - although it legally counts as a "legitimate interest" of the website provider in accordance with the GDPR. This website does not use tracking software. Webserver LogsTo repel so called hacker attacks and to respond to fraudulent access, the software which answers website data requests ("webserver") logs its actions in protocol files ("log files"). This infrastructure is a part of web hosting, located at a deeper level than the website itself. The storing of data in these files occurs in accordance with Article 6 Section 1 clause f. GDPR, based on my legitimate interest concerning the reliable functioning of the website. The log files contain the following information for every access:
*Provided you have not suppressed these values via browser settings or browser plugin. This website is hosted within the framework of a web hosting package of a well-known hosting service provider. The IP-addresses in the webserver logs are noted in an anonymous form, so that the log files do not contain personally identifiable information. Providing your personal data to othersI do not pass on any personal data to third parties for processing, nor for any other reason. Accordingly no transfer of personal data to third countries occurs. External contract data processorI (see above), as data controller for this website, am allowed to commission the processing of your personal data by third parties on my behalf, and subject to requirements. This is regulated in Article 28 GDPR, which terms such a third party the "processor". There can be no data processor for my website, since no personal data is located thereon. Business related data processingIn the normal course of administering my business, much more personally identifiable information (PII) accumulates than through the use of this website. Here are some examples: Contracts, billing, bookkeeping, and in notes, documents and emails. The storage duration of PII is regulated primarily by any applicable laws, such as commercial and tax laws. After the mandated period has expired, I routinely delete that data - provided that it is no longer required to fulfill or solicit for a contract, and/or I have no further legitimate interest to retain it. According to German law, I must retain all bookkeeping data for 10 years. After they have expired, I destroy them. If you cannot agree to this, then I am legally not able to work for you. Your personal data cannot be accessed by third parties, as I have implemented technical and organisational safeguards to prevent this. Nor will they be provided to any third parties, except in case of legal neccessity. 3. Further topicsCookiesA cookie is a small package of data originating from a website, which your browser deposits on your computer on behalf of that website. Every time your browser requests a particular web page, it sends any cookies (name and content), which originated from that pages website, along with the request. Cookies may contain many sorts of information, e.g. choice of viewing language, shopping cart contents, or a requirement not to be tracked. A cookie may be valid only until the browser is closed, or for a specifiable period of time (e.g. 3 months, 1 year). Cookies which are to be deleted when the browser is closed, effectively temporary information, are termed "Session-Cookies". Cookies set by the website of a page being viewed are called first-party cookies. The most problematical types of cookie from the viewpoint of data privacy are, however, so called third-party cookies. These are not set by the website visited, but by another website which the page visited has called in the background. The most widely known example of this is Google Analytics, but there are many others. This website does not use any cookies. Privacy policy changesI may update my privacy policy from time to time, to (a) ensure that it matches new legal requirements, and (b) to cover changes made to the technologies used by the website. For future visits the only valid version of the privacy policy is the one online at that time. |