Sie sind hier

Privacy notice

General

The persons and organisation named in the company details and legal notification at the end of this document Impressum are responsible for the content of this privacy notice.

We only ever collect data that are either legally or contractually required or necessary to the performance of a contract or data which are essential to the successful completion of projects. We only collect data which exceed these restrictions (e.g. for marketing purposes or to maintain customer contacts) if we have received a specific declaration of consent from you granting us permission to do so. As we only offer our services commercially to business partners, such personal data are restricted to contact data and essential content relating directly to our products and services. In certain cases, such as the use of photos, individual persons may be affected.

Contact data includes:

  • name
  • business address (in certain cases the home address)
  • place of work/department
  • business telephone number (in certain cases the private number)
  • fax number (in certain cases the private fax number)
  • email address (in certain cases the private address)

Data processing for the performance of a contract

For the purposes of contract performance, we process data in accordance with GDPR Art. 6 Par. 1, (b). This includes all associated customer services.
If necessary, personal data are made available to third parties involved in the completion of the contract (e.g. banks for invoicing purposes, tax advisors).

Data processing to protect legitimate interests

We process your date to enable us to satisfactorily complete projects. Such processing is done in accordance with GDPR Art. 6 Par. 1 (f) and purely in the interest of providing the services you contracted us to carry out.

Duration of processing

The data you provide will be processed as long as they are required for the satisfactory performance of contractually agreed aims and, in any case, as long as a contractual relationship continues. Upon termination of the contractual relationship, the data you provide will continue to be processed to comply with legally required storage periods or based on our legitimate interests. At the end of the legally required storage period and/or when our legitimate interests expire, your data will be deleted.

Anticipated storage periods and duration of our legitimate interests:

  • To comply with commercially and fiscally required storage periods and those required by professional associations: The periods for storage or record keeping stated in these cases are between two and ten years.
  • Storage of evidence in accordance with periods of limitation: Paragraph §§ 195 ff. of the German Civil Law Code states that such periods of limitation can extend to 30 years though, generally speaking, a period of three years applies.

Processing based on consent

If you grant us consent to process data in accordance with GDPR Art. 4 (11) and Art. 7 (e.g. for the purposes of maintaining customer relations or to enable us to inform you by telephone or email about our products and services), these data will be processed in accordance with GDPR Art. 6. Par. 1 (a). You can withdraw your consent at any time. Such a withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. If we receive such a withdrawal of consent we will stop processing the data in question.

You have the right to object to the processing of your data. More information can be found below under “Rights of the data subject”. There are no negative consequences resulting from withholding consent. However, if certain data are not provided, this may, in individual cases, lead to difficulties or delays in communication.

Data recipients

We only transmit your data to third parties (e.g. banks for invoicing purposes, tax advisors) if appropriate consent (in line with the statutory framework outlined above) has been granted by you to allow such transmission.

We may transmit your data to external service providers (e.g. IT service providers, data disposal and archiving companies, printing service providers). Such companies will be strictly bound within the terms of the contract between us to follow our instructions with respect to your data.

We will neither sell your personal data to third parties nor use them for marketing purposes.

Privacy notice for users of our homepage

We are delighted to welcome you to our homepage and would like to tell you what happens to your data. In these cases we handle your data in compliance with GDPR Art. 13.

Privacy and data protection in our company

The persons and organisation named in the company details and legal notification  Impressum at the end of this document are responsible for the following description of how we collect and process your data.

Storing your IP address

We store the IP address transmitted by your browser for a period of seven days for the purposes of identifying, limiting and eliminating attacks on our website. After the expiry of this period we delete or anonymise your IP address. This is done in accordance with GDPR Art. 6 Par. 1 (f).

Usage data

When you use our website, our server will store so-called temporary usage data in a computer log. We do this for statistical reasons in order to improve the quality of our website. This dataset consists of:

  • the site from which the file was requested
  • the name of the file
  • the date and time of the request
  • the volume of data transmitted
  • the access status (file transmitted, file not found)
  • the type of browser used
  • the IP address of the computer which requested the files which is recorded in shortened form so that it cannot be traced to an individual person

The above-mentioned usage data are stored in an anonymised form.

Data transmission to third parties

We will not transmit your data to third parties.

Cookies

We use cookies on our website. Cookies are short text files which are stored on your device and which can be read by it. There are two types of cookies; session cookies which are deleted when you close your browser and permanent cookies which are stored after each session. Cookies can contain data which allow the device to be identified. Mostly, however, cookies only record data about certain settings which cannot be traced back to an individual person.

On our website we use session cookies which are processed in accordance with GDPR Art. 6 Par. 1 (f) to help us improve the user-friendliness of the site and the attractiveness of our internet presence.

You can set your browser to inform you about the storage and use of cookies. This makes the use of cookies more transparent for you. You can delete cookies at any time using the appropriate browser function and also prevent new cookies being stored or used. Please, however, note that if you do this, some features of our website may not work and you may not be able to view all pages satisfactorily.

Social media plug-ins

For reasons of privacy and data protection we do not use any social media plug-ins in our website so, when you visit our website no data will be transmitted to social media services such as Facebook, Twitter, XING or Google+. This means that third parties cannot carry out profiling of your internet activities.

Data security

We implement technical and organisational measures to provide the best possible protection from unwanted and unauthorised access to your data. Such measures include the encryption of data. Any data transmitted from your device to our server and vice-versa is protected using TLS encryption. The status bar on your browser will indicate the use of encryption by showing the closed lock symbol and the address in the address line will start with https://.

Your rights

Under the General Data Protection Regulation you have certain rights with respect to the processing of your personal data:

  1. Right of access (GDPR Art. 15):
    You have the right to demand confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, you have the right to access the personal data and the information as detailed in GDPR Art. 15.
  2. Right to rectification and erasure (GDPR Arts. 16 and 17):
    You have the right to demand, without undue delay, the rectification of any inaccuracies in your personal data. You also have the right to have incomplete personal data completed. Moreover, you also have the right to demand the erasure, without undue delay, of your personal data if any of the reasons listed in GDPR Art. 17 apply such as, for example, if the data are no longer necessary for the purposes for which they were collected.
  3. Right to restriction of processing (GDPR Art. 18):
    You have the right to demand the restriction of processing if any of the reasons listed in GDPR Art. 18 apply such as, for example, if you have objected to the processing. Such restriction applies until any review of the case has been completed.
  4. Right to data portability (GDPR Art. 20):
    In certain cases which are listed GDPR Art. 20, you have the right to demand that personal data relating to you is transmitted to you in a structured, commonly used and machine-readable format or, if required, to a third party.
  5. Right to object (GDPR Art. 21):
    You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data collected in accordance with GDPR Art. 6 Para. 1 (e) or (f). In such cases, we will stop processing these data unless a) compelling legitimate grounds for continued processing can be demonstrated which override your interests, rights and freedoms or b) continued processing is essential for the establishment, exercise or defence of legal claims.
  6. Right to lodge a complaint with a supervisory authority:
    You have the right, in accordance with GDPR Art. 77, to lodge a complaint with a supervisory authority if you consider that the processing of data relating to you is in infringement of the General Data Protection Regulation. Such a complaint can, in particular, be lodged with a regulatory authority in the member state where you normally live, have your place of work or where the alleged infringement took place.
    For the German Federal State of Lower Saxony, the applicable regulatory authority is:

    Data Protection Commission of Lower Saxony,
    Prinzenstraße 5, 30159 Hannover
    Telefon: +49 511 120-4500
    Telefax: +49 511 120-4599
    E-Mail: poststelle@lfd.niedersachsen.de

Note on GDPR Art. 21 and your right to object

If personal data are collected on the basis of GDPR Art. 6 Abs. 1 (e) (data processing for the performance of tasks in the public interest or for the protection of public interests) or (f) (data processing to protect legitimate interests) then you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you collected in accordance with GDPR Art. 6 Para. 1 (e) or (f). In such cases, we will stop processing these data unless a) compelling legitimate grounds for continued processing can be demonstrated which override your interests, rights and freedoms or b) continued processing is essential for the establishment, exercise or defence of legal claims. Please address your complaint to:

Arbeitsgruppe für regionale Struktur- und Umweltforschung GmbH
Escherweg 1, 26121 Oldenburg

Contact:
Dr. Marc Reichenbach
Elith Wittrock

phone: ++49 441 97174 – 97
fax: ++49 441 97174 – 73

e-mail: info@arsu.de
privacy and data protection contact: datenschutz@arsu.de