We appreciate your interest in our online offering. We attach paramount importance to data protection and therefore inform you below under which conditions this website (the-venturer.com) may be used.
The service provider within the meaning of Section 13 of the German Telemedia Act (TMG) and the controller within the meaning of Article 4(7) of the General Data Protection Regulation (GDPR) is Möller Theobald Jung Zenger Rechtsanwälte Notare Wirtschaftsprüfer Steuerberater Partnerschaftsgesellschaft mit beschränkter Berufshaftung.
Further information is available under “Imprint”.
Our Privacy Notice is based on the terminology used by the European legislature when adopting the GDPR. It is intended to be easily readable and understandable for the public as well as for our clients and business partners. To ensure this, we set out below certain terms used herein and derived from the GDPR that are of particular relevance.
We use, inter alia, the following terms in this Privacy Notice:
We use, inter alia, the following terms in this Privacy Notice:
a) Personal Data
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Verarbeitung ist jeder mit oder ohne Hilfe automatisierter Verfahren ausgeführte Vorgang oder jede solche Vorgangsreihe im Zusammenhang mit personenbezogenen Daten wie das Erheben, das Erfassen, die Organisation, das Ordnen, die Speicherung, die Anpassung oder Veränderung, das Auslesen, das Abfragen, die Verwendung, die Offenlegung durch Übermittlung, Verbreitung oder eine andere Form der Bereitstellung, den Abgleich oder die Verknüpfung, die Einschränkung, das Löschen oder die Vernichtung.
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
“Pseudonymization” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
i. Third party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Our website may generally be visited without registration.
In this context, data such as the pages accessed or the name of the file retrieved, date and time, are stored on the server for statistical purposes, as well as information in the server log files transmitted by the browser, provided you have not disabled such transmission. The latter include, for example, the IP address of the requesting computer, the HTTP response code, the website from which you visit us, the time of the server request, as well as the browser type, browser version and operating system of the requesting computer. No personal evaluation of the server log files is carried out. These data cannot be assigned to specific persons at any time by the provider. No consolidation of these data with other data sources is undertaken. Personal data—particularly name, address or e-mail address—are collected, where possible, on a voluntary basis and processed solely for the purpose for which you provided the data to us. The legal basis for processing these data is Article 6(1) sentence 1 point (f) GDPR.
Beyond this, for example for the transmission of advertising, we will collect, process or use your data only within the framework of statutory provisions or with your explicit consent. Where you declare such consent electronically within our online offering, we comply with the statutory information obligations and log your consent by appropriate technical systems.
Furthermore, the website provides the possibility to contact us. The personal data transmitted to us will be used exclusively for processing the respective inquiries. The legal basis for processing the described data is Article 6(1) point (a) and/or point (b) GDPR.
No data will be passed on to third parties without your consent or a corresponding legal obligation. Where third parties are involved in processing operations, the provisions of the BDSG (German Federal Data Protection Act) and the GDPR are observed. Service providers are carefully selected by us and are bound to data secrecy.
Personal data communicated to us via our website will be stored only for as long as necessary to achieve the purpose for which they were entrusted to us. Certain data may be retained for up to 10 years where commercial and tax law retention periods must be observed. Otherwise, we ensure that your data are deleted at all times in accordance with the statutory provisions of the BDSG / GDPR.
Our website uses cookies. These are small text files that enable specific, user-related information to be stored on the user’s end device while the website is being used. Cookies make it possible, in particular, to determine the frequency of use and number of users of the pages, to analyze usage behavior on the site and to make our offering more user-friendly. Cookies remain stored beyond the end of a browser session and can be retrieved again upon a subsequent visit. Cookies do not cause any damage and do not contain any personal data. If you do not wish this, you should configure your internet browser to refuse the acceptance of cookies. If cookies are disabled, the functionality of this website may be restricted. The legal basis for processing personal data using technically necessary cookies is Article 6(1) point (f) GDPR, and, where consent has been given, Article 6(1) point (a) GDPR.
Our website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To deactivate Google Analytics, Google provides a browser plug-in at http://tools.google.com/dlpage/gaoptout?hl=de. Google Analytics uses cookies, i.e., small text files that enable the storage of specific, user-related information on the user’s device. These allow Google to analyze usage of our website offering. The information generated by the cookie regarding your use of our pages (including your IP address) is generally transmitted to a Google server in the USA and stored there. We point out that Google Analytics on this website has been extended by the code “gat._anonymizeIp();” to ensure anonymized collection of IP addresses (so-called IP masking). Where anonymization is active, Google truncates IP addresses within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area, so that your identity cannot be inferred. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google complies with the data protection provisions of the EU–US “Data Privacy Framework” and is registered with the U.S. Department of Commerce. Google uses the collected information to evaluate the use of our websites, to compile reports for us and to provide other services to us relating to website activity. For more information, see http://www.google.com/intl/de/analytics/privacyoverview.html. You can disable collection by Google Analytics via: http://tools.google.com/dlpage/gaoptout?hl=de.
We use Google Maps on our website. This is also a service of Google Inc. as referred to under section 5 above, enabling us to display interactive maps directly on the website. You can use the map function directly.
By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. The data referred to in section 2 of this notice are also transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data are directly associated with your account. If you do not wish association with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and, to our knowledge, uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation is carried out in particular (even for users who are not logged in) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; to exercise this right, you must contact Google.
Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the provider’s privacy policies. There you will also find further information about your rights in this regard and settings options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU–US “Data Privacy Framework” (https://www.dataprivacyframework.gov/s/).
We use external fonts, Google Web Fonts, on our website. This is also a service of Google Inc. as referred to under section 5 above. The integration of these web fonts is effected by a server call, generally to a Google server in the USA. In doing so, the server is informed that you have visited our website. The IP address of the browser on the visitor’s device is also stored by Google.
The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or where provided for by the European legislature or another legislator in laws or regulations to which the controller is subject.
If the storage purpose ceases to apply or a statutory storage period expires, the personal data are routinely blocked or erased in accordance with the statutory provisions.
Right to Rectification
You have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning you and to have incomplete personal data completed.
Right of Access
Every data subject has the right to obtain from the controller at any time, free of charge, information about the personal data stored concerning him or her and to receive a copy of such information. Furthermore, the European legislature has granted the data subject access to the following information
The data subject also has the right to be informed whether personal data have been transferred to a third country or to an international organization. Where this is the case, the data subject has the right to be informed of the appropriate safeguards relating to the transfer.
To exercise the right of access, the data subject may contact our data protection officer or another employee of the controller at any time.
Right to Erasure
Every data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the following grounds applies and insofar as the processing is not necessary:
Where one of the above grounds applies and a data subject wishes to request the erasure of personal data stored by us, he or she may contact our data protection officer or another employee of the controller at any time. The data protection officer or another employee will arrange for the request to be complied with without delay.
Where we have made personal data public and are obliged as controller pursuant to Article 17(1) GDPR to erase the personal data, we, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data, insofar as processing is not necessary. Our data protection officer or another employee will take the necessary steps in the individual case.
Right to Restriction of Processing
Every data subject has the right to obtain from the controller restriction of processing where one of the following applies:
To request restriction of processing, the data subject may contact our data protection officer or another employee of the controller at any time. The data protection officer or another employee will arrange for restriction of processing.
Right to Data Portability
Every data subject has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format, and has the right to transmit those data to another controller without hindrance, where the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and the processing is carried out by automated means, insofar as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
In exercising the right to data portability pursuant to Article 20(1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and where the rights and freedoms of others are not adversely affected.
To assert the right to data portability, the data subject may contact our data protection officer or another employee at any time.
Right to Object
Every data subject has the right, on grounds relating to his or her particular situation, to object at any time to processing of personal data concerning him or her which is based on Article 6(1)(e) or (f) GDPR; this also applies to profiling based on those provisions.
We shall no longer process the personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves the establishment, exercise or defense of legal claims.
Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing; this applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to processing for direct marketing purposes, we shall no longer process the personal data for such purposes.
The data subject also has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
To exercise the right to object, the data subject may contact our data protection officer or another employee directly. The data subject is further free, in the context of the use of information society services and notwithstanding Directive 2002/58/EC, to exercise his or her right to object by automated means using technical specifications.
Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right pursuant to Article 77 GDPR to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The competent supervisory authority is the Hessian Commissioner for Data Protection and Freedom of Information, G.-Stresemann-Ring 1, 65189 Wiesbaden.
Automated Individual Decision-Making, Including Profiling
Every data subject has the right not to be subject to a decision based solely on automated processing—including profiling—which produces legal effects concerning him or her or similarly significantly affects him or her, unless the decision (1) is necessary for entering into, or performance of, a contract between the data subject and the controller; or (2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests; or (3) is based on the data subject’s explicit consent.
Where the decision (1) is necessary for entering into or performance of a contract between the data subject and the controller or (2) is based on the data subject’s explicit consent, we shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.
To assert rights in relation to automated decisions, the data subject may contact our data protection officer or another employee of the controller at any time.
Right to Withdraw Consent
Every data subject has the right to withdraw consent to the processing of personal data at any time.
To exercise the right to withdraw consent, the data subject may contact our data protection officer or another employee of the controller at any time.
For the purpose of administering an application procedure, applicant data are recorded, stored and processed electronically. This is particularly the case where the application is submitted electronically, for example by e-mail. Should an employment contract be concluded, the data will continue to be recorded and stored in your personnel file by us for customary organizational and employment purposes, in compliance with statutory provisions. If no employment contract is concluded with the applicant, the applicant data will be automatically deleted from the database after notification of rejection, unless specific statutory conditions—such as the burden of proof under the German General Equal Treatment Act (AGG)—require longer storage, or you have expressly consented to longer storage in the application procedure.
The controller’s data protection officer pursuant to Article 37 GDPR is:
Mr. Attorney-at-Law Frank Eckerkunst
c/o ITWerk Giessen GmbH*
Siemensstrasse 7
35394 Giessen
Deutschland
Tel.:+49 641 96993-2611
E-Mail: eckerkunst@itwerk-giessen.de
Website:www.itwerk-giessen.de
* Information regarding insurance:
Professional indemnity insurance:
A financial loss liability insurance policy exists with:
Hiscox Insurance Company Ltd.
Branch for the Federal Republic of Germany
Arnulfstraße 31
80636 Munich
Territorial scope of insurance: Europe
Insured activity: Data Protection Officer
Sum insured (financial loss liability): EUR 1,000,000.
Changes in the legal situation or case law, as well as adjustments to our business model, may necessitate amendments to this Privacy Notice. We therefore reserve the right to amend this Privacy Notice at any time. You may request the currently applicable Privacy Notice from us at any time or retrieve it under “Data Protection”.