Privacy Policy
Protecting your privacy is very important to us. Below, we provide detailed information about how we handle your data.
Additions to the Privacy Policy in accordance with the GDPR as of May 25, 2018
Data Protection Officer
Christian Gerber
Königsallee 27
40212 Düsseldorf
Information on the Processing of Personal Data
1. Terms and Definitions
(1) The terms used, such as “personal data,” “processing,” or “controller,” correspond to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
(2) If you visit or use our online offering, you are a “data subject” within the meaning of data protection regulations.
(3) “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
(4) “Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
(5) The “controller” is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
2. Types of Data and Purposes of Processing
We process inventory and master data (e.g., names, addresses), contact data (e.g., email, phone numbers), usage data (e.g., visited websites, interest in content, access times), as well as meta/communication data (e.g., device information, IP addresses) for the purpose of using our online offering (including functions and content), for contract initiation and fulfillment, for responding to contact inquiries and communication with you as a user, and for security measures.
3. Legal Bases for Processing Personal Data
In accordance with Article 13 GDPR, we inform you about the legal bases of our data processing. Unless otherwise specified, the following applies: Consent is obtained based on Article 6(1)(a) and Article 7 GDPR; processing of personal data for the performance of our services and execution of contractual measures as well as responding to inquiries is based on Article 6(1)(b) GDPR; processing for compliance with our legal obligations is based on Article 6(1)(c) GDPR; processing for the purposes of our legitimate interests is based on Article 6(1)(f) GDPR.
4. Disclosure of Your Personal Data to Third Parties
(1) If, in the course of processing, we disclose, transmit, or otherwise grant access to personal data to third parties, this is done on the basis of legal permission, your consent, a legal obligation, or our legitimate interests (e.g., when using agents or web hosts).
(2) If we commission third parties to process data on the basis of a so-called “data processing agreement,” this is done in accordance with Article 28 GDPR.
5. Transfers of Personal Data to Third Countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)), or if this occurs in the context of using third-party services or disclosure/transmission of data to third parties, we only process data in a third country if the special requirements of Articles 44 et seq. GDPR are met. This means processing is based, for example, on special guarantees, such as an officially recognized level of data protection equivalent to that of the EU (e.g., for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
6. Your Rights as a Data Subject
(1) You have the right to:• Request information about your personal data processed by us (Art. 15 GDPR), including processing purposes, categories of personal data, recipients, planned storage period, existence of rights to rectification, erasure, restriction of processing or objection, existence of a right to complain, origin of your data if not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;• Request the immediate correction of inaccurate or completion of your personal data stored by us (Art. 16 GDPR);• Request the deletion of your personal data stored by us (Art. 17 GDPR), unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;• Request the restriction of processing of your personal data (Art. 18 GDPR) if you contest the accuracy of the data, the processing is unlawful but you oppose its erasure, we no longer need the data but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing (Art. 21 GDPR);• Receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or request transmission to another controller (Art. 20 GDPR);• Withdraw your consent at any time (Art. 7(3) GDPR), which means we may no longer continue the data processing based on this consent in the future;• Lodge a complaint with a supervisory authority (Art. 77 GDPR). You can usually contact the supervisory authority at your habitual residence, place of work, or our business location.
(2) If your personal data is processed on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided there are reasons arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without specifying a particular situation. If you wish to exercise your right of withdrawal or objection, simply send an email to info@transaction-partners.de
7. Deletion of Data
The data we process will be deleted or restricted in processing in accordance with Articles 17 and 18 GDPR. Unless otherwise specified, data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted, e.g., by blocking.
8. Contact
If you contact us (e.g., via contact form, email, telephone, or social media), your information will be processed to handle the contact request and its processing in accordance with Art. 6(1)(f) GDPR. We store your information for the duration of our communication with you until your inquiry is resolved. We delete your inquiry and personal data unless it is no longer required. This is only deviated from if another legal basis of Art. 6 GDPR applies (e.g., your consent for further use or within the context of a contractual relationship).
9. Provision of the Website and Creation of Log Files
(1) Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. This is done for marketing purposes, to analyze user behavior, to ensure security, and to guarantee and improve the functionality of our web presence. The following data is collected: information about the browser type and version used, the user’s operating system, the user’s internet service provider, the user’s IP address, date and time of access, websites from which the user’s system accesses our website, websites accessed by the user’s system via our website.
(2) The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
(3) The legal basis for the temporary storage of data and log files is Art. 6(1)(f) GDPR.
(4) The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.
(5) The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session is ended.
(6) The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Therefore, there is no possibility for the user to object.
10. Cookies
Our website uses cookies. These are small text files that allow specific, user-related information to be stored on the user’s device while using the website. Cookies make it possible, in particular, to determine the frequency of use and number of users of the pages, to analyze user behavior, and to make our offering more user-friendly. Cookies remain stored beyond the end of a browser session and can be recalled when you revisit the site. If you do not wish this, you should set your internet browser to refuse the acceptance of cookies.
11. Email Contact
(1) If you contact us via email, the personal data transmitted with the email will be stored. The processing of personal data serves solely to handle the contact. In this context, there is no disclosure of data to third parties. The data is used exclusively for processing the conversation with you.
(2) The legal basis for processing data transmitted via email is Art. 6(1)(f) GDPR. If the email contact aims to conclude a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR.(3) The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case when the respective conversation with the user is finished. The conversation is finished when it can be inferred from the circumstances that the relevant matter has been conclusively clarified.(4) The user can revoke their consent to the processing of personal data at any time. If the user contacts us via email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. Please send an email or contact us by phone or in writing using the contact details above. All personal data stored in the course of contacting us will be deleted in this case.
12. Data Processing by Hosting Provider
(1) Our website is hosted by the internet provider checkdomain. Their privacy policy can be found [here].
(2) The hosting services we use serve to operate this online offering and thus provide the following services: computing capacity, storage space, database services, technical security, and maintenance.(3) In this context, we or our hosting provider, as our data processor, process inventory data, contact data, content data, usage data, meta, and communication data of visitors to our online offering on the basis of our legitimate interest in providing our online offering in accordance with Art. 6(1)(f) GDPR.
13. Communication via Facebook
(1) We maintain an online presence on the social network “Facebook” to communicate with interested parties and inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing policies of the provider apply. Our website contains a reference (link) to the social network Facebook, identified by the Facebook logo.
(2) So-called social plugins are not used on our site, i.e., no data is transmitted to Facebook unless you explicitly follow the corresponding link.
(3) If you follow the link, your browser establishes a connection to the social network. Data such as your IP address is transmitted, so that your visit to our site may be associated with your existing user account on the social network. You can prevent this association by logging out of your respective user account on Facebook before clicking the link.
(4) For the purpose and scope of data collection and processing by Facebook, as well as your rights and settings options for protecting your privacy, please refer to the provider’s privacy policy.
(5) We only process your data within the scope of communication with you on the social network.
14. Data Security
(1) We use the widespread SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser when you visit our website. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
(2) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.