This data protection declaration gives you an overview of the processing of your personal data in the context
of the use of the offers and online
you about your rights and the
possibilities to control your personal data and to protect your privacy.
Responsible for data processing is GREEN WINDOW SERVICES GMBH, represented by its managing director Marco Voigt, Münzstraße 15, 10178 Berlin, Germany, Registergericht Amtsgericht Berlin Charlottenburg, Handelsregisternummer HRB 167304 B. This company is also meant if the terms „we“, „us“ or „GREEN WINDOW AGENCY“ are used in the following.
You are not obliged by law or contract to provide us with the personal data specified in this data protection declaration. However, if you conclude a contract with us (for example, because you commission us to provide services), the transmission of the contractual information you provide to us is a basic prerequisite for the conclusion of a contract with us. In addition, you may not use the website or only to a limited extent if you do not provide us with certain data or object to the use of this data.
1. WHICH PERSONAL DATA WE PROCESS AND FROM WHICH SOURCES:
When we make our website available to you, we process personal data from various sources. On one hand, these are data that we automatically process for every visitor when the website is accessed. However, this may also include data that you have voluntarily provided to us.
Data that we automatically collect when you use our website:
As soon as you visit the website, you send technical information to our web servers, which we store in server log files. This happens independently of whether you contact us afterwards (for example via the contact form). In any case, we collect the following access and web access data (which we call „usage data“):
• Browser type and browser version
• operating system used
• referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address
We process the usage data to enable you to use the website and to ensure its functionality. In addition, we process the usage data to analyze the performance of the website, continuously improve the website and correct errors or personalize the content on the website for you. However, we also process usage data in order to guarantee IT security and the operation of our systems and to prevent or detect misuse, in particular fraud. These server log files are deleted after a maximum of 7 days.
We use these cookies to analyse web traffic, adapt services to our content and to promote confidence in and security of the website. In addition, we use first-party cookies to distinguish one user from another and to determine the total number of visitors to the website in connection with the log files of our web server. The data collected in this way helps us to receive the necessary feedback to constantly improve the website and to offer users a better service. We only use session cookies, i.e. they expire shortly after you have visited our website. We do not use permanent first-party cookies that remain on your device for a longer period of time. The legal basis is Art. 6 para. 1 lit. f DSGVO.
Only in exceptional cases is the complete IP address transmitted to a Google server in the USA and abbreviated there. If personal data is exceptionally transferred to the USA, the certification of Google according to the so-called „Privacy Shield Agreement“ between the EU and the USA (https://www.privacyshield.gov/participant?id=a2zt0000000000001L5AAI&status=Active) ensures a data protection level corresponding to the data protection level in the EU.
Data that you yourself transmit to us:
In addition to the data we receive from all visitors, we also process other data if you apply to participate in the GREENTECH FESTIVAL or take part in the voting or use the contact or newsletter form. Here we process the data requested with the respective contact form. We process this data in order to be able to process your request and will delete the data after your request has been processed, unless there are legal retention periods to the contrary.
You can also subscribe to our newsletter. If you give your separate consent, we will save your e-mail address for sending our newsletter. The cancellation of the newsletter by revoking your consent is possible at any time and can be done either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After deregistration, we delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.
2. THE PURPOSES FOR WHICH WE ALSO PROCESS YOUR DATA:
We have already informed you above for which purposes we process your data in individual cases. In addition, we may process your data for further purposes. This includes, for example, the disclosure of your personal data to third parties if we are legally obliged to do so, but also the assertion of legal claims on our part or the defence against legal disputes.
3. THE LEGAL BASIS FOR PROCESSING:
When processing your personal data, we rely on various legal bases in accordance with the so-called Basic Data Protection Ordinance, an EUwide legal framework for standardising data protection law („DSGVO“). These are in detail:
Your consent (Article 6(1)(a) DSGVO)
By filling out and sending our contact, application or newsletter form, you expressly agree to the data processing described in detail in this data protection declaration by ticking the box for your consent before sending the registration or contact form: If we process your data as part of the provision of your user account, it is therefore because you have consented to this.
Fulfilment of our contractual obligations towards you (Article 6 paragraph 1 b) DSGVO) At the same time, your data will also be processed for the provision of the website as part of the fulfilment of our contract with you. Accordingly, in most cases the processing is not only justified by your consent, but also because it is necessary for your contract to be concluded with us: If, for example, you send us an order enquiry via the website, it is necessary to store the contact data in order to carry out pre-contractual measures.
Our legitimate interests (Article 6(1)(f) DSGVO)
There are also cases in which we are entitled to process your data without your consent because it is necessary to protect our legitimate interests (or the interests of third parties). In this respect, the purposes described above for which we process your data also represent legitimate interests. This means that we may process the usage data necessary to guarantee the security of our IT systems or the operation, operability or improvement of our website in any case, even if you have not granted or revoked your consent to such processing.
Legal requirements (Article 6(1 c) DSGVO) or in the public interest (Article 6(1 e) DSGVO)
In addition, we are legally obliged to process certain data in individual cases in order to provide information to law enforcement authorities or tax authorities.
4. WHO WE SHARE YOUR INFORMATION WITH:
With the exception of the recipients described in more detail in this data protection declaration, we will not pass on your data to third parties. Insofar as the respective listed recipients of the data they process on our behalf, these recipients will process your data solely on our instructions and they have undertaken to comply with strict requirements for the security of your data.
We transfer your data to our hosting service provider „godaddy.com“, which enables us to provide the website.
5. DATA PROCESSING OUTSIDE THE EEA:
We do not transfer your access and account data to countries outside the EEA (so-called „third countries“). We do not host your data in third countries and all your data is located on the servers of our hosting service provider located in Germany].
In some cases, however, your data will be processed in third countries. This applies in particular to third party cookies provided by companies based in the United States. However, we will ensure that an adequate level of data protection is guaranteed at all times. We ensure that the data recipients are either certified according to the so-called „EU Privacy Shield“ (as with Google and Facebook) or that the so-called EU standard contractual clauses are included in our contracts with these providers in order to guarantee the security of processing and an appropriate level of data protection.
6. STORAGE TIME:
We process and store your personal data insofar as this is necessary to fulfil the purpose of processing and our contractual or statutory obligations. Therefore, we store the data for as long as our contractual relationship with you exists and after termination only to the extent and for as long as required by the law of the Federal Republic of Germany. If the remaining data is no longer required to fulfil legal obligations (e.g. in accordance with tax or commercial law), it will be regularly deleted when the respective processing purpose has been achieved (e.g. because the award ceremony has been carried out), unless further processing is necessary to preserve evidence or to defend against legal claims against us. For the preservation of evidence, for example, your IP address and the exact time of issue are required if you have given us your consent (e.g. to receive the newsletter).
7. USER PROFILES:
We do not use your data to create a user profile. This means that we will not use your information to provide you with a personalized website based on your personal preferences and interests and to provide you with customized offers based on your past behavior. We will also never process and analyse your personal data within the scope of this user profile in such a way that this leads to an automated decision that is legally effective for you or significantly impairs you in a similar manner.
8. YOUR LEGAL RIGHTS UNDER THE DSGVO:
You can assert the following rights against us within the scope of the DSGVO with regard to your personal data:
Your right to information in accordance with Article 15 of the DSGVO,
Your right to correction under Article 16 DSGVO,
Your right to cancellation Article 17 DSGVO,
Your right to limitation of processing under Article 18 DSGVO and
Your right to data transferability under Article 20 DSGVO.
You also have a right of appeal to the competent data protection supervisory authority (Article 77 DSGVO in conjunction with § 19 BDSG). You can also revoke your consent to the processing of your personal data at any time. This also applies to the revocation of declarations of consent that we received before the DSGVO became valid, i.e. before 25 May 2018. However, this revocation only applies to the future. Any processing that took place before the revocation remains unaffected by this.
Information on your right of objection under Article 21 DSGVO
1. right of objection in individual cases:
In addition to the rights already mentioned, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data based on Article 6 para. 1 e DSGVO (data processing in the public interest) and Article 6 para. 1 f DSGVO (data processing on the basis of a balance of interests). If you file an objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
2. the right to object to the processing of data for advertising purposes:
You also have the right to object at any time to the processing of your personal data for the purpose of direct marketing (including the subscription to our newsletter); this also applies to the creation of a user profile (so-called „profiling“), insofar as this is associated with direct marketing. If you file an objection, we will no longer process your personal data in the future.
Please note that you will not use the website if you do not provide us with certain data or if you object to the use of this data. The objection can be raised informally and is to be addressed to: firstname.lastname@example.org
9. AMENDMENT OF THIS DATA PROTECTION DECLARATION: