Privacy Policy | L&D Parfumproben

Die besten Düfte zum besten Preis, nur bei uns! Kostenloser Versand ab 49€

Privacy Policy
General Information
This privacy policy provides detailed information on what happens to your personal data when you visit our website. Personal data includes any information that can personally identify you. We strictly adhere to legal regulations, especially the General Data Protection Regulation ("GDPR"), when processing your data, and we place great importance on ensuring that your visit to our website is absolutely secure.

Controller
Responsible for data collection and processing of personal data on this website:
Owners: Luca Dikiakos and David Dasovic
(For more information, please contact us via email)
Email: info@parfumprobenld.de

Access Data (Server Log Files)
When you access our website, we automatically collect and store access data in server log files, which your browser automatically transmits to us. This includes:
• Browser type and version of your PC
• Date and time of the server request
• the IP address currently used by your PC (possibly in anonymized form)
In general, it is not possible and not intended for us to personally identify individuals. The processing of such data is carried out in accordance with Art. 6 Para. 1 lit. f GDPR to safeguard our legitimate interests in improving the stability and functionality of our website.

Cookies
To make your visit to our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your device. Cookies cannot execute programs or transmit viruses to your computer system.
Cookies that are necessary for the electronic communication process or for the provision of certain functions you desire are stored based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in storing cookies for the technically error-free and optimized provision of our services. If other cookies (e.g., cookies for analyzing your browsing behavior) are stored, they will be treated separately in this privacy policy.
Most of the cookies we use are called "session cookies". They are automatically deleted after your visit ends. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser to inform you about the setting of cookies and only allow cookies in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when you close your browser. If you deactivate cookies, the functionality of this website may be limited.

1.1 Google Analytics
Our website uses the web analytics service Google Analytics in the Google Analytics 4 version. The provider is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of your use of our website. In Google Analytics, all data from devices located in the EU (based on the geographical location according to IP address), domains, and servers in the EU are collected before the traffic is forwarded to Analytics servers for processing.
The legal basis for processing your data is the consent you provided via the cookie consent tool according to Art. 6 Para. 1 Sentence 1 lit. a) GDPR.
a) IP anonymization
IP anonymization is automatically enabled in Google Analytics on the website. This means that your IP address is truncated by Google within member states of the EU or other contracting parties to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide us with other services related to website activity and internet usage. According to Google, IP addresses are not logged and stored in Google Analytics, but only processed temporarily for geolocation and immediately deleted thereafter. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
b) Demographic features in Google Analytics
Our website uses the "demographic features" function of Google Analytics. This allows reports to be generated that contain information about the age, gender, and interests of site visitors. This data comes from Google's interest-based advertising and visitor data from third-party providers. This data cannot be attributed to any specific individual. You can disable this feature at any time through the ad settings in your Google account or opt out of data collection by Google Analytics as outlined in the "Objection to data collection" section.
c) Google Signals
In connection with this website, the Google Signals service is also used as an extension of Google Analytics. With Google Signals, we can have cross-device reports generated by Google (so-called "Cross Device Tracking"). If you have activated "personalized ads" in your Google account settings and linked your internet-enabled devices to your Google account, Google can analyze usage behavior across devices and create database models based on your consent to the use of Google Analytics in accordance with Art. 6 Para. 1 lit. a GDPR. This takes into account the logins and device types of all website users who were logged into a Google account and performed a conversion. The data shows, among other things, on which device you first clicked on an ad and on which device the respective conversion took place. We do not receive any personally identifiable information from Google, but only statistics created based on Google Signals. You have the option to disable the "personalized ads" feature in your Google account settings, thereby disabling cross-device analysis in connection with Google Signals. Follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=en. For more information about Google Signals, please visit the following link: https://support.google.com/analytics/answer/7532985?hl=en.
d) Data processing agreement
We have entered into a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
e) Storage duration
Data stored by Google at the user and event level, associated with cookies, user IDs (e.g., User ID), or advertising IDs (e.g., DoubleClick cookies, Android advertising ID), will be deleted after 2 months. Details can be found at the following link: https://support.google.com/analytics/answer/7667196?hl=en.
f) Right to withdraw consent
Many data processing operations are only possible with your explicit consent. If the processing of your data is based on your consent, you have the right to revoke your consent to data processing under Art. 7 Para. 3 GDPR at any time with future effect by accessing the cookie settings and changing your selection. Revoking your consent does not affect the legality of processing based on consent before its withdrawal. Storage of data for billing and accounting purposes remains unaffected by revocation.
For more information on how Google Analytics handles user data, please refer to Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
For further information on data protection, please refer to Google's privacy policy: https://policies.google.com/privacy?hl=en&gl=en.

1.2 Google Ads and Google Conversion Tracking
Our website uses Google Ads (formerly Google AdWords). Google Ads is an online advertising program provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
Google Ads allows us to place advertisements on external websites with the help of advertising materials and to determine how successful individual advertising campaigns are. This helps

us display ads that are of interest to you, make our website more interesting for you, and achieve a fair calculation of advertising costs.
Within Google Ads, we use the so-called conversion tracking. The advertising materials are delivered by Google via so-called "ad servers". For this purpose, we use so-called ad server cookies, which allow certain parameters for measuring success, such as ad impressions or clicks by users, to be measured. When you click on an ad placed by Google, a conversion tracking cookie is set. Cookies are small text files that are stored by the internet browser on the user's computer. These cookies lose their validity after 30 days and are not used for personal identification of the users. These cookies enable Google to recognize your web browser. If you visit certain pages of our website and the cookie has not expired, Google and we can recognize that you clicked on the ad and were redirected to that page. Each Google Ads customer receives a different cookie. Cookies cannot therefore be tracked across the websites of Ads customers. Typically, the following information is stored as analysis values in connection with a cookie: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (indication that the user no longer wants to be addressed). The information obtained with the help of the conversion cookie is used to create conversion statistics for Ads customers who have opted for conversion tracking. Ads customers receive the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that personally identifies users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. You will then not be included in the conversion tracking statistics.
The summary of the data collected in your Google account is based solely on your consent, which you can give or revoke at Google (Art. 6 Para. 1 lit. a GDPR). For data collection processes that are not merged into your Google account (e.g., because you do not have a Google account or have objected to the merger), the collection of data is based on Art. 6 Para. 1 lit. f GDPR. The legitimate interest arises from the fact that we have an interest in the anonymized analysis of the visitors to our website for advertising purposes, in order to optimize both our web offering and our advertising.
Further information and the privacy policy can be found in Google's privacy policy at: https://policies.google.com/technologies/ads?hl=en.

1.3 Google AdSense
Our website uses Google AdSense, a service for integrating advertisements provided by Google.
Google AdSense uses so-called "cookies", which are text files that are stored on your computer and enable us to display advertisements on our website that are tailored to our content and your interests. Google AdSense also uses so-called web beacons (invisible graphics). Through these web beacons, information about visitor traffic on our pages can be statistically evaluated for online marketing purposes.
The information generated by cookies and web beacons about the use of our website (including your IP address) and the delivery of advertising formats is transmitted to a Google server in the USA and stored there. This information may be passed on by Google to third parties. However, Google will not merge your IP address with other data stored by Google.
If you have given consent, the storage and processing of personal data are based on this consent in accordance with Art. 6 Para. 1 lit. a GDPR. We also have a legitimate interest pursuant to Art. 6 Para. 1 lit. a GDPR in analyzing user behavior in order to optimize both our website and our advertising.
The summary of the data collected in your Google account is based solely on your consent, which you can give or revoke at Google (Art. 6 Para. 1 lit. a GDPR).
You can prevent the installation of cookies by adjusting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. By using this website, you agree to the processing of the data collected about you by Google in the manner and for the purposes described above.

1.4 Google Fonts
We use "Google Fonts" (formerly "Google Web Fonts") on our website, a service provided by Google.
Google Fonts enables us to use external fonts, so-called Google Fonts. When you access our website, the required Google Font is loaded into your web browser's cache. This is necessary so that your browser can display an optically improved presentation of our texts. If your browser does not support this function, a standard font from your computer will be used for display.
The integration of Google Fonts is done by accessing a server, usually a server operated by Google in the USA. This transmits to the server which of our Internet pages you have visited. Also, the IP address of your browser's end device is stored by Google. We have no influence on the scope and further use of the data collected and processed by Google through the use of Google Fonts.
We use Google Fonts for optimization purposes, especially to improve the use of our website for you and to make its design more user-friendly. This is our legitimate interest in processing the above data by the third-party provider. The legal basis is Art. 6 Para. 1 S. 1 lit. f GDPR.
For further information about Google Fonts, please visit https://fonts.google.com/, https://developers.google.com/fonts/faq?hl=en-US&csw=1.

Social Media
1.1 Google+ Plugin
Our website uses social plugins from Google+ provided by Google. These plugins are identifiable by buttons with the symbol "+1" on a white or colored background. An overview of Google plugins and their appearance can be found here: [https://developers.google.com/+/plugins](https://developers.google.com/+/plugins).
We prevent the unintentional and unwanted collection and transmission of personal data to the service provider through a 2-click solution. To activate the social plugin, the user must click on the button. Only through this click is the collection of personal information and its transmission to the service provider triggered. We would like to point out that as the operator of the website, we have no knowledge of the content of the transmitted data or its use by Google. Information about the purpose and scope of data collection and the further processing and use of the data by Google, as well as your rights and settings options to protect your privacy, can be found in Google's privacy policy: [https://policies.google.com/privacy?hl=en](https://policies.google.com/privacy?hl=en).

1.2 Instagram Plugin
Functions of the Instagram service are integrated into our website. These functions are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plugins are marked with an Instagram logo, for example in the form of an "Instagram camera". An overview of the Instagram plugins and their appearance can be found here: [http://blog.instagram.com/post/36222022872/introducing-instagram-badges](http://blog.instagram.com/post/36222022872/introducing-instagram-badges).
We prevent the unintentional and unwanted collection and transmission of personal data to the service provider through a 2-click solution. To activate the social plugin, the user must click on the button. Only through this click is the collection of personal information and its transmission to the service provider triggered. We would like to point out that as the operator of the website, we have no knowledge of the content of the transmitted data or its use by Instagram. Information about the purpose and scope of data collection and the further processing and use of the data by Instagram, as well as your rights and settings options to protect your privacy, can be found in Instagram's privacy policy: [https://instagram.com/about/legal/privacy/](https://instagram.com/about/legal/privacy/).

Newsletter
If you have expressly consented, we regularly send our newsletter to your email address. To receive our newsletter, you must provide us with your email address and then verify it. Additional data is not collected or is voluntary. The data is used exclusively for sending the newsletter. The data collected during newsletter registration is processed exclusively based on your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time. For revocation, a informal message via email is sufficient, or you can unsubscribe from the newsletter using the "Unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. Data entered during the setup of the subscription will be deleted in the event of unsubscribing. If this data has been transmitted to us for other purposes and at another location, it will remain with us.

Contact
If you contact us, including by email, the data you provide, including your contact details, will be stored to process your inquiry or to be available for follow-up questions. This data will not be passed on to third parties without your consent. The processing of your data is based exclusively on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your consent at any time. For revocation, an informal message via email is sufficient. The legality of the data processing operations carried out before the revocation remains unaffected by the revocation. Data transmitted to us will remain with us until you request us to delete it, revoke your consent to storage, or there is no longer any need for data storage. Mandatory statutory provisions - especially retention periods - remain unaffected.

Customer Account
When you open a customer account, you consent to the storage of your master data such as name, address, email address, and bank details, as well as your usage data (username, password). This allows you to order from us using your email address and personal password.

Online Payments
When you order goods or services in our online shop, it is necessary for the fulfillment of the contract that you provide your personal data necessary for processing your order. The mandatory information required for contract processing is marked separately. Depending on the chosen payment method, the data required for payment processing will be forwarded to the respective payment service provider. The processing of your data is based on the legal basis of Art. 6 para. 1 sentence 1 lit. b) GDPR.

1.1 American Express
We use American Express on our website. The service provider is the American company American Express Company. For the European region, the company responsible is American Express Europe S.A., Avenida Partenón 12-14, 28042, Madrid, Spain. The data processing is primarily done by American Express. This may result in data being processed and stored non-anonymously. Furthermore, US government authorities may potentially have access to individual data. It may also happen that this data is linked with data from other American Express services where you have a user account. More information about the data processed by the use of American Express can be found in the Privacy Policy at [https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html](https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html).

1.2 Apple Pay
We use Apple Pay, a service for online payment methods, on our website. The service provider is the American company Apple Inc., Infinite Loop, Cupertino, CA 95014, USA. The data processing is primarily done by Apple Pay. This may result in data being processed and stored non-anonymously. Furthermore, US government authorities may potentially have access to individual data. It may also happen that this data is linked with data from other Apple services where you have a user account. More information about the data processed by the use of Apple Pay can be found in the Privacy Policy at [https://www.apple.com/legal/privacy/de-ww/](https://www.apple.com/legal/privacy/de-ww/).

1.3 giropay
We use the online payment provider giropay on our website. The service provider is the German company paydirekt GmbH, Stephanstraße 14-16, 60313 Frankfurt am Main, Germany. More information about the data processed by the use of giropay can be found in the Privacy Policy at [https://www.giropay.de/rechtliches/datenschutzerklaerung/](https://www.giropay.de/rechtliches/datenschutzerklaerung/).

1.4 Google Pay
We use the online payment provider Google Pay on our website. The service provider is the American company Google Inc. For the European region, the company Google Ireland

Ltd., Gordon House, Barrow Street Dublin 4, Ireland, is responsible for all Google services. The data processing is primarily done by Google Pay. This may result in data being processed and stored non-anonymously. Furthermore, US government authorities may potentially have access to individual data. It may also happen that this data is linked with data from other Google services where you have a user account. More information about the data processed by the use of Google Pay can be found in the Privacy Policy at [https://policies.google.com/privacy](https://policies.google.com/privacy).

1.5 Klarna
Our website enables payment via Klarna. The provider of the payment service is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden. When paying with Klarna (Klarna Checkout solution), Klarna collects various personal data from you. Details can be found in Klarna's privacy policy at [https://www.klarna.com/de/datenschutz/](https://www.klarna.com/de/datenschutz/). Klarna uses cookies to optimize the Klarna Checkout solution. This optimization constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. Cookies are small text files that your web browser stores on your device. Klarna cookies remain on your device until you delete them. Details about the use of Klarna cookies can be found at [https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf](https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf). The transmission of your data to Klarna is based on Art. 6 Para. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. b GDPR (processing for the performance of a contract). You can revoke your consent at any time. Data processing operations in the past remain effective in the event of revocation.

1.6 Mastercard
We use the payment service provider Mastercard on our website. The service provider is the American company Mastercard Inc. For the European region, the company responsible is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium. The data processing is primarily done by Mastercard. This may result in data being processed and stored non-anonymously. Furthermore, US government authorities may potentially have access to individual data. It may also happen that this data is linked with data from other Mastercard services where you have a user account. More information about the data processed by the use of Mastercard can be found in the Privacy Policy at [https://www.mastercard.de/de-de/datenschutz.html](https://www.mastercard.de/de-de/datenschutz.html).

1.7 PayPal
We use the online payment service PayPal on our website. The service provider is the American company PayPal Inc. For the European region, the company PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, is responsible. The data processing is primarily done by PayPal. This may result in data being processed and stored non-anonymously. Furthermore, US government authorities may potentially have access to individual data. It may also happen that this data is linked with data from other PayPal services where you have a user account. More information about the data processed by the use of PayPal can be found in the Privacy Policy at [https://www.paypal.com/de/webapps/mpp/ua/privacy-full](https://www.paypal.com/de/webapps/mpp/ua/privacy-full).

1.8 Sofortüberweisung
Our website enables payment via "Sofortüberweisung". The provider of the payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich. With the "Sofortüberweisung" procedure, we receive a payment confirmation from Sofort GmbH in real-time and can immediately fulfill our obligations. When paying by "Sofortüberweisung", your PIN and TAN are transmitted to Sofort GmbH. The payment provider logs into your online banking account with this information, automatically checks your account balance, and carries out the transfer. An immediate transaction confirmation follows. Your sales, the credit limit of your overdraft facility, and the existence of other accounts as well as their balances are also automatically checked after logging in. In addition to PIN and TAN, the transmission to Sofort GmbH also includes payment data and data about your person. The data about your person includes first and last name, address, telephone number(s), email address, IP address, and possibly other data necessary for payment processing. There is a need for this data transmission to clearly establish your identity and prevent fraud attempts. The transmission of your data to Sofort GmbH is based on Art. 6 Para. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. b GDPR (processing for the performance of a contract). You can revoke your consent at any time. Data processing operations in the past remain effective in the event of revocation. Details about payment with Sofortüberweisung can be found at [https://www.sofort.de/datenschutz.html](https://www.sofort.de/datenschutz.html) and [https://www.klarna.com/sofort/](https://www.klarna.com/sofort/).

1.9 Visa
We offer payments with Visa on our website. The service provider is the American company Visa Inc. For the European region, the company Visa Europe Services LLC, 1 Sheldon Square, London W2 6TT, United Kingdom, is responsible. The data processing is primarily done by Visa. This may result in data being processed and stored non-anonymously. Furthermore, US government authorities may potentially have access to individual data. It may also happen that this data is linked with data from other Visa services where you have a user account. More information about the data processed by the use of Visa can be found in the Privacy Policy at [https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html](https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html).

Use and Disclosure of Data
We will not sell your personal data, which you provide to us, for example, when placing an order or by email, to third parties or otherwise market it. Your personal data will only be processed for correspondence with you and only for the purpose for which you have made the data available to us. For the processing of payments, we pass on your payment data to the credit institution responsible for the payment. The use of data automatically collected when you visit our website is only for the purposes mentioned above. The data is not used for any other purpose. We assure you that we do not pass on your personal data to third parties unless we are legally obliged to do so or you have given us your consent.

SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, our website uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the

data you transmit to us cannot be read by third parties.

Personal data that has been transmitted to us via our website will only be stored until the purpose for which it was entrusted to us is fulfilled. If there are commercial and tax retention periods to be observed, the storage period for certain data may be up to 10 years.

Rights of Data Subjects
With regard to the personal data concerning you, as a data subject of the data processing, you have the following rights vis-à-vis the data controller according to the legal provisions:

3.1 Right of Withdrawal
Many data processing operations are only possible with your express consent. You have the right to revoke your consent to the processing of data at any time with future effect. Revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation. Storage of the data for billing and accounting purposes remains unaffected by revocation.

3.2 Right to Information

You have the right, according to Art. 15 GDPR, to request confirmation from us as to whether we are processing personal data concerning you. If such processing is taking place, you have the right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage duration or the criteria for determining the storage duration, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected by us, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing, and your right to be informed about the guarantees according to Art. 46 GDPR when your data are transferred to third countries.

**3.3 Right to Rectification**

You have the right, according to Art. 16 GDPR, to demand immediate rectification of incorrect personal data concerning you and/or completion of your incomplete data at any time.

**3.4 Right to Erasure**

You have the right, according to Art. 17 GDPR, to request the erasure of your personal data if one of the following reasons applies:
a) Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
b) You withdraw your consent on which the processing according to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR was based, and there is no other legal basis for the processing.
c) You object to the processing according to Art. 21 para. 1 GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing according to Art. 21 para. 2 GDPR.
d) The personal data have been unlawfully processed.
e) The erasure of personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject.
f) The personal data have been collected in relation to the offer of information society services referred to in Art. 8 para. 1 GDPR.
However, this right does not exist if the processing is necessary:
a) for exercising the right of freedom of expression and information;
b) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
c) for reasons of public interest in the area of public health pursuant to Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
d) for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
e) for the establishment, exercise, or defense of legal claims.
If we have made the personal data public and are obliged to erase it pursuant to Art. 17 GDPR, we shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform controllers who are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

**3.5 Right to Restriction of Processing**

You have the right, according to Art. 18 GDPR, to demand the restriction of processing (blocking) of your personal data. For this purpose, you can contact us at any time using the contact details provided in the imprint. The right to restriction of processing exists in the following cases:
a) If you contest the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the examination, you have the right to demand the restriction of processing of your personal data.
b) If the processing of your personal data is unlawful/happened unlawfully, but you oppose the deletion of the data and instead request the restriction of their use.
c) If we no longer need your personal data, but you need them for the exercise, defense, or assertion of legal claims, you have the right to demand the restriction of processing of your personal data instead of deletion.
d) If you have objected pursuant to Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of processing of your personal data.
If you have restricted the processing of your personal data, these data - apart from their storage - may only be processed with your consent or for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the EU or a Member State.

**3.6 Right to Information**

If you have exercised your right to rectification, erasure, or restriction of processing against us, we are obliged to notify all recipients to whom your personal data have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right under Art. 19 GDPR to be informed about these recipients upon request.

**3.7 Right Not to be Subject to Automated Decision-making**

You have the right, according to Art. 22 GDPR, not to be subject to a decision based solely on automated processing - including profiling - that produces legal effects concerning you or similarly significantly affects you.
This does not apply if the decision
a) is necessary for the conclusion or performance of a contract between you and us,
b) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
c) is based on your explicit consent.
However, these decisions may not be based on special categories of personal data referred to in Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or lit. g applies and suitable measures to safeguard your rights and freedoms and legitimate interests have been taken.
In the cases referred to in (a) and (c), we shall take suitable measures to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your point of view, and to contest the decision.

**3.8 Right to Data Portability**

If processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and processing is carried out by automated means, you have the right under Art. 20 GDPR to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where technically feasible.

**3.9 Right to Object**

If we base the processing of your personal data on

the balancing of interests according to Art. 6 para. 1 lit. f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation, including profiling based on this provision. The respective legal basis for processing can be found in this data protection declaration. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms or the processing serves to assert, exercise, or defend legal claims (objection pursuant to Art. 21 para. 1 GDPR).
If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising, including profiling, insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for direct marketing purposes (objection pursuant to Art. 21 para. 2 GDPR).
You have the option to exercise your right to object in connection with the use of information society services - notwithstanding Directive 2002/58/EC - by means of automated procedures using technical specifications.

**3.10 Right to Lodge a Complaint with a Supervisory Authority pursuant to Art. 77 GDPR**

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority responsible for us is:
Bavarian State Office for Data Protection Supervision
Promenade 18
91522 Ansbach
Postal address:
PO Box 1349, 91504 Ansbach
Telephone: 0981/180093-0
Email: poststelle@lda.bayern.de
Internet: https://www.lda.bayern.de

Validity and Amendment of this Data Protection Declaration
This data protection declaration is valid from April 22, 2024. We reserve the right to amend this data protection declaration at any time in compliance with the applicable data protection regulations. This may be necessary, for example, to comply with new legal requirements or to take into account changes to our website or new services on our website. The version accessible at the time of your visit shall apply.
If this data protection declaration is amended, we intend to announce changes to our data protection declaration on this page so that you are fully informed about what personal data we collect, how we process it, and under what circumstances it may be disclosed.

Privacy Policy
©2002-2024 LEGAL DOCUMENTS (Sequiter Inc.)