Data Protection Declaration
Data protection declaration / duty to provide information according to §5 TMG & Art. 13/14 GDPR
At PAUL IT-Service GmbH, we believe the protection of personal data involves far more than just complying with legislation. We are therefore happy that you are interested in how we handle personal data.
We always process personal data such as a person’s name, address, e-mail address, or phone number in accordance with applicable privacy law.
With this privacy notice, we would like to inform everyone about the nature, scope, and purpose of the personal data that we collect, use, and process. Furthermore, we would like to explain to the persons concerned the rights to which they are entitled.
PAUL IT-Service GmbH has implemented numerous technical and organizational measures to ensure that the personal data processed via this Web site is protected as comprehensively as possible.
Despite the care we take, Internet-based data transmission is vulnerable to security flaws and, consequently, absolute protection can never be guaranteed. For this reason, you of course have the option of transmitting your personal data by alternative means, for example, by telephone or post.
Obligation to inform:
Name, Address, and Contact Details of the Entity Responsible
PAUL IT-Service GmbH
Petra Ebeling, Patrick Kümmel
Tel.: +49 (30) 450 874 910
Registered at Berlin – Amtsgericht Charlottenburg under HRB 135149
VAT no.: DE 815 300 158
Privacy Officer Contact Details
The Privacy Officer for the data controller is:
DDI – Deutsches Datenschutz Institut GmbH
You can contact our Privacy Officer by sending a letter to the attention of “Privacy Officer” at the address above or by sending an e-mail to: datenschutz (at) paul-it-service.de
Purposes and Legal Grounds for Processing Data – When Visiting Our Web Site in General
Should you use our Web site purely for informational purposes, not register yourself, or convey information to us in some other way (e.g. by e-mail), we will only collect the data that your browser transfers to our server (“server log files”). This data is processed in accordance with GDPR art. 6(1)(f) on the basis of our legitimate interest in improving the stability and functionality of our Web site. This data is not used in any other way and in no way shared with third parties. However, we do reserve the right to analyze log files at a later date if there are reasons to suspect unlawful usage.
Purposes and Legal Grounds for Processing Data – Contact Form
When you contact us (e.g. using our contact form or by e-mail), we collect personal data. This data is stored and used exclusively for the purposes of answering your inquiry and for the associated technological administration. Our legitimate interest in responding to your inquiry forms the legal grounds for processing this data, in accordance with GDPR art. 6(1)(f). If you contact us for the purpose of entering into a contract, there are additional legal grounds for processing provided in GDPR art. 6(1)(b). Your data will be erased once your inquiry has been conclusively resolved. This is the case if it can be assumed that the relevant matter has been completely resolved and if there are no statutory retention periods barring us from erasing the data.
Notice About Profiling and Scoring
Profiling and scoring does not take place.
Recipients or Categories of Recipients
Your personal data may be transferred to the following third parties depending on the tools used:
- Google Inc.
- Facebook Inc.
Detailed information is listed below under “Data Protection Provisions for the Use of …”.
Transfer to Non-EU/EEA Country
Data transfer to a third country depends on the tools used: USA and Ireland.
The controller processes and stores the data subject’s personal data only for the period of time required to achieve the purpose for which it is stored or only if the controller is required to store data on account of legislation or regulations that are passed by European Union legislators and regulators, or other legislators, and the controller is subject to this legislation or these regulations.
Should there no longer be any reason to store the data or if a retention period prescribed by a European Union directive or regulation or by other relevant law expires, the personal data will be restricted from processing or deleted as a matter of routine and in accordance with statutory regulations.
Rights of the Data Subject
You can request information about the personal data concerning you that we have stored by writing to the above address. Moreover, in certain situations you can request to have your data rectified or erased.
You may additionally have the right to have the processing of your data restricted as well as the right to obtain the data you have provided in a structured, commonly used, and machine-readable format.
Notice of Right to Object When Consent Is Selected as Legal Grounds
You have the right at any time to withdraw any consent given to the processing of your data. If you withdraw your consent, we will immediately delete the data concerned, provided there are no other legal grounds to support further processing. If you withdraw your consent, it will not affect the legality of the processing operations conducted until the time of the withdrawal.
Right to Complain to Data Protection Supervisory Authority
If you believe that the processing of your personal data violates the GDPR, GDPR art. 77 provides you the option of filing a complaint with the Privacy Officer named above or with a supervisory authority for data protection. The supervisory authority with jurisdiction over us is:
Die Berliner Beauftragte für Datenschutz und Informationssicherheit
By using cookies, PAUL IT-Service GmbH can provide Web site users with more user-friendly services that would otherwise not be possible.
The data subject can at any time stop cookies being saved by our Web site by activating the corresponding settings in his/her Web browser and, in doing so, permanently object to cookies being saved. Furthermore, cookies that have already been saved can be deleted at any time using the Web browser or other software programs. This is a function available in all common Web browsers. If the data subject deactivates his/her Web browser’s cookie-saving function, it may in some cases no longer be possible to use the complete functionality of our Web site.
The data controller has integrated Google Maps on this website.
Google Maps (API) is a web service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) to display interactive (land) maps for visual representation of geographical information. By using this service, visitors to the website are shown the company’s location and any directions are made easier.
Information about the use of the respective website (such as the IP address) is transmitted to and stored by Google on servers in the USA as soon as the sub-pages into which the Google Maps map is integrated are accessed. This happens regardless of whether Google provides a user account through which the person concerned is logged in, or whether no user account exists. If the person concerned is logged in to Google, their data will be assigned directly to their account. If this assignment is not desired, the person concerned must log out before activating the button. Google saves the data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation takes place in particular according to art. 6 para. 1 lit. f GDPR on the basis of the legitimate interests of Google in the insertion of personalised advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
Google LLC, based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU.
Data Protection Provisions for the Use of Google Fonts
The controller has integrated Google Fonts into this Web site. Google provides free fonts that can be used when designing Web sites.
So that fonts can be displayed consistently, this Web site uses Web fonts that are provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). When visiting a page on our Web site, the data subject’s browser loads the required Web fonts into its cache so that it can display text and fonts correctly.
For this purpose, the browser used by the data subject must establish a connection with Google’s servers. This process informs Google of the corresponding page being visited from the data subject’s IP address. We use Google Web fonts in the interest of presenting our online offering consistently and appealingly. This represents a legitimate interest as provided in GDPR art. 6(1)(f). If the data subject’s browser does not support Web fonts, the data subject’s computer will use a default font.
Google LLC., based in the United States, has been certified for the purposes of the U.S.-EU “Privacy Shield” data protection framework, which ensures compliance with the level of privacy required in the EU.
Data Protection Provisions for the Use of Facebook
The controller has integrated components from Facebook, Inc. into this Web site. Facebook is a social network.
A social network is a social meeting place and online community run on the Internet that usually enables users to communicate with each other and interact in a virtual setting. A social network can be used as a platform to exchange opinions and experiences or it enables the online community to provide personal or commercial information. Facebook enables the social network’s users to do things such as create private profiles, upload photos, and network with each other through friend requests.
The company operating Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. The entity controlling the processing of data, if the data subject is not resident in the United States or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Every time an individual page is visited on this Web site, the latter being operated by the controller and featuring an integrated Facebook component (Facebook plug-in), the relevant Facebook component automatically causes the Web browser on the data subject’s information technology system to download a rendering of the corresponding Facebook component from Facebook. You can see an overview of all Facebook plug-ins at https://developers.facebook.com/docs/plugins/?locale=en_US. This technological process involves Facebook receiving knowledge of the particular sub-site on our Web site that the data subject is visiting.
Every time the data subject visits our Web site and for the entire length of time he or she spends on our Web site, Facebook will identify the specific sub-site on our Web site that the data subject visits if he or she is simultaneously logged in to Facebook. This information is collected by the Facebook component and matched with the data subject’s Facebook account by Facebook. If the data subject clicks on one of the Facebook buttons integrated into our Web site, for example the “Like” button, or if the data subject leaves a comment, Facebook will match this information with the data subject’s personal Facebook account and store this personal data.
The Facebook component always informs Facebook of the data subject visiting our Web site if the data subject is simultaneously logged in to Facebook at the time of visiting our Web site, irrespective of whether the data subject clicks on the Facebook component. If the data subject does not want this information to be transferred to Facebook in the described manner, he or she can prevent it being transferred by logging out of his or her Facebook account before visiting our Web site.
The Data Policy published by Facebook, available at https://facebook.com/about/privacy/, provides information about Facebook’s collection, processing, and usage of personal data. Furthermore, it explains the settings that Facebook offers to protect the privacy of data subjects. Additionally, there are various applications available that make it possible to stop data from being transferred to Facebook. Data subjects can use these applications to prevent data from being transferred to Facebook.