General Preliminary Remarks
The TU concept GmbH takes the protection of personal data very seriously. We process personal data which are collected when visiting our websites in compliance with the applicable data protection regulations. In particular, the North-Rhine Westphalia Data Protection Act (DSG NRW), the General Data Protection Regulation (GDPR) and the German Teleservices Act (TMG) apply.
I. Scope of Processing of Personal Data
We only process personal data of our users if this is necessary to provide a functional website and if this is required to make our contents and services available. The processing of personal data of our users takes place as a rule only after consent of the user. An exception applies in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted under statutory regulations.
II. Data Erasure and Duration of Storage
The personal data of the data subject will be erased or made unavailable as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other ordinances to which the responsible person is subject. The data will also be made unavailable or erased if a storage period prescribed by the named norms expires, unless the continued storage of the data is necessary for the conclusion or fulfillment of a contract.
III. Provision of the Website and Creation of Log Files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data are collected here:
- Information about the browser type and version used
- Operating system of the user
- IP address of the user
- Date and time of access
The data are also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.
2. Purpose and legal basis for data processing
The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. For this purpose, the user's IP address must be stored for the duration of the session.
Storage in log files is done to ensure the functionality of the website. In addition, the data are used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
3. Duration of storage
Processing will take place during use until the end of each session.
If the data are stored in log files, this is the case for a maximum of 24 hours. After that, the IP addresses of the users are anonymized, so that an assignment to the accessing client is no longer possible.
IV. Rights of the Person Concerned
If your personal data are processed, you are affected within the meaning of the GDPR, and you have the following rights vis-à-vis the responsible person:
If you want to exercise your rights, please contact the address at the bottom.
1. Right of access by the data subject (Art. 15 GDPR)
You have the right to information about personal data concerning you that is collected, processed or, if relevant, transferred to third parties.
2. Right to object (Art. 21 GDPR)
You have the right to object to the processing of your personal data if the processing is based on Art. 6 (1) e or f GDPR.
3. Right to erasure (Art. 17 GDPR)
In particular, after the legally prescribed retention periods have expired, you have the right to have your data erased.
4. Right to restriction of processing (Art. 18 GDPR)
In special cases, you have the right to restrict processing. This is the case if the data processing is unlawful, if you dispute the accuracy of the data collected or if you have filed an objection to the processing. You can also request a restriction of the processing if the data are subject to an erasure obligation because the purpose of the processing has been achieved, but you need these data to assert legal claims. You must request a processing restriction.
5. Right to rectification (Art. 16 GDPR)
You have the right to have incorrect personal data rectified.
6. Right to revoke the data protection consent declaration (Art. 7 GDPR)
You have the right to revoke your data protection declaration of consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation.
7. Right to complain to a supervisory authority
If you have any questions or complaints regarding data protection, you can always contact a data protection supervisory authority. In our case, the State Commissioner for Data Protection and Freedom of Information in North Rhine-Westphalia is responsible.
V. Web Analytics
Scope of processing of personal data
TU concept GmbH uses the open-source software tool Matomo (formerly PIWIK) to improve its websites by analyzing the surfing behavior of its users. The software works with digital fingerprints which assign online activities to a single browser session and are deleted after 24 hours.
The following data are saved when individual pages of our website are accessed:
- Two bytes of the IP address of the accessing user system
- The accessed website
- The website from which the user accessed the requested page (referrer)
- The sub-pages which are accessed from the visited website
- The time spent on the webpage
- Which browser with which plug-ins, which operating system and which screen resolution is used
The software only runs on our website servers. The users’ personal data is only saved to the website server and not shared with third parties.
Preventing data recording
Each time you visit the website, you will be informed about the web analysis by a banner. You have the option to agree or refuse the analysis.
VI. Contact/Suggestion Forms and E-mail Contact
1. Description and scope of data processing
On TU concept GmbH websites, there are contact/suggestion forms that can be used for electronic contact. If a user makes use of this option, the data entered in the input mask are transmitted to us and stored.
After sending the form, the following data will also be stored:
- Date and time
- URL from which the contact form was sent
Alternatively, it is possible to contact us via the provided e-mail addresses. In this case, the user's personal data that are transmitted with the e-mail will be stored.
In this context, the data will not be passed on to third parties. The data are used exclusively for processing the conversation.
2. Purpose of data processing and legal basis
The processing of personal data from the input mask serves us solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data.
The legal basis for the processing of the data is Art. 6 (1) (a) GDPR if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) (e) GDPR.
3. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
Name and Address of the Responsible Person
The responsible person within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
TU concept GmbH