+49 6432 9181 244
mail@dia-lab.de
DE

Data protection declaration

In the following we inform you about the collection of your personal data when you use our website. Personal data are all data that can be related to you personally, e.g. name, address, e-mail addresses or user behaviour.

I. Name and address of the controller

D.I.A. Institut für Umweltanalytik und -technik GmbH
Werner-von-Siemens-Str. 24-26
D-65582 Diez

Phone: +49 6432 9181 244
Fax: +49 6432 9181 227
E-mail: info@dia-institut-diez.de

Managing Director
Kevin Drache

II. Name and address of the data protection officer

The legal requirements for the obligation to appoint a data protection officer are not met.

If you have any concerns or questions regarding data protection, please contact info@dia-institut-diez.de.

III. General information on data processing

1. Purpose and scope of the processing of personal data

We collect and use personal data of our users on the basis of legal regulations as far as this is necessary to provide and maintain the functions, contents and services of the website. When using special services such as the use of a contact form, the collection and use of personal data of our users take place with the consent of the user.

2. Legal basis for the processing of personal data

The legal basis for the processing of personal data is Art. 6 (1) (a) GDPR if the data subject gives his/her consent, Art. 6 (1) (b) GDPR if personal data are processed for the performance of a contract, Art. 6 ( 1) (b) GDPR if personal data are processed for the performance of a legal obligation, Art. 66 ( 1) (c) GDPR, and Art. 66 ( 1) (d) GDPR if the vital interests of the data subject or of another natural person require the processing of personal data.

If the processing is necessary to safeguard a legitimate interest of our company or of a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Article 6 (1) (f) GDPA serves as the legal basis for the processing.

3. Data erasure and storage period

Personal data of the data subject will be erased or blocked as soon as the purpose or the legal obligation to store the data ceases to apply. Furthermore, data may be stored if legal provisions provide for this.

4. Encrypted transmission

For reasons of security and to protect the transmission of personal data, such as the requests you send to us as the site operator, this website uses SSL (Secure Socket Layer) encryption in conjunction with the highest encryption level supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead.

IV. Provision of the website and creation of log files

1. Description and scope of data processing

Whenever you only access our website for informational purposes, i.e. if you do not register or otherwise provide us with information, our system automatically records personal data and information that your computer system transmits to our server. If you wish to view our website, we collect the following data, which are technically necessary for us to display our website and to ensure its stability and security:

(1) information about the browser software, its language and the version used
(2) operating system and user interface of the user
(3) IP address of the user
(4) date and time of access
(5) content of the request (specific page)
(6) access status/http status code
(7) websites from which the user's system accesses our website

The data are also stored in the log files of our system. These data are not stored together with other personal data of the user.

2. Legal basis for the data processing

The legal basis for the temporary storage of data is Article 6 (1) (f) of the GDPA.

3. Purpose of the data processing

The system must temporarily store the IP address to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. The data also serve us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also include our legitimate interest in data processing in accordance with Art. 6 (1) (f) GDPA.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended.

Data stored in log files will be deleted after seven days at the latest. A storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated in such a way that an assignment of the calling client is no longer possible.

5. Possibility of objection and removal

Objecting to the collection and processing of personal data is only possible in the case of voluntary information given in the context of a consent, but not in the case of data in log files that are absolutely necessary for the operation of the website.

V. Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's terminal device (PC, laptop, tablet, smart phone or similar). If a user calls up a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. Cookies do not cause any damage to your end device; they do not contain viruses, Trojans or other malware. Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we obtain direct knowledge of your identity.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.

The following data are stored and transmitted in the cookies:

(1) Session ID
(2) Consent to the cookie notice

2. Legal basis for the data processing

The legal basis for the processing of personal data is Article 6 (1) (f) of the GDPA.

3. Purpose of the data processing

The use of cookies is intended to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a page change.

We require cookies for the following applications:

(1) To prevent/detect misuse of the website
(2) To store the acceptance of the cookie notice

The user data collected by technically necessary cookies is not used to create user profiles. The purposes mentioned above also include our legitimate interest in data processing in accordance with Art. 6 (1) (f) GDPA.

4. Duration of storage, possibility of objection and removal

Cookies are stored on the user's computer and transmitted by the user to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used to their full extent.

VI. E-mail contact

1. Description and scope of data processing

Contact can be established via the e-mail addresses provided on the website. In this case, the user's personal data transmitted by e-mail will be stored.
In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.

2. Legal basis for the data processing

The legal basis for the processing of the data transmitted by e-mail is Article 6 (1) (f) of the GDPA.
If the e-mail contact aims at the conclusion of a contract, an additional legal basis for the processing is Art. 6 (1) (b) GDPA.

3. Purpose of the data processing

The processing of personal data serves us solely to process the contact. This also includes our required legitimate interest in data processing.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. For the personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation ends when it can be concluded from the circumstances that the matter in question has been finally clarified.

5. Possibility of objection and removal

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot continue.
To revoke the processing of personal data transmitted by e-mail, simply send an informal e-mail to datenschutz@drache-gmbh.de
In this case, all personal data stored in the course of the contact will be deleted.

6. Possibility of objection and removal

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot continue. In the event of an objection to optional personal data not marked as mandatory fields in the contact forms, a conversation may be continued under certain circumstances.
To revoke the processing of personal data submitted via contact form or e-mail, simply send an informal e-mail to datenschutz@drache-gmbh.de.
All personal data stored in the course of the contact will be deleted in this case.

VII. Rights of the data subject

If personal data are processed by you, you are the data subject in the sense of the GDPA and you are entitled to the following rights in relation to the controller. If you have any questions about data protection and in particular about the rights of data subjects, please contact our data protection officer (see II. above).

1. Right to information (Art. 15 GDPA)

You can request confirmation from the controller as to whether personal data concerning you is being processed by us.
If such processing is carried out, you can request information from the controller about your personal data processed by us in accordance with Art. 15 GDPA by means of the following information.

2. Right to rectification (Article 16 GDPA)

In accordance with Art. 16 GDPA, you have the right to demand the immediate correction of incorrect or incomplete personal data stored by us.

3. Right to restrict processing (Art. 18 GDPA)

Under the conditions of Art. 18 GDPA, you can request that the processing of your personal data be restricted.

If the restriction on processing has been restricted in accordance with the above-mentioned conditions, you will be informed by the controller before the restriction is lifted.

4. Right to erasure (Art. 17 GDPA)

In accordance with Art. 17 GDPA, you can request erasure of your personal data stored by us.

5. Right to provide information to third parties

If you have asserted the right to rectify, erase or limit the processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure or limitation of processing, unless this proves impossible or involves a disproportionate effort. You also have the right to be informed of these recipients.

6. Right to data portability

In accordance with Art. 20 GDPA, you have the right to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request a transfer to another controller

7. Right to object

If your personal data are processed on the basis of legitimate interests in accordance with Art. 6 (1) (1) (f) of the GDPA, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPA if there are reasons for doing so that arise from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which will be implemented by us without specifying a special situation.

If you wish to exercise your right to revoke or object, simply send an e-mail to datenschutz@drache-gmbh.de.

8. Right to revoke the declaration of consent under data protection law

You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until revocation.

9. Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, that has legal effect on you or significantly affects you in a similar manner. This shall not apply if the decision:

(1) is necessary for the conclusion or performance of a contract between you and the controller
(2) is authorised by Union law or the law of the Member States to which the controller is subject and that law contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
(3) with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) applies and appropriate measures have been taken to protect rights and freedoms and your legitimate interests.

With regard to the cases referred to in (1) and (3), the controller shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests, which shall include at least the right to obtain the intervention of a person from the controller, to express his or her point of view and to challenge the decision.

10. Right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place where the alleged infringement is committed, if you consider that the processing of personal data relating to you is in breach of the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and the results of the complaint, including the possibility of a legal remedy under Art. 78 GDPR.

Updated on 4 March 2019