Privacy policy

Data Pri­va­cy Poli­cy of AXICA Kon­gress- und Tagungs­zen­trum Pari­ser Platz 3 GmbH

We thank you for visi­ting our web­site and your inte­rest in our com­pa­ny. Pro­tec­ting your per­so­nal data is of the utmost importance to us. When pro­ces­sing your per­so­nal data, such as your name, address, email address or pho­ne num­ber we strict­ly com­ply with the exis­ting Euro­pean and natio­nal legislation.

Below AXICA Kon­gress- und Tagungs­zen­trum Pari­ser Platz 3 GmbH (here­af­ter: „AXICA“) will inform the public about the natu­re, scope and pur­po­se of per­so­nal data pro­ces­sed by us. We will also inform you about your rights in this Data Pri­va­cy Notice.

I. CONTROLLER’S NAME AND ADDRESS

The con­trol­ler in the sen­se of the EU Gene­ral Data Pro­tec­tion Regu­la­ti­on and the Fede­ral Data Pro­tec­tion Act of 25 May 2018 is:

AXICA Kon­gress- und Tagungs­zen­trum Pari­ser Platz 3 GmbH
Pari­ser Platz 3
10117 Ber­lin

Pho­ne num­ber: +49 30 200086–0
Fax num­ber: +49 30 200086–701

Web­site: www​.axi​ca​.de
Email: info@​axica.​de

The mana­ging direc­tor of AXICA Kon­gress- und Tagungs­zen­trum Pari­ser Platz 3 GmbH is
Marc-Alex­an­der Mundstock.

II. NAME AND ADDRESS OF OUR DATA PROTECTION OFFICER

AXICA’s Data Pro­tec­tion Officer:

SHIELD GmbH
Mar­tin Vogel
Ohl­ratt­weg 5
25497 Pris­dorf

Pho­ne num­ber: +49 4101 80 50–600
E‑Mail: info@​shield-​datenschutz.​de

III. VISITING OUR WEBSITE

1. Scope of the pro­ces­sing of per­so­nal data
Each time our web­site www​.axi​ca​.de is acces­sed, AXICA coll­ects cer­tain gene­ral data and infor­ma­ti­on from the sys­tem of the reques­t­ing com­pu­ter. The fol­lo­wing data is recorded:

  • inter­net brow­ser types and ver­si­ons used
  • ope­ra­ting sys­tem used by the acces­sing system
  • the web­site from which the acces­sing sys­tem arri­ved at our web­site (cal­led referrer)
  • the sub-pages from which our web­site is acces­sed by a reques­t­ing system
  • the date and time of access to the website
  • an inter­net pro­to­col address (IP address)
  • the inter­net ser­vice pro­vi­der of the reques­t­ing system
  • other simi­lar data and infor­ma­ti­on which may be nee­ded to address safe­ty and secu­ri­ty needs in the case of attacks on our IT systems.

This gene­ral infor­ma­ti­on is then stored in the ser­ver log files. The data in the ser­ver log files is kept sepa­ra­te­ly from any per­so­nal data pro­vi­ded by a data subject.

2. Legal basis
The legal foun­da­ti­on for tem­po­r­a­ri­ly sto­ring the data in the log files is Art. 6 Para. 1 lit. f GDPR.

3. Pur­po­se of data pro­ces­sing
AXICA has an inte­rest in making available our web­site, kee­ping it func­tion­al and opti­mi­sing it to meet our visi­tors‘ interests.

The pro­ces­sing of the data men­tio­ned abo­ve is neces­sa­ry to ensu­re that our web­site con­tent is cor­rect­ly deli­ver­ed when our web­site is acces­sed, to opti­mi­se the web­site con­tent and tail­or adver­ti­sing to our web­site, and to ensu­re the con­tin­ued func­tio­ning of our IT sys­tems and inter­net tech­no­lo­gy. The data is also stored for the pur­po­se of pro­vi­ding the infor­ma­ti­on requi­red for the pro­se­cu­ti­on of cri­mi­nal offen­ces to the cri­mi­nal inves­ti­ga­ti­on aut­ho­ri­ties in the case of a cyber attack.

4. Length of data sto­rage
AXICA will prin­ci­pal­ly store per­so­nal data coll­ec­ted during a visit to the web­site only for the time nee­ded for achie­ving the pur­po­se for which the data were stored.

The pur­po­se has been achie­ved when the ses­si­on ends and the data have been ana­ly­sed for the pur­po­se of opti­mi­sing the web­site and ensu­ring the safe­ty and secu­ri­ty of our IT sys­tems. The data stored in the log files will be era­sed after seven days. The data may be stored for fur­ther exten­ded peri­ods. In this case your IP addres­ses will be deleted.

5. Opt-out and era­su­re opti­on
You have no pos­si­bi­li­ty to object to the data being coll­ec­ted for the pur­po­se of making the web­site available and being store in log files, as this is abso­lut­e­ly neces­sa­ry for ope­ra­ting the website.

IV. USE OF COOKIES

1. Descrip­ti­on and scope of data pro­ces­sing
In order to make our online pre­sence user-fri­end­ly and tail­or it to the needs of our web­site visi­tors, we use coo­kies. Coo­kies are small text files which are sent from a web ser­ver to your inter­net brow­ser each time you access our web­site and are stored local­ly on the end device of the web­site user (PC, note­book, tablet, smart pho­ne etc.). Most coo­kies con­tain what is refer­red to as a coo­kie ID. A Coo­kie ID is a uni­que coo­kie iden­ti­fier. It is made up of a string of cha­rac­ters which allows web­sites and ser­vers to iden­ti­fy the inter­net brow­ser whe­re the coo­kie was saved.

2. Legal basis
The legal basis for the pro­ces­sing of per­so­nal data while using coo­kies is Art. 6 Para. 1 lit. a GDPR, § 25 Para. 1 TTDSG and Art. 6 Para. 1 lit. f GDPR.

3. Pur­po­se of data pro­ces­sing
AXICA has an inte­rest in making its web­site user-fri­end­ly. Using coo­kies with a coo­kie ID allows the acces­sed web­sites and ser­vers to distin­gu­ish the indi­vi­du­al brow­ser from any other inter­net brow­sers which con­tain dif­fe­rent coo­kies. A cer­tain inter­net brow­ser can be reco­g­nis­ed and iden­ti­fied through the uni­que coo­kie ID. This infor­ma­ti­on allows the end device to be auto­ma­ti­cal­ly reco­g­nis­ed, if the web­site is revi­si­ted with the same end device and makes navi­ga­ti­on easier for the user.

4. Length of data sto­rage, opt-out and era­su­re opti­on
Coo­kies are stored on your com­pu­ter which trans­mits them to our web­site. You have con­trol over the use of coo­kies: You can con­sent to or reject coo­kies via our coo­kie con­sent ban­ner when you enter the web­site, but also before­hand via the set­tings of your web brow­ser. You can con­fi­gu­re your inter­net brow­ser so that accep­tance of coo­kies is gene­ral­ly blo­cked or that you are aler­ted if a coo­kie is to be saved. In this case the web­site func­tio­ning may howe­ver be affec­ted (for exam­p­le for online orders). The inter­net brow­ser also has a func­tion which allows you to dele­te brow­ser coo­kies (for ins­tance via „Clear all brow­ser data“). This is pos­si­ble in all stan­dard inter­net brow­sers. More infor­ma­ti­on can be found in the user ins­truc­tions and/or set­tings sec­tion of your inter­net browser.

V. NEWSLETTER

1. Descrip­ti­on and scope of data processing

If you would like to recei­ve the news­let­ter offe­red on the web­site, we need an e‑mail address from you as well as infor­ma­ti­on that allows us to veri­fy that you are the owner of the e‑mail address pro­vi­ded and that you agree to recei­ve the news­let­ter. Fur­ther data will not be coll­ec­ted or only on a vol­un­t­a­ry basis. We use the­se data exclu­si­ve­ly for sen­ding the reques­ted infor­ma­ti­on and for the pur­po­se of sta­tis­ti­cal ana­ly­sis of the news­let­ter cam­paigns.

By ope­ning a sent e‑mail, a file con­tai­ned in the e‑mail (so-cal­led „web-bea­con“) con­nects to our ser­vers. This allows us to deter­mi­ne whe­ther a news­let­ter mes­sa­ge has been ope­ned and how many links have been cli­cked on. The results of the­se ana­ly­ses can be used to bet­ter adapt future news­let­ters to the inte­rests of the reci­pi­ents.

If you do not agree with the­se ana­ly­ses, you must unsub­scri­be from the news­let­ter. For this pur­po­se, we pro­vi­de a cor­re­spon­ding link in every news­let­ter message.

2. Legal basis
If you sign up for the news­let­ter on our web­site, we will ask for your con­sent during regis­tra­ti­on. The legal basis for the pro­ces­sing of the data in this case is Art. 6 Para. 1 lit. a GDPR.

If the news­let­ter is sent out after a pre­vious con­tract per­for­mance, the legal basis is Sec­tion 7 Para. 3 UWG (Ger­man Law against Unfair Com­pe­ti­ti­on). In this case the mai­ling would also be aut­ho­ri­sed by Art. 6 Para. 1 lit. f GDPR in con­junc­tion with Reci­tal 47 S. 7 GDPR.

3. Pur­po­se of data pro­ces­sing
AXICA has an inte­rest in making you offers for other events and thus gene­ra­ting addi­tio­nal busi­ness. Your email address may be coll­ec­ted and stored for the pur­po­se of sen­ding you the newsletter.

4. Length of data sto­rage
AXICA will store your per­so­nal data sole­ly for the time peri­od neces­sa­ry for achie­ving the pur­po­se for which the data is held. This means your email address will be stored for as long as the news­let­ter sub­scrip­ti­on is still active.

Users who have sub­scri­bed to the news­let­ter can with­draw their con­sent given for this use of their email address at any time. Each news­let­ter con­ta­ins a link for such a with­dra­wal. AXICA would like to point out that the with­dra­wal of con­sent will only take effect pro­s­pec­tively. Any data pro­ces­sing per­for­med up to the time of the with­dra­wal will still remain lawful.

If you recei­ve the news­let­ter as a result of the per­for­mance of a con­tract, you can still unsub­scri­be from the news­let­ter at any time by cli­cking the cor­re­spon­ding link in each newsletter.

VI. REGISTRATION

1. Descrip­ti­on and scope of data pro­ces­sing
AXICA offers you the oppor­tu­ni­ty to par­ti­ci­pa­te in various events. On our web­site you can regis­ter for an event, show your inte­rest and crea­te an account for a cho­sen event by pro­vi­ding your per­so­nal data. The cont­act infor­ma­ti­on is ente­red via an input form and trans­mit­ted to and stored by AXICA. The per­so­nal data sub­mit­ted by you are recor­ded and stored sole­ly for inter­nal use and pur­po­ses. During regis­tra­ti­on, we will also record the IP address assi­gned by your inter­net ser­vice pro­vi­der and also the date and time of the regis­tra­ti­on. This data will not be dis­c­lo­sed to any third par­ties, unless we are requi­red to do so by law or such dis­clo­sure ser­ves the pur­po­se of inves­ti­ga­ting or pro­se­cu­ting cri­mi­nal offences.

2. Legal basis
If regis­tra­ti­on is for pre­con­trac­tu­al mea­su­res, the legal basis for the pro­ces­sing of the data is Art. 6 Para. 1 lit. b GDPR.

3. Pur­po­se of data pro­ces­sing
A regis­tra­ti­on with vol­un­t­a­ry sub­mis­si­on of per­so­nal data ser­ves the pur­po­se of offe­ring you con­tent or ser­vices which by their very natu­re can only be offe­red to regis­tered users. The pur­po­se of data pro­ces­sing are inqui­ries about events, customer’s own events, media and press requests and newsletters.

The IP address, date and time are gathe­red as this is the only way to pre­vent misu­se of the offe­red ser­vices, and if nee­ded the­se data would assist in sol­ving any cri­mi­nal offen­ces or copy­right inf­rin­ge­ments. It is the­r­e­fo­re neces­sa­ry to retain such data for the safe­guar­ding and pro­tec­tion of the data con­trol­ler respon­si­ble for data processing.

4. Length of data sto­rage
AXICA will store your per­so­nal data sole­ly for the time peri­od neces­sa­ry for achie­ving the pur­po­se for which the data is held. The data will be era­sed if the regis­tra­ti­on is can­cel­led or if the data is no lon­ger neces­sa­ry for exe­cu­ting the con­tract. Even after the con­tract has been con­cluded, it may be neces­sa­ry to retain the con­trac­tu­al partner’s per­so­nal data to be able to com­ply with con­trac­tu­al or legal obligations.

5. Opt-out and era­su­re opti­on
You can demand that the per­so­nal data sub­mit­ted with the regis­tra­ti­on be com­ple­te­ly era­sed from our data­ba­ses. The account can be dele­ted as follows:

AXICA will dele­te any per­so­nal data coll­ec­ted through sub­mis­si­on of the regis­tra­ti­on imme­dia­te­ly after sta­ging the event.

VII. CONTACTING US

Irre­spec­ti­ve of whe­ther the ente­ring into com­mu­ni­ca­ti­on descri­bed below could be con­side­red data coll­ec­tion in the sen­se of the law or not, as a pre­cau­ti­on we would like to inform you about how we tre­at your per­so­nal data when you cont­act us.

1. Descrip­ti­on and scope of data pro­ces­sing
Per­so­nal data is also pro­ces­sed by AXICA if you vol­un­t­a­ri­ly sub­mit it. This is the case, for ins­tance, every time when you cont­act AXICA through the pro­vi­ded email address or by cal­ling us. In this case the trans­mit­ted per­so­nal data, such as your email address or pho­ne num­ber, will be coll­ec­ted. Of cour­se, any per­so­nal data sub­mit­ted this way will only be used for the pur­po­se for which you made it available when cont­ac­ting us.

2. Legal basis
This data is pro­ces­sed on the basis of Art. 6 Para. 1 lit. b GDPR if your request is rela­ted to the ful­film­ent of a con­tract or is neces­sa­ry for the imple­men­ta­ti­on of pre-con­trac­tu­al mea­su­res. In all other cases, pro­ces­sing is based on our legi­ti­ma­te inte­rest in the effec­ti­ve pro­ces­sing of the enqui­ries addres­sed to us (Art. 6 Para. 1 lit. f GDPR) or on your con­sent (Art. 6 Para. 1 lit. a GDPR), pro­vi­ded that the enquiry was made.

3. Pur­po­se of data pro­ces­sing
The data will be pro­ces­sed sole­ly for the pur­po­se of pro­ces­sing your communication.

4. Length of data sto­rage
AXICA will store your per­so­nal data sole­ly for the time peri­od neces­sa­ry for achie­ving the pur­po­se for which the data is held. The per­so­nal data which AXICA has recei­ved through your cont­ac­ting us will be stored until it beco­mes appa­rent from the cir­cum­s­tances that the mat­ter which led you to cont­ac­ting us has been final­ly resolved.

5. Opt-out and era­su­re opti­on
You can object to the sto­rage and pro­ces­sing of your per­so­nal data at any time. If you do, we can­not con­ti­nue the com­mu­ni­ca­ti­on. In this case all per­so­nal data will be erased.

VIII. LINKS TO OTHER WEBSITES

The www​.axi​ca​.de web­site pro­vi­des links to other web­sites (also refer­red to as exter­nal links).

As a pro­vi­der of its own pro­prie­ta­ry con­tent AXICA is respon­si­ble in accordance with the appli­ca­ble Euro­pean and natio­nal laws and regu­la­ti­ons. The­se pro­prie­ta­ry con­tents must be distin­gu­is­hed from the links to con­tent pro­vi­ded by other pro­vi­ders. AXICA has no con­trol over whe­ther the ope­ra­tors of other web­sites com­ply with the appli­ca­ble Euro­pean and natio­nal laws and regu­la­ti­ons or not. In this regard you have to inform yours­elf about the data pri­va­cy poli­ci­es on the rele­vant websites.

IX. APPLICANTS

1. Descrip­ti­on and scope of data pro­ces­sing
AXICA coll­ects and pro­ces­ses the per­so­nal data sub­mit­ted by appli­cants. The pro­ces­sing can also be per­for­med elec­tro­ni­cal­ly. This is in par­ti­cu­lar the case if the appli­cant sends the appli­ca­ti­on to AXICA by elec­tro­nic means, such as email.

2. Legal basis
The legal basis for the coll­ec­tion of appli­cants‘ infor­ma­ti­on is Art. 6 Para. 1 lit. b GDPR.

3. Pur­po­se of data pro­ces­sing
The coll­ec­tion of per­so­nal data is neces­sa­ry for the decis­i­on as to whe­ther to enter into an employ­ment contract.

4. Length of data sto­rage
AXICA will store your per­so­nal data sole­ly for the time peri­od neces­sa­ry for achie­ving the pur­po­se for which the data is held.
If no employ­ment con­tract is con­cluded with the appli­cant, the appli­ca­ti­on docu­ments will be auto­ma­ti­cal­ly era­sed after informing the appli­cant about the rejec­tion, unless such era­su­re con­flicts with AXICA’s other legi­ti­ma­te inte­rests. Such a legi­ti­ma­te inte­rest could be the obli­ga­ti­on to fur­nish pro­of pur­su­ant to the All­ge­mei­ne Gleich­be­hand­lungs­ge­setz (AGG) (Ger­man Gene­ral Equa­li­ty of Tre­at­ment Act).

5. Opt-out and era­su­re opti­on
The coll­ec­tion of the data is neces­sa­ry for car­ry­ing out the appli­ca­ti­on pro­ce­du­re. Appli­cants can object to the pro­ces­sing of their data at any time. If they do, it should be noted that com­ple­ti­on of the appli­ca­ti­on pro­ce­du­re may not be possible.

X. DATA SUBJECTS‘ RIGHTS

If per­so­nal data is pro­ces­sed, the affec­ted indi­vi­du­al is refer­red to as a data sub­ject within the mea­ning of the GDPR. A data sub­ject has the fol­lo­wing rights against the Controller.

1. Right to obtain con­fir­ma­ti­on:
Every data sub­ject has the right to obtain from the con­trol­ler respon­si­ble for the pro­ces­sing con­fir­ma­ti­on as to whe­ther or not per­so­nal data con­cer­ning him or her is being pro­ces­sed. If an indi­vi­du­al con­cer­ned wis­hes to exer­cise his or her right to obtain con­fir­ma­ti­on, such indi­vi­du­al can do so at any time by cont­ac­ting the con­trol­ler respon­si­ble for the processing.

2. Right of access:
Every data sub­ject impac­ted by the pro­ces­sing of his or her per­so­nal data has the right to be infor­med free of char­ge by the con­trol­ler respon­si­ble for pro­ces­sing as to which per­so­nal data con­cer­ning him or her has been stored and to recei­ve a copy of such infor­ma­ti­on. Data sub­jects can demand access to the fol­lo­wing information:

  • the pro­ces­sing purposes
  • the cate­go­ries of per­so­nal data to be processed
  • the recei­ver or cate­go­ries of recei­vers to whom the per­so­nal data was or is to be dis­c­lo­sed, in par­ti­cu­lar if such recei­ver is loca­ted in third count­ries or is an inter­na­tio­nal organisation
  • if pos­si­ble the plan­ned length of sto­rage for which the per­so­nal data will be held or, should this not be pos­si­ble, the cri­te­ria for the defi­ni­ti­on of such time period
  • infor­ma­ti­on about the rights of having the per­so­nal data rela­ting to him or her cor­rec­ted or era­sed or the right to rest­ric­tions on pro­ces­sing by the con­trol­ler or the right to object to such processing
  • infor­ma­ti­on about the right to com­plain to the authorities
  • all available infor­ma­ti­on about the ori­gin of the data, if the per­so­nal data were not coll­ec­ted direct­ly from the data subject,
  • infor­ma­ti­on about the exis­tence of an auto­ma­ted decis­i­on-making pro­cess, inclu­ding pro­fil­ing pur­su­ant to Art. 22 Paras. 1 and 4 GDPR and — at least in the­se cases — meaningful infor­ma­ti­on about the logic invol­ved as well as the impli­ca­ti­ons and the inten­ded effects of such pro­ce­du­res on the data subject.

In addi­ti­on, the data sub­ject is entit­led to be infor­med as to whe­ther per­so­nal data were trans­mit­ted to a third coun­try or an inter­na­tio­nal orga­ni­sa­ti­on. Should this be case, the data sub­ject also has the right to be infor­med of all sui­ta­ble gua­ran­tees rela­ting to this transmission.

If a data sub­ject wis­hes to exer­cise this right of access, he or she can do so at any time by cont­ac­ting the con­trol­ler respon­si­ble for data processing.

3. Right to rec­ti­fi­ca­ti­on:
Every data sub­ject impac­ted by the pro­ces­sing of per­so­nal data has the right to demand that any incor­rect per­so­nal data con­cer­ning him or her be rec­ti­fied wit­hout undue delay. Taking into account the pur­po­ses of the pro­ces­sing, the data sub­ject also has the right to have incom­ple­te per­so­nal data com­ple­ted — inclu­ding by means of pro­vi­ding a sup­ple­men­ta­ry statement.

If a data sub­ject wis­hes to exer­cise this right to rec­ti­fi­ca­ti­on, he or she can do so at any time by cont­ac­ting the con­trol­ler respon­si­ble for processing.

4. Right to era­su­re (Right to be for­got­ten):
Every data sub­ject impac­ted by the pro­ces­sing of per­so­nal data has the right to obtain from the con­trol­ler the era­su­re of the per­so­nal data con­cer­ning him or her wit­hout undue delay, whe­re one of the fol­lo­wing grounds app­ly and to the ext­ent that the pro­ces­sing is not neces­sa­ry:

The per­so­nal data is no lon­ger neces­sa­ry to imple­ment the pur­po­ses for which they were coll­ec­ted or other­wi­se pro­ces­sed.
The data sub­ject has with­drawn his or her con­sent on which the pro­ces­sing was based in accordance with Art. 6 Para. 1 lit a GDPR or Art. 9 Para. 2 lit a GDPR, and the­re is no other legal basis for the pro­ces­sing.
The data sub­ject objects to the pro­ces­sing pur­su­ant to Art. 21 Para. 1 GDPR, and the­re are no over­ri­ding legi­ti­ma­te reasons for the pro­ces­sing, or the data sub­ject objects to the pro­ces­sing pur­su­ant to Art. 21 Para. 2 GDPR.
The per­so­nal data have been unlawful­ly pro­ces­sed.
The per­so­nal data must be era­sed for com­pli­ance with a legal requi­re­ment under Uni­on or Mem­ber Sta­te law, to which the con­trol­ler is sub­ject.

The per­so­nal data have been coll­ec­ted in con­nec­tion with an offer of infor­ma­ti­on socie­ty ser­vices pur­su­ant to Art. 8 Para. 1 GDPR.
If any of the reasons men­tio­ned abo­ve appli­es and a data sub­ject wis­hes to obtain the era­su­re of per­so­nal data held by AXICA, they can do so at any time by cont­ac­ting the con­trol­ler respon­si­ble for pro­ces­sing. In this case, the data subject’s request for era­su­re will be met immediately.

Whe­re the per­so­nal data were made public by AXICA and whe­re our com­pa­ny as the con­trol­ler is obli­ged pur­su­ant to Art. 17 Para. 1 GDPR to era­se the per­so­nal data, AXICA, taking into account available tech­no­lo­gy and the cost of imple­men­ta­ti­on, will take reasonable steps, inclu­ding tech­ni­cal mea­su­res, to inform con­trol­lers respon­si­ble for the data pro­ces­sing who have pro­ces­sed the published per­so­nal data that the indi­vi­du­al con­cer­ned has reques­ted the era­su­re by such con­trol­lers of any links to, or copy or repli­ca­ti­on of, tho­se per­so­nal data, inso­far as the pro­ces­sing is not requi­red. The con­trol­ler respon­si­ble for the pro­ces­sing will then take the appro­pria­te steps in the indi­vi­du­al case.

5. Right to rest­ric­tion of pro­ces­sing:
Every data sub­ject impac­ted by the pro­ces­sing of per­so­nal data has the right to obtain from the con­trol­ler rest­ric­tion of pro­ces­sing, whe­re one of the fol­lo­wing con­di­ti­ons apply:

The accu­ra­cy of the per­so­nal data is con­tes­ted by the data sub­ject, for a peri­od enab­ling the con­trol­ler to veri­fy the accu­ra­cy of the per­so­nal data.
The pro­ces­sing is unlawful, the data sub­ject has rejec­ted the era­su­re of the per­so­nal data and demands rest­ric­tion of their use ins­tead.
The con­trol­ler no lon­ger needs the per­so­nal data for the pur­po­ses of pro­ces­sing, but they are still nee­ded by the data sub­ject for estab­li­shing, exer­cis­ing or defen­ding his or her legal claims.
The data sub­ject has objec­ted to the pro­ces­sing pur­su­ant to Art. 21 Para. 1 GDPR, and it has not yet been veri­fied whe­ther the legi­ti­ma­te grounds of the con­trol­ler over­ri­de tho­se of the data subject.

Whe­re any of the con­di­ti­ons men­tio­ned abo­ve are pre­sent and the data sub­ject wis­hes to obtain rest­ric­tion of the per­so­nal data held by AXICA, they can do so at any time by cont­ac­ting the con­trol­ler respon­si­ble for the pro­ces­sing. In this case the rest­ric­tion of pro­ces­sing will be imple­men­ted immediately.

6. Right to data por­ta­bi­li­ty:
Every data sub­ject impac­ted by the pro­ces­sing of per­so­nal data has the right to be given the per­so­nal data con­cer­ning him or her, which such indi­vi­du­al pro­vi­ded to a con­trol­ler, in a struc­tu­red, com­mon­ly used and machi­ne-rea­da­ble for­mat. A data sub­ject also has the right to trans­mit tho­se data to ano­ther con­trol­ler wit­hout hin­drance from the con­trol­ler to which the per­so­nal data have been pro­vi­ded, whe­re the pro­ces­sing is based on con­sent given pur­su­ant to Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR or on a con­tract pur­su­ant to Art. 6 Para. 1 lit b GDPR; and the pro­ces­sing is car­ri­ed out by auto­ma­tic means, and inso­far as the pro­ces­sing is not neces­sa­ry for the per­for­mance of a task car­ri­ed out in the public inte­rest or in the exer­cise of offi­ci­al aut­ho­ri­ty con­fer­red on the con­trol­ler.

In exer­cis­ing his or her right to data por­ta­bi­li­ty, the data sub­ject has the right pur­su­ant to Art. 20 Para. 1 GDPR to have the per­so­nal data trans­mit­ted direct­ly from one con­trol­ler to ano­ther, whe­re tech­ni­cal­ly fea­si­ble and if this does not adver­se­ly affect the rights and free­doms of others.

Whe­re the data sub­ject wis­hes to exer­cise the right to por­ta­bi­li­ty, he or she can do so at any time by cont­ac­ting the con­trol­ler respon­si­ble for data processing.

7. Right to object:
Every data sub­ject impac­ted by the pro­ces­sing of per­so­nal data has the right to object, on grounds rela­ting to his or her par­ti­cu­lar situa­ti­on, at any time to pro­ces­sing of per­so­nal data con­cer­ning him or her which is per­for­med based on Art. 6 Para. 1 lit e or lit. f GDPR. The also appli­es to pro­fil­ing based on the­se legal provisions.

AXICA will no lon­ger pro­cess the per­so­nal data in the case of an objec­tion, unless AXICA can pro­vi­de com­pel­ling legi­ti­ma­te grounds for the pro­ces­sing which over­ri­de the inte­rests, rights and free­doms of the data sub­ject or the pro­ces­sing ser­ves the pur­po­se of estab­li­shing, exer­cis­ing or defen­ding legal claims.

Whe­re AXICA pro­ces­ses per­so­nal data for direct mar­ke­ting pur­po­ses, the data sub­ject has the right to object at any time to the pro­ces­sing of per­so­nal data for such mar­ke­ting. The same shall app­ly to pro­fil­ing to the ext­ent that it is rela­ted to such direct mar­ke­ting. Whe­re the data sub­ject objects to the pro­ces­sing for direct mar­ke­ting pur­po­ses vis-à-vis AXICA, AXICA will stop pro­ces­sing the per­so­nal data for such purposes.

The data sub­ject also has the right to object, on grounds rela­ting to his or her par­ti­cu­lar situa­ti­on, to the pro­ces­sing of per­so­nal data con­cer­ning him or her, per­for­med by AXICA for sci­en­ti­fic or his­to­ri­cal rese­arch pur­po­ses or sta­tis­ti­cal pur­po­ses pur­su­ant to Art. 89 Para. 1 GDPR, unless the pro­ces­sing is neces­sa­ry for per­forming a task car­ri­ed out for reasons of public interest.

Whe­re a data sub­ject wis­hes to exer­cise his or her right to object, such per­son can do so by direct­ly cont­ac­ting the con­trol­ler respon­si­ble for pro­ces­sing. Fur­ther­mo­re, the data sub­ject may exer­cise his or her right to object by auto­ma­ted means using tech­ni­cal spe­ci­fi­ca­ti­ons in the con­text of the use of infor­ma­ti­on socie­ty ser­vices, and not­wi­th­stan­ding Direc­ti­ve 2002/58/EC.

8. Auto­ma­ted indi­vi­du­al decis­i­on-making, inclu­ding pro­fil­ing:
Every data sub­ject impac­ted by the pro­ces­sing of per­so­nal data has the right not to be sub­ject to a decis­i­on based sole­ly on auto­ma­ted pro­ces­sing, inclu­ding pro­fil­ing, which pro­du­ces legal effects con­cer­ning him or her or signi­fi­cant­ly affects such per­son in a simi­lar way – unless such decision:

  • is neces­sa­ry for con­clu­ding or ful­fil­ling a con­tract bet­ween the data sub­ject and the con­trol­ler or
  • is aut­ho­ri­sed by Uni­on or Mem­ber Sta­te law to which the con­trol­ler is sub­ject and which also lays down sui­ta­ble mea­su­res to safe­guard the data subject’s rights and free­doms and legi­ti­ma­te inte­rests, or
  • is based on the data subject’s expli­cit consent.

If the decis­i­on is neces­sa­ry for con­clu­ding or ful­fil­ling a con­tract made bet­ween the data sub­ject and AXICA or if it is based on the data subject’s expli­cit con­sent, AXICA will imple­ment sui­ta­ble mea­su­res to safe­guard the rights and free­doms and the legi­ti­ma­te inte­rests of the data sub­ject; inclu­ding at least the right to obtain human inter­ven­ti­on on the controller’s part, to express the data subject’s own point of view and to con­test the decision.

If the data sub­ject wis­hes to exer­cise his or her rights in rela­ti­on to auto­ma­ted decis­i­ons, he or she can do so at any time by cont­ac­ting the con­trol­ler respon­si­ble for data processing.

9. Right to with­draw con­sent for data pro­ces­sing:
Every data sub­ject impac­ted by the pro­ces­sing of per­so­nal data is entit­led to with­draw his or her con­sent to the pro­ces­sing of per­so­nal data at any time. The con­sent should be with­drawn in the same man­ner as it was given.

The with­dra­wal of con­sent shall take effect sole­ly for the future. Any data pro­ces­sing per­for­med up to the time of the with­dra­wal will still remain lawful.

XI. COMPLAINTS TO SUPERVISORY AUTHORITY

Wit­hout any pre­ju­di­ce to any other admi­nis­tra­ti­ve or judi­cial reme­dy you are entit­led to lodge a com­plaint with a super­vi­so­ry aut­ho­ri­ty, in par­ti­cu­lar in the Mem­ber Sta­te of your habi­tu­al resi­dence, place of work or place of the alle­ged inf­rin­ge­ment, if you think that the pro­ces­sing of per­so­nal data rela­ting to you inf­rin­ges the GDPR.

The super­vi­so­ry aut­ho­ri­ty whe­re the com­plaint was lodged will inform the com­plainant on the pro­gress and the out­co­me of the com­plaint inclu­ding the pos­si­bi­li­ty of a judi­cial reme­dy pur­su­ant to Art. 78 GDPR.

A list of the sta­te data pro­tec­tion offi­cers and their cont­act details can be found at the fol­lo­wing link:
https://​www​.bfdi​.bund​.de/​D​E​/​S​e​r​v​i​c​e​/​A​n​s​c​h​r​i​f​t​e​n​/​a​n​s​c​h​r​i​f​t​e​n​_​t​a​b​l​e​.​h​tml (in Ger­man)

The data pro­tec­tion super­vi­so­ry aut­ho­ri­ty respon­si­ble for us is:
Ber­li­ner Beauf­trag­te für Daten­schutz und Infor­ma­ti­ons­frei­heit
Alt-Moa­bit 59–61
10555 Ber­lin
Pho­ne: +49 30 138 89–0
Email: mailbox@​datenschutz-​berlin.​de

XII. GOOGLE ANALYTICS

This web­site uses Goog­le Ana­ly­tics 4, a ser­vice pro­vi­ded by Goog­le Ire­land Limi­t­ed, Gor­don House, 4 Bar­row St, Dub­lin, D04 E5W5, Ire­land („Goog­le“), to ana­ly­se the use of web­sites.

When using Goog­le Ana­ly­tics 4, so-cal­led „coo­kies“ are used as stan­dard. Coo­kies are text files that are stored on your ter­mi­nal device and enable an ana­ly­sis of your use of a web­site. The infor­ma­ti­on coll­ec­ted by coo­kies about your use of the web­site (inclu­ding the IP address trans­mit­ted by your ter­mi­nal device, shor­ten­ed by the last few digits, see below) is usual­ly trans­mit­ted to a Goog­le ser­ver and stored and pro­ces­sed the­re.

This may also result in the trans­mis­si­on of infor­ma­ti­on to the ser­vers of Goog­le LLC, a com­pa­ny based in the USA, whe­re the infor­ma­ti­on is fur­ther pro­ces­sed.

When using Goog­le Ana­ly­tics 4, the IP address trans­mit­ted by your ter­mi­nal device when you use the web­site is always coll­ec­ted and pro­ces­sed auto­ma­ti­cal­ly and by default only in an anony­mi­sed man­ner, so that the infor­ma­ti­on coll­ec­ted can­not be direct­ly rela­ted to a per­son. This auto­ma­tic anony­mi­sa­ti­on is car­ri­ed out by Goog­le shor­tening the IP address trans­mit­ted by your ter­mi­nal device within mem­ber sta­tes of the Euro­pean Uni­on (EU) or other con­trac­ting sta­tes of the Agree­ment on the Euro­pean Eco­no­mic Area (EEA) by the last digits.

Goog­le uses this and other infor­ma­ti­on on our behalf to eva­lua­te your use of the web­site, to com­pi­le reports on your web­site acti­vi­ties and usa­ge beha­viour and to pro­vi­de us with other ser­vices rela­ted to your web­site usa­ge and inter­net usa­ge. In this con­text, the IP address trans­mit­ted and shor­ten­ed by your ter­mi­nal device within the scope of Goog­le Ana­ly­tics 4 will not be mer­ged with other data from Goog­le. The data coll­ec­ted in the con­text of the use of Goog­le Ana­ly­tics 4 will be stored for 2 months and then dele­ted.
Goog­le Ana­ly­tics 4 also enables the crea­ti­on of sta­tis­tics with state­ments about age, gen­der and inte­rests of web­site users on the basis of an eva­lua­ti­on of inte­rest-based adver­ti­sing and with the inclu­si­on of third-par­ty infor­ma­ti­on via a spe­cial func­tion, the so-cal­led „demo­gra­phic cha­rac­te­ristics“. This makes it pos­si­ble to deter­mi­ne and distin­gu­ish user groups of the web­site for the pur­po­se of tar­ge­ting mar­ke­ting mea­su­res. Howe­ver, data coll­ec­ted via the „demo­gra­phic cha­rac­te­ristics“ can­not be assi­gned to a spe­ci­fic per­son and thus also not to you per­so­nal­ly. This data coll­ec­ted via the „demo­gra­phic cha­rac­te­ristics“ func­tion is kept for two months and then dele­ted.

All pro­ces­sing descri­bed abo­ve, in par­ti­cu­lar the set­ting of Goog­le Ana­ly­tics coo­kies for the sto­rage and rea­ding of infor­ma­ti­on on the end device used by you for the use of the web­site, will only take place if you have given us your expli­cit con­sent for this in accordance with Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. Wit­hout your con­sent, Goog­le Ana­ly­tics 4 will not be used during your use of the web­site. You can revo­ke your con­sent at any time with effect for the future. To exer­cise your revo­ca­ti­on, plea­se deac­ti­va­te this ser­vice via the „Coo­kie Con­sent Tool“ pro­vi­ded on the web­site.

We have con­cluded a so-cal­led Data Pro­ces­sing Agree­ment („DPA“) with Goog­le for our use of Goog­le Ana­ly­tics 4, which obli­ges Goog­le to pro­tect the data of our web­site users and not to pass it on to third par­ties.
To ensu­re com­pli­ance with the Euro­pean level of data pro­tec­tion, also in the event of any trans­fer of data from the EU or EEA to the USA and pos­si­ble fur­ther pro­ces­sing the­re, Goog­le refers to the so-cal­led Stan­dard Data Pro­tec­tion Clau­ses of the Euro­pean Com­mis­si­on, which we have con­trac­tual­ly agreed with Goog­le.
Fur­ther legal infor­ma­ti­on on Goog­le Ana­ly­tics 4, inclu­ding a copy of the afo­re­men­tio­ned Stan­dard Data Pro­tec­tion Clau­ses, can be found at:
https://​poli​ci​es​.goog​le​.com/​p​r​i​v​acy and at
https://​poli​ci​es​.goog​le​.com/​t​e​c​h​n​o​l​o​g​i​e​s​/​p​a​r​t​n​e​r​-​s​i​tes

XIII. GOOGLE TAG MANAGER

We use the Goog­le Tag Mana­ger on our web­site. „Goog­le“ is a group of com­pa­nies and con­sists of Goog­le Ire­land Ltd. (pro­vi­der of the ser­vice), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land as well as Goog­le LLC, 1600 Amphi­theat­re Park­way, Moun­tain View, CA 94043, USA and other affi­lia­ted com­pa­nies of Goog­le LLC.

The Goog­le Tag Mana­ger is an auxi­lia­ry ser­vice and only pro­ces­ses per­so­nal data its­elf for tech­ni­cal­ly neces­sa­ry pur­po­ses. The Goog­le Tag Mana­ger takes care of loa­ding other com­pon­ents, which in turn may coll­ect data. The Goog­le Tag Mana­ger does not access this data. If a deac­ti­va­ti­on has been made at domain or coo­kie level, this remains in place for all track­ing tags imple­men­ted with Goog­le Tag Mana­ger.
The legal basis for the use of this ser­vice is your con­sent in accordance with Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG.

For more infor­ma­ti­on on Goog­le Tag Mana­ger and Google’s pri­va­cy poli­cy, plea­se see the fol­lo­wing link: https://​poli​ci​es​.goog​le​.com/​p​r​i​v​acy

XIV. CALENDLY

This web­site uses the plan­ning and orga­ni­sa­ti­on tool „Calend­ly“ of the pro­vi­der Calend­ly LLC, 271 17th St NW, Ste 1000, Atlan­ta, Geor­gia, 30363, USA (her­ein­af­ter refer­red to as „Calend­ly“).

Calend­ly also pro­ces­ses data in the USA, among other places. We would like to point out that accor­ding to the opi­ni­on of the Euro­pean Court of Jus­ti­ce, the­re is curr­ent­ly no ade­qua­te level of pro­tec­tion for the trans­fer of data to the USA. This may be asso­cia­ted with various risks to the lawful­ness and secu­ri­ty of the pro­ces­sing.

As a basis for data pro­ces­sing at the reci­pi­ent loca­ted in third count­ries (out­side the Euro­pean Uni­on, Ice­land, Liech­ten­stein, Nor­way and espe­ci­al­ly in the USA) or a data trans­fer the­re, Calend­ly uses Stan­dard Con­tract Clau­ses appro­ved by the EU Com­mis­si­on in accordance with Art. 46 Para. 2 and 3 GDPR. The­se clau­ses obli­ge Calend­ly to com­ply with the EU level of data pro­tec­tion when pro­ces­sing rele­vant data out­side the EU.
The legal basis for the use of Calend­ly is our legi­ti­ma­te inte­rest accor­ding to Art. 6 Para. 1 lit. f GDPR to enable a simp­le and user-fri­end­ly plan­ning and orga­ni­sa­ti­on tool.
If the pro­ces­sing of per­so­nal data by Calend­ly is neces­sa­ry for the imple­men­ta­ti­on of con­trac­tu­al or pre-con­trac­tu­al mea­su­res, a fur­ther legal basis also ari­ses from Art. 6 Para. 1 lit. b GDPR.

For more infor­ma­ti­on on data pro­tec­tion at Calend­ly, plea­se see their pri­va­cy poli­cy at https://​calend​ly​.com/​p​r​i​v​acy

XV. SOCIAL MEDIA PRESENCES

Data pro­ces­sing through social net­works

We main­tain publicly acces­si­ble pro­files on social net­works. The social net­works used by us in detail can be found below.
Social net­works such as Face­book, Twit­ter, etc. can gene­ral­ly ana­ly­ze your user beha­vi­or exten­si­ve­ly when you visit their web­site or a web­site with inte­gra­ted social media con­tent (e.g. like but­tons or adver­ti­sing ban­ners). By visi­ting our social media pre­sen­ces, num­e­rous data pro­tec­tion-rele­vant pro­ces­sing ope­ra­ti­ons are trig­ge­red. In detail:
If you are log­ged into your social media account and visit our social media pre­sence, the ope­ra­tor of the social media por­tal can assign this visit to your user account. Howe­ver, your per­so­nal data may also be coll­ec­ted under cer­tain cir­cum­s­tances if you are not log­ged in or do not have an account with the respec­ti­ve social media por­tal. In this case, this data coll­ec­tion takes place, for exam­p­le, via coo­kies that are stored on your end device or by recor­ding your IP address.

With the help of the data coll­ec­ted in this way, the ope­ra­tors of the social media por­tals can crea­te user pro­files in which your pre­fe­ren­ces and inte­rests are stored. In this way, you can be shown inte­rest-based adver­ti­sing insi­de and out­side the respec­ti­ve social media pre­sence. Pro­vi­ded you have an account with the respec­ti­ve social net­work, the inte­rest-based adver­ti­sing may be dis­play­ed on all devices on which you are or were log­ged in.

Plea­se also note that we can­not track all pro­ces­sing on the social media por­tals. Depen­ding on the pro­vi­der, fur­ther pro­ces­sing ope­ra­ti­ons may the­r­e­fo­re be car­ri­ed out by the ope­ra­tors of the social media por­tals. For details, plea­se refer to the terms of use and data pro­tec­tion pro­vi­si­ons of the respec­ti­ve social media portals.

1. Legal basis
Our social media pre­sen­ces are inten­ded to ensu­re the most com­pre­hen­si­ve pre­sence pos­si­ble on the Inter­net. This is a legi­ti­ma­te inte­rest within the mea­ning of Art. 6 Para 1 lit. f GDPR. The ana­ly­sis pro­ces­ses initia­ted by the social net­works may be based on dif­fe­rent legal bases, which are to be spe­ci­fied by the ope­ra­tors of the social net­works (e.g. con­sent within the mea­ning of Art. 6 Para. 1 lit. a GDPR).

2. Respon­si­ble par­ty and asser­ti­on of rights
If you visit one of our social media sites (e.g. Face­book), we are joint­ly respon­si­ble with the ope­ra­tor of the social media plat­form for the data pro­ces­sing ope­ra­ti­ons trig­ge­red during this visit. In prin­ci­ple, you can assert your rights (infor­ma­ti­on, cor­rec­tion, dele­ti­on, rest­ric­tion of pro­ces­sing, data por­ta­bi­li­ty and com­plaint) both vis-à-vis us and vis-à-vis the ope­ra­tor of the respec­ti­ve social media por­tal (e.g. vis-à-vis Face­book).
Plea­se note that despi­te the joint respon­si­bi­li­ty with the social media por­tal ope­ra­tors, we do not have full influence on the data pro­ces­sing ope­ra­ti­ons of the social media por­tals. Our opti­ons are lar­ge­ly deter­mi­ned by the cor­po­ra­te poli­cy of the respec­ti­ve provider.

1. Sto­rage peri­od
The data coll­ec­ted direct­ly by us via the social media pre­sence will be dele­ted from our sys­tems as soon as the pur­po­se for sto­ring it no lon­ger appli­es, you request us to dele­te it, revo­ke your con­sent to store it, or the pur­po­se for sto­ring the data no lon­ger appli­es. Stored coo­kies remain on your ter­mi­nal device until you dele­te them. Man­da­to­ry legal pro­vi­si­ons – in par­ti­cu­lar reten­ti­on peri­ods – remain unaf­fec­ted.

We have no influence on the sto­rage peri­od of your data, which is stored by the ope­ra­tors of social net­works for their own pur­po­ses. For details, plea­se cont­act the ope­ra­tors of the social net­works direct­ly (e.g. in their pri­va­cy poli­cy, see below).

Face­book
We have a pro­fi­le on Face­book. The pro­vi­der of this ser­vice is Meta Plat­forms Ire­land Limi­t­ed, 4 Grand Canal Squa­re, Dub­lin 2, Ire­land (her­ein­af­ter refer­red to as „Face­book“). Accor­ding to Face­book, the coll­ec­ted data is also trans­fer­red to the USA and other third count­ries.

We have con­cluded a joint pro­ces­sing agree­ment (Con­trol­ler Adden­dum) with Face­book.
This agree­ment spe­ci­fies which data pro­ces­sing ope­ra­ti­ons we or Face­book are respon­si­ble for when you visit our Face­book page. You can view this agree­ment at the fol­lo­wing link: https://​www​.face​book​.com/​l​e​g​a​l​/​t​e​r​m​s​/​p​a​g​e​_​c​o​n​t​r​o​l​l​e​r​_​a​d​d​e​n​dum
You can adjust your adver­ti­sing set­tings inde­pendent­ly in your user account. To do so, click on the fol­lo­wing link and log in: https://​www​.face​book​.com/​s​e​t​t​i​n​g​s​?​t​a​b​=​ads

For details, plea­se refer to Facebook’s pri­va­cy poli­cy: https://​www​.face​book​.com/​a​b​o​u​t​/​p​r​i​v​a​cy/

You­Tube
We have a pro­fi­le on You­Tube. The pro­vi­der is Goog­le Ire­land Limi­t­ed, Gor­don House, Bar­row Street, Dub­lin 4, Ire­land. For details on their hand­ling of your per­so­nal data, plea­se refer to YouTube’s pri­va­cy poli­cy: https://​poli​ci​es​.goog​le​.com/​p​r​i​v​a​c​y​?​h​l​=en

Insta­gram
We have a pro­fi­le on Insta­gram. The pro­vi­der is Insta­gram Inc, 1601 Wil­low Road, Men­lo Park, CA, 94025, USA. For details on how they hand­le your per­so­nal data, plea­se refer to Instagram’s pri­va­cy poli­cy: https://​help​.insta​gram​.com/​5​1​9​5​2​2​1​2​5​1​0​7​875

Lin­ke­dIn
We have a pro­fi­le on Lin­ke­dIn. The pro­vi­der is Lin­ke­dIn Ire­land Unli­mi­t­ed Com­pa­ny, Wil­ton Pla­za, Wil­ton Place, Dub­lin 2, Ire­land. Lin­ke­dIn uses adver­ti­sing coo­kies. If you wish to disable Lin­ke­dIn adver­ti­sing coo­kies, plea­se use the fol­lo­wing link: https://​www​.lin​ke​din​.com/​p​s​e​t​t​i​n​g​s​/​g​u​e​s​t​-​c​o​n​t​r​o​l​s​/​r​e​t​a​r​g​e​t​i​n​g​-​o​p​t​-​out

XVI. CHANGES TO THIS DATA PROTECTION POLICY

AXICA reser­ves the right to chan­ge its data pro­tec­tion prac­ti­ces and this poli­cy in order to adapt data to any chan­ges to rele­vant laws and/or regu­la­ti­ons or to bet­ter meet the needs. Any chan­ges to data pri­va­cy prac­ti­ces will be published on this page. The­r­e­fo­re, the ver­si­on date of the data pri­va­cy noti­ce should be heeded.

Ber­lin, Janu­ary 2023