Privacy Statement

Data protection and the privacy of the user of our Internet sites are very important to us. We therefore undertake to protect your personal data and to collect, process and use them only in accordance with the European General Data Protection Regulation (GDPR) and the national data protection provisions. The following Privacy Policy explains which of your personal data on our Internet sites are collected and how these data are used. Our Privacy Policy is routinely updated in accordance with legal and technical requirements. Therefore, please refer to the version of our Privacy Policy current at any given time.

The following data protection provisions apply exclusively to the Internet sites of Demondo GmbH & Co. KG on the website: http://www.demondo.com.

I. Name and Address of the Controller

The Controller within the meaning of the European General Data Protection Regulation, other national data protection legislation and other data protection provisions is:

DEMONDO GmbH & Co. KG
Burgstraße 10
82418 Riegsee
Germany

Tel.: +49 (0) 8841 604 05 00
Email: info@demondo.com
Website: https://www.demondo.com

II. Name and address of the Data Protection Officer

The Controller's Data Protection Officer is:

Niklas Hanitsch
secjur GmbH
Steinhöft 9
20459 Hamburg
Deutschland

Tel.: +49 (0) 40 228 599 520
Email: dsb@secjur.com
Website: http://www.secjur.com

III. General information on Data Processing

1. Scope of the processing of personal data

As a matter of principle your personal data are processed only if this is necessary for the provision of a functional website, plus our contents and services. The data is processed only if you give your consent, unless it is impossible on de facto grounds to obtain your consent in advance and the data must be processed by virtue of legal provisions.

2. Legal bases for the processing of personal data

We use the factors standardized in Article 6 (1) GDPR as legal bases for the processing of personal data as follows:

a) Art. 6 para. 1 lit. a DS-GVO, provided that we obtain the consent of the data subject for processing his or her personal data.

b) Art. 6 para. 1 lit. b DS-GVO, provided that the processing of personal data is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract

c) Art. 6 para. 1 lit. c DS-GVO, provided that the processing of personal data is necessary for compliance with a legal obligation to which our company is subject;

d) Art. 6 para. 1 lit. d DS-GVO, provided that processing is necessary in order to protect the vital interests of the data subject or of another natural person;

e) Art. 6 para. 1 lit. f DS-GVO, provided that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in our company

3. Erasure of data and storage period

As soon as the purpose for storage ceases to exist, your personal data are erased or locked. If the European or national legislators make provision in European Union legal regulations, laws or other provisions, to which the Controller is subject, for storage for a period longer than the original purpose, the data can be stored until the expiry of the storage period provided for by the said requirements. The data are subsequently also locked or erased, unless there is a requirement that the data are stored to conclude a contract or to fulfill a contract.

IV. Provision of the website and generation of log files

1. Description and scope of the data processing

Every time our Internet sites are accessed our system automatically collects data and information from the computer system of the accessing computer.

In this process the following data are collected:

a) The user's IP address

b) Date and time of access

c) Your Internet provider

d) Information on the accessing browser type and the version used

e) Your operating system

f) Websites, from which your system entered our Internet site

g) Websites, which are accessed by your system through our Website

With the exception of your IP address or other data, which make it possible to map the data to you, these data are also stored in the log files in our system. These data are not stored together with your other personal data.

2. Legal basis for the data processing

Article 6 (1) (f) GDPR sets out the legal basis necessary for the temporary storage of the data and log files.

3. Purpose of the data processing

The system must store your IP address temporarily to provide the website on your computer. For this purpose, the IP address must be stored for the duration of the session.

These purposes also represent our legitimate interest in the data processing in accordance with Article 6 (1) (f) GDPR.

4. Storage period

If it is no longer necessary to collect data to achieve the purpose, the data are erased. Where data are collected in order to provide the website, they are collected until the end of the respective session.

If the data are stored in log files, they are erased after seven days at the latest. Storage for a longer period is also possible. For this purpose, the user IP addresses are erased or alienated, so that it is no longer possible to map the accessing client.

5. Objection and correction option

You do not have the option of objection, since the collection and storage of data is compellingly necessary for the provision and operation of the website.

V. Use of Cookies

Cookie Settings

1. Description and scope of the data processing

Our website uses what are known as cookies. These are text files, which are stored in the Internet browser or by the Internet browser on your computer system. A cookie can be stored on an operating system, as soon as the system accesses a website. This cookie contains a characteristic character string, to make it possible to identify the browser without error the next time the website is accessed.

Cookies are used to make the design of our website user-friendly, because some parts of our website need to identify the browser used, even when a different page is consulted.

In this process the following data are stored and transferred in the cookies.

a) Log-in information

b) Language settings

We also install cookies on our website to analyze your web-surfing behavior.

In this process the following data can be transferred:

a) Frequency of accessing pages

b) Use of website functions

c) Key words entered

On accessing our website you will be informed about the use of cookies for analysis purposes. For this purpose your consent is also obtained for us to be permitted to process personal data used in this regard. In this regard your attention is directed to this Privacy Policy.

2. Preventing the storage of cookies

Depending on the browser used, you can adjust the settings so that cookies are stored only with your consent. If you wish to accept cookies used by us, but not the cookies from any service providers and partners, you can select the "Block cookies from third party suppliers" setting in your browser. As a rule, the Help function in the Menu List in your web browser shows how to eliminate new cookies and deactivate cookies already on the system. We recommend that you always log out completely at the end of a session when you use jointly used computers, which are configured to accept cookies and flash cookies.

3. Legal basis for the data processing

Article 6 (1) (f) GDPR sets out the legal basis required for the processing of personal data when cookies are used.

The consent of the user in this respect in accordance with Article 6 (1) (a) GDPR constitutes the necessary legal basis for processing personal data for analysis purposes using cookies, which are not technically necessary.

4. Purpose of the data processing

Technically necessary cookies are used for the purpose of facilitating the use of our website for you. Without the use of cookies various functions on our website cannot be offered since they are required in order to recognize the browser when different pages are consulted.

The following applications require cookies:

a) Bookmarking search terms

b) Acceptance of language settings

User data collected by technically necessary cookies are not used to generate user profiles.

Analysis cookies are used for the purpose of optimizing the quality of our website and its contents. We can regularly improve our offer by using analysis cookies and in this way ascertain how our website is used.

a) Marketing

b) Analysis

These purposes also represent our legitimate interest in the data processing in accordance with Article 6 (1) (f) GDPR.

5. Storage period, objection and correction option

Cookies are stored on your computer and transferred from there to our website. Therefore you, as the user, have full control over the use of cookies. By adjusting the settings in your Internet browser you can deactivate or restrict the transfer of cookies. You can also delete already stored cookies at any time. This can also be done automatically. If you deactivate cookies for our website, this may result in restrictions in the use of the functions on our website.

 

VI. Contact form and e-mail contact

1. Description and scope of the data processing

We offer a contact form on our website for electronic contact, information exchange and demo access to our platform. To use this form, please enter your data in the contact form. This data is then transmitted to us and stored. The following data is collected:

a) First name / Surname

b) Company

c) Branch

d) Postcode

e) Email address

f) Phone numer

g) Your message

When the message is sent the following data are stored:

a) Your IP address

b) Date and time of your registration

During this dispatch process we obtain your consent for the processing of these data and draw your attention to this Privacy Policy.

You can also contact us using the e-mail address provided. In this process we store personal data communicated in your e-mail.

The data are used exclusively for processing communication. The data processed for communication purposes are not passed on to third parties.

2. Legal basis for the data processing

The consent of the user in this respect in accordance with Article 6 (1) (a) GDPR constitutes the necessary legal basis for the processing of the data.

If the data are transferred by means of an e-mail, Article 6 (1) (f) GDPR constitutes the necessary legal basis for the processing of the data. If one of the purposes of making contact is to conclude a contract, Article 6 (1) (b) GDPR further constitutes the necessary legal basis for the processing.

3. Purpose of the data processing

We process the personal data collected from the input screen exclusively for the processing of the contact information exchange and demo access to our platform. If you contact us by e-mail, the necessary legitimate interest in processing the data is deemed to be present.

To prevent abuse of the contact form and to safeguard our IT systems we use the other personal data processed during the dispatch process.

4. Storage period

If it is no longer necessary to collect data to achieve the purpose, the data are erased. This applies to the personal data from the contact form input screen and those data which have been sent by e-mail, if the respective communication with you has ended. This is the case if the circumstances lead us to believe that the issue concerned has been cleared up.

The additional other personal data collected during the dispatch process are erased at the latest at the end of a period of seven days.

5. Objection and correction option

You may withdraw your consent to the processing of personal data at any time. If you have contacted us by e-mail, you can object at any time to the storage of your personal data. Please note that in this case we are unable to carry on any further communication with you.

For an objection or deletion, please contact us by e-mail at info@demondo.com or by post at DEMONDO GmbH & Co. KG, Burgstraße 10, 82418 Riegsee.

In this case personal data stored for the purpose of contact are erased in full.

VII. Passing on your data to third parties

In order to make our website as pleasant and convenient as possible for you as a user, we occasionally use the services of external service providers. Below you have the possibility to inform yourself about the data protection regulations for the use and application of the services and functions used, in order to possibly also exercise your rights with these service providers.

Google reCAPTCHA

We have integrated components from Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google Ireland Limited and enables us to distinguish whether a contact request comes from a natural person or is automated by a program. When you access this content, you are connecting to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, where your IP address and, if applicable, browser information such as your user agent is transmitted. Furthermore, Google reCAPTCHA records the user's dwell time and mouse movements in order to distinguish automated requests from human ones. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google reCAPTCHA.

The use of the service is based on our legitimate interests, i.e. for protection when submitting forms in accordance with Art. 6 para. 1 lit. f. DSGVO.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the privacy policy for Google reCAPTCHA: https://policies.google.com/privacy?hl=en-US.

Google Tag Manager

We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through an interface and allows us to control the precise integration of services on our website

This allows us to flexibly integrate additional services in order to evaluate user access to our website.

The use of Google Tag Manager is based on our legitimate interests, i.e. interest in the optimisation of our services in accordance with Art. 6 para. 1 lit. f. DSGVO.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: https://www.google.de/tagmanager/use-policy.html.

Google Analytics

We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offer. This includes, for example, the number of hits on our website, sub-pages visited and the time spent by visitors.

Google Analytics uses cookies and other browser technologies to evaluate user behaviour and recognise users.

This information is used, among other things, to compile reports on website activity.

We process data with the help of Google Analytics for the purpose of optimising our website and for marketing purposes on the basis of your consent in accordance with Art. 6 Para. 1 lit. a. DSGVO.

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You will find further information in the data protection declaration for Google Analytics: https://policies.google.com/privacy.

Google DoubleClick

We have integrated components from DoubleClick by Google on our website. DoubleClick is a brand of Google, under which mainly special online marketing solutions are marketed to advertising agencies and publishers. DoubleClick by Google transfers data to the DoubleClick server with every impression, click or other activity.

Each of these data transfers triggers a cookie request to the browser of the person concerned. If the browser accepts this request, DoubleClick sets a cookie in your browser.

DoubleClick uses a cookie ID, which is required to complete the technical process. For example, the cookie ID is needed to display an advertisement in a browser. DoubleClick may also use the cookie ID to track which ads have already been displayed in a browser to avoid duplication. The cookie ID also enables DoubleClick to track conversions. For example, conversions are captured when a DoubleClick ad has been previously displayed to a user and that user subsequently makes a purchase on the advertiser's website using the same Internet browser.

A DoubleClick cookie does not contain any personally identifiable information, but may contain additional campaign identifiers. A Campaign ID is used to identify the campaigns you have already been in contact with on other websites. As part of this service, Google will learn about data that is also used by Google to generate commission statements. Among other things, Google can track that you have clicked on certain links on our site. In this case, your data is passed on to the operator of DoubleClick, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information and DoubleClick by Google's applicable privacy policy can be found at https://policies.google.com/privacy.

We process your data with the aid of the Double-Click cookie for the purpose of optimising and displaying advertising based on your consent in accordance with Art. 6 Para. 1 lit. a DSGVO. You give your consent by adjusting the settings for the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 para. 3 DSGVO. Among other things, the cookie is used to place and display user-relevant advertisements and to create reports on advertising campaigns or to improve them. Furthermore, the cookie serves to avoid multiple displays of the same advertisement. Each time you visit a single page on our website that has a DoubleClick component embedded, your browser is automatically prompted by the DoubleClick component to submit data to Google for the purposes of online advertising and commissions. There is no legal or contractual obligation to provide your data. If you do not give us your consent, a visit to our website is possible without restriction, but not all functions may be available in full.

The actual storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google DoubleClick: https://policies.google.com/privacy.

YouTube Video

We have integrated YouTube video on our website. YouTube Video is a component of the video platform of YouTube, LLC, where users can upload content, share it over the Internet and receive detailed statistics.

YouTube Video allows us to integrate content from the platform into our website.

YouTube Video uses cookies and other browser technologies to analyze user behavior, recognize users and create user profiles. This information is used, among other things, to analyse the activity of the content listened to and to generate reports. If a user is registered with YouTube, LLC, YouTube Video may associate the videos played with the profile.

When you access this content, you connect to servers at YouTube, LLC, and your IP address and, if applicable, browser information such as your user agent is transmitted.

The use of the service is based on our legitimate interests, i.e. interest in a platform-independent provision of content in accordance with Art. 6 para. 1 lit. f. DSGVO.

The concrete storage period of the processed data cannot be influenced by us, but is determined by YouTube, LLC. Further information can be found in the privacy policy for YouTube Video: https://policies.google.com/privacy.

CDNJS

We use CDNJS to properly provide the content of our website. CDNJS is a service provided by Cloudflare, Inc. which acts as a Content Delivery Network (CDN) on our website.

A CDN helps to provide content of our online offer, especially files such as graphics or scripts, faster with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Cloudflare, Inc. whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the purposes described above and to maintain the security and functionality of CDNJS.

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimization of our online offer according to Art. 6 para. 1 lit. f. DSGVO.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Cloudflare, Inc. Further information can be found in the CDNJS privacy policy: https://www.cloudflare.com/privacypolicy/.

Facebook pixel

We use Facebook pixels from Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, to create so-called custom audiences, i.e. to segment groups of visitors to our online offering, determine conversion rates and then optimise them. This is especially the case when you interact with advertisements that we have placed with Facebook Ireland Ltd.

We process your data with the help of Facebook pixels for the purpose of optimizing our website and for marketing purposes based on your consent in accordance with Art. 6 para. 1 lit. a. DSGVO.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Facebook Ireland Ltd. Further information can be found in the privacy policy for Facebook pixels: https://www.facebook.com/privacy/explanation.

LinkedIn CDN

We use LinkedIn CDN to properly provide the content of our website. LinkedIn CDN is a service provided by LinkedIn Corporation, which acts as a content delivery network (CDN) on our website to ensure the functionality of other LinkedIn Corporation services. You will find a separate section in this privacy statement for those services. This section is concerned only with the use of the CDN.

A CDN helps to make content from our online offerings, especially files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of LinkedIn Corporation, Sunnyvale, California, US, whereby your IP address and possibly browser data such as your user agent are transmitted. This information is processed solely for the purposes described above and to maintain the security and functionality of LinkedIn CDN.

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimization of our online offer in accordance with Art. 6 Par. 1 lit. f. DSGVO.

The actual storage period of the processed data cannot be influenced by us, but is determined by LinkedIn Corporation. Further information can be found in the LinkedIn CDN privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

Google Ads

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to analyze user behavior and recognize users.

Google Ads collects information about visitor behavior on various websites. This information is used to optimize the relevance of the advertising. Google Ads also delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identification features such as your user agent are transmitted to the provider.

If you are registered with a Google Ireland Limited service, Google Ads may associate your visit with your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find and store your IP address and other identifiers.

In this case your data will be passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

We process your data with the help of Google Ads for the purpose of optimizing our website and for marketing purposes on the basis of your consent in accordance with Art. 6 para. 1 lit. a. DSGVO.

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You will find further information in the privacy policy for Google Ads: https://policies.google.com/privacy.

DrawBridge

We have integrated DrawBridge on our website. DrawBridge is a service from Gimbal, Inc. that displays targeted advertising to users. DrawBridge uses cookies and other browser technologies to evaluate user behavior and to recognize users. DrawBridge collects information about visitor behaviour on various websites. This information is used to optimize the relevance of the advertising. Furthermore, DrawBridge delivers targeted advertising based on behavioral profiles and geographical location. Your IP address and other identification features such as your user agent are transmitted to the provider. In this case your data will be passed on to the operator of DrawBridge, Gimbal, Inc. 8605 Santa Monica Blvd #62545 West Hollywood, California 90069-4109, United States.

Web tracking technologies are used to create pseudonymous user profiles. These profiles cannot be merged with you as a natural person, but are used, for example, for segmentation when displaying advertisements.

We process data with the help of DrawBridge for the purpose of optimizing our advertising campaigns and for marketing purposes on the basis of your consent in accordance with Art. 6 para. 1 lit. a. DSGVO.

The specific storage period of the processed data cannot be influenced by us, but is determined by Gimbal, Inc. Further information can be found in the DrawBridge privacy policy: https://gimbal.com/gdpr/.

Facebook plugin

We have integrated components of Facebook Plugin on our website. Facebook Plugin is a service of Facebook Ireland Ltd. and offers us the possibility to aggregate content from the social media platform and display it on our website.

When you access this content, you connect to servers of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, and your IP address and, where applicable, browser information such as your User Agent is transmitted. This data is processed solely for the above purposes and to maintain the security and functionality of Facebook Plugin.

If a user is registered with Facebook Ireland Ltd., Facebook Plugin can assign the content viewed to the profile.

The use of the service is based on our legitimate interests, i.e. interest in a platform-independent provision of content in accordance with Art. 6 para. 1 lit. f. DSGVO.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Facebook Ireland Ltd. Further information can be found in the privacy policy for Facebook Plugin: https://www.facebook.com/policy.php.

Polyfill CDN

We use Polyfill CDN to properly provide the content of our website. Polyfill CDN is a service of The Financial Times Ltd. which acts as a Content Delivery Network (CDN) on our website.

A CDN helps to make the contents of our online offer, especially files such as graphics or scripts, available faster with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of The Financial Times Ltd, Number 1 Southwark Bridge London, SE1 9HL United Kingdom, whereby your IP address and possibly browser data such as your user agent are transmitted. This data will be processed solely for the above mentioned purposes and to maintain the security and functionality of Polyfill CDN.

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimization of our online offer in accordance with Art. 6 para. 1 lit. f. DSGVO.

The concrete storage period of the processed data cannot be influenced by us, but is determined by The Financial Times Ltd. Further information can be found in the data protection declaration for Polyfill CDN: https://polyfill.io/v3/privacy-policy/.

Google Services

We use Google Services from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland to access additional services and data from Google Ireland Limited. This involves the transfer of your IP address to Google Ireland Limited. Please note that there is a separate section in this Privacy Policy for each additional service we use from Google Ireland Limited.

The use of Google Services is based on our legitimate interests, i.e. interest in optimising our online offer in accordance with Art. 6 Para. 1 lit. f. DSGVO.

The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Services: https://policies.google.com/privacy.

VIII. Rights of the data subject

If your personal data are processed, you are a data subject within the meaning of the GDPR. For this reason, you have the following rights as regards the Controller:

1. Right of access

You may request from the Controller a statement as to whether personal data concerning you are processed by us.

If such data are being processed, you may request from the Controller disclosure of the following information:

a) the purpose of processing;

b) the categories of personal data, which are processed;

c) the recipients and/or the categories of recipients to whom the personal data at issue have been disclosed or are still being disclosed;

d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

e) the existence of the right to rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;

f) the right to lodge a complaint with a supervisory authority;

g) where the personal data are not collected from the data subject, any available information as to their source;

h) the existence of automated decision-making, including profiling, referred to in Article 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You may also request information as to whether personal data concerning you have been transferred to a third country or to an international organization. If this is the case, you may request information on the appropriate guarantees connected with the transfer pursuant to Article 46 GDPR.

2. Right to rectification

You may request from the Controller the correction of incorrect personal data concerning you. While taking into account the purposes of the processing you may also request the completion of incomplete personal data, including by means of a supplementary declaration. The Controller must undertake the correction without delay.

3. Right to erasure (‘right to be forgotten’)

You may request the Controller to erase the personal data pertaining to you without delay and the Controller is obliged to erase these data without delay, provided that one of the following grounds applies:

a) The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

b) You withdraw your consent on which the processing pursuant to Article 6 (1) (a) or Article 9 (2) (a) GDPR relied and there are no other legal bases for the processing.

c) You object to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for the processing or you object to the processing pursuant to Article 21 (2) GDPR.

d) Your personal data have been unlawfully processed.

e) The personal data must be erased to comply with a legal obligation in the law of the European Union or of its Member States, to which the Controller is subject;

f) The personal data pertaining to you has been collected in relation to services offered by an information society pursuant to Article 8 (1) GDPR.

Where the Controller has made the personal data public and is obliged pursuant to Article 17 (1) GDPR to erase the personal data, the Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

The right to erasure does not exist, if the processing is necessary:

a) for exercising the right of freedom of expression and information;

b) for compliance with a legal obligation which requires processing by Union or Member State law to which the Controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;

c) for reasons of public interest in the area of public health in accordance with Article 9(2) (h) and (i) as well as Article 9(3);

d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right to erasure referred to above is likely to render impossible or seriously impair the achievement of the objectives of that processing; or

e) for the establishment, exercise or defense of legal claims.

4. Right to restriction of processing

You can request the Controller to restrict the processing of your personal data, if one of the following prerequisites exists:

a) you have disputed the accuracy of your personal data during a period, which made it possible for the Controller to check the accuracy of your personal data;

b) the processing is unlawful and you refuse erasure of your personal data and instead request that the use of your personal data be restricted;

c) the Controller no longer needs your personal data for the purposes of processing, but you need them to establish, exercise or defend legal claims, or

d) you have lodged an objection to the processing pursuant to Article 21 (1) GDPR and it has not yet been established whether the legitimate grounds of the Controller override your grounds.

Where the processing of your personal data has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

If you have obtained restriction of processing in accordance with the aforementioned prerequisites, you will be notified by the Controller before the restriction is suspended.

5. Right to information

If you have asserted the right to correction, erasure or restriction of processing against the Controller, the latter is obliged to notify this correction, erasure or restriction of processing to all the recipients, to whom the personal data pertaining to you have been disclosed, unless this proves impossible or is linked to disproportionate effort.

At your request the Controller must inform you of the identity of this recipient.

6. Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. Likewise, you have the right to transmit those data to another controller without hindrance from the Controller to which the personal data have been provided, where

a) the processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) or on a contract pursuant to Article 6 (1) (b);

b) the processing is carried out by automated means.

Furthermore, in exercising this right you have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.

Similarly, the right to data portability must not interfere with the rights and freedoms of other persons.

7. Right to register an objection

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data pertaining to you which is based on point (e) or (f) of Article 6 (1) (e) or (f) GDPR, including profiling based on those provisions.

We shall then cease to process your personal data, unless we can prove compelling legitimate grounds for the processing, which override your interests, rights and freedoms or the processing serves the purpose of the establishing, exercise or defense of legal claims.

If the personal data pertaining to you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data pertaining to you for such marketing; This applies also to profiling, if it is connected with such direct advertising.

If you object to processing for the purposes of direct advertising, we shall no longer process your personal data for those purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject may exercise his or her right to object by automated means using technical specifications.

8. Right to withdraw the declaration of consent under the provisions of data protection law

You may at any time withdraw your declaration of consent under data protection law. The withdrawal of consent does not affect the legality of the processing carried out prior to the withdrawal.

9. Automated individual decision-making in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

This shall not apply if the decision:

a) is necessary for entering into, or performance of, a contract between you and the Data Controller;

b) is authorized by European Union or Member State law to which the Controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

c) is based on your explicit consent.

In the cases referred to in points (a) and (c), the Data Controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the Controller, to express his or her point of view and to contest the decision.

Decisions referred to in paragraph 2 shall not be based on special categories of personal data referred to in Article 9 (1) GDPR, unless Article 9 (2) (a) or (g) applies and suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests are in place.

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78.

IX. Topicality and amendment of this Privacy Policy

This data privacy statement is currently valid with the status 08/2020.

The further development of our website and its offers or amended legal provisions or pronounced case-law or official directives may make it necessary to amend this Privacy Policy. On our website you may access and print out the current version of our Privacy Policy as amended at any time on: https://www.demondo.com/en/legal/privacy-policy