Fibo Concepts
Contact Us

Data Protection

General Information

When you use this website, various personal data is collected. The protection of this data is very important to us. Your data will therefore be treated discreetly and in accordance with the statutory data protection regulations and this data protection declaration. Based on the following information, you will receive an overview of the processing (i.e. collection and use) of personal data when you visit our website, contact us, and the design options available to you.

Definitions

The following definitions of terms apply to this data protection declaration with reference to the General Data Protection Regulation or Regulation (EU) 2016/679 (hereinafter abbreviated as “GDPR”):

Personel Data

“Personal data” refers to all data from which you can be personally identified.

Processing

“Processing” means any process or series of processes carried out with or without the aid of automated processes in connection with personal data, such as collecting, recording, organizing, classifying, storing, adapting or changing, reading out, querying, use, disclosure by transmission, distribution or other form of provision, alignment or combination, restriction, deletion or destruction.

Responsible Person

The term “controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, decides on the purposes and means of processing personal data. If the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Affected Person

A “data subject” is any identified or identifiable natural person whose personal data is processed by the data controller.

Third

The term “third party” means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor .

Processor

A “processor” is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller.

Consent

“Consent” is a voluntary, informed and unambiguous expression of the data subject’s wishes for the specific case in the form of a statement or other clear confirmatory act by which the data subject indicates that he or she consents to the processing of data concerning him or her agrees to personal data.

Third Country

A “third country” is a country that is located outside the EU (European Union).

Person Responsible For Data Processing

The data of the person responsible for data processing in connection with this website within the meaning of Art. 4 No. 7 GDPR can be found in the legal notice.

Legal Basis For Processing

We process personal data exclusively in accordance with European and German data protection regulations.
This means that processing only takes place insofar
• The person concerned has given his consent for the transfer in accordance with Art. 6 Para. 1 lit. a GDPR.

• A transfer is necessary for the fulfillment of the contract in accordance with Article 6 Paragraph 1 Letter b of the GDPR.

• We have a legal obligation to pass on the data.

• The transfer is necessary on our part to protect legitimate interests in accordance with Article 6 (1) (f) GDPR.

Rights of Those Affected

In addition, the European legislator grants every data subject the following rights:

Right of Providing Information

In accordance with Article 15 GDPR, you have the right at any time to receive information from the person responsible regarding your processed personal data.
If your personal data is being processed, the scope of the right to information includes:

  • Category
  • Origin
  • Recipient
  • Processing purposes
  • Storage period
    of personal data.

Right to Correct or Complete Data

You can request that incorrect data be corrected or incomplete data be completed (Art. 16 GDPR). The person responsible must carry out the correction or completion immediately.

Right to Deletion (“Right to be Forgotten”)

According to Art. 17 GDPR, you have the right to have your data deleted, provided you can demonstrate that one of the reasons for deletion listed in Art. 17 Paragraph 1 GDPR applies. However, it should be noted that the right to deletion may be subject to restrictions under certain circumstances. This is relevant, for example, if the personal data is subject to statutory retention periods or is still necessary for us to assert, exercise or defend any legal claims. In addition, we will delete data if it is no longer required for its intended purpose or the statutory retention period has been reached.

Right to Restriction of Processing

In accordance with Article 18 (1) GDPR, a data subject may request that the processing of personal data concerning them be restricted.
To do this, at least one of the following requirements must be met:

  • The accuracy of the personal data concerning you is contested by you for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful and the data subject refuses the deletion of the personal data and instead requests the restriction of the use of the personal data.
  • The controller no longer needs the personal data for the processing purposes, but to assert, exercise or defend legal claims.
  • The data subject has lodged an objection to the processing in accordance with Article 21 Para. 1 GDPR as long as it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.
    If processing has been restricted by you in accordance with Article 18 Para. 1 GDPR, this data, apart from its storage, may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or processed for reasons of important public interest of the Union or a Member State.
  • According to Art. 18 Para. 3 GDPR, the data subject must be informed by the person responsible if they have obtained a restriction based on Art. 18 Para. 1 GDPR before the restriction is lifted.

Subsequent Obligation to Correct, Delete or Limit Processing

If the data subject has asserted their right to rectification, deletion or restriction of processing against the person responsible, the latter is obliged, in accordance with Article 19 of the GDPR, to inform all recipients to whom the personal data has been disclosed about the rectification, deletion or restriction of processing of the data. This obligation does not apply if the fulfillment of this obligation proves to be impossible or can only be achieved with disproportionate effort. The data subject has the right to information about the recipients from the person responsible.

Right to Object

In accordance with Article 21 Paragraph 1 GDPR, a data subject has the right to object to data processing based on reasons arising from their particular situation, which is based on our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR .
In the event of an objection, the personal data may only continue to be processed by the controller if he or she can demonstrate compelling legitimate grounds for the processing which outweigh the interests, rights and freedoms of the data subject or the processing for the establishment, exercise or defense of legal claims serves.
If personal data is processed for direct advertising, the data subject has the right to object to this processing at any time. This also applies to profiling to the extent that it is connected to such direct advertising.

Right to Data Portability

In accordance with Article 20 of the GDPR, data subjects have the right to receive the personal data we process in a structured, common and machine-readable format and, if technically possible, to transmit it to another person responsible. This only applies to data that we process automatically based on your consent or in fulfillment of a contract.

Right to Revoke the Declaration of Consent

Consent that has already been given can be revoked by you at any time and with future effect (Art. 7 Para. 3 GDPR). The lawfulness of the processing carried out until the revocation remains unaffected.

Right of Appeal

If you believe that our processing of your personal data violates data protection regulations, you have the right to lodge a complaint with the responsible supervisory authority in accordance with Article 77 of the GDPR.

Data Collection on Our Website

When you access this website, we as the website operator collect personal data.

Informational Retrieval

If you access this website solely for informational purposes without contacting us, the following access data will result:

Log File Data

  • IP address
  • Browser type and browser version
  • Time of access
  • Host name of the accessing computer
  • Website from which the data subject accessed this website
  • Operating system used by the user.

This collected data is stored on our website’s server on a temporary basis in a so-called log file. These are then deleted by default after 7 days.
Through this data processing, we cannot draw any conclusions about the identity of the data subjects and no personally identifiable evaluation takes place.
The processing of the data listed above is necessary for the secure operation of the website and is therefore based on the legal basis of a legitimate interest in accordance with Article 6 (1) (f) GDPR.

Order Processing

In connection with the smooth operation of our website, it is necessary to use external service providers such as the web host (Strato) as a processor. They are bound to our instructions and are contractually obliged in accordance with Article 28 of the GDPR.
We have concluded a corresponding order processing contract with Strato. This confirms to us that we process personal data securely and in accordance with data protection regulations.

Purpose of Processing and Legal Basis

Cookies serve as a tool for us to optimize our website overall and thus make it safer and more user-friendly. The processing of personal data through the use of cookies is therefore based on Article 6 (1) (f) GDPR.

Management of Cookies

You can exercise your right to object by regulating the use of cookies. Cookies are usually automatically accepted by the browser. At the same time, however, there is the option at any time within the browser settings to delete cookies, restrict their storage or generally deactivate them. If cookies are deactivated, the functionality of this website may be restricted in some places.
You can find more information about managing cookies for common browsers in the following links:

Firefox:

https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

https://support.mozilla.com/de/kb/cookies-loeschen-daten-von-websites-entfernen?redirectlocale=de&redirectslug=Cookies+l%C3%B6schen

Microsoft Explorer:

https://support.microsoft.com/de-de/help/17442/windows-internet-explorer

Google Chrome:

https://support.google.com/chrome/answer/95647?hl=de&hlrm=en

Opera:

http://help.opera.com/Windows/10.20/de/cookies.html

Safari auf dem Mac:

https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Safari auf dem iPhone, iPad, iPod touch:

https://support.apple.com/de-de/HT201265

Links to External Websites

We have included links to external websites in our website. In this context, we would like to point out that we have neither knowledge nor influence regarding the processing of personal data on these external websites.

Disclosure of Personal Data to Third Parties

Personal data will only be passed on to third parties on the basis of legal permission and under the following conditions:
a) The person concerned has given his consent for the transfer in accordance with Art. 6 Para. 1 lit. a GDPR.
b) A transfer is necessary for the fulfillment of the contract in accordance with Article 6 Paragraph 1 Letter b of the GDPR.
c) We have a legal obligation to pass on the data.
d) The transfer is necessary on our part to protect legitimate interests in accordance with Article 6 (1) (f) GDPR.

Data Transfer to Third Countries

a) this is necessary to fulfill a contract or pre-contractual obligations,
b) you have given us your consent for this,
c) this is necessary to fulfill a legal obligation,
d) this is necessary on our part to protect legitimate interests.
In addition, the transfer only takes place in accordance with the requirements of Articles 44-49 GDPR. This means that a level of data protection that meets EU requirements is guaranteed for the third country or the processor located in a third country. These include, for example, data processors in the USA certified under the “Privacy Shield”.

Data Security

In accordance with Art. 32 GDPR, the person responsible uses technical and organizational measures to best protect personal data from loss, unlawful access by third parties and unjustified changes.
This also means that our employees involved in the processing of personal data are obliged to handle this data carefully and responsibly.
We use SSL encryption on our website to protect the data transmitted to us. This encryption can be recognized by the lock symbol in the browser bar and the “https://” address.

Currentness and Changes to the Data Protection Declaration

This data protection declaration is currently valid. However, the person responsible for this website reserves the right to make changes to the data protection declaration. This may be necessary in the course of useful adjustments/further developments to the website, legislative changes or relevant case law regarding data protection regulations or changes in official practice

Copyright © FiboConceptsUG