Cookie Consent by Privacy Policies website Alpha Oscar | Privacy

Privacy

With the following data protection declaration we would like to inform you about which types of your personal data (hereinafter also referred to as “data”) we process for what purposes and to what extent as part of the provision of our services. The terms used are not gender specific.

Table of contents
1.   Responsible person
2.   Overview of processing
3.   Relevant legal bases
4.   Safety measures
5.   Transfer of personal data
6.   International data transfers
7.   Deletion of data
8.   Business benefits
9.   Payment procedure
10. Use of cookies
11. Contact and inquiry management
12. Communication via messenger
13. Advertising communication via email, post, fax or telephone
14. Plug-ins and embedded functions and content
15. Changes and updates to the data protection declaration
16. Definitions of terms

1. Responsible person
Ahmad Alosman
Hochvogelstr. 16
88400 Biberach an der Riss
Telefon:  +49 (0)7351 - 8026569
Mobile:   +49 (0)162 - 6302102
Email:     info(a)alphaoscar.de*

2. Overview of processing
The following overview summarizes the types of data processed, their purposes, and the data subjects involved:

Types of data processed
          • Inventory data.
          • Payment details.
          • Location data.
          • Contact details.
          • Content data.
          • Contract data.
          • Usage data.
          • Meta, communication and procedural data.

Categories of affected people
          • Customers.
          • Interested persons.
          • Communication partners.
          • Users.
          • Business and contractual partners.

Purposes of processing
          • Provision of contractual services and fulfillment of contractual obligations.
          • Contact inquiries and communication.
          • Safety measures.
          • Direct marketing.
          • Office and organizational procedures.
          • Managing and responding to inquiries.
          • Feedback.
          • Provision of our online offering and user-friendliness.
          • Information technology infrastructure.

3. Relevant legal bases
Relevant legal bases according to the GDPR: Below you will find an overview of the legal bases of the GDPR on the basis of which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. If more specific legal bases apply in individual cases, we will inform you of these in the data protection declaration.
          • Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR - The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or several specific purposes.
          • Fulfillment of the contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR - The processing is for the fulfillment of a contract to which the data subject is a party or to carry out pre-contractual measures required, which are made at the request of the data subject.
          • Legal obligation (Art. 6 Para. 1 S. 1 lit. c) GDPR - The processing is necessary to fulfill a legal obligation to which the controller is subject.
          • Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR - the processing is necessary to safeguard the legitimate interests of the controller or a third party, provided that the interests, fundamental rights and freedoms of the data subject requiring the protection of personal data do not outweigh them.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. This includes in particular the law to protect against misuse of personal data during data processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special regulations on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes and transmission and automated decision-making in individual cases, including profiling. Furthermore, state data protection laws of the individual federal states may apply.

4. Safety measures
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, disclosure, ensuring availability and its separation. We have also set up procedures to ensure that the rights of those affected are exercised, data are deleted and responses are made to data threats. Furthermore, we take the protection of personal data into account when developing or selecting hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
Shortening of the IP address: If IP addresses are processed by us or by the service providers and technologies used and the processing of a full IP address is not necessary, the IP address is shortened (also referred to as “IP masking”). Here, the last two digits or the last part of the IP address after a period are removed or replaced with placeholders. Shortening the IP address is intended to prevent or make it significantly more difficult to identify a person based on their IP address.
Securing online connections using TLS/SSL encryption technology (HTTPS): To protect user data transmitted via our online services from unauthorized access, we use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt the information transmitted between the website or app and the user's browser (or between two servers), thereby protecting the data from unauthorized access. TLS, as the advanced and more secure version of SSL, ensures that all data transfers meet the highest security standards. If a website is secured by an SSL/TLS certificate, this is signaled by displaying HTTPS in the URL. This serves as an indicator to users that their data is being transmitted securely and encrypted.

5. Transfer of personal data
As part of our processing of personal data, it may be transmitted to or disclosed to other bodies, companies, legally independent organizational units or persons. The recipients of this data can include: B. include service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data. Data transfer within the organization: Data transfer within the group of companies: We may transfer personal data to other companies within our group of companies or grant them access to it. If the data is passed on for administrative purposes, it is based on our legitimate entrepreneurial and business interests or takes place if it is necessary to fulfill our contractual obligations or if there is consent from those affected or legal permission.

6. International data transfers
Data processing in third countries: If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing in the context of using third-party services or the disclosure or transfer of data If the transfer takes place to other people, bodies or companies, this will only take place in accordance with the legal requirements. If the level of data protection in the third country has been recognized by means of an adequacy decision (Art. 45 GDPR), this serves as the basis for the data transfer. Furthermore, data transfers only take place if the level of data protection is otherwise secured, in particular through standard contractual clauses (Art. 46 Para. 2 lit. c) GDPR, express consent or in the case of contractually or legally required transfer (Art. 49 Para. 1 GDPR). . We will also inform you about the basics of third-country transfers for the individual providers from the third country, with the adequacy decisions taking precedence as the basic principles. Information on third country transfers and existing adequacy decisions can be found in the EU Commission's information offering:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en EU-US Trans-Atlantic Data Privacy Framework: As part of the so-called “Data Privacy Framework” (DPF), the EU Commission has also recognized the level of data protection as secure for certain companies from the USA as part of the adequacy decision of July 10, 2023. The list of the certified companies and further information about the DPF can be found on the website of the US Department of Commerce https://www.dataprivacyframework.gov/ (in English). As part of the data protection information, we will inform you which service providers we use are certified under the Data Privacy Framework.

7. Deletion of data
The data processed by us will be deleted in accordance with the legal requirements as soon as your consent for processing is revoked or other permissions no longer apply (e.g. if the purpose for processing this data no longer applies or it is not necessary for the purpose). Unless the data is deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies e.g. B. for data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person. Our data protection information may also contain further information on the storage and deletion of data, which applies primarily to the respective processing.

8. Business benefits
We process data from our contractual and business partners, e.g. B. Customers and interested parties (collectively referred to as “contractual partners”), within the framework of contractual and comparable legal relationships as well as associated measures and with regard to communication with the contractual partners (or pre-contractual), for example to answer inquiries.
We use this data to fulfill our contractual obligations. This includes, in particular, the obligations to provide the agreed services, any update obligations and remedies in the event of warranty and other service disruptions. In addition, we use the data to protect our rights and for the purposes of the administrative tasks associated with these obligations and the company organization. In addition, we process the data on the basis of our legitimate interests in proper and business management as well as security measures to protect our contractual partners and our business operations from misuse and jeopardy of their data, secrets, information and rights (e.g. the involvement of telecommunications companies). , transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). Within the scope of applicable law, we only pass on the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or to fulfill legal obligations. The contractual partners will be informed about other forms of processing, such as for marketing purposes, within the scope of this data protection declaration.

We inform the contractual partners which data is required for the aforementioned purposes before or as part of data collection, e.g. B. in online forms, through special markings (e.g. colors) or symbols (e.g. asterisks, etc.), or in person.

We delete the data after the expiry of statutory warranty and comparable obligations, i.e. H. generally after four years, unless the data is stored in a customer account, e.g. B. as long as they must be kept for legal archiving reasons (e.g. for tax purposes, usually ten years). We delete data that was disclosed to us by the contractual partner as part of an order in accordance with the specifications and generally after the end of the order.

          • Types of data processed: Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact information (e.g. email, phone numbers). Contract data (e.g. subject matter of the contract, term, customer category).

          • Affected persons: Interested parties. Business and contractual partners.

          • Purposes of processing: Provision of contractual services and fulfillment of contractual obligations; Contact inquiries and communication; Office and organizational procedures. Managing and responding to inquiries.

Legal basis: Fulfillment of the contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR; Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR. Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR.

Notes on processing processes, procedures and services:

          • Craft services: We process the data of our customers and clients (hereinafter referred to as “customers”) in order to to enable them to select, acquire or commission the selected services or works as well as associated activities as well as their payment and delivery or execution or provision.

The required information is marked as such within the framework of the conclusion of the order, order or comparable contract and includes the information required for delivery and billing as well as contact information in order to be able to hold any consultations;

Legal bases : Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR.

          • Project and development services: We process the data of our customers and clients (hereinafter uniformly referred to as “customers”) in order to enable them to select, acquire or commission the selected services or works as well as associated activities as well as their payment and provision or execution or provision.

The required information is marked as such within the framework of the conclusion of the order, purchase order or comparable contract and includes the information required for the provision of services and billing as well as contact information in order to be able to hold any consultations. As far as we receive access to information from end customers, employees or other persons, we process it in accordance with the legal and contractual requirements;

Legal bases: Contract fulfillment and pre-contractual inquiries (Art. 6 Paragraph 1 Sentence 1 Letter b) GDPR.

          • Offer of software and platform services: We process the data of our users, registered users and any test users (hereinafter uniformly referred to as "Users") in order to be able to provide our contractual services to you and on the basis of legitimate interests in order to ensure the security of our offer and to be able to develop it further. The required information is marked as such within the framework of the conclusion of the order, order or comparable contract and includes the information required for the provision of services and billing as well as contact information in order to be able to hold any consultations;

Legal bases : Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR.

• Technical services: We process the data of our customers and clients (hereinafter referred to as "customers") in order to enable them to select, purchase or commission the selected services or works as well as related activities to enable their payment and provision or execution or provision.

The required information is marked as such within the framework of the conclusion of the order, order or comparable contract and includes the information required for the provision of services and billing as well as contact information in order to be able to hold any consultations. As far as we receive access to information from end customers, employees or other persons, we process it in accordance with the legal and contractual requirements;

Legal bases: Contract fulfillment and pre-contractual inquiries (Art. 6 Paragraph 1 Sentence 1 Letter b) GDPR.

9. Payment procedure
As part of contractual and other legal relationships, due to legal obligations or otherwise based on our legitimate interests, we offer the data subjects efficient and secure payment options and use other service providers in addition to banks and credit institutions (collectively "payment service providers").
The data processed by the payment service providers includes inventory data, such as: B. the name and address, bank details, such as. B. Account numbers or credit card numbers, passwords, TANs and checksums as well as contract, total and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be processed and stored by the payment service providers. This means that we do not receive any account or credit card-related information, but only information with confirmation or negative information about the payment. Under certain circumstances, the data may be transmitted by the payment service provider to credit reporting agencies. The purpose of this transmission is to check identity and creditworthiness. For this purpose, we refer to the general terms and conditions and data protection information of the payment service providers.
The terms and conditions and data protection notices of the respective payment service providers apply to payment transactions, which can be accessed on the respective websites or transaction applications. We also refer to these for further information and to assert rights of revocation, information and other rights of those affected.

          • Types of data processed: Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contract data (e.g. subject matter of the contract, term, customer category); Usage data (e.g. websites visited, interest in content, access times). Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status).

          • Affected persons: Customers. Interested parties.

          • Purposes of processing: Provision of contractual services and fulfillment of contractual obligations.

           Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR.

Further information on processing processes, procedures and services:

           • Giropay: Payment services (technical connection of online payment methods);
Service provider: giropay GmbH, An der Welle 4, 60322 Frankfurt, Germany;
Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR;
Website:https://www.giropay.de
Data protection: https://www.giropay.de/rechtliches/datenschutzerklaerung/

           • Klarna: Payment services (technical connection of online payment methods);
Service provider: Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden;
< b> Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR;
Website: https://www.klarna.com/
Data protection: https://www.klarna.com/uk/privacy/

           • Mastercard: Payment services (technical connection of online payment methods);
Service provider: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium;
Legal basis: Fulfillment of the contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR;
Website: https://www.mastercard.com/europe/en/home.html/
Data protection: https://www.mastercard.com/europe/en/data-privacy.html

10. Use of cookies
Cookies are small text files or other storage notes that store and read information from end devices. For example, to save the log-in status in a user account, the contents of a shopping cart in an e-shop, the content accessed or the functions used in an online offer. Cookies can also be used for various purposes, such as the functionality, security and convenience of online offerings as well as the creation of analyzes of visitor flows.

Notes on consent: We use cookies in accordance with legal regulations. We therefore obtain prior consent from users unless it is not required by law. In particular, permission is not necessary if the storage and reading of the information, including cookies, is absolutely necessary in order to provide users with a telemedia service they have expressly requested (i.e. our online offering). The revocable consent will be clearly communicated to you and contains information on the respective cookie use.

Notes on data protection legal bases: On which data protection basis we process users' personal data using cookies depends on whether we ask them for consent. If users accept, the legal basis for the use of their data is their declared consent. Otherwise, the data used using cookies will be processed on the basis of our legitimate interests (e.g. in operating our online offering and improving its usability) or, if this is in the context of fulfilling our contractual obligations, if the use of cookies is necessary is to fulfill our contractual obligations. We will explain the purposes for which we use cookies in the course of this data protection declaration or as part of our consent and processing processes.

Storage period: With regard to the storage period, the following types of cookies are distinguished:

          • Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has accessed an online offer left and closed his device (e.g. browser or mobile application).

          • Permanent cookies: Permanent cookies remain stored even after the device is closed. For example, the log-in status can be saved and preferred content can be displayed directly when the user visits a website again. The user data collected using cookies can also be used to measure reach. Unless we provide users with explicit information about the type and storage period of cookies (e.g. as part of obtaining consent), they should assume that they are permanent and that the storage period can be up to two years.

General information on revocation and objection (opt-out): Users can revoke the consent they have given at any time and can also declare an objection to the processing in accordance with the legal requirements, including using the privacy settings of their browser .

Cookie settings/possibility of objection: Cookies

Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR. Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR.

Further information on processing processes, procedures and services:

           • Processing of cookie data based on consent: We use a consent management solution in which users consent to the use of cookies or to those mentioned in the consent management solution Procedures and providers are obtained. This procedure is used to obtain, record, manage and revoke consent, particularly with regard to the use of cookies and similar technologies that are used to store, read and process information on users' end devices. As part of this procedure, users' consents are obtained for the use of cookies and the related processing of information, including the specific processing and providers mentioned in the consent management procedure. Users also have the option to manage and revoke their consent. The declarations of consent are stored in order to avoid being asked again and to be able to provide proof of consent in accordance with the legal requirements.

The storage takes place on the server side and/or in a cookie (so-called opt-in cookie) or by means of comparable technologies in order to be able to assign consent to a specific user or their device. If there is no specific information about the providers of consent management services, the following general information applies: The duration of the storage of consent is up to two years. A pseudonymous user identifier is created, which is stored together with the time of consent, information on the scope of consent (e.g. relevant categories of cookies and/or service providers) and information about the browser, the system and the device used becomes; Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR.

11. Contact and inquiry management
When you contact us (e.g. by post, contact form, email, telephone or via social media) as well as within the framework of existing user and business relationships, the information provided by the inquiring person is processed to the extent necessary to answer contact inquiries and any requested measures is required.
          • Types of data processed: Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times). Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status).

          • Affected persons: Communication partner.

          • Purposes of processing: Contact requests and communication; managing and responding to inquiries; Feedback (e.g. collecting feedback via online form). Provision of our online offering and user-friendliness.
Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR. Fulfillment of the contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR.

Further information on processing processes, procedures and services:

          • Contact form: If users contact us via our contact form, email or other communication channels, we process the data provided to us in this context in order to process the communicated request; Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR, legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR.

12. Communication via messenger
We use messengers for communication purposes and therefore ask you to note the following information on the functionality of the messengers, encryption, the use of communication metadata and your options for objection.
You can also contact us via alternative means, e.g. B. via telephone or email. Please use the contact options provided to you or the contact options provided within our online offering.
In the case of end-to-end encryption of content (i.e., the content of your message and attachments), we point out that the communication content (i.e., the content of the message and attached images) is encrypted from end to end be encrypted at the end. This means that the content of the messages cannot be viewed, not even by the messenger providers themselves. You should always use a current version of the messenger with encryption activated to ensure that the message content is encrypted.
However, we also point out to our communication partners that although the messenger providers cannot view the content, they can find out that and when communication partners communicate with us as well as technical information about the device used by the communication partner and, depending on the settings of their device, location information ( so-called metadata) are processed.

Notes on legal bases: If we ask communication partners for permission before communicating with them via Messenger, the legal basis for our processing of their data is their consent. Furthermore, if we do not ask for your consent and you do so, for example. For example, if you contact us on your own initiative, we use Messenger in relation to our contractual partners and as part of the contract initiation as a contractual measure and in the case of other interested parties and communication partners on the basis of our legitimate interests in fast and efficient communication and fulfillment of our needs Communication partner in communication via messenger.

          • Types of data processed: Contact details (e.g. email, telephone numbers, addresses).

          • Affected persons: Communication partner.

          • Purposes of processing: Contact requests and communication. Direct marketing (e.g. via email or post).

Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR. Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR.

13. Advertising communication via email, post, fax or telephone
We process personal data for the purposes of advertising communication via various channels, such as: B. Email, telephone, post or fax, can be done in accordance with the legal requirements.
The recipients have the right to revoke their consent at any time or to object to the advertising communication at any time.
After revocation or objection, we store the data required to prove previous authorization to contact or send you up to three years after the end of the year of revocation or objection on the basis of our legitimate interests. The processing of this data is limited to the purpose of possible defense against claims. Based on the legitimate interest in permanently observing the user's revocation or objection, we also store the data necessary to avoid renewed contact (e.g., depending on the communication channel, the email address, telephone number, name).< br />
          • Types of data processed: Inventory data (e.g. names, addresses). Contact information (e.g. email, phone numbers).

          • Affected persons: Communication partner.

          • Purposes of processing: Direct marketing (e.g. by email or post).

           Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR. Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR.

14. Plug-ins and embedded functions and content
We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These can be, for example, graphics, videos or city maps (hereinafter referred to as “content”) ).
The integration always requires that the third party providers of this content process the users' IP address, as without an IP address they would not be able to send the content to their browser. The IP address is therefore required to display this content or functions. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offering, but also linked to such information from other sources be.

Notes on legal bases: If we ask users for their consent to the use of third-party providers, the legal basis for data processing is permission. Otherwise, the user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.

          • Types of data processed: Usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, timing, identification numbers, consent status). Location data (information about the geographical position of a device or person).

          • Affected persons: Users (e.g. website visitors, users of online services).

          • Purposes of processing: Provision of our online offering and user-friendliness.

           Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR.

Further information on processing processes, procedures and services:

          • Google Maps: We integrate the maps from the “Google Maps” service provided by Google. The data processed may include, in particular, IP addresses and location data of users;
Service provider: Google Cloud EMEA Limited, 70 Sir John Rogerson's Quay, Dublin 2, Ireland;
Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR;
Website: https://mapsplatform.google.com/
Data protection: https://policies.google.com/privacy
Basic for third country transfers: Data Privacy Framework (DPF).

15. Changes and updates to the data protection declaration
We ask you to regularly inform yourself about the content of our data protection declaration. We will adapt the data protection declaration as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.
If we provide addresses and contact information for companies and organizations in this data protection declaration, please note that the addresses may change over time and ask you to check the information before contacting us.

16. Definitions of terms
This section provides an overview of the terms used in this data protection declaration. To the extent that the terms are defined by law, their legal definitions apply. The following explanations, on the other hand, are intended primarily to provide understanding.

          • Personal data: "Personal data" means any information relating to an identified or identifiable natural person (in The following refers to “data subject”); A natural person is considered identifiable if he or she identifies directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or one or more special characteristics which are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

          • Location data: Location data is created when a mobile device (or another device with the technical requirements for location determination) with a radio cell, a WLAN or similar technical means and functions for determining location. Location data is used to indicate at which geographically determinable position on earth the respective device is located. Location data can e.g. B. can be used to display map functions or other information dependent on a location.

          • Responsible person: The “responsible person” is the natural or legal person, authority, institution or other body that alone or decides jointly with others on the purposes and means of processing personal data.

          • Processing: "Processing" means any operation or series of operations carried out with or without the aid of automated procedures personal data. The term is wide-ranging and includes practically every handling of data, be it collecting, evaluating, storing, transmitting or deleting.