Data Privacy Statement

Table of Contents

  1. Name and Address of the Responsible Parties
  2. Name and Address of the Data Protection Officer
  3. General Information on the Processing of Data
  4. Provision of the Website and Creation of Log Files
  5. Use of Cookies
  6. Use of MyFonts
  7. Email Contact
  8. Rights of the Data Subject

 

1. Names and Addresses of the Responsible Parties

The responsible party (data controller) within the meaning of the General Data Protection Regulation/GDPR (Datenschutz-Grundverordnung/DSGVO) and that of other national data protection laws of the EU Member States as well as within the meaning of other data protection provisions is as shown below:

ASCON Resource Management Holding GmbH
In den Dauen 6a
53117 Bonn, Germany

Represented by: Dipl.-Kfm. Sascha Schuh, Dipl.-Kffr. Katrin Schuh (both graduates of business administration)

T: +49 228 94377-3
F: +49 228 94377-44
E: info(at)ascon-holding.com


2. Name and Address of the Data Protection Officer

The responsible authority’s data protection officer is listed below:

Christian Biever
Kaiser-Wilhelm-Ring 27-29
50672 Cologne
Germany
T: +49 221 986 550 35
E: datenschutzbeauftragter(at)ascon-holding.com


3. General Information on the Processing of Data

3.1 Extent of the processing of personal data

As a basic principle, we collect and use the personal data of our clients/users only to the extent that is required for the provision of a functional website as well as for our contents and services. The personal data of our users are regularly collected and used only after the user’s consent has been obtained. An exception exists in cases where for practical reasons it is not possible to seek prior consent and the processing of the data is permitted on the basis of statutory provisions.

3.2. Legal basis for the processing of personal data

Insofar as we seek the data subject’s consent for the processing operations of the personal data, Article 6 paragraph 1 (a) of the EU’s GDPR shall serve as the legal basis for the processing of the personal data.

In the processing of personal data which is necessary for the performance of a contract to which the data subject is party, Article 6 paragraph 1 (b) of the GDPR shall serve as the legal basis. This also applies to processing operations which are necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary for the compliance with a legal obligation to which our company is subject, Article 6 paragraph 1 (c) of the GDPR shall serve as the legal basis.

In the event that vital interests of the data subject or of another natural person necessitate the processing of personal data, Article 6 paragraph 1 (d) of the GDPR shall serve as the legal basis.

If the processing is necessary for safeguarding a legitimate interest pursued by our company or by a third party and the interests or fundamental rights and freedoms of the data subject do not override the above-mentioned interest, then Article 6 paragraph 1 (f) of the GDPR shall serve as the legal basis for the processing.

3.3. Data storage (retention) periods and the deletion (erasure) of data

The data subject’s personal data will be erased or blocked as soon as the purpose of the storage ceases to apply. In addition, data may be stored if a relevant storage period has been provided for by the European or national legislator in regulations issued under Union law, laws or other provisions to which the data controller is subject. The blocking or erasure of the data may also be carried out if a period of storage as prescribed by one of the standards referred to above has expired, unless an extension of the data storage period is a requirement for entering into a contract or for the performance of a contract.


4. Provision of the Website and Creation of Log Files

4.1. Description and extent of the data processing

For each visitor to our website, our system automatically records the data and information of the visitor’s computer system.

More specifically, the following data are saved for each access or request:

  • IP address of the enquiring computer
  • Date and time of the request
  • Page accessed/Name of the requested file
  • Data volume transferred
  • Message whether access/request was successful
  • Internet address from which the site and/or file was retrieved and/or the desired function was initiated
  • Web browser used

The data are also stored in the log files of our system.

These data are not saved along with other personal data relating to the user.

4.2. Legal basis for the data processing

The legal basis for the temporary storage of the data and the log files is found in Article 6 paragraph 1 (f) of the GDPR.

4.3. Purpose of the data processing

The above-mentioned data including the IP address are stored for the duration of the communication activity in order to enable the usage of our internet service(s). In addition, the IP address is stored for a short period of time in order to safeguard the IT security and in particular to protect our IT systems against misuse and attacks.

We reserve the right to utilise the data in an anonymised form for statistical purposes and to improve our internet offer.

The temporary storage of the IP address undertaken by the system is necessary for facilitating the delivery of the website features to the user’s computer. The user’s IP address must therefore remain stored for the duration of the session.

The storage in log files is undertaken in order to secure the website’s functionality. In addition, the data help us to optimise the website and to secure the safety of our information technology systems. A data evaluation for marketing purposes shall not be carried out in this connection.

These purposes demonstrate our legitimate interest in the data processing pursuant to Article 6 paragraph 1 (f) of the GDPR.

4.4. Duration of the storage

The data shall be deleted as soon as they are no longer required to achieve the purposes of their collection. If the data were collected in order to make the website features available, then the above will be the case once the respective session is finished.

If the data were stored in log files, then the deletion will take place after 7 days at the latest.

4.5. Options for lodging an objection or requesting the removal of the data

The collection of data for the provision of the website features and the data storage in log files are absolutely necessary for the operation of the website. Consequently, there is no option for the user to raise an objection.


5. Use of Cookies

5.1. Description and extent of the data processing

Our website uses cookies. Cookies are text files that are saved in the internet browser or respectively, by the internet browser, on the user’s computer system. When a user visits a website, a cookie can be saved on the user’s operating system. This cookie contains a sequence of characters which enables the unambiguous identification of the browser when the website is visited again.

We use cookies to make our website more user-friendly. Some elements of our website require that the requesting browser can be identified even after a page break.

When users call up our website, an Info Banner informs them regarding the use of cookies for analysis purposes and refers them to this Data Privacy Statement. In this context, a hint is also provided relating to the deactivation of cookies in the browser settings.

In the process, we use the following cookies:

Cookie-name

Purpose and stored data

Storage period

_pk_id

ID-cookie to recognise returning visitors

30 days

 

5.2. Legal basis for the data processing

The legal basis for the processing of personal data with the use of technically necessary cookies is Article 6 paragraph 1 (f) of the GDPR.

If the relevant consent has been obtained from the user, then the legal basis for the processing of the personal data with the use of cookies for analysis purposes is Article 6 paragraph 1 (a) of the GDPR. Beyond that, Article 6 paragraph 1 (f) of the GDPR provides an additional legal basis.

5.3. Purpose of the data processing

The purpose of using technically necessary cookies is to make the use of websites simpler for users. A few functions of our website cannot be made available without the use of cookies. In these cases, it is necessary for the browser to be recognised even after a change from one page to another.

The user data collected by means of the technically necessary cookies will not be used to create user profiles.

Analysis cookies are used to improve the quality and content of our website. Analysis cookies allow us to find out how the website is being used and we can thus continuously optimise our offer.

These purposes also demonstrate our legitimate interest in the processing of the personal data pursuant to Article 6 paragraph 1 (f) of the GDPR.

For details regarding the respective purpose of the individual cookies please refer to the chart above.

5.4. Duration of the storage, options for lodging an objection or requesting the removal of the data

Cookies are stored on the user’s computer and transferred by it to our website. This gives you as the user full control over the use of cookies. By changing the settings in your web browser, you can disable or limit the transfer of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If the cookies used by our website are deactivated, it is possible that not all the website’s functions can be used to their full extent.

5.5. Legal basis for the data processing

The legal basis for the processing of personal data with the use of analysis cookies is Article 6 paragraph 1 (f) of the GDPR. The legal basis for the processing of personal data with the use of technically necessary cookies is also found in Article 6 paragraph 1 (f) of the GDPR.

5.6. Purpose of the data collection

The processing of the users’ personal data allows us to analyse the surfing behaviour of our users. The evaluation of the data obtained enables us to compile information regarding the use of our website’s individual components. This helps us with the continual improvement of our website and its user-friendliness. These purposes also demonstrate our legitimate interest in the processing of the personal data pursuant to Article 6 paragraph 1 (f) of the GDPR. The anonymisation of the IP address sufficiently takes into account the users’ interest in protecting their personal data. We reserve the right to evaluate the data in an anonymised form for statistical purposes and to improve our internet offer.

5.6. Duration of the storage

The above-mentioned data including the IP address are stored for the duration of the communication activity in order to enable the usage of our internet service(s). In addition, the IP address is stored for a short period of time in order to safeguard the IT security and in particular to protect our IT systems against misuse and attacks.

5.7. Options for lodging an objection or requesting the removal of the data

Cookies are stored on the user’s computer and transferred by it to our website. This gives you as the user full control over the use of cookies. By changing the settings in your web browser, you can disable or limit the transfer of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If the cookies used by our website are deactivated, it is possible that not all the website’s functions can be used to their full extent.


6. Use of MyFonts

6.1. Description and extent of the data processing

Web fonts by Monotype Imaging Holdings Inc., a Delaware corporation with its principal offices at 600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA (“Monotype”) are used on our website. Access of the website enables the transmission of the following data to Monotype:

(1)        Information regarding the type of browser and the version used
(2)        The user’s operating system
(3)        The user’s internet service provider
(4)        The user’s IP address
(5)        Date and time of access
(6)        Pages the user’s system opens when visiting our website

6.2. Legal basis for the data processing

The legal basis for the processing of personal data with the use of web fonts is Article 6 paragraph 1 (f) of the GDPR.

6.3 Purpose of the data processing

Monotype web fonts allow us to present our website to the user with an attractive design and with a consistent quality standard across all devices. Only this makes it technically possible to offer an uninterrupted and pleasant user experience to all visitors of our homepage. This purpose, too, demonstrates our legitimate interest in the processing of the personal data pursuant to Article 6 paragraph 1 (f) of the GDPR.

6.4. Duration of the storage

We do not collect any data within this context. Monotype also does not store personal data. Details can be found at: www.monotype.com/legal/privacy-policy/ as well as at www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy/

6.6. Options for lodging an objection or requesting the removal of the data

The collection of data for the provision of the website and the transmission of data are absolutely necessary for the operation of the website. Consequently, there is no option for the user to raise an objection.

You can find more information regarding your options for lodging an objection or requesting the removal of Monotype at: www.monotype.com/legal/privacy-policy


7. Email Contact

7.1. Description and extent of the data processing

It is possible to get in touch with us via the email provided above. If contact is established, then the user’s personal data communicated by means of the email will be saved.

No data will, in this connection, be passed on to third parties. The data will be used exclusively for processing the conversation.

7.2. Legal basis for the data processing

The legal basis for the processing of the data which are transmitted during the course of an email is Article 6 paragraph 1 (f) of the GDPR. If the aim of the contact is the conclusion of a contract, then the additional legal basis for the processing is Article 6 paragraph 1 (b) of the GDPR.

7.3. Purpose of the data processing

The processing of the personal data obtained from the email serves solely to process the contact establishment. This, too, justifies the necessary legitimate interest in the processing of the data.

7.4. Duration of the storage

The data will be erased as soon as they are no longer required to achieve the purpose of their collection. In the case of personal data which were sent via email, this applies when the respective conversation with the user has ended. The conversation is deemed to have ended when it is apparent from the circumstances that the relevant issue has been fully resolved.

7.5. Option for lodging an objection or requesting the removal of the data

The user has the option to withdraw his or her consent for the processing of the personal data at any time. If the user establishes contact by email, he or she can object to the storage of the personal data at any time. In such case, the conversation cannot be continued.

You can informally send your objection to us at info(at)ascon-holding.com.

In this case, all personal data stored during the contact will be erased.


8. Rights of the data subject

As a data subject, you have a number of rights which are specified in the GDPR and which can be derived in particular from Articles 15 to 18, 21 of the GDPR:

8.1. Right to be informed:

You can, in accordance with Article 15 of the GDPR, request information relating to the personal data we processed. In your request for information, you should specify your concern in order to make it easier for us to compile the required data. Please note that under certain circumstances, your right to be informed may be restricted in accordance with applicable statutory provisions (in particular Section 34 of the Federal Data Protection Act/BDSG and Article 10 of the Bavarian Data Protection Act/BayDSG).

8.2. Right to rectification:

If the data concerning you do not apply (any longer), you may request rectification pursuant to Article 16 of the GDPR. In the event that your data are incomplete, you may request their completion.

8.3. Right to erasure:

Under the conditions of Article 17 of the GDPR, you can request the erasure of your personal data. Your right to deletion depends, among other conditions, on whether or not we still need the data concerning you for the fulfilment of our statutory duties and responsibilities.

8.4. Right to restriction of processing:

Within the scope of the requirements specified in Article 18 of the GDPR, you have the right to request the restriction of the processing of the data which concern you.

8.5. Right to object:

Pursuant to Article 21 of the GDPR you have the right to object, on grounds relating to your particular situation, at any time to the processing of the data which concern you. However, we may not always be able to meet this request, e.g., if statutory requirements within the scope of executing our official tasks make the processing obligatory. 

8.6. Right to lodge a complaint:

If you have reason to believe that in processing your data, we have not complied with data protection regulations, you may lodge a complaint with a supervisory authority. As a rule, you can appeal to the supervisory authority responsible for your usual place of residence or work or for our head office (in our case, the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen / State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Kavalleriestr. 2-4, 40213 Düsseldorf, Germany, Telephone: 0211/38424-0, Fax: 0211/38424-10, poststelle(at)ldi.nrw.de).