Data protection declaration
We have prepared this document to inform you about how we process your personal data in connection with the use of our offer.
We are committed to comply with the legal provisions on data protection and always strive to take the principles of data avoidance and data minimisation into account.
1 Name and contact data of data controller and company data protection officer
1.1. Data controller
T +49 (511) 898 650 00
1.2. Contact data of data protection officer
You can contact our external data protection officer, Mr. Klaus Mönikes, at the following address: klaus.moenikes[at]privsec[dot]de or datenschutz[at]go2cloud-hpc[dot]de
Your opinion about data protection is important to us. Please tell us what you think. Please send an email with your comments or questions to: datenschutz[at]go2cloud-hpc[dot]de
2 General information about data processing
We only collect and process your personal data as a visitor to our website as is necessary to provide a properly functioning website together with its content and services; only data is processed which is actively transmitted to us by way of your entries.
- You have granted us your consent for the processing of your personal data for one or more purposes, Article 6 para 1 lit. a) GDPR.
- It is necessary to process your personal data in order to fulfil a contract or for the implementation of pre-contractual measures with you, Article 6 para 1 lit. b) GDPR.
- The processing of your personal data is necessary in order to safeguard our legitimate interests except where your interests or fundamental rights and freedoms prevail, Article 6 para 1 lit. f) GDPR.
We will provide you with detailed information in this context about the purpose or purposes of processing your personal data and we will also document your express consent to do so.
In a number of different cases your personal data may be processed for example when you visit our website, make an application, contact us, for remote maintenance, processing and fulfilling your orders or their justification, managing your account, improving the design, organisation and functionality of the website and continuously improving our services, providing information about products and services.
With respect to the legal basis and for details, we would also refer you to the following notes
2.2. Visits to our website
When you access our website our system automatically collects data and information about the computer system of the accessing computer. The legal basis for processing is Article 6 para 1 lit. f GDPR.
The following information is recorded without your intervention and is stored until it is automatically erased.
Each time you visit our website the IP address of the requesting computer is saved. Date and time of access, name and URL of the files accessed, the website from which access was made (referrer URL), browser used and, if applicable, the operating system of your computer together with the name of your access provider.
Should you apply for a situation vacant offered by us or make an unsolicited application, we shall process your data to action the application process and in order to make a decision on determining an employment relationship. The legal basis for such processing is Article 26 BDSG and subordinately Article 6 para 1 lit. f GDPR.
If we do not consider your application, we delete your application and the submitted documents within three months after our decision. In order to be compliant with our statutory obligations for example in accordance with the German General Equal Treatment Act (AGG), we save the data as described based on our legitimate interests.
By withdrawing your application, you can effectively object to any further processing of your data at any time. Should we establish an employment relationship with you, we shall provide separate information concerning the processing of your data and your rights.
2.4. Contact enquiries
If you send us a message by one of the contact options available (contact form, email address), personal data will be transmitted and stored. We use such data as given to us to process your request and there is no transfer of the data to third parties in this respect.
The legal basis for such actions is our legitimate interest to answer your request in accordance with Article 6 para 1 lit. f) GDPR. If the purpose of your request is to conclude a contract with us, an additional legal basis for data processing is then Article 6 para 1 lit. b) GDPR. Following on from your request and its processing, data will be erased no later than three months after receipt. The data will be erased as soon as it is no longer required to achieve the purpose for which it was collected, e.g. the matter at hand has been fully and finally clarified.
If we are legally obliged to store the data for a longer period of time the data will be erased after the relevant period has expired.
Should you wish to receive our newsletter, we will guide you through a registration process by email (name, login details, registration data). The legal basis for our offer is your consent in accordance with Article 6 para 1 lit. a) GDPR. You may cancel the newsletter by unsubscribing using the link published in the newsletter. The data subject may cancel the subscription to our newsletter at any time.
The newsletters contain so-called tracking pixels; these are recorded, analysed and statistically evaluated in order to assess online marketing campaigns.
Your data is not subject to any form of personal evaluation. The statistical evaluation of pseudonymised or anonymised data records for the purpose of improving the website and for statistical purposes (number of users and page views) is stored. The IP data is also kept for reasons of system security.
The legal basis for processing is in accordance with Article 6 para 1 lit. f) GDPR
2.7. Customer registration (portal):
If you register on the customer portal, you allow the collection and processing of personal data by the go2group (go2cloud) or by third party service providers in the name and on behalf of go2group (go2cloud) on the basis of the applicable data protection provisions. Your personal data (registration data, transaction data) will be processed for the existing contractual relationship.
Within the customer portal you will receive further information on data processing.
The legal basis for this is our contractual relationship pursuant to Art. 6 para. 1 lit. b) DSGVO.
The data will be deleted according to legal retention periods.
3 Rights of data subject
In the event that your personal data is processed, you are considered a data subject in accordance with the GDPR and you have the following rights with respect to us as the responsible party.
3.1. Right to information
In accordance with Article 15 GDPR you have the right to request confirmation from us as to whether we process your personal data. If this is the case you have the right to information about this personal data and also information as specified in Article 15 GDPR.
3.2. Right to rectification
In accordance with article 16 GDPR you have the right to request that we immediately rectify any incorrect personal data relating to you. Reflecting the purpose of processing you also have the right to request the completion of incomplete personal data, also by means of a supplementary declaration.
3.3. Right to erasure
You have the right to request that we erase your personal data with immediate effect. We are obliged to erase personal data immediately if the relevant requirements of Article 17 GDPR are met.
3.4. Right to restriction of processing
In accordance with Article 18 GDPR you have the right under certain circumstances to request that we restrict the processing of your personal data.
3.5. Right to data portability
In accordance with Article 20 GDPR, you have the right to receive your personal data as provided by you to us in a structured, commonly-used electronic form and you further have the right to give this data to another person, another data controller without hindrance from us insofar as processing is based on authorisation in accordance with Article 6 para 1 lit. a GDPR or Article 9 para 2 lit. a GDPR or based on a contract in accordance with Article 6 para 1 lit. b GDPR whereby processing takes place aided by automated processes.
3.6. Right to object
In accordance with Article 21 GDPR you have the right to object to the processing of your personal data as may be taking place in accordance with Article 6 para 1 lit. e or lit. f GDPR; this also applies to any profiling taking place based on these provisions.
If you would like to exercise such right please contact us in our role as the data controller using the contact details provided above or use one of the other options offered to send us your message.
If you wish to withdraw your consent to the processing of personal data in accordance with Article 7 para 3 GDPR, send us an email with the subject “Withdrawal of consent”.
If you have any questions, please contact us.
In such case, all personal data saved in the course of contacting us will be erased provided there are no legitimate interests in blocking it.
3.7. Right to lodge a complaint with the supervisory authority
In accordance with Article 77 GDPR you have the right to lodge a complaint with the supervisory authority. This right exists in particular in the EU member state of your residence, your place of work or the place of the alleged violation if you believe that the processing of your personal data is in violation of the GDPR.
Our competent supervisory authority is:
Die Landesbeauftragte für den Datenschutz Niedersachsen (Data protection authority of the state of Lower Saxony)
Internet link: www.lfd.niedersachsen.de.
4 Security measures to protect your data
4.1. Protection of your privacy
We are committed to protecting your privacy and treating your personal data confidentially. We have taken extensive technical and organisational precautions to prevent manipulation, loss or misuse of your data stored by us. These actions are checked regularly and adapted in accordance with technological progress.
If we collect data, we (or our data processors) process your data on specially protected servers in the EU. In accordance with authorisation management, access is only granted to a small number of authorised persons who are responsible for technical, commercial or editorial support.
4.2. Encryption of website communication
It is pointed out at this time that it is possible, due to the structure of the internet, for rules of data protection and the above-mentioned security measures to be ignored by persons or institutions lying outside of our control.
With respect to security reasons and in order to protect the transmission of confidential content such as inquiries you send us as the website operator, this website uses SSL encryption. An encrypted connection/link is identified by the following information in the address line of the browser, which changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL encryption is activated, the data that you transmit to us cannot be read by third parties.
4.3. Unencrypted communication
It is possible for third parties to read unencrypted data transmissions, for example data sent in unencrypted emails. We have no technical influence on this matter. It is your responsibility to protect the data within your area of control against misuse by way of encryption or some other means.
5 Amendments to this policy
You are advised that we may update this data protection policy from time to time by publishing a new version thereof on our website. We may also inform you about such changes by email.
V.03_18.02.2020 adaption of data protection policy to GDPR