The operator of this website attaches the utmost importance to the protection of the privacy of its website visitors - hereinafter referred to as users. The processing of all data made available to the operator is done strictly in compliance with the General Data Protection Regulation (EU GDPR) and all other data protection laws and regulations in the EU Member States. This applies in particular to the processing of personal data.
Responsible for data processing
Responsible for the processing i.S. the data protection regulations are:
Büro Aktiv H. Bruchner GmbH
Fürstenrieder Str. 279a, 81377 Munich
Tel. +49 (0) 89-74 12 00
Fax +49 (0) 89-74 12 01 02
Managing Director: Helmut Bruchner
Data processing at web page call
This website is hosted by a German web host, the adera-web: clever internet; Inh. Mathias Ebert, Marcel-Breuer-Straße 15, 80807 Munich, Germany. The web host also has to comply with the EU GDPR and all other data protection laws or regulations in the member states of the EU. The operator of this website has also concluded a contract for data processing with the web host. This is a contract in which the web host undertakes to protect the transmitted data, in accordance with the data protection provisions on behalf of the operator of this website to process and in particular not to third parties. Further information on data processing by the web host is available to users at https://www.adera.de/datenschutzerklaerung.html.
Each web page retrieval captures data that is stored in the log files of the server and the web application. The following usage data are collected: Internet protocol address (IP address) of the user, date and time of the call, the request, the response status (HTTP status code), URL of the website through which the call has come to the current website or file (referer), browser type and version as well as the operating system of the user.
The storage of the log files is done to ensure the functionality of the website and the shop application. In addition, the data serve statistical evaluations to optimize the website in the interest of the user and to ensure the security and stability of information technology systems. Data processing is based on legitimate interests i.S. of Art. 6 para. 1 sentence 1 f.) GDPR. The operator of this website guarantees that the data will not be merged with other data sources. The log files are stored separately from the personal data of the user, which are collected via form input. The logfiles are deleted according to general principles (see "General information on the deletion of data").
Data processing by cookies
This website uses so-called "cookies". Cookies are small text files that are stored on the web server of the user or the platform of the user (PC, tablet, smartphone, etc.) and contain data that allows the website to recognize and identify the user's Internet browser.
Data processing in connection with booking requests
When requesting a form in connection with the booking of a virtual office or a telephone service, the following data is required in addition to the relevant contract data: name, address, telephone number, e-mail address. In addition, the date and time of the registration as well as the general data registered by the website call (see "Data processing when visiting the website") will be charged. The data will be processed in addition to the other voluntary information only for the purpose of processing the booking request and to fulfill the (pre-) contractual obligations.
Disclosure of data to third parties only takes place if and to the extent that this is necessary to fulfill the (pre-) contractual obligations of the operator or on the basis of legitimate interests of the operator in the economic and effective handling of the booking and payment transaction.
Data processing of the mandatory data is based on Art. 6 para. 1 p. 1 b.) And Art. 6 para. 1 pp. 1 f.) GDPR, otherwise incidentally from Art. 6 para. 1 p. 1 a.), 7 GDPR. The transfer of data to third parties takes place on the basis of Art. 6 para. 1 p. 1 b.) And Art. 6 para. 1 p. 1 f.) GDPR. The data is deleted according to general principles (see "General information on the deletion of data").
Data processing contact forms
When contacting the user via the contact forms, the following data is required: name, e-mail address and message. In addition, the date and time of the registration as well as the general data registered by the website call (see "Data processing when visiting the website") will be charged. These data are processed in addition to the voluntary information only for the purpose of processing the contact request.
Data processing of the mandatory data is based on Art. 6 para. 1 p. 1 b.) And Art. 6 para. 1 pp. 1 f.) GDPR, otherwise incidentally from Art. 6 para. 1 p. 1 a.), 7 GDPR. The data is deleted according to general principles (see "General information on the deletion of data").
Google Maps, Google Fonts
This website uses maps from the Google Maps service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043 (USA). To use the map service, the storage of the IP address is necessary, which is usually transmitted to a Google server in the USA and stored there. This website also uses external fonts from Google Inc. ("Google Fonts"). The integration of the fonts is done by a server call on Google. Data processing is based on legitimate interests i.S. of Art. 6 para. 1 sentence 1 f.) GDPR. By using the o.g. Services, the user is facilitated the use of this website and the appearance of the website optimized. Google is a Privacy Shield Certified (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI), which guarantees compliance with the EU GDPR and all other data protection laws or regulations in the EU Member States , Additional information about computing can be found at https://www.google.com/policies/.
General for the deletion of data
Personal data are always deleted immediately after fulfillment of the retention purpose, as long as the statutory retention periods do not stipulate extended retention (see §§ 257 (1) HGB: 6 years, 147 (1) AO: 10 years) or storage is required for evidence purposes. The log files of the server are stored for security reasons (e.g., to prosecute criminal activity) for a maximum of 14 days and then deleted. The orderly deletion will be reviewed on an annual basis. Unless the data is deleted because it is required for other and legitimate purposes, its processing will be restricted.
Security measures of the operator
In accordance with Art. 32 GDPR, the operator shall take into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the data processing as well as the different likelihood and severity of the risk to the rights and freedoms of the persons concerned; Ongoing appropriate organizational, contractual and technical measures to ensure that the data protection regulations are observed and the data that are the subject of data processing, to protect against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. The operator has already taken into account the protection of personal data during the technical development and design of the website (Art. 25 DSGVO) Security measures include, in particular, the encrypted transmission of data between the user's browser and the server of the operator.
Rights of the user
The user has the right at any time to request information about whether and which personal data of the user are being processed (Art. 15 GDPR). Upon request, the user's personal data must be published in a structured, common and machine-readable format (Article 20 GDPR).
Furthermore, the user has the right to correct inaccurate or complete incomplete personal data (Article 16 GDPR) and - under the conditions of Art. 18 GDPR - the right to restrict the processing.
As far as the processing for exercising the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims is necessary, the user may also request the deletion of his personal data (Art. 17 GDPR).
Consent to data processing i.S. of Art. 6 para. 1 sentence 1 a.), 7 GDPR can be revoked by the user at any time with effect for the future. If processing takes place on the basis of Art. 6 (1) sentence 1 f.) GDPR, the user of the data processing can object with future effect, unless the operator of this website can prove compelling legitimate reasons for the processing, which the interests, rights and freedoms of the user predominate, or the processing serves the assertion, exercise or defense of legal claims of the operator of the website (Art. 21 GDPR).
If the user considers that the processing of his personal data violates data protection regulations, he may lodge a complaint with the competent supervisory authority (Article 77 GDPR). The supervisory authority responsible for the operator of this website is the State Commissioner for Data Protection and Freedom of Information Bavaria, Wagmüllerstraße 18, 80538 Munich.