top of page

PRIVACY POLICY

I. Controller / Data Protection Officer

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:


Mr
Olaf Tarmas

T-Magazin

Steindamm 3

20099 Hamburg

Germany

​

E-mail: info[ät]t-magazin.net

Internet: www.t-magazin.net

 

II. General information on data processing / legal basis

With this privacy policy, we would like to inform you about the type, scope and purpose of the data processed by us. At the same time, this privacy policy contains information on the rights to which you are entitled as a data subject.

 

We collect and use your personal data only to the extent necessary to provide a functional website and our content and services. 

You can use our website without providing any personal data. If you wish to use special functions of our website (such as our online shop or our newsletter), it will be necessary to process personal data. 

 

If the collection and use of your personal data is necessary, this processing is always carried out on a legal basis or we obtain your consent.

 

Your personal data will be deleted as soon as the purpose of storage no longer applies. 

Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which we are subject, or if you have given us your consent to do so. 

The data will also be deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract. 

 

Insofar as we obtain consent from you as the data subject for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a GDPR serves as the legal basis for the processing of personal data.

Art. 6 para. 1 sentence 1 lit. b GDPR serves as the legal basis for the processing of personal data required for the fulfilment of a contract to which you as the data subject are a party. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which we are subject, Art. 6 para. 1 sentence 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of you as the data subject or another natural person require the processing of personal data, Art. 6 para. 1 sentence 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the processing.

 

III. Provision of the website and creation of log files

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

 

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. 

 

This may include (1) information about the browser type and version used, (2) the operating system used, (3) the Internet service provider, (4) the IP address, (5) the date and time of access, (6) websites from which your system accesses our website, (7) websites that are accessed by your system via our website.

 

The data is stored in the log files of our system. This data is not stored together with other personal data. It is therefore not possible to draw conclusions about the data subject.

 

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to your computer. For this purpose, your IP address must remain stored for the duration of the session. 

The data is stored in log files to ensure the functionality of the website. We also use the data to optimise the website and to ensure the security of our information technology systems. This data is not analysed for marketing purposes. 

These purposes constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, which is also the legal basis for the temporary storage of data and log files.

 

The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored beyond this, the IP address is deleted or anonymised so that it is no longer possible to identify the accessing client.

 

Since the collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website, there is no possibility of objection on your part.

​

IV. Use of cookies

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

We use cookies to make our website more user-friendly. Log-in information is stored and transmitted in the cookies in order to recognise users of our website. Information about items placed in the shopping basket is also stored and transmitted in the cookies. This allows the online shop to remember which items have already been placed in the shopping basket.

 

The purpose of using technically necessary cookies is to simplify the use of our website for you. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognised even after a page change. The user data collected by technically necessary cookies is not used to create user profiles.

These purposes also constitute our legitimate interest in the processing of personal data in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, which also constitutes the legal basis for the processing of personal data using cookies.

Cookies are stored on your computer and transmitted from it to our website. You therefore also have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

 

Information on plug-ins used by third-party providers that set so-called third-party cookies can be found below in this privacy policy under point IX. In this context, there is also a note on how the setting or storage of cookies can be prevented or restricted.

​

V. Registration / Purchase processing

On our website, we offer you the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data collected as part of the registration process is derived from the respective input mask used for the collection.

 

Alternatively, we offer you the option of registering or logging in via Facebook Connect or Google Connect. Information on these third-party providers can be found under point IX. of this privacy policy.

 

Your consent to the processing of this data is obtained as part of the registration process. The personal data you enter will only be processed by us internally and for the purpose of any contract fulfilment. 

 

On our website, we also offer you the opportunity to order goods by providing personal data. The data is entered into an input mask during the registration or ordering process and transmitted to us and stored. The data collected as part of this process is derived from the respective input mask used for the collection.

You can order these goods using your customer account (see above) or as a guest. 

 

The personal data entered by you for the purchase transaction will only be used by us to process the specific purchase contract.

The processing of the data is necessary for the fulfilment of a contract with you or for the implementation of pre-contractual measures. The personal data you enter will only be processed by us internally and for the purpose of contract fulfilment. 

 

Personal data may be passed on to third parties, such as parcel carriers or payment service providers, for the fulfilment of the contract; this only occurs to the extent necessary for the delivery of the goods or the processing of payments. 

 

When you register on our website, the IP address assigned by your Internet service provider and the date and time of registration are also stored. The purpose of this storage is to prevent misuse of our services and to assist in the investigation of criminal offences. This data will not be passed on to third parties unless there is a legal obligation to pass it on or it serves the purpose of criminal prosecution.

 

The legal basis for the processing of the data collected during registration is Art. 6 para. 1 lit. a GDPR if you have given your consent.

Insofar as the registration or entry of the data serves the fulfilment of a contract to which you are a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b GDPR.

Insofar as we prevent or investigate misuse of our systems, the legal basis is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

 

The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected, i.e. the creation or operation of a customer account.

Even after the customer account has been closed, it may be necessary to store your personal data in order to fulfil contractual or legal obligations.

 

You have the option of cancelling your registration at any time by sending us a corresponding message by email or post. We will then immediately delete the account created for you internally. If you have received login data for the account from us, you can change, add to or delete the data stored about you in your account at any time.

However, premature deletion of the data is only possible insofar as contractual or legal obligations (e.g. retention obligations on our part) do not prevent deletion.

 

You also have the option to withdraw your consent to the creation of a customer account at any time. If the data processing is based on our legitimate interest, you can object to the processing at any time. 

You can initiate the objection and cancellation as well as the amendment of your data stored by us by informing us of your request by e-mail or by post.

​

VI. E-mail contact

You can contact us via the e-mail address provided on our website. In this case, your personal data transmitted with the e-mail will be stored. 

 

The data will not be passed on to third parties. The data you provide to us on a voluntary basis will only be used to process the conversation.

 

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If your email contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

 

The processing of personal data serves us solely to process the contact. This also constitutes the necessary legitimate interest in processing the data.

 

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For the personal data sent with the email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

 

You have the option to object to the storage of your personal data transmitted by e-mail at any time by informing us of your request by telephone, e-mail or post. In such a case, the conversation cannot be continued.

All personal data stored in the course of contacting us will be deleted in this case.

​

VII. Newsletter

You can subscribe to a free newsletter on our website. When you register for the newsletter, the data from the input screen is transmitted to us. In accordance with the principle of data minimisation, this is only your email address. In addition, the IP address of the accessing computer and the date and time of registration are collected during registration.

Your consent is obtained for the processing of the data as part of the registration process and reference is made to this privacy policy.

 

No data is passed on to third parties in connection with the data processing for sending newsletters. The data is used exclusively for sending the newsletter.

 

The purpose of collecting your e-mail address is to deliver the newsletter. The collection of other personal data as part of the registration process serves to prevent misuse of the services or the e-mail address used.

 

The legal basis for the processing of the data after your registration for the newsletter is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.

 

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. The data you enter will therefore be stored for as long as the subscription to the newsletter is active. The other personal data collected during the registration process is generally deleted after a period of seven days.

 

You can cancel your subscription to the newsletter at any time. There is a corresponding link in every newsletter for this purpose. This also allows you to withdraw your consent to the storage of personal data collected during the registration process.

​

VIII. Comment function of our blog

On our website we regularly publish articles on current topics relating to the subject of "tea" that have aroused our interest and which we think may also arouse your interest. We operate a blog for this purpose.

In this blog, we give you the opportunity to comment on our posts. The data entered in the input mask will be transmitted to us and stored by us.

At the time the comment is sent, only your IP address and the date and time are transmitted and stored. 

 

In this respect, the processing of personal data from the input mask serves exclusively to prevent misuse of the comment form and to ensure the security of our IT system. This is our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, which is also the legal basis.

 

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. This is the case when the comment is no longer published. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

 

You can object to the storage of your personal data at any time. In such a case, the comment can no longer be published. The objection can be made by e-mail or by post. All personal data stored in the course of the comment will be deleted in this case.

 

We also offer you the opportunity to share our blog posts on social media channels. You can find out more about this and the third-party providers involved in this respect under point IX of this privacy policy.

​

IX. Third-party extensions used on the website

  1. Login services

  2. In addition to registering / logging in via our website (see point V. of this privacy policy), we offer you the option of registering / logging in via an existing profile on the social networks Facebook and Google.

  3. To do this, you must click on the corresponding social network icon on our registration or login page. You will then be redirected to the pages of the respective provider, where you can log in with your existing access data. The social network will then inform you which data will be transmitted to us. Your name and e-mail address are decisive for us.

  4. We only store your data after you have given your express consent and use it exclusively for the purpose stated under point V. of this privacy policy.

  5. To the best of our knowledge, your IP address is transmitted to the social network as part of the authentication process. We have no influence on the further use of this data.

  6. The service providers involved in this process are either

  7.  

  8. Translated with DeepL.com (free version)

  • Meta Platforms Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (Facebook Connect) or

  • Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (Google Connect)

  • Further information can be found in the data protection notices of the respective companies at https://www.facebook.com/about/privacy/ or https://policies.google.com/privacy?hl=de.

  • Social media and bookmarking

  • We use social media plugins from the social networks listed below on our website to make us better known. This advertising purpose is a legitimate interest, so the legal basis for this data processing is Art. 6 para. 1 lit. f GDPR. Responsibility for data protection-compliant operation must be guaranteed by the respective provider.

  • We use the so-called Shariff method for the integration of some plugins. Our social buttons only establish direct contact between the social network and the visitor when the latter actively clicks on the share button. If the user is already logged in to a social network, Facebook does this without an additional window. On Twitter, a pop-up window appears in which the text of the tweet can still be edited.

  •  

  • Translated with DeepL.com (free version)

You can therefore post content on social networks without complete surfing profiles being created. The Shariff method is already used by many websites to protect their users.

  1. Facebook

Our online offering uses social plugins ("plugins") from the social network facebook.com, which is operated by Meta Platforms Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland ("Facebook"). The plugins can be recognized by one of the Facebook logos (white "f" on a blue tile, the terms "Like", "Gefällt mir" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

When you visit our website, a direct connection to the Facebook servers is established via your browser. The content of the plugin is transmitted by Facebook directly to your browser, which integrates it into the online offering. The processed data can be used to create user profiles for you. We have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore inform you according to our level of knowledge.

 

Translated with DeepL.com (free version)

By integrating the plugins, Facebook receives the information that you have accessed the corresponding page of our website. If you are logged in to Facebook, Facebook can assign the visit to your Facebook account. If you interact with the plugins, for example by clicking the Like button or leaving a comment, the corresponding information is transmitted directly from your device to Facebook and stored there. If you are not a member of Facebook, it is still possible for Facebook to find out your IP address and store it. According to Facebook, only anonymized IP addresses are stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options to protect your privacy can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/.

 

If you are a Facebook member and do not want Facebook to collect data about you via this online offering and link it to your membership data stored on Facebook, you must log out of Facebook before using our online offering and delete the corresponding cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/oderthe EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.

  1. Twitter

We use the Twitter button on our website. This is regularly represented by the words "Twitter" or "Follow" or by a graphically depicted blue bird.

The buttons are provided by Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.

With the Twitter button it is possible to share a post or page of our website on Twitter or to follow us on Twitter.

When you visit our website, a short-term connection to Twitter servers is established via your browser. The content of the Twitter button is transmitted by Twitter directly to your browser. We therefore have no influence on the scope of the data that Twitter collects with the help of this plugin or on its use by Twitter. To the best of our knowledge, at least your IP address is transmitted.

By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. If you do not wish to be associated in this way, please log out of your Twitter account before visiting our website. Further information on this can be found in Twitter's privacy policy at http://twitter.com/privacy.

  1. LinkedIn

We use functions of the LinkedIn network on our website, which is offered by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

 

As soon as and to the extent that you access pages on our website that contain LinkedIn functions, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the LinkedIn "Recommend" button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account.

 

Further information on this can be found in LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy

 

  1. Payment methods

  2. PayPal

  3. We have integrated PayPal components on our website. PayPal is a payment service provider. Payments are processed via PayPal accounts. These are virtual accounts. PayPal also offers the option of processing payments via credit cards if the user does not have their own PayPal account.

  4. The PayPal account is managed via an e-mail address. The e-mail address is assigned to a specific account and is comparable to an account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also offers trustee functions and buyer protection services.

  5. PayPal is operated in Europe by PayPal (Europe) S.à r.l. et Cie, S.C.A.

  6. 22-24 Boulevard Royal

  7. L-2449 Luxembourg.

 

If you have selected PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account via PayPal" as the payment method, we automatically transmit your payment and order data, i.e. the personal data you have transmitted to us, such as name, address, e-mail address, IP address, telephone number or other data necessary for payment processing, to PayPal (Europe) S.à r.l. et Cie, S.C.A.

22-24 Boulevard Royal

L-2449 Luxembourg. This personal data is passed on to PayPal exclusively for the purpose of the online order and its payment processing.

A transfer takes place in particular if there is a legitimate interest in this. PayPal may also pass on personal data to third parties such as credit agencies for identity and credit checks. Personal data may also be passed on to companies and service providers affiliated with PayPal or subcontractors as well as banking institutions, insofar as this is necessary to fulfill the contractual obligation or the data is to be processed on behalf of PayPal.

The legal basis for the use of the service lies in Art. 6 para. 1 sentence 1 lit. b) GDPR, as it serves to fulfill the contract concluded with you.

You have the option to revoke your consent to the handling of personal data from PayPal at any time. However, the revocation does not affect such personal data that must be processed, used or transmitted for contractual payment processing. Further details on data protection at PayPal can be found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-prev.

By using PayPal, you agree to the above information and the use of personal data described here and recognize the data protection provisions at https://www.paypal.com/de/webapps/mpp/ua/privacy-prevabrufbaren.

  1. Klarna

We have set up the possibility on this website that you can pay with the payment service provider "Klarna" with the option "Sofortüberweisung".

 

Klarna Sofortüberweisung is a payment service that enables cashless payment for products and services on the Internet. Sofortüberweisung is a technical procedure through which the online retailer immediately receives a payment confirmation. This enables a merchant to deliver goods, services or downloads to the customer immediately after the order has been placed.

Sofortüberweisung is operated by the company SOFORT GmbH, Fußbergstraße 1, 82131 Gauting, Germany. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden.

 

If you select "Sofortüberweisung" as your payment method, your data will be automatically transmitted to Sofortüberweisung. By selecting this payment option, you consent to the transfer of personal data required for payment processing.

When making a purchase via Sofortüberweisung, you transmit the PIN and TAN to Sofort GmbH. Sofortüberweisung carries out a transfer to the online merchant after a technical check of your account balance and retrieval of further data to check the account coverage. The online merchant is then automatically notified that the financial transaction has been carried out.

 

The personal data exchanged with Sofortüberweisung is first name, surname, address, email address, IP address, telephone number, cell phone number or other data required for payment processing. The data is transmitted for the purpose of payment processing. We will also transmit other personal data to Sofortüberweisung if there is a legitimate interest in the transmission.

 

Sofortüberweisung may pass on the personal data to affiliated companies and service providers or subcontractors if this is necessary to fulfill the contractual obligations or if the data is to be processed on behalf of the customer.

 

You have the option of revoking your consent to the handling of personal data at any time from Sofortüberweisung. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.

 

Further information regarding data protection at Sofortüberweisung can be found at hhttps://www.klarna.com/sofort/datenschutz/.

​

X. Rights of the person concerned

If and insofar as we process your personal data, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis us as the controller:

  1. Right to information: If your personal data is being processed, you can request information about the purposes for which the personal data is being processed, the categories of personal data being processed, the recipients or categories of recipients to whom the personal data relating to you has been or will be disclosed, the planned duration of storage of the personal data relating to you or, if specific information on this is not possible, criteria for determining the duration of storage, the existence of a right to rectification or erasure of the personal data relating to you, the existence of a right to data portability and the right to data portability. the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period, the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing, the existence of a right of appeal to a supervisory authority, all available information on the origin of the data if the personal data are not collected from the data subject. You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

  2. Right to rectification: In accordance with Art. 16 GDPR, you have the right to rectification and/or completion if the processed personal data concerning you is incorrect or incomplete. The correction must be made immediately.

  3. Right to erasure: In accordance with Art. 17 GDPR, you can demand that the personal data concerning you be deleted immediately. The right to erasure does not apply if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for the performance of a task carried out in the public interest or for the establishment, exercise or defense of legal claims.

  4. Right to restriction of processing: You may request the restriction of the processing of personal data concerning you in accordance with Art. 18 GDPR if you dispute the accuracy of the data, the processing is unlawful, the personal data is no longer required for the purposes of processing, but you need it to assert, exercise or defend legal claims, or you have lodged an objection to the processing in accordance with Art. 21 para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the controller outweigh your reasons.

  5. Right to information: If you have exercised your right to rectification, erasure or restriction of processing, all recipients to whom the personal data concerning you have been disclosed must be informed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.

  6. Right to data portability: In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller if the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and the processing is carried out by automated means. In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be affected by this.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest.

  1. Right to object

Pursuant to Art. 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR.

The objection can be declared to the controller by email, fax or letter (see point 10.1). In the event of an objection, the controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

  1. Right to withdraw the declaration of consent under data protection law

  2. In accordance with Art. 7 (3) GDPR, you have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal, but no further processing will take place in the future.

  3. Automated decision-making in individual cases, including profiling

  4. You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision is necessary for entering into, or performance of, a contract between you and the controller, is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or is based on your explicit consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

With regard to the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

  1. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Our supervisory authority responsible for data protection matters is

 

The Hamburg Commissioner for Data Protection and Freedom of Information

Ludwig-Erhard-Str 22, 7th floor

20459 Hamburg

 

Phone: 040 / 428 54 - 4040

Fax: 040 / 428 54 - 4000

E-mail: mailbox[ät]datenschutz.hamburg.de

 

 

END OF THE PRIVACY POLICY

bottom of page