Web Data Protection Policy

We, edudip GmbH, as the operator of these pages, take the protection of your personal data very seriously. We treat your data confidentially and in accordance with the statutory data protection regulations and this data protection policy. This data protection policy applies to our websites www.edudip.com/de and www.edudip.market.

Information obligations for personal data collection (Art. 13 EU GDPR)

We have been subject to the provisions of the European General Data Protection Regulation (EU GDPR) and the regulations of the new German Federal Data Protection Act (BDSG) since 25.05.2018. The following provides information according to the guidelines of Art. 13 EU GDPR about how we collect and process your personal data, when using our website, in compliance with the law.

1. Scope, purpose and legal basis of data processing (Art. 13 para. 1 lit. c) and d) EU GDPR)

a) Visiting our website

First and foremost, we would like to use our website to provide information about ourselves and our activities. At the same time, we offer our browser-based webinar software “edudip next” and our online marketplace for webinars “edudip.market” via our website.

In connection with our websites, we generally process personal data only insofar as this is necessary for the provision, use and optimisation of our website and our software, as well as to safeguard our legitimate interests (Art. 6 para. 1 subpara. 1 lit. f) EU GDPR). We also process your data in order to fulfil contracts or to carry out pre-contractual measures (Art. 6 para. 1 subpara. 1 lit. b) EU GDPR). In addition, we only process your data in connection with our website if you have expressly consented to it (Art. 6 para. 1 subpara. 1 lit. a) EU GDPR).

b) Logging - server log files

The provider of the webpages automatically logs and stores information in so-called server log files, which your browser automatically transmits to us. These are

  • Browser type and version
  • Operating system used (referrer)
  • URL host name of the accessing computer
  • Time of the server request
  • IP address

The legal basis for storing the server log files is Art. 6 para. 1 subpara. 1 lit. f) EU GDPR. We have a legitimate interest in the presentation of our website without technical errors, as well as optimisation of our website, both of which require the server log files to be recorded. Our legitimate interest is also to maintain the security of our website, because the data are also used to identify and track unauthorised attempts to access our web server. The evaluation is carried out by employees of our company. User profiles are not created. It will not be passed on to third parties, including extracts.

c) Cookies

Our websites use cookies. Cookies are small text files that are stored on your device and saved by your browser. They do not damage your end device and do not contain viruses. Cookies are either temporarily stored on your device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies have different functions. Many cookies are necessary for technical reasons as certain website functions would not work without them (e.g. executing the electronic communication process). Other cookies are functional, they are used to provide certain functions that you want (e.g. test account). Other cookies are used for website optimisation, i.e. to evaluate user behaviour on our website and to make our website more user-friendly, effective and secure.

In some cases, third-party cookies can also be stored on your device (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

The legal basis for creating both technical and functional cookies is Art. 6 para. 1 subpara. 1 lit. f) EU GDPR saved. Such cookies are stored in the interest of providing our website without technical errors and for website optimization.

The legal basis for for storing all other cookies (e.g. those for analysing your user behaviour and those from third-party providers) is Art. 6 para. 1 subpara. 1 lit. a) EU GDPR, provided you have given us your consent. When you visit our website, an opt-in checkbox will be displayed which allows you to declare your consent to the storage of said cookies. You may revoke your consent at any time, non-retroactively, by opening the cookie settings page and using the opt-out checkbox there. This revocation only affects the future storage of cookies, and not those cookies already saved with your consent. These must be removed by you or via your automatic browser setting.

Most browsers are set to automatically accept cookies. You can set your browser so that you are informed about the placement of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when the browser is closed. This allows the use of cookies to remain transparent for you.

d. Integration of services for statistical evaluation

Google Analytics

Our websites use Google Analytics, a web analytics service provided by Google LLC. (“Google”). Google Analytics uses cookies that enable an analysis of your use of the website. The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there. On our website, however, Google Analytics has been expanded to include the code “gat._anonymizeIp();” to ensure that IP addresses are recorded anonymously (so-called IP masking) and to prevent any direct reference to a person. This will ensure Google shortens your IP address within member states of the European Union, or in other contracting states of the Agreement on the European Economic Area, before transmission to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and then shortened there.

This data processing only takes place if you have given your consent in accordance with Art. 6 para. 1 lit. a), Art. 7 GDPR. When you visit our website, an opt-in checkbox will be displayed which allows you to declare your consent. You may revoke this consent at any time, non-retroactively, by re-opening the settings page and using the opt-out checkbox there. This revocation only affects the future storage of cookies, and not those cookies already saved with your consent. These must be removed by you or via your automatic browser setting. You can prevent the installation of Google Analytics cookies from the outset by withholding your consent to their storage; however, we would like to point out that in this case you may not be able to use all functions of our website to their fullest extent. In order to guarantee the data protection-compliant processing of the data, we have an order processing contract with Google in the sense of Art. 28 EU GDPR.

Google Analytics in Germany is provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. The parent company is Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. The information generated by the Google Analytics cookies about your use of our website (including your IP address, which has usually been anonymized previously) is transferred to a Google server in the USA and stored there. By giving your consent, you record that you agree to the transfer of personal data to Google and thus to the transfer of data to third countries (outside the EU). Google LLC in the USA has been certified under the EU-US Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI).

Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website activity and internet usage. According to the company, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Further information on the processing of personal data in connection with Google Analytics can be found in Google's Privacy Policy and Cookie Policy at https://www.google.de/intl/de/policies/privacy/ and https://policies.google.com/technologies/cookies?hl=de&gl=de as well as at https://marketingplatform.google.com/intl/de/about/analytics/, https://marketingplatform.google.com/about/analytics/terms/de/.

e) Social networks

YouTube

Videos from YouTube are integrated into our website. These videos were embedded using the “extended data protection mode” offered by YouTube. According to the company itself, YouTube does not initiate any data processing operations until you watch a video. When you watch a video, YouTube processes data to a specifically unknown extent (including your IP address) and, under certain circumstances, stores cookies, provided you have given your prior consent. YouTube is in turn connected to the Google DoubleClick network. The Google DoubleClick network processes data to a specifically unknown extent (including your IP address) and, under certain circumstances, stores cookies, provided you have given your prior consent.

YouTube in Germany and the EU is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. YouTube's parent company is Google LLC, 1600 Amphitheater Parkway, Mountain View, California 94043. Data and information from users is processed by YouTube and Google in the EU and in third countries, such as the USA. The legal basis for the data processing associated with embedding YouTube videos is Art. 6 para. 1 subpara. 1 lit. a) EU GDPR. By giving your consent or by clicking on the YouTube video, you record that you agree to the transfer of personal data to YouTube and Google and thus to the transfer of data to third countries (outside the EU).

We also operate our own YouTube channel. Please note that each time our YouTube channel is accessed (either via a link or in any other way) on YouTube websites, personal data are processed by YouTube/Google in a specifically unknown extent. This includes, among other things, your IP address and the previous website you visited before accessing YouTube. In addition, every time our YouTube channel is accessed, cookies and tracking technologies are deployed by YouTube/Google. This enables Google to understand and analyse your user behaviour beyond YouTube’s websites. All of this happens regardless of whether you are logged into your YouTube user account or have one at all. If you are logged into your YouTube user account, you allow YouTube to assign your user behaviour directly to your personal profile. According to the company, you can prevent this by logging out of your YouTube account. Further information on data protection at YouTube can be found in YouTube's Data Policy and Cookie Policy at: https://www.google.de/intl/de/policies/privacy, https://policies.google.com/technologies/cookies?hl=de&gl=de. We have no influence on the processing of your data by Google and on whether Google complies with the applicable data protection regulations.

f) Enquiries / contact

If you would like to contact us, please use the contact details provided. If you contact us by phone, email or fax, your request, including all personal data resulting from it, will be stored and processed by us for the purpose of processing your request. The data will be used strictly for processing your request.

The legal basis for processing this data is Art. 6 para. 1 subpara. 1 lit. b) EU GDPR, if your request is related to the fulfilment of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest regarding the effective processing of enquiries addressed to us in accordance with Art. 6 para. 1 subpara. 1 lit. f) EU GDPR or on your consent acc. Art. 6 para. 1 subpara. 1 lit. a) EU GDPR, if this was asked for.

The data will be deleted if you ask us to delete it, withdraw your consent to the processing or the purpose of processing no longer applies, i.e. specifically after your request has been processed. Mandatory statutory retention periods remain unaffected.

g) Use of our “edudip next” webinar software

Registration / contractual or pre-contractual use of our webinar software

You can register on our website www.edudip.com/de to test or use our “edudip next” webinar software. We only use the personal data you enter to help us provide our webinar software and to carry out pre-contractual measures or to fulfil the underlying contract. The mandatory information requested during registration must be given in full. Otherwise the registration will be rejected. In event of important changes, such as to the scope of the offer or changes necessary for technical reasons, we will use the email address provided during registration to inform you.

As part of the contractual use of “edudip next”, we process contract master data (e.g. contractual relationship, product or contract interest), customer history, contract billing and payment data as well as planning and control data. We only process data that is necessary for the establishment, content or change of the legal relationship. We only process usage data about the use of our website insofar as this is necessary to enable the user to use our service or to bill for it.

We only transfer personal data to third parties if this is necessary in the context of contract processing, for example to the credit institution commissioned with payment processing. Any further transmission of the data does not take place or only if you have expressly consented to said transmission. Your data will not be disclosed to third parties without express consent, for example for advertising purposes.

The legal basis for this data processing is Art. 6 para. 1 subpara. 1 lit. b) EU GDPR. The data collected during registration and the data processed in the context of contractual use will be stored by us as long as you are registered on this website. They are deleted after the end of the business relationship or after completion of the order. Mandatory statutory retention periods remain unaffected.

Use of our webinar software as a participant

If you participate in a webinar offered by edudip itself, we process the personal data that you enter in the mandatory fields (gender, first name and last name, email address) and also user information (e.g. webinar data including display name, chat history and duration of the Participation), technical data (e.g. IP addresses, hashed passwords) as well as voice and video data. In the case of webinars offered by edudip itself, the legal basis for data processing is Art. 6 para. 1 subpara. 1 lit. b) EU GDPR (contract fulfilment / contract initiation). At the webinars we hold, the participant data is deleted after 360 days.

If our customers use our webinar software to offer webinars, these customers are responsible for data protection. In this case, we, edudip, are processors within the meaning of Art. 28 EU GDPR. We process the personal data generated during the customer's webinar in accordance with the instructions of the underlying order processing contract. Deletion also takes place only on the instructions of the respective customer or by the customer himself.

h) Use of our “edudip.market” online marketplace for webinars

Use of our website www.edudip.market requires registration as a member. To register as a member, you must provide your name, a valid email address and a desired password. No further data is required. Your address, telephone number, email address and bank details are not displayed in your member profile.

To inform other members about yourself, you can use your member profile to describe yourself by providing further details. However, in your member account under Settings -> Privacy, you can decide for yourself who can view your member profile and what they can see. If you work as an online trainer, your offer and your specialisation will be listed at “http://www.edudip.market/trainer” and made available to every visitor to the website. If you do not want said publication, you can change this in the profile settings under “Privacy”.

If you have concluded a webinar contract with another member, edudip will transmit your specified name and your edudip profile page link to your contractual partner. No further data transfer occurs. Under no circumstances will your data be disclosed for advertising purposes.

All of the data you provide will be used to process the contracts for use of the “www.edudip.market” website and to enable you to use the options offered by “www.edudip.market”. The password you enter will be stored in encrypted form by edudip. The legal basis for this data processing is Art. 6 para. 1 subpara. 1 lit. b) EU GDPR. The data collected during registration and the data processed in the context of contractual use will be stored by us as long as you are registered on this website. They are deleted after the end of the business relationship or after completion of the order. Mandatory statutory retention periods remain unaffected.

All websites of the platform on which you enter data are secured by 256-bit TLS encryption. Our servers are located in a data centre that is certified according to ISO 27001, ISAE 3402 (successor to SAS 70) and KPMG IDW PS 951 Type B.

For the purpose of quality assurance, edudip GmbH is authorised to check live streams using technical bodies.

i. Encrypted payments on our website

If, after conclusion of a fee-based contract (see points h. and i. above), there is an obligation to provide us with your payment details (e.g. account number with direct debit authorisation), this data is required for payment processing. Payment transactions using common payment methods (Visa/MasterCard, direct debit) are performed exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. Encrypted communication ensures that your payment data, which you transmit to us, cannot be read by third parties.

j. Stripe

On our websites we offer payment services via Stripe. The provider for customers within Germany and the EU is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”).

If you pay via Stripe, your payment details will be forwarded to Stripe via an interface on our site in order to make the payment. The legal basis for transmission of your data to Stripe is Art. 6 para. 1 subpara. 1 lit. b) EU GDPR (contract processing) and on the basis of our legitimate interest regarding the use of reliable and secure payment processes (Art. 6 para. 1 subpara. 1 lit. f) EU GDPR).

Details on the processing of personal data by Stripe can be found in Stripe's Privacy Policy at the following link: https://stripe.com/de/privacy.

k. Comment function on this website

To provide the comment function on this page, information about the time the comment was created, your email address and, insofar as you are not posting anonymously, the username you selected, will be saved in addition to your comment. The comments and the associated data (e.g. IP address) are saved and remain on this website until the commented content has been completely deleted or the comments have to be deleted for legal reasons (e.g. offensive comments).

The comments are saved on the basis of your consent (Art. 6 para. 1 subpara. 1 lit. a) EU GDPR). You can revoke your consent at any time without giving a reason. All you need to do is send us an informal email. The legality of the data processing that has already been performed remains unaffected by said revocation.

l. Newsletter (MailChimp)

MailChimp mailing service provider

This website uses the services of MailChimp to send newsletters. MailChimp is provided by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

The MailChimp service allows newsletter mailing to be organised and analysed. If you enter data for the purpose of receiving the newsletter (e.g. your email address), it will be stored on MailChimp's servers in the USA. MailChimp is certified according to the “EU-US Privacy Shield” (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG). The “Privacy Shield” is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA. In order to guarantee the data protection-compliant processing of the data, we have an additional order processing contract in the sense of Art. 28 EU GDPR with MailChimp in accordance with the legal requirements. MailChimp will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions in relation to this data.

Content, registration, double opt-in and logging

Our newsletter contains information about campaigns, the company edudip, further developments of the webinar software, customer interviews etc. If you would like to receive the newsletter, we need an email address from you as well as your first and last name. We use this information to be able to address you personally in our newsletters and to verify that you are the owner of the email address provided and that you agree to receive the newsletter. We only use this data to send the requested information and do not disclose it to third parties. No further data is collected, except on a voluntary basis.

Registration for our newsletter is performed according to the so-called double opt-in procedure. I.e. after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no one can register with someone else's email address. The registrations for the newsletter are logged in order to be able to demonstrate the registration process in accordance with the legal requirements. This includes storing the times of registration and confirmation, as well as the IP address. Changes to your data stored at MailChimp are also logged.

Statistical analysis of the newsletter

MailChimp allows us to analyse our newsletter campaigns. When you open an email sent with MailChimp, a pixel-sized file contained in the email, a so-called web beacon, connects to the servers of MailChimp in the USA. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on. In addition, technical information is recorded (e.g. time of access, IP address, browser type and operating system). This information is used only for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. It is not possible to subscribe to the newsletter without the web beacon. If you do not consent to analysis by MailChimp, you must unsubscribe from the newsletter or should not subscribe to it in the first place. We provide a corresponding link for this in every newsletter message. You can also unsubscribe from the newsletter directly on the website.

Legal basis - consent & revocation

The processing of your personal data in the context of the newsletter subscription and mailing, as well as newsletter analysis, is performed exclusively on the basis of your consent (Art. 6 para. 1 subpara. 1 lit. a) EU DS-GVO). By giving your consent, you record that you agree to the transfer of personal data to MailChimp and thus to the transfer of data to third countries, i.e. the USA. You can revoke your consent at any time without giving reasons, for example by using the “unsubscribe” link in the newsletter or by unsubscribing from the newsletter directly on the website. The legality of the data processing that has already been performed remains unaffected by said revocation. The data you have submitted to us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and are deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that we have stored for other purposes remains unaffected.

After you have unsubscribed from the newsletter distribution list, your email address may be saved in a blacklist with us or the newsletter service provider to prevent future mailing. The data from the blacklist are used only for this purpose and are not combined with other data. This serves both your interest and our legitimate interest in complying with the legal requirements when sending newsletters (Art. 6 para. 1 subpara. 1 lit. f) EU GDPR). Storage in the blacklist is not limited in time. You can object to said storage in accordance with Art. 21 EU GDPR if your interests outweigh our legitimate interests.

Online access to the newsletter and data management

There are cases in which we direct the newsletter recipients to the MailChimp website. Our newsletters contain, for example, a link with which the newsletters can be retrieved online (e.g. in the case of display problems in the email program). In addition, newsletter recipients can correct their data, e.g. the email address, subsequently. Likewise, MailChimp's Privacy Policy is only available on their website. In this context, we would like to point out that cookies are used on the websites of MailChimp and thus personal data are processed by MailChimp, its partners and service providers (e.g. Google Analytics). We have no influence on this data processing. Further information on the processing of personal data by MailChimp can be found in the data protection regulations of MailChimp at https://mailchimp.com/de/help/about-the-general-data-protection-regulation/ and https://mailchimp.com/legal/.

m. Vacancies and application procedures

We process the personal data that you provide in your application, insofar as this is necessary for the decision on establishing an employment relationship with us. The legal basis for this is Art. 88 EU GDPR in conjunction with Section 26 para. 1 sentence 1 var. 1 in conjunction with para. 8 sentence 2 BDSG.

Your personal data will be treated confidentially and processed exclusively for the purpose of processing the application, i.e. for recruiting, recruiting and creating an employment contract. In order to implement the application process, it is essential that employees from the HR department, the respective department and, if applicable, the responsible bodies, such as the representative for the severely disabled, have access to your personal data.

If you give us your consent, we will process your personal data in addition to applying for a specific position or a specific appointment, and will contact you at other positions that match your profile.

General retention and deletion periods apply. We generally store your personal data for as long as this is necessary for deciding on your application and only if there is another legal reason for further storage. Such a legal reason can result in particular from tax and accounting obligations or from defence against possible legal claims, in particular according to the General Equal Treatment Act (AGG).

If you have not consented to further data processing for other positions that may match your profile, we will delete your data no later than six months after the application process has been completed. If you have given your consent to other positions or have unsolicited applications, we will save your personal data for a maximum of three years, beginning with the end of the year in which you give your consent to us or send your application on your own initiative have submitted. In the event of a successful application, we will transfer your application documents to your personnel file.

2. Recipients / categories of recipients of personal data (Art. 13 para. 1 lit. e) and f) EU GDPR)

The recipient of the data associated with the use of our websites, our “edudip next” webinar software and our “edudip.market” online marketplace is edudip GmbH. Your data will be treated confidentially and will never be disclosed to third parties, neither to recipients within Germany or the European Union nor to recipients in third countries. Profiling is also not carried out. We only transfer personal data to third parties if this is necessary in the context of contract processing, for example to the credit institution commissioned with payment processing. Any further transmission of the data does not take place or only if you have expressly consented to said transmission. Your data will not be disclosed to third parties without express consent, for example for advertising purposes.

We may use external service providers who process personal data on our behalf. These are considered processors in the sense of Art. 28 EU GDPR. When data is forwarded to these partners, an order processing contract is therefore always concluded in accordance with the legal requirements to ensure the control and protection of the data.

The current data processing agreements can be found at av.edudip.com.

Edudip GmbH will transfer personal data to institutions (authorities) entitled to information if it is obliged to do so by law or by court order.

3. Duration of storage and deletion of personal data (Art. 13 para. 2 lit. a) EU GDPR)

The duration of the storage of personal data depends on legal requirements and the purpose of data storage. In general: If the purpose of data processing is no longer applicable, we will delete your data. The reasons for deletion of personal data result from Art. 17 EU GDPR. Secondary to this, your data must always be deleted if one of the following reasons exists:

  • Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
  • You withdraw your consent on which the processing was based and there is no other legal basis for the processing.
  • You object to the processing in accordance with Article 21 para. 1 and there are no overriding legitimate grounds for the processing, or you object to the processing in accordance with Article 21 para. 2.
  • The personal data was processed illegally.
  • The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the member states to which edudip GmbH is subject.

Exceptions, according to which your data does not have to be deleted, even though one of the listed reasons exists, are also regulated in Art. 17 EU GDPR.

Your rights as a data subject (Art. 13 para. 2 lit. b) and c) EU GDPR)

The EU GDPR gives the data subject, affected by the processing of personal data, various options to check and influence the handling of their personal data themselves. You therefore have the following rights:

  • Right to access (Art. 15 EU GDPR)
  • Right to rectification (Art. 16 EU GDPR)
  • Right to erasure (Art. 17 EU GDPR, see above)
  • Right to restriction of processing (Art. 18 EU GDPR)
  • Right to data portability (Art. 20 EU GDPR)
  • Right to revoke any consent given (Art. 7 Para. 3 EU GDPR)

You also have the right to object (Art. 21 EU GDPR): For reasons arising from your particular situation, you can at any time object to the processing of your personal data, which is performed on the basis on Art. 6 p. 1 lit. e) or f) EU GDPR. The respective legal basis on which processing is based can be found in this Data Protection Policy. If you lodge an objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for said processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. If we process personal data for direct marketing purposes, you have the right to object at any time to said processing of your personal data for the purpose of such advertising. We would also like to point out the options for objection to data processing for advertising purposes on the websites http://www.aboutads.info/choices/ and http://www.youronlinechoices.com/ (for the European region).

If you would like to exercise one of the rights mentioned above, please send an email to the address given under Point 5.

5. Data controller (Art. 13 para. 1 lit. a) EU GDPR)

Responsible for the processing of personal data on this website within the meaning of the EU GDPR is:

edudip GmbH
Jülicher Straße 306
52070 Aachen
Telephone: +49 241 4004768-0
Email: info@edudip.com

Authorised Managing Director: Dipl. Ing. Torsten Kämper
Authorised Managing Director: Dilek Aydin

The data controller is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data.

6. Our local external Data Protection Officer (Art. 13 para. 1 lit. b) EU GDPR)

The following was appointed as Data Protection Officer acc. to Art. 37 EU GDPR:

Günter Jachtner
Certified Data Protection Officer (TÜV)
CE21 - Gesellschaft für Kommunikationsberatung mbH
Bergfeldstraße 11, 83607 Holzkirchen

NRW branch:
Donnerbachweg 1, 53332 Bornheim
Tel.: +49 221 7160069
Email: datenschutz@edudip.com

7. Right to lodge a complaint with the competent supervisory authority (Art. 13 para. 2 lit. d), Art. 77 EU GDPR)

In addition to the rights listed above, you also have the right to complain to a data protection supervisory authority in every country in the European Union. Here you will find a list of all state Data Protection Officers in the federal states.

8. Security

a) Technical and organisational measures

Edudip GmbH implements technical and organisational measures in the sense of Art. 32 EU GDPR to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are improved continuously in line with technological developments. We have committed all employees to confidentiality. In addition, our employees receive regular training from our data protection officer to ensure that data protection regulations are adhered to. It also ensures that the regulations on data protection are also observed by the external service providers involved.

b. Email

Email security

If you send us an email, your email address will only be used for correspondence with you. An encryption process is not used. Email traffic takes place via the unsecured internet. We would like to point out that the internet poses many risks of attack and that absolutely secure transmission cannot be guaranteed. It is not possible to completely protect data from third-party access. Therefore, please do not send us any confidential or strictly confidential data by email.

Objection to advertising emails

We hereby object to the use of contact data published in this data protection declaration or in the imprint for sending unsolicited advertising and information material. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited promotional information, such as spam emails.

c. Transport Layer Security (TLS) encryption

Our websites use TLS encryption for security reasons and to protect the transmission of confidential content, such as the enquiries you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

9. Links to other websites

Our websites contain links to other websites. We have no influence on their content and that their operators comply with the applicable data protection regulations. The purpose and scope of any data collection, further processing and use of the data by the respective third party who operates the corresponding website, as well as your rights and setting options for protecting your privacy, can be found in the third party's data protection notices. We also have no influence on the current and future design or the authorship of the content of the linked pages. We hereby declare that at the time the link was created, no illegal content was recognisable on the linked pages. We expressly distance ourselves from all content that may be relevant under criminal or liability law or that violates common decency. For illegal, incorrect or incomplete content and for damages resulting from the use or non-use of other websites, the provider of the linked page is solely liable.

10. Definitions

Legislators require personal data to be processed lawfully, in good faith and in a transparent manner that is understandable to the data subject. Our data protection declaration should therefore be easy to read and understand for any interested person. To ensure this, we would like to explain some of the terminology.

We use the following terms in this Data Protection Policy:

Data subject

A data subject is every identified or identifiable natural person whose personal data is processed by us.

Processing

Processing is any process or series of processes in connection with personal data, such as the collection, recording, organisation, ordering, storage, adaptation or modification, reading, querying, use, disclosure through transmission, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction of data.

Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.

Profiling

Profiling is any type of automated processing of personal data, which consists in the fact that this personal data is used to evaluate certain personal aspects that relate to a natural person, in particular to analyse or predict aspects related to work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location of this natural person.

Pseudonymisation

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures that ensure that the personal data cannot be assigned to an identified or identifiable natural person.

Controller or data controller

The controller or data controller is the natural or legal person, public authority, agency or other body that alone or together with others decides on the purposes and means of processing personal data.

Processors

The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.

Receiver

The receiver is a natural or legal person, public authority, agency or other body to which personal data is disclosed, regardless of whether it is a third party or not.

Third party

A third party is a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who are authorised to process the personal data under the direct authority of the controller or processor.

Consent

Consent is any expression of will voluntarily given by the data subject for the specific case in an informed manner and unequivocally in the form of a declaration or other clear confirmatory act, with which the data subject indicates that they consent to the processing of their personal data is.

11. Final clauses

Due to the further development of our website or the implementation of new technologies, it may become necessary to change this Data Protection Policy. We reserve the right to change this Data Protection Policy at any time, non-retroactively. The version available at the time of your visit always applies.

For further information, e.g. for copyright, see Disclaimer page.

Do you have questions or do you need help?
We are happy to help you here.

Our customer service is
now there for you even longer!

Monday - Friday:
Saturday:
8:00 - 20:00 Uhr
8:00 -13:00 Uhr
Uwe van Düren - Customer Service Stefan Gougourdis - Customer Service Stefan Sorgefrey - Customer Service Markus Reichstein - Customer Service Lars-Niklas Rose - Customer Service