Privacy policy

Data protection declaration according to the basic data protection regulation (DSGVO)

I. General information on data processing

1. scope of the processing of personal data

As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our contents and services. The processing of personal data of our users is regularly only carried out with the consent of the user. An exception is made in those cases where it is not possible to obtain prior consent and the processing of the data is permitted by legal regulations.

2. legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a EU Data Protection Basic Regulation (DSGVO) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations which are necessary to carry out pre-contractual measures.

Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or of a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f DSGVO serves as the legal basis for the processing.

3. data deletion and storage period

The personal data of the person concerned will be deleted or blocked as soon as the purpose of the storage no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU ordinances, laws or other regulations to which the person responsible is subject, or if the person explicitly consents. Data will also be blocked or deleted if a storage period prescribed by the above-mentioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.

II. provision of the website and creation of log files

1. protection of your data

The protection of your personal data is very important to us. You can visit our websites without giving any personal information. We do not store any personal data in this context. In order to improve our offer, we only evaluate statistical data of all visits, which, however, do not allow any conclusion about your person. The following data is logged:  Retrieval of files, date and time of retrieval, amount of data transferred, duration of visitors' stay on our site, screen size of visitors, as well as the web browser and operating system used. Traceability of the IP address is made impossible by making the last 4 digits unrecognizable.

Further personal data is only collected if you provide this information voluntarily, for example in the context of a contact or offer inquiry.

2. responsible persons

The responsible person in the sense of the Data Protection Basic Regulation and other national data protection laws of the member states as well as other data protection regulations is

WEBER & PARTNER GMBH
Lyon Street 34
D - 60528 Frankfurt/Main
Phone: +49 (0) 69 / 666 70 70

Email: office@dr-weber-partner.de
www.dr-weber-partner.de

Local court Frankfurt am Main HRB 24780

3. use and transfer of personal data

If you have provided us with personal data, we will use it only to answer or process your request.

4. information, deletion, blocking

You have the right to receive information free of charge about your stored personal data, its origin and the purpose of data processing as well as the right to correct, block or delete this data at any time. You have the right to revoke your consent with effect for the future at any time and to demand the deletion of your data.

The deletion of stored personal data is carried out when the purpose of the storage is no longer given or is required by law. For this purpose, as well as for further questions regarding personal data, you can contact us at any time at the address and contact details given in the imprint.

5. data security

We will store your personal data in such a way that they are not accessible to third parties by taking appropriate technical and organizational measures. Communication by e-mail is exclusively in encrypted form using an SSL security certificate. You can recognize this by the fact that the domain name is preceded by https://.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

6. cookies

Our website sometimes uses so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device for up to 30 days. These cookies enable us to recognize your browser during your next visit.

You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

7. server log files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Current IP address of your internet provider
Browser type/ browser version
Operating system used
Screen size
Referrer URL
Hostname of the accessing computer
Time of the server request

These data cannot be assigned to specific persons. A consolidation of this data with other data sources is not carried out. We reserve the right to check this data subsequently if we become aware of concrete indications of illegal use.

8. privacy policy Google Maps

This website uses the product Google Maps by Google Inc. By using this website you agree to the collection, processing and use of automatically collected data by Google Inc.
The terms of use of Google Maps can be found under "Terms of use of Google Maps".

9. Privacy Policy on the use and application of Facebook

The data controller has integrated components of the company Facebook on this website. Facebook is a social network.

A social network is a social meeting place operated on the Internet, an online community that generally allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the Internet community to provide personal or company-related information. Facebook enables users of the social network to create private profiles, upload photos and network via friend requests, among other things.

The operating company of Facebook is Facebook, Inc. 1 Hacker Way, Menlo Park, CA 94025, USA. The person responsible for processing personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, if a data subject lives outside the USA or Canada.

Each time a user accesses one of the individual pages of this website, which is operated by the data controller and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Facebook component to download a display of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook is informed which specific subpage of our website is visited by the person concerned.

If the person concerned is logged on to Facebook at the same time, Facebook recognizes which specific subpage of our website the person concerned is visiting each time the person concerned calls up our website and for the entire duration of their stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the person concerned. If the data subject clicks on one of the Facebook buttons integrated on our website, for example the "Like" button, or if the data subject makes a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook receives information via the Facebook component that the data subject has visited our website whenever the data subject is logged in to Facebook at the same time when he or she accesses our website; this occurs regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, he or she can prevent the transmission by logging out of his or her Facebook account before accessing our website.

The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the person concerned. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transfer to Facebook.

10. privacy policy on the use and application of Google+

The data controller has integrated the Google+ button as a component on this website. Google+ is a so-called social network. A social network is a social meeting place operated on the Internet, an online community that generally allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or it enables the Internet community to provide personal or company-related information. Google+ enables users of the social network to create private profiles, upload photos and network via friend requests, among other things.

The operating company of Google+ is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time the data controller calls up one of the individual pages of this website, which is operated by the data controller and on which a Google+ button has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google+ button to download a display of the corresponding Google+ button from Google. In the course of this technical process, Google is informed which specific subpage of our website is visited by the person concerned. More detailed information about Google+ is available at https://developers.google.com/+/.

If the person concerned is logged on to Google+ at the same time, Google recognizes with each visit to our website by the person concerned and during the entire duration of the respective stay on our website, which specific subpage of our website the person concerned is visiting. This information is collected by the Google+ button and assigned by Google to the respective Google+ account of the person concerned.

If the person concerned clicks on one of the Google+ buttons integrated on our website and thereby makes a Google+1 recommendation, Google assigns this information to the personal Google+ user account of the person concerned and stores this personal data. Google stores the Google+1 recommendation of the data subject and makes it publicly available in accordance with the terms and conditions accepted by the data subject in this regard. A Google+1 recommendation made by the data subject on this website will subsequently be stored and processed together with other personal data, such as the name of the Google+1 account used by the data subject and the photo stored in it, in other Google services, for example the search engine results of the Google search engine, the Google account of the data subject or in other places, for example on websites or in connection with advertisements. Furthermore, Google is able to link the visit to this website with other personal data stored by Google. Google also records this personal information for the purpose of improving or optimizing the various services provided by Google.

Google always receives information via the Google+ button that the person concerned has visited our website if the person concerned is logged in to Google+ at the same time as accessing our website; this takes place regardless of whether the person concerned clicks the Google+ button or not.

If the data subject does not want his/her personal data to be transferred to Google, he/she can prevent such a transfer by logging out of his/her Google+ account before accessing our website.

Further information and Google's applicable privacy policy can be found at https://www.google.de/intl/de/policies/privacy/. Further information from Google on the Google+1 button can be found at https://developers.google.com/+/web/buttons-policy.

11. privacy policy on the use and operation of LinkedIn

The data controller has integrated components of LinkedIn Corporation on this website. LinkedIn is an Internet-based social network that allows users to connect with existing business contacts and to make new business contacts. Over 400 million registered users use LinkedIn in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world.

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For data protection issues outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

Each time a LinkedIn component (LinkedIn plug-in) is installed on our website, the LinkedIn plug-in causes the browser used by the individual to download a representation of the LinkedIn component. Further information about LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. This technical process allows LinkedIn to know which specific page of our website is visited by the data subject.

If the person concerned is logged on to LinkedIn at the same time, LinkedIn will recognize which specific page of our website the person concerned is visiting each time the person calls up our website and for the entire duration of the person's visit to our website. This information is collected by the LinkedIn component and assigned by LinkedIn to the LinkedIn account of the person concerned. If the data subject clicks on a LinkedIn button integrated on our website, LinkedIn will associate this information with the personal LinkedIn user account of the data subject and store this personal data.

LinkedIn will receive information via the LinkedIn component that the data subject has visited our website whenever the data subject is logged in to LinkedIn at the same time when he or she accesses our website, regardless of whether the data subject clicks on the LinkedIn component or not. If the individual does not want this information to be sent to LinkedIn, he or she can prevent it from being sent by logging out of his or her LinkedIn account before accessing our website.

LinkedIn offers the ability to unsubscribe from e-mail messages, SMS messages, and targeted ads, as well as manage ad preferences, at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame who may set cookies. Such cookies can be rejected at https://www.linkedin.com/legal/cookie-policy. LinkedIn's current privacy policy is available at https://www.linkedin.com/legal/privacy-policy. The LinkedIn cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

12. privacy policy on the use and application of Twitter

The data controller has integrated components of Twitter on this website. Twitter is a multilingual, publicly accessible microblogging service where users can post and disseminate so-called tweets, i.e. short messages limited to 280 characters. These short messages can be accessed by everyone, including those who are not registered with Twitter. However, the tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow the tweets of a user. Furthermore, Twitter enables the addressing of a broad audience via hashtags, links or retweets.

The operating company of Twitter is Twitter, Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Each time the data subject accesses one of the individual pages of this website, which is operated by the data controller and on which a Twitter component (Twitter button) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Twitter component to download a display of the corresponding Twitter component from Twitter. Further information on the Twitter buttons is available at https://about.twitter.com/de/resources/buttons. In the course of this technical procedure, Twitter is informed which specific subpage of our website is visited by the data subject. The purpose of integrating the Twitter component is to enable our users to further disseminate the content of this website, to make this website known in the digital world and to increase our visitor numbers.

If the person concerned is logged on to Twitter at the same time, Twitter will recognize which specific subpage of our website the person concerned is visiting each time the person concerned calls up our website and for the entire duration of their stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the data subject. If the data subject clicks on one of the Twitter buttons integrated on our website, the data and information transmitted with it is assigned to the personal Twitter user account of the data subject and stored and processed by Twitter.

Twitter receives information via the Twitter component that the data subject has visited our website if the data subject is logged on to Twitter at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the Twitter component or not. If the data subject does not want this information to be sent to Twitter, he or she can prevent it from being sent by logging out of his or her Twitter account before accessing our website.

The applicable data protection regulations of Twitter are available at https://twitter.com/privacy?lang=de.

13. data protection regulations on the use and application of YouTube

The data controller has integrated YouTube components into this website. YouTube is an Internet video portal that allows video publishers to post video clips free of charge and other users to view, rate and comment on them free of charge. YouTube allows the publication of all types of videos, which is why complete film and television broadcasts, but also music videos, trailers or videos created by users themselves can be accessed via the Internet portal.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time the data subject accesses any of the individual pages of this website operated by the data controller and on which a YouTube component (YouTube video) has been integrated, the Internet browser on the data subject's information technology system is automatically prompted by the relevant YouTube component to download a representation of the relevant YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/. In the course of this technical procedure, YouTube and Google are informed which specific subpage of our website is visited by the person concerned.

If the person concerned is logged on to YouTube at the same time, YouTube recognizes which specific subpage of our website the person concerned is visiting by calling up a subpage containing a YouTube video. This information is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.

YouTube and Google receive information via the YouTube component that the data subject has visited our website whenever the data subject is logged on to YouTube at the same time when he or she visits our website, regardless of whether or not the data subject clicks on a YouTube video. If the data subject does not wish this information to be transmitted to YouTube and Google, he or she can prevent the transmission by logging out of his or her YouTube account before visiting our website.

The privacy policy published by YouTube, which can be found at https://www.google.de/intl/de/policies/privacy/, provides information about the collection, processing and use of personal data by YouTube and Google.

14. privacy policy for Google reCAPTCHA

In order to ensure sufficient data security during the transmission of forms, we use in certain cases the service reCAPTCHA of the company Google Inc. This serves mainly to distinguish whether the input is made by a natural person or abusively by machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the service reCAPTCHA to Google. The deviating data protection regulations of Google Inc. apply to this. Further information on the data protection guidelines of Google Inc. can be found at http://www.google.de/intl/de/privacy or https://www.google.com/intl/de/policies/privacy/.


III. rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the DSGVO and you are entitled to the following rights vis-à-vis the person responsible:

1. right of information

You may request confirmation from the person responsible as to whether personal data concerning you is being processed by us.

If such processing has taken place, you can request information from the data controller about the following:

  • the purposes for which the personal data are processed
  • categories of personal data which are processed;
  • the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
  • the planned duration of storage of the personal data concerning you or, if it is not possible to give specific details, criteria for determining the duration of storage;
  • the existence of a right of rectification or erasure of personal data concerning you, a right to have the processing limited by the controller or a right to object to such processing;
    any available information on the origin of the data if the personal data are not collected from the data subject;
  • the existence of automated decision making, including profiling, in accordance with Art. 22, paras. 1 and 4 DPA and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.

You have the right to request information as to whether the personal data concerning you are being transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 DPA in connection with the transfer.

2. right of rectification

You have the right to ask the data controller to correct and/or complete the data if the personal data processed concerning you is incorrect or incomplete. The data controller must make the correction without delay.

3. right to limit processing

Under the following conditions, you may request the restriction of the processing of personal data concerning you:

if you dispute the accuracy of the personal data concerning you for a period of time which enables the controller to verify the accuracy of the personal data;
the processing is unlawful and you object to the deletion of the personal data and instead request the restriction of the use of the personal data;
the controller no longer needs the personal data for the purposes of the processing, but you need it for the purpose of asserting, exercising or defending legal claims; or
if you have lodged an objection to the processing pursuant to Art. 21 para. 1 DPA and it is not yet clear whether the legitimate reasons of the controller outweigh your reasons.

If the processing of personal data relating to you has been restricted, such data - apart from being stored - may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State.

If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

5. right of deletion

Duty of deletion

You may demand that the person responsible for the data concerning you be immediately deleted, and the person responsible is obliged to delete such data immediately if one of the following reasons applies:

  • the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed
  • you revoke your consent on which the processing was based pursuant to Art. 6 para. 1 letter a or Art. 9 para. 2 letter a DPA and there is no other legal basis for the processing.
  • You object to the processing in accordance with Art. 21 Para. 1 DSGVO and there are no legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 Para. 2 DSGVO.
  • The personal data concerning you have been processed unlawfully.
  • Deletion of the personal data concerning you is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
  • The personal data concerning you have been collected in relation to information society services offered, in accordance with art. 8, paragraph 1 of the DPA.

6. information to third parties

If the data controller has made public the personal data concerning you and is obliged to delete them in accordance with Art. 17 para. 1 DPA, he shall take reasonable measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you, as a data subject, have requested them to delete all links to these personal data or copies or replications of these personal data.

Exceptions

The right to deletion does not exist insofar as the processing is necessary

  • to exercise the right to freedom of expression and information;
  • to comply with a legal obligation requiring processing under Union or national law to which the controller is subject or to perform a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • for reasons of public interest in the field of public health pursuant to Article 9 paragraph 2 letters h and i and Article 9 paragraph 3 DPA;
  • for archival, scientific or historical research purposes in the public interest or for statistical purposes pursuant to Art. 89 para. 1 DSGVO, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the attainment of the objectives of such processing, or
  • to assert, exercise or defend legal claims.

7. right to information

If you have asserted the right to rectification, erasure or limitation of processing vis-à-vis the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure or limitation of processing, unless this proves impossible or involves a disproportionate effort.

You have the right, vis-à-vis the data controller, to be informed of these recipients.

8. right to data transferability

You have the right to receive the personal data concerning you that you have provided to the data controller in a structured, common and machine-readable format. You also have the right to have this data communicated to another person in charge without interference from the person in charge to whom the personal data has been communicated, provided that

  • the processing is based on a consent pursuant to Art. 6 para. 1 letter a DSGVO or Art. 9 para. 2 letter a DSGVO or on a contract pursuant to Art. 6 para. 1 letter b DSGVO and
  • the processing is carried out using automated procedures.

In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

The right to data transferability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

9. right of objection

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you that is carried out pursuant to art. 6, paragraph 1, letter e or f of the DPA; this also applies to profiling based on these provisions.

The controller will no longer process the personal data concerning you unless he can demonstrate compelling reasons for processing which are worthy of protection and which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is related to such direct marketing.

If you object to processing for the purposes of direct marketing, the personal data concerning you will no longer be processed for those purposes.

You have the possibility to exercise your right of objection in relation to the use of information society services, without prejudice to Directive 2002/58/EC, by means of automated procedures involving technical specifications.

When processing data for scientific, historical or statistical research purposes:

You also have the right to object, for reasons arising from your particular situation, to the processing of personal data concerning you for scientific, historical or statistical research purposes in accordance with Art. 89, paragraph 1 of the DPA.

Your right of objection may be limited to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impair it and the limitation is necessary for the fulfillment of the research or statistical purposes.

10. right to revoke the declaration of consent under data protection law

You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until revocation.

Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing - including profiling - which has legal effect on you or which significantly affects you in a similar way. This shall not apply if the decision

  1. is necessary for the conclusion or fulfillment of a contract between you and the person responsible,
  2. is authorised by Union law or the law of the Member States to which the responsible person is subject and that law contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
  3. with your express consent.

However, these decisions may not be based on special categories of personal data in accordance with Art. 9 para. 1 DSGVO, unless Art. 9 para. 2 lit. a or g DSGVO applies and appropriate measures have been taken to protect rights and freedoms and your legitimate interests.

With regard to the cases referred to in (1) and (3), the data controller shall take reasonable measures to safeguard the rights and freedoms and your legitimate interests, which shall include at least the right to obtain the intervention of a person from the data controller, to express his point of view and to challenge the decision.

11. right to appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you is in breach of the DPA.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and the results of the complaint, including the possibility of a legal remedy under Art. 78 DSGVO.

We use cookies on our website! Some of them are technically essential. You can change your settings at any time to accept cookies that you do not require. Further information can be found in our Privacy Statement.