Data protection

Data protection

We would like to begin with a quotation from Article 12, paragraph 1 of the Data Protection Regulation (GDPR). The responsible person in this case is us:

The controller shall take appropriate measures to provide the data subject with all [...] information and any [...] communications related to processing in a clear, transparent, understandable and easily accessible form in a clear and simple language to transfer;

We hope that we have done that - as well as possible with this complex matter. If you have questions or are uncertain about some aspects of this explanation, please contact us.

Basics

Data protection and data security are very important to us. With this Privacy Policy we try to convey to you what personal data may arise in connection with our website, how we may use it and what options you have to influence such collection and use.

The collection, processing or storage of your data by us - or on our behalf by third parties - is done because we each have a "legitimate interest" within the meaning of the GDPR in this collection, processing or storage or because they consent to the collection, processing or storage to have. We follow the principle that as few data as possible is collected, processed and stored in a way that is as comprehensible as possible for you.

Of course, this statement can only apply to our website. For websites or services of third parties, which we use on this website, the privacy statements of the respective operators apply. In this privacy policy, we list these third parties by name and also refer to the respective website or privacy policy. We usually link here to the GDPR, as it is much more "readable" than the Federal Data Protection Act (BDSG), which translates into German law.

Basic Data Protection Ordinance (DSGVO) online:
https://dsgvo-gesetz.de/

Legality of processing: in the GDPR:
https://dsgvo-gesetz.de/art-6-dsgvo/

Federal Data Protection Act (BDSG) online:
https://dsgvo-gesetz.de/bdsg-neu/

Personal data

The subject of this privacy policy is personal information. These are individual details about personal or factual circumstances of a particular or determinable natural person. For example, the name, address, e-mail address or telephone number, but also the time of the visit to our website, the favorite sorting of our blog posts or the shoe size, if we were to sell shoes.

Your current IP address may also fall under the concept of personal data, but does not have to. If, for example, you access the Internet from the internal network of an international group, then the IP address will only be able to refer to this group.

Due to the shortage of IPv4 address space, many access providers (Telekom, Vodafone, etc.) no longer give users public IP addresses, but instead distribute individual IP addresses to multiple users via "Network Address Port Translation" (NAPT). Again, a personal reference to the IP address is regularly not given. Nevertheless, as far as technically possible, we will not pass on their current IP or only in an abbreviated, anonymous form.

Definition of personal data of the GDPR:
https://dsgvo-gesetz.de/art-4-dsgvo/

IP address on Wikipedia:
https://de.wikipedia.org/wiki/IP-Adresse

Storage on our systems

If you contact us, be it via our website, by e-mail, telephone or letter, this will leave us with data. Your e-mail address will be stored in our e-mail programs. Among other things, we may collect your data in programs that fall under the keywords address management, goods economy, ERP (Enterprise Resource Planning) or CRP (Customer Relationship Management).

On the one hand, our systems can be local systems in our premises, but on the other hand also hosted web servers or cloud storages, with whose technical operators a contract data processing contract has been concluded in which they commit themselves to treat the data in accordance with the GDPR.

Use of the data for advertising purposes

We reserve the right to use the collected data for our own advertising purposes. Under certain circumstances, we will pass on the data to service providers commissioned by us, who, for example, organize the mailing of letters or newsletters for us. You can discuss the use of your data for these purposes at any time.

Obligation to provide information, correction and deletion of data

You can always request information about which data we have stored by you and if necessary also correct this data.

We will delete your data if you so desire and do not oppose other laws and regulations. These include, for example, the tax records and, as a consequence, the principles of proper accounting.

Incidentally, we would like to point out that the regulations set out in the GDPR are applicable to the deletion of data.

Right to cancellation in the GDPR::
https://dsgvo-gesetz.de/art-17-dsgvo/

Data transfer for contract performance or during ongoing business

We use the services of third parties for certain activities. For example, this applies to the forwarding and dispatching of goods, letters, packages and newsletters, as to the processing of payments (credit card, direct debit, etc.), and to bookkeeping and tax advice or other comparable services that we regularly use in order to maintain our business operations.

In cases like this, information such as your postal or e-mail address will be shared with these companies in order to enable the requested service. In general, these companies are all legally obliged to handle data discrete, safe and with care (post office, tax advisor, bank) or have contracted to process data in accordance with the GDPR.

Disclosure of data to any other companies or individuals will not be conducted without cause or without prior explicit consent.

Processor within the GDPR:
https://dsgvo-gesetz.de/art-28-dsgvo/

Data Protection Officer

We are not subject to the obligation to order a data protection officer according to DSGVO. For questions or requests for information, please contact (the managing director).

Michael Nagel
Im Schulerdobel 18
79117 Freiburg / Germany
Telephone: +49-761-6129700
E-Mail: michael.nagel@flyingstudyteam.com

Appointment of a data protection officer in the GDPR:
https://dsgvo-gesetz.de/art-37-dsgvo/

Appointment of a data protection officer in the BDSG:
https://dsgvo-gesetz.de/bdsg-neu/38-bdsg-neu/

Complaints offices and supervisory authorities

Responsible for compliance with the data protection regulations is the respective Land authorities, where the operator of the website is located. In our case so the from Baden-Württemberg.

The State Representative Baden-Württemberg:
http://www.baden-wuerttemberg.datenschutz.de/

The list at Wikipedia:
https://www.datenschutz-wiki.de/Aufsichtsbehörden_und_Landesdatenschutzbeauftragte

The list on the website of the Federal Government:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Your data within the operation of our website

Server hosting and log files on our web server

Our website is hosted at STRATO AG, Pascalstraße 10, 10587 Berlin, Germany. With this provider, we have concluded a contract for order processing according to DSGVO. When operating the server so-called log files are written in which every access to our website is logged. Among other things, information about the browser, the operating system and the time of the call are logged. The IP address is only recorded in abbreviated form, so that these log files contain no personal information.

Our web host:
http://www.strato.de

Webhosting at Wikipedia:
https://de.wikipedia.org/wiki/Webhosting

Contractor in the DSGVO:
https://dsgvo-gesetz.de/art-28-dsgvo/