Version 2.0, valid as of May 1st, 2018
When does this Privacy Policy apply?
This Privacy Policy applies to Personal Data you voluntarily provide to TechGDPR, or is being collected by TechGDPR.
Data Controller
The Data Controller of techgdpr.com and its associated websites is TechGDPR DPC GmbH, Rheinsbergerstr. 76/77, 10115 Berlin, Germany (“TechGDPR”, “we”, “us”).
What does TechGDPR do with my Personal Data?
TechGDPR will process the Personal Data provided hereunder only as set out hereafter:
1. Statistical data
TechGDPR collects anonymous statistical data about the use of its website to optimise its online presence and for marketing and sales purposes. No cookies are being stored on your device, and only the first 2 ‘bytes’ of your IP address are being stored. The data is collected on servers operated by TechGDPR in the European Union. This data is not governed by the GDPR as it is anonymous, but you can still opt-out of tracking completely by enabling the Do-Not-Track option in your browser. Visit http://donottrack.us/ to learn how.
2. Information provided by you through web forms, through voice conversations such as phone and Skype and during in-person meetings.
Though web forms on our contact page and on in-page ‘call to action’ forms, we collect your Company Name, First Name, Last Name, Email Address and Phone Number. We process this information for the purpose of the performance of a contract (Art 6b, GDPR), or technically the preparatory stage ‘intention to enter into a contract’. As you actively request us to contact you for more information about our products and services, we will need to record this data to be able to effectively communicate with you for this purpose. This information is submitted to a CRM server operated by TechGDPR, from which it will be deleted 13 months after the last contact we had with you. This information is not shared outside of the TechGDPR organisation, and is stored on servers within the European Union.
3. Ensuring compliance
TechGDPR will have to comply with all applicable laws and regulations, including, but not limited to those of the European Union, Germany and the state of Berlin. For this reason we may have to collect, process and retain your details for an extended period of time as a legal obligation (Art 6c, GDPR). For example, one of the legal requirements in Germany is that trade invoices, which may include your name or email address, are kept for 10 years.
You also acknowledge that information required to track your choices and consent regarding the processing or use of your Personal Data or receipt of marketing materials may be stored to ensure compliance with the GDPR.
4. Sign up for direct marketing communication
When filling out a web form, you also have the choice to sign up for our marketing communication by selecting the appropriate, optional tick box for this purpose. The processing of your Name and Email for this particular purpose are based on your consent, which you can revoke at any time. We will continue to process your personal data for this purpose until you revoke this consent by either clicking the ‘unsubscribe’ button, or contact us by post or at privacy@techgdpr.com with your request to unsubscribe and/or revoke your consent. Should another legal base of processing your data, for example as outlined under 2. or 3. continue to exist, we will continue to process your personal data for these purposes.
5. Server administration
Your IP address and your page requests are stored in log files for a duration of maximum 14 days on our servers for the reason of preventing fraud, abuse, and security incidents, as well as monitoring the performance of our servers. After 14 days, these log files will be automatically deleted. This constitutes a legitimate interest (Art 6f) under the GDPR.
Why am I required to provide Personal Data?
As a general principle, your granting of any consent and your provision of any Personal Data hereunder is entirely voluntary; there are generally no detrimental effects on you if you choose not to consent or to provide Personal Data. However, there are circumstances in which TechGDPR cannot take action without certain Personal Data, for example because this Personal Data is required to process your order, information or contact request, or provide you with access to a web offering or newsletter. In these cases, it will unfortunately not be possible for TechGDPR to provide you with what you request without the relevant Personal Data.
Data subjects’ rights
You can request from TechGDPR at any time information about which Personal Data TechGDPR processes about you and the correction or deletion of such Personal Data. Please note, however, that TechGDPR can delete your Personal Data only if there is no statutory obligation or prevailing right of TechGDPR to retain it.
If TechGDPR uses your Personal Data based on your consent or to perform a contract with you, you may also request a copy of the Personal Data that you have provided to TechGDPR, and you may request us to transfer this data in a common machine readable format to another provider as well. In this case, please contact us at privacy@techgdpr.com and specify the information or processing activities to which your request relates. TechGDPR will carefully consider your request and discuss with you how it can best fulfill it.
Furthermore, you can request that we restrict your Personal Data from any further processing if:
- You are contesting the accuracy of the Personal Data we hold about your, for as long as we need to verify this claim.
- If you believe the processing of the data is unlawful, but you oppose the erasure of the data and request restriction of processing instead.
- If we no longer need your Personal Data for the original purpose, but you need them for the establishment, exercise or defence of legal claims.
- If you have objected to the use of your data according to Art. 21 GDPR, while we verify if our legitimate grounds for processing your data override yours.
Please direct any such request to privacy@techgdpr.com
Right to lodge a complaint
If you believe that TechGDPR is not processing your Personal Data in accordance with the requirements set out herein or applicable EEA data protection laws, you can at any time lodge a complaint with the data protection authority of the EEA country in which you live or with the data protection authority of the country or state in which TechGDPR has its registered seat.
Use of this website by children
This website is not intended for anyone under the age of 16 years. If you are younger than 16, you may not register with or use this website.
Links to other websites
This website may contain links to foreign (meaning non-TechGDPR companies and organisation) websites. TechGDPR is not responsible for the privacy practices or the content of websites other than TechGDPR’s. Therefore, we recommend that you carefully read the privacy statements of such foreign sites.
Explanation
A privacy notice (or sometimes privacy policy) is required to be available wherever data collection takes place. (Art 13 GDPR)
The Data Controller is the party who defines the ‘means and purpose’ of data collection, in this case us.
We have chosen not to collect Personal Data for our website analytics, nor store any cookies on your device and thereby give you the most privacy friendly way of visiting our website. As a consultancy company we don’t need this level of insight, and we don’t need to ask for your consent to set a cookie or collect your Personal Data when you first visit our website.
We collect Personal Data on forms in different places throughout our website, on the phone or during an in-person conversation. When you provide this data you will have to agree to this privacy policy. We process this data so we can help you discover your GDPR situation, and to be able to communicate and send you an offer for working with us.
We also need to collect and keep some of the data in order to comply with legal requirements. For example, trade invoices need to be kept for 10 years in Germany, and may contain your name or email.
When you send us an inquiry on our website, you have the option to additionally opt-in to marketing communication via email. If you tick this option (which is entirely voluntarily), we will keep your Name and Email address for this purpose until you revoke this consent or unsubscribe.
To keep our servers and systems secure, we keep log files for a very short amount of time. As an IP address constitutes personal data, this is part of this privacy policy as well.
You are generally not required to provide Personal Data, but some of the elements (like IP address) are collected automatically. If you want to get in touch with us, we will need some of your Personal Data in order to facilitate communication.
Under the GDPR, you have a number of Subject’s Rights, such as:
- The right to information
- The right to rectification
- The right to erasure (“to be forgotten”)
- The right to access your information
- The right to data portability
- The right to restriction of processing
- The right to object
In this section we inform you how you can use these rights.
If you are unsatisfied about how we handle your data, you also have the right to lodge a complaint with the responsible Data Protection Authority.
As processing of data of children under the age of 16 (may be different in different countries in the EU) comes with additional requirements, and our services are not intended for those under 16 anyway, we exclude the use of this website for minors.
We also take no responsibility for the data protection on other websites we link to.