Data protection is an important issue for us. Often we don’t really know what is happening in the background. That’s why this page lays the cards on the table and shows what’s going on. We try to be transparent about how a website works and if you have any questions, please don’t hesitate to contact us.
2. Responsible for this website
The responsible party in the sense of the GDPR is:
Local court Charlottenburg (Berlin) HRB 225679 B
Responsible persons for the website and data protection officers: Managing Directors Katrin Sirach and Elisa Frenz
Please feel free to contact us at any time with open questions and concerns.
The following is intended to show you as a “data subject” how personal data is processed by us and it is important for us to explain your rights under the data protection laws.
First of all, you should know that our website can be used without entering personal data. You are therefore not obliged to disclose any information about yourself as a person. However, if you contact us, personal data such as your name and email address will be collected. We can delete this data retrospectively any time at your request.
We process personal data confidentiality and if you contact us via the contact form or by email, we will of course not pass on your email address.
All data is always processed in accordance with the Data Protection Regulation (GDPR) and with the country-specific data protection regulations applicable to “SYNERGISTAS UG”.
These individual data protection statements always show you exactly how much and what data we collect and why.
We ensure that your data is secure and that we protect it as we would our own. We work with numerous measures to ensure the most complete protection of personal data processed via this website.
However, we would like to point out that data transmission over the Internet can have security gaps. Internet-based data transmissions can, as a matter of principle, have security gaps, so that absolute protection cannot be guaranteed. You should always bear this in mind on every page on the internet.
This can be the case, for example, through gaps in the WLAN router. A good anti-virus software may help. A decent firewall and a protected browser are also an advantage. The safest way to travel is probably with Linux distributions and alternative browsers. However, complete protection of data against access by third parties is not possible.
For this reason, we naturally want to leave the option open for everyone to transmit personal data to us by alternative means, for example by telephone or by post.
4. Your rights
You can request the deletion of any personal data we hold about you. This does not include data that we are required to retain for administrative, legal or security purposes.
We want you to understand all the information given by us. Please find below some explanations. If you have any questions, please contact us.
The terms listed here were used in the adoption of the Data Protection Regulation (DSGVO).
Processors are natural or legal persons. They can be, for example, public authorities or institutions or any other body that processes personal data on behalf of a data controller.
Data subject is anyone whose data is processed by our company.
Third party is a natural or legal person, authority, institution or other body. But in any case someone other than you and us. So, it is someone other than the data subject (so, where applicable, you), the controller, the processor and the persons who have been authorised to process the personal data under the direct responsibility of the controller or the processor.
Restriction of processing is the marking of personal data to restrict future processing.
Consent means an unambiguous indication of intention in the form of a written statement or other affirmative unambiguous act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed. However, public authorities requesting personal data in the context of a specific investigation shall not be considered as recipients.
Personal data is any information that relates to you as an identifiable natural person. This can be something such as your name, location or particular characteristics of mental, economic, physical, physiological, genetic, cultural or social identity.
Profiling is any processing of personal data to estimate, analyse and, where appropriate, evaluate certain personal aspects relating to a natural person.
Pseudonymisation is the processing of personal data so that a specific person can no longer be identified. Thus, no collected data can be attributed to an identifiable natural person.
Processing is any automated procedure in connection with personal data. It can be, for example, collection, recording, linking, sorting, organising, storing, editing, reading, using or any form of making available.
6. Legal Base
We refer to Art. 6 para. 1 lit. b GDPR.
If we need personal data from you to fulfil an order, we explicitly ask for your permission.
Article 6 of the GDPR states at the very beginning: “Processing is lawful only if at least one of the following conditions is met: the data subject has given consent to the processing of personal data relating to him or her for one or more specific purposes.” That is what we are referring to in this case.
Sometimes the processing of personal data is necessary for the performance of a contract where you are our contractual partner. This may be for traditional processing operations, such as a delivery of a written product or contract, or an enquiry, or to comply with tax obligations. If the requirement is the case, the processing is based on Art. 6 (1) lit. b GDPR.
It is very unlikely, but we also want to address this, that someone is in danger. If, for example, a visitor seriously injures himself in our company, we will of course give vital information to a doctor, the hospital or other third parties. Here, too, the processing is based on Art. 6 (1) lit. d GDPR. In rare cases, the processing of personal data may therefore be necessary to protect the vital interests of the data subject.
Finally, processing operations may be based on Article 6 (1)(f) of the GDPR. Processing operations that could not be covered by any of the mentioned legal bases are based on this legal basis. In particular, also precisely when the processing is necessary to protect a legitimate interest of our company or a third party. We are permitted to carry out these processing operations mainly because the European legislator made special mention of them. The legislator took the view that a legitimate interest could be assumed if you are a customer of our company. Here, we explicitly refer to recital 47 sentence 2 of the GDPR.
7. Our Hosting
This website is hosted by domainfactory GmbH, Oskar-Messter-Str. 33, 85737 Ismaning.
Our servers are located in Cologne (Germany) and are therefore subject to the strict data protection requirements of the German state.
On domain factory’s systems, logs (so-called log files) are automatically recorded for certain services on the server.
We work with a content management system called WordPress and host this on our own servers.
We use some of the plugins offered on WordPress.
Plugins are small software extensions that can extend and complement an offered platform by some functions. With appropriate tools you can check which plugins we currently use and which functions they have, for example with https://www.wpthemedetector.com/.
If you are only on this website to inform yourself, i.e. you do not use a form or transmit information to us in any other way, then we only receive data that your browser transmits to our server. This information is called a server log file.
Within the scope of this, a few pieces of information can be collected:
Type of browser you are using
Your operating system
The website from which you came to our site
Your internet protocol address
The internet service provider
The subpages you click on
The date and time you visited our website
When using this general data and information, we do not draw any conclusions about you as a person. This data is evaluated anonymously. We need this information to
evaluate technical conditions we need to build our websites on (mobile phones, laptops, computers.
We need this information to
– deliver the content of our website correctly
– optimise advertising and
– be able to provide law enforcement authorities with the necessary information in the event of a cyber attack
– ensure the functionality of our IT systems
Your collected data and information will only be of interest to us when added up with all other data and we try to make statistical and further evaluations with the aim of increasing data protection and data security in our company.
We try to ensure a perfect level of protection for our personal data and its processing.
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest therefore follows from the purposes for data collection listed above, because this is the only way we can operate the pages that represent our business basis.
10. Transfer of Data to Third Parties
We do not share your personal information with third parties for any reason other than those listed below and if
– you have given your consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR.
– there is a legal obligation to pass on your data in accordance with Art. 6 Para. 1 S. 1 lit. c GDPR.
– this is legally permissible and necessary for the processing of contractual relationships with you according to Art. 6 para. 1 p. 1 lit. b GDPR.
– the disclosure is permissible according to Art. 6 Para. 1 S. 1 lit. f GDPR to protect our legitimate interests and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.
11. Content Delivery Network
To increase the security of this site, we work with a so-called CDN, a Content Delivery Network. This usually processes your request in a country in which you search with your end device. Critical countries, bots or crawls can be blocked automatically to prevent attacks on the site and the upload of malicious content.
SYNERGISTAS work with Cloudflare.
What this company makes possible is a protection of your data. You can find out more at: https://www.cloudflare.com/de-de/gdpr/introduction/
12. Contact Form
By using the contact form you agree to the processing of your data in the sense of contacting us. To protect us against spam from the internet we use the service of Akismet for our contact form.