| |
Imprint
Responsible for the content in accordance with Section 55 (2) RStV:
Margareta Hesse,
Dietzgenstrasse 43
13156 Berlin,
+49 (0)30 609 479 51
mh@margareta-hesse.de
VAT ID: DE 244 193 43
Disclaimer - Liability for Content
The contents of our pages have been created with the utmost care. However, we cannot assume any liability for the correctness, completeness and topicality of the contents. As a service provider, we are responsible for our own content on these pages in accordance with the general laws in accordance with Section 7 (1) TMG.
Pursuant to Sections 8 to 10 of the TMG, however, we as a service provider are not obliged to monitor transmitted or stored third-party information
or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of
Information in accordance with the general laws remains unaffected. However, liability in this respect is only known from the date of knowledge of the
possible for a specific infringement of the law. If we become aware of such infringements, we will remove this content immediately.
Liability for links Our offer contains links to external websites of third parties, on whose contents we have no influence. Therefore, we cannot assume any liability for these third-party contents. The respective provider or operator of the pages is always responsible for the contents of the linked pages.
The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognizable at the time of linking. However, a permanent control of the content of the linked pages is not reasonable without concrete indications of a violation of the law. If we become aware of any infringements of the law, we will remove such links immediately. Copyright The content and works created or used by the site operators on these pages are subject to German copyright law. Reproduction,
Processing, distribution and any kind of exploitation outside the limits of copyright require the consent of the respective
author or creator. Downloads and copies of this site are only permitted for private, non-commercial use. Insofar as the content is
on this page have not been created by the operator, the copyrights of third parties are respected. In particular, third-party content is marked as such.
Should you nevertheless become aware of a copyright infringement, please note accordingly. When it is known,
We will immediately remove such content in breach of our rights.
(Source: www.muster-vorlagen.net)
Privacy policy
We are very pleased about your interest in our company. Data protection is particularly important for the management of Margareta Hesse.
The use of the Margareta Hesse website is generally possible without any indication of personal data.
If a data subject wishes to use the special services of our company through our website, but may be able to process the personal data.
If the processing of personal data is necessary and there is a need for such processing to be
no legal basis, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject,always in accordance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific
Privacy policy. Through this Privacy Policy, our company wants to inform the public about the nature, scope and purpose of the
collected, used and processed personal data. In addition, data subjects are provided by means of this data protection declaration
informed about their rights.
As the controller, Margareta Hesse has implemented numerous technical and organisational measures to ensure the most complete protection of the personal data processed via this website. However, Internet-based data transmissions can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, any data subject is free to transmit personal data to us by alternative means, for example by telephone.
1. Definitions
Margareta Hesse's privacy policy is based on the terms used by the European legislator for
General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. In order to ensure this, we would like to explain the terms used in advance. In this Privacy Policy, we use the following terms, among others:
a) Personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). Identifiable is a natural person who, directly or indirectly, is identified, in particular by associasuring an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics that are expressed in
the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
(b) Data subject
The data subject is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing is any operation or series of operations carried out with or without the help of automated procedures in connection with personal data such as the collection, collection, organisation, ordering, storage, adaptation or modification, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.
e) Profiling
Profiling is any form of automated processing of personal data that consists in the use of such personal data
to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, behaviour, place of residence or location of that natural person.
f) Pseudonymization
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not assigned to an identified or identifiable natural person.
(g) the person responsible or responsible for the processing or controller is the natural or legal person, authority, body or other body which decides, alone or jointly with others, on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller may or may provide for the specific criteria for his designation in accordance with Union law or the law of the Member States.
(h) Processors
processor is a natural or legal person, authority, body or other body that uses personal data on behalf of the responsible.
(i) Recipients
Recipient is a natural or legal person, authority, body or other body to which personal data are disclosed, whether or not it is a third party. Authorities which, in the context of a specific investigative mission, are
Union law or the law of the Member States may receive personal data, but are not considered recipients.
j) Third parties
Third party is a natural or legal person, authority, body or other body other than the data subject, the controller, the
processors and persons authorised under the direct responsibility of the controller or processor to
processing personal data.
k) Consent
Consent is any statement of intent voluntarily made by the data subject in an informed and unequivocal manner in the form of a declaration or other unambiguous affirmative act in which the data subject indicates that he or she agrees to the processing of the personal data concerning him or her.
2. Name and address of the controller
Responsible for the purposes of the General Data Protection Regulation, other data protection laws in force in the Member States of the European Union
and other provisions with a data protection character is:
Margareta Hesse
Dietzgenstraße 43
13156 Berlin
Germany
tel.: +49 (0) 30 60947951
fax: +49 (0)30 60947952
e-mail: mh@margareta-hesse.de
website: www.margareta-hesse.de
VAT ID: DE 244 193 433
3. Collection of general data and information
The Margareta Hesse website records a data subject or an automated system with each call-up to the website.
a range of general data and information. This general data and information is stored in the log files of the server. Captured
browser types and versions used (1), (2) the operating system used by the accessing system, (3) the website,
from which an accessing system accesses our website (so-called referrers), (4) the sub-websites, which are accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service providers of the accessing system and (8) other similar data and information that serve the security in the event of attacks on our information technology systems.
The data processing on this website is carried out by the website operator "strato" (contact address: Strato AG, Pascalstraße 10, 10587 Berlin,
Phone: 030 3001460, Mail: impressum@strato.de). The basis for data processing is Art. 6 sec. 1 lit. b) GDPR, which is used to handle data
for the performance of a contract or pre-contractual measures. When you visit a website operated by strato, personal data will be
collects data that can be used to personally identify you. Some of the data is collected in order to prevent the error-free provision of the website.
another for anonymised analysis of user behaviour. This is especially the case when you order on a website, you
log in or when you upload or download data. When you enter my website, technical data is automatically collected, so-called
Log data transmitted by your browser (e.g.): date and time as well as time zone of the start and end of use, the amount in bytes, the user
IP address and the type of teleservice used.
Usage or traffic data will be stored after the end of the usage process for a period not known to me. For more information, see: https://www.strato.de/datenschutz/Ihr surfing behavior is not statistically evaluated by me
When using this general data and information, Margareta Hesse does not draw any conclusions about the data subject. Rather, this information is needed to (1) correctly deliver the contents of our website, (2) to optimize the content of our website and the advertising for it, (3) to ensure the long-term functioning of our information technology systems and the technology of our website, and (4) to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack.
This anonymously collected data and information is therefore evaluated statistically by Margareta Hesse on the one hand statistically and further with the aim of:
increase data protection and data security in our company in order to ultimately achieve an optimal level of protection for the data protection we process.
personal data. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
4. Routine deletion and blocking of personal data
The controller processes and stores the data subject's personal data only for the period necessary to achieve the purpose of storage or if this is provided by the European legislator or another
legislators have been provided for in laws or regulations to which the controller is subject.
If the purpose of storage is omitted or a european legislator or other competent legislator is in the process of
period of storage, the personal data are routinely blocked and in accordance with the statutory provisions, or
Deleted.
5. Rights of the data subject
(a) General
You have the right to request the correction, blocking or deletion of this data. If data processing operations are only possible with your express consent, you can revoke a consent already given at any time. An informal message by e-mail to us is sufficient for this purpose. The legality of the data processing carried out until the revocation remains unaffected by the revocation. If you have any questions about data protection, you can
you can contact us at any time at the address above. You are also entitled to appeal to the competent supervisory authority: Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, visitor entrance: Puttkamerstr. 16 - 18 (5th floor), 10969 Berlin, phone: 030 13889-0, fax: 030 2155050, e-mail: mailbox@datenschutz-berlin.de
b) Right to confirmation
Each data subject has the right granted by the European legislator to be
request confirmation as to whether personal data relating to them will be processed. If a data subject wants to
entitled to confirm, it may at any time contact an employee of the controller.
c) Right to information
Any person concerned by the processing of personal data has granted the data provided by the European legislator, at any time free of charge by the controller, about the personal data stored about him/her and
a copy of this information. In addition, the European legislator for a directive and regulation shall provide the data subject with information on the following
Information was granted:
the processing purposes
the categories of personal data that are processed
the recipients or categories of recipients to whom the personal data has been disclosed or has yet to be disclosed
in particular, in the case of recipients in third countries or international organisations, where possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration.
the existence of a right to rectification or erasure of personal data concerning them or to restrict the processing of
by the controller or a right to object to such processing the existence of a right of appeal to a supervisory authority where the personal data is not collected from the data subject: all available information on the origin of the data, the existence of automated decision-making, including profiling in accordance with Article 22(1) and 4 GDPR, and, at least in such cases, meaningful information on the logic involved and the scope and intended impact of such processing for the data subject. right of access to whether personal data has been transferred to a third country or to an international organisation. If this is the case, the data subject shall also have the right to obtain information on the appropriate guarantees in connection with the transfer.
If a data subject wishes to avare this right of access, he or she may at any time contact an employee of the
responsible persons.
d) Right to correction
Any person concerned by the processing of personal data shall have the right granted by the European legislator to:
request the immediate rectification of inaccurate personal data concerning them. In addition, the data subject has the right to:
taking into account the purposes of the processing, the completion of incomplete personal data, including by means of a supplementary
declaration. If a data subject wishes to avare himself from this right of correction, he or she may at any time contact an employee of the controller.
e) Right to erasure (right to be forgotten)
Any person concerned by the processing of personal data shall have the right granted by the European legislator to:
require the controller to immediately delete the personal data concerning him or her, provided that one of the following
reasons and insofar as the processing is not necessary:
The personal data have been collected or processed in any other way for which they are no longer necessary.
The data subject revokes his consent to which the processing is referred to in accordance with Article 6(1) (a) GDPR or Article 9(2)
a GDPR and there is no other legal basis for processing.
The data subject shall object to the processing in accordance with Article 21(1) of the GDPR and there are no legitimate priority reasons
for processing, or the data subject objects to the processing in accordance with Article 21(2) of the GDPR.
The personal data were processed unlawfully.
The erasure of personal data is necessary to fulfil a legal obligation under Union or Member State law
to which the controller is subject.
The personal data were collected in relation to the information society services offered in accordance with Article 8(1) of the GDPR.
If one of the above reasons applies and a data subject is subject to the deletion of personal data that is provided to Margareta Hesse
may, at any time, contact an employee of the controller. The employee
Margareta Hesse will arrange for the request for deletion to be complied with without delay.
If the personal data has been made public by Margareta Hesse and our company is responsible in accordance with Art. 17 sec.
1 GDPR obliged to delete personal data, Margareta Hesse shall take into account the available technology
and implementation costs, including technical measures, to other data controllers who are responsible for the
process published personal data, inform that the data subject has requested from these other data controllers the deletion of all links to such personal data or copies or replications of such personal data, unless the processing is necessary. The employee of Margareta Hesse will arrange the necessary measures in individual cases.
f) Right to restrict processing
Any person concerned by the processing of personal data shall have the right granted by the European legislator to:
require the controller to restrict the processing if one of the following conditions is met: the accuracy of the
personal data is disputed by the data subject for a period of time that allows the controller to verify the accuracy of the data
of personal data. The processing is unlawful, the data subject refuses to delete the personal data and instead demands the restriction of the use of the personal data.
The controller no longer needs the personal data for the purposes of the processing, but the data subject needs it for the purpose of
assertion, exercise or defence of legal claims.
The data subject has objected to the processing in accordance with Article 21(1) of the GDPR and it is not yet clear whether the legitimate
reasons of the controller outweigh those of the data subject.
If one of the above conditions is met and a data subject restricts the restriction of personal data that may be
which Margareta Hesse is stored, she may at any time contact an employee of the controller
Apply. The employee of Margareta Hesse will arrange for the restriction of the processing.
g) Right to data portability
Any person concerned by the processing of personal data shall have the right granted by the European legislator to:
personal data concerning him and the personal data provided by the data subject to a controller in a structured,
common and machine-readable format. It also has the right to provide such data to another controller without hindrance
by the controller to whom the personal data have been provided, provided that the processing is based on the consent of the
pursuant to Article 6 (1) (a) GDPR or Article 9(2) (a) GDPR or on a contract pursuant to Article 6 (1) (b) GDPR
processing is carried out using automated procedures, provided that the processing is not necessary for the performance of a task;
which is in the public interest or in the exercise of official authority delegated to the controller.
Furthermore, in exercising his right to data portability in accordance with Article 20(1) of the GDPR, the data subject has the right to obtain:
the personal data are transmitted directly from a controller to another controller, insofar as this is technically feasible
and provided that this does not affect the rights and freedoms of other persons. In order to assert the right to data portability, the data subject may at any time contact an employee of Margareta Hesse.
(h) Right to object
Any person concerned by the processing of personal data shall have the right granted by the European legislator to:
for reasons arising from their particular situation, at any time against the processing of personal data concerning them, which are
article 6(1) (e) or (f) GDPR. This also applies to profiling based on these provisions.
Margareta Hesse will no longer process the personal data in the event of an objection, unless we can provide mandatory protection
grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing of
is used to assert, exercise or defend legal claims. If Margareta Hesse processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling in so far as it is related to such direct marketing. If the data subject objects to Margareta Hesse's processing for direct marketing purposes, Margareta Hesse will no longer process the personal data for these purposes.
In addition, the data subject has the right, for reasons arising from his or her particular situation, against which he or she is concerned, to
personal data held by Margareta Hesse for scientific or historical research purposes or for statistical purposes
in accordance with Article 89(1) of the GDPR, unless such processing is necessary to fulfil a
task is required.
In order to exercise the right to object, the data subject may contact any employee of Margareta Hesse or another employee directly. The data subject is also free to exercise his right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.
(i) Automated decisions on a case-by-case basis, including profiling
Any person concerned by the processing of personal data shall have the right granted by the European legislator to:
subject to a decision based solely on automated processing, including profiling, which
or similarly significantly impairs it in relation to the legal effect, provided that the Decision (1) does not
the performance of a contract between the data subject and the controller is necessary, or (2) on the basis of the legislation of the
Union or the Member States to which the controller is subject, and that legislation provides adequate measures to safeguard the
rights and freedoms as well as the legitimate interests of the data subject or (3) with the express consent of the data subject
person.
If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller
or (2) it is carried out with the express consent of the data subject, Margareta Hesse takes appropriate measures to protect the rights and
freedoms and the legitimate interests of the data subject, including at least the right to the effect of a person's intervention
on the part of the person responsible, on the basis of his own point of view and on the basis of a challenge to the decision.
If the data subject wishes to exercise rights relating to automated decisions, he or she may at any time contact an employee
Any person affected by the processing of personal data has the right granted by the European legislator to withdraw consent to the processing of personal data at any time.
If the data subject wishes to exercise his right to withdraw a consent, he or she may at any time contact an employee of the
controllers.
j) Right to withdraw from data protection consent
Any person concerned by the processing of personal data shall have the right granted by the European legislator to:
to revoke consent to the processing of personal data at any time.
If the data subject wishes to exercise his right to withdraw a consent, he or she may at any time contact an employee of the
controllers.
6. Legal basis for processing
Article 6 I lit. a GDPR serves as a legal basis for our company for processing operations in which we have consent for a particular
processing purpose. If the processing of personal data is used for the performance of a contract to which the data subject is
as is the case, for example, in the case of processing operations involving the supply of goods or the provision of any other
performance or consideration, the processing is based on Article 6 I lit. b GDPR. The same applies to such processing operations, which
necessary for the implementation of pre-contractual measures, for example in cases of enquiries about our products or services. If our
a legal obligation that requires the processing of personal data, such as the
Fulfilment of tax obligations, the processing is based on Article 6 I lit. c GDPR. In rare cases, the processing of personal data
data to protect the vital interests of the data subject or another natural person. This would be
for example, if a visitor to our company would be injured and then his name, age, health insurance data
or other vital information should be passed on to a doctor, hospital or other third party. The processing would then be based on Article 6 I lit. d GDPR. Ultimately, processing operations could be based on Article 6 I lit. f GDPR. On this legal basis
processing operations which are not covered by any of the aforementioned legal bases where the processing is carried out in order to ensure that the
interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the person concerned are
do not outweigh it. Such processing operations are permitted to us in particular because they are particularly
have been mentioned. In that regard, it considered that a legitimate interest could be presumed if the data subject was a customer of the
responsible (recital 47 sentence 2 GDPR).
7. Legitimate interests in the processing pursued by the controller or a third party
If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is to carry out our business activities
for the benefit of the well-being of all our employees and shareholders.
8. Duration for which the personal data will be stored
The criterion for the duration of the storage of personal data is the respective legal retention period. At the end of the period
the relevant data are routinely deleted, provided that they are no longer necessary for the performance of the contract or initiation of the contract.
9. Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract;
obligation of the data subject to provide the personal data; possible consequences of non-provisioning
We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or that
can also be derived from contractual arrangements (e.g. information on the contractual partner). Sometimes it may be necessary to conclude a contract,
that a data subject provides us with personal data, which must subsequently be processed by us. The affected
For example, person is obligated to provide us with personal data when our company enters into a contract with him. A
Failure to provide the personal data would mean that the contract with the data subject could not be concluded. In front of a
The data subject must contact one of our employees with the provision of personal data. Our employee clarifies
to the data subjects on a case-by-case basis as to whether the provision of the personal data is required by law or by contract or for
the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of the non-provision of
personal data.
10. Existence of automated decision-making As a responsible company, we dispense with automatic decision-making or profiling.
This data protection declaration was issued by the data protection declaration generator of THE DGD Deutsche Gesellschaft für Datenschutz GmbH, which
as an external data protection officer, in cooperation with the data protection lawyer Christian Solmecke.
|