1. Name and contact information of data controller and company data protection officer
COIA GmbH (“COIA”), Agnesstrasse 14, D-80798 Munich, Germany Email: email@example.com Telephone: +49 (0) 89 /452 44 22 90 Fax: +49 (0) 89 /452 44 22 99 is the host and data controller for the COIA webpage.
2. Processing of personal data and nature and purpose of use
a) When visiting the website
When you access our website, the browser used on the end device automatically sends information to our website’s server. This information is temporarily stored in a so-called log file. The following information is collected without your co-operation and stored until automatic erasure: IP address of querying computer, date and time of query, name and URL of accessed file, website from which access originates (referrer URL), browser used and, if applicable, your computer’s operating system and the name of your access provider.
This information is anonymised and used to ensure a smooth connection with and comfortable use of our website, to evaluate system security and stability, and for other administrative purposes. The IP address is also temporarily stored for reasons of security to protect the website against cyber-attacks.
The legal basis for the data processing is art. 6 (1) (1) f) GDPR. Our legitimate interest follows from the above listed purposes of data collection. Under no circumstances will we use the collected data to draw conclusions about your person.
b) When using the contact form
For questions of any kind, we offer you the opportunity to contact us using a form provided on the website. This requires disclosure of a valid email address and your name so that we know who the question is coming from and so that we can answer it. Optional further information can be included. Data processing for the purposes of contacting us is performed under art. 6 (1) (1) a) GDPR based on your freely granted consent or based on your initiative to bring about a contract pursuant to art. 6 (1) (1) b) GDPR. The personal data we collect for use of the contact form is automatically erased after your question is resolved.
c) Google Analytics
For purposes of needs-based design and continuous optimisation of our pages, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). Pseudonymised use profiles are generated and so-called cookies are used in this context. Cookies are small files automatically created by your browser and stored on your end device (laptop, tablet, smartphone, etc.) when you visit our page. The information about your use of this website generated by the cookie, such as the browser type/version, the operating system used, the referrer URL (previously visited page), the host name of the accessing computer (IP address), and the time of the server query are sent to a Google server in the USA and stored there. The information is used to analyse the use of the website, to compile reports about website activities, and to perform other services related to website use and Internet use for purposes of market research and needs-based design of these webpages. This information may also be sent to third parties if required by law or if third parties are processing this data on a contract basis. Under no circumstances will your IP address be linked to other Google data. IP addresses are anonymised to make association impossible (IP masking).
Google Analytics is used based on art. 6 (1) (1) f) GDPR. We use it because we wish to ensure a needs-based design and continuous optimisation of our website. We also use Google Analytics to record statistics about the use of our website and analyse them in order to optimise our offer for you. These interests are legitimate as defined by the regulation cited above. The particular data processing aims and data categories can be found in the corresponding analytical tools.
You can prevent cookies from being installed by disabling the corresponding setting in your browser software; however, we advise that in this case the full functionally of this website may not be able to be used.
You can also prevent the collection of the data generated by the cookie about your use of this website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile end devices, you can also prevent collection by Google Analytics by clicking on this link . An opt-out cookie is placed that prevents the future collection of your data when visiting this website. The opt-out cookie is only active in this browser and only for our website and is stored on your device. If you delete cookies on this browser, you must replace the opt-out cookie.
You can find further information about data privacy in relation to Google Analytics in Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).
d) Google Adwords Conversion Tracking
We also use Google conversion tracking to record statistics about the use of our website and analyse them in order to optimise our website for you. Google Adwords places a cookie on your computer if you arrived at our website through a Google ad. These cookies expire after 30 days and do not act as personal identification. If the user visits certain pages on the website of the Adwords customer and the cookie has not yet expired, Google and the customer can detect that the user clicked on the ad and was forwarded to this page.
Every Adwords customer receives a different cookie. Cookies therefore cannot be traced through the websites of Adwords customers. The information obtained using conversion cookies helps create conversion statistics for Adwords customers that have chosen to use conversation tracking. Adwords customers learn the total number of users who have clicked on their ad and been forwarded to a page that has a conversion tracking tag. However, they do not receive any information that could personally identify users. If you don’t want to participate in tracking, you can also refuse placement of a cookie required for this – for example using a browser setting that deactivates automatic placement of cookies in general. You can also deactivate cookies for conversion tracking by setting your browser so that cookies from the domain “www.googleadservices.com” are blocked. You can find Google’s data privacy notice about conversion tracking here (https://services.google.com/sitestats/de.html).
COIA’s website can refer to third-party websites through links. If you click these links, you will leave the COIA website. COIA has no influence over what data these websites process.
4. Disclosure of data
- you have granted your explicit consent to this pursuant to art. 6 (1) (1) a) GDPR;
- the transmission is necessary pursuant to art. 6 (1) (1) f) GDPR to establish, exercise, or defend legal claims and there is no reason to assume that you have a prevailing protected interest in non-transmission of your data,
- if a statutory obligation exists in regard to the transmission pursuant to art. 6 (1) (1) c) GDPR,
- and this is legally permissible and is required to process contractual relationships with you pursuant to art. 6 (1) (1) B) GDPR.
5. Your rights
You have the right:
Under art. 15 GDPR, to request information about your personal data that we process. In particular, you can request information about the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data has been or will be disclosed, the envisaged period for which it will be stored, the existence of a right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the source of your information if it was not collected from us, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the details;
- Under art. 16 GDPR, to request the rectification of inaccurate data or completion of the personal data stored by us without undue delay;
- Under art. 17 GDPR, to request erasure of personal data stored by us unless the processing is necessary to exercise the right to free expression and information, to comply with a legal obligation, for reasons of public interest, or to establish, exercise, or defend legal claims;
- Under art. 18 GDPR, to request the restriction of processing of your personal data if you contest the accuracy of the data, if the processing is unlawful but you oppose erasure, and we no longer need the data, but you need it to establish, exercise, or defend legal claims or you have objected to processing under art. 21 GDPR;
- Under art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request transmission to another controller;
- Under art. 7 (3) GDPR, to revoke at any time the consent you granted to us. The consequence of this is that we may in future no longer continue the data processing based on this consent and
- Under art. 77 GDPR, to lodge a complaint with a supervisory authority. In general, you can do this with the supervisory authority of your habitual residence or place of work or our law firm’s headquarters.
- Insofar as your personal data is processed based on legitimate interests pursuant to art. 6 (1) (1) f) GDPR, under art. 21 GDPR to object to the processing of your personal data if there are grounds that arise from your particular situation or the objection is to direct marketing. In the latter case, you have a general right to object that we will implement without requiring any particular situation. If you wish to make use of your right to revoke consent or to object, send an email to firstname.lastname@example.org.
6. Data security
During the visit to our website, we use the common SSL procedure (Secure Socket Layer) together with the highest level of encryption supported by your browser. This is typically 256-bit encryption. If your browser does not support 256-bit encryption, we have recourse to 128-bit v3 technology instead. The locked picture of the key or lock symbol on the bottom status bar of your browser tells you whether an individual page of our Internet presence is encrypted.
COIA otherwise makes use of appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, full or partial loss or destruction, and unauthorised access by third parties. The security measures are continuously being improved as technology develops.