Data Protection Policy
Data Protection Policy
Name and contact details of the responsible party
metrica GmbH & Co KG, Bahnhofstraße 73, 48308 Senden, Germany
Contact details of the data protection officer:
Our data protection officer can be reached by post at the address of the responsble party and by e-mail at email@example.com.
Scope and purpose of the processing of personal data
Accessing the website
When this website is accessed, the Internet browser used by the visitor automatically sends data to the server of this website and saves it for a limited period of time in a log file. Until automatically deleted, the following data is stored without further input by the visitor:
- IP address of the visitor’s end device,
- the date and time of access by the visitor,
- Name and URL of the page accessed by the visitor,
- Website from which the visitor accesses the website (so-called referrer URL),
- Browser and operating system of the visitor’s end device and the name of the access provider used by the visitor.
The processing of this personal data is justified in accordance with Art. 6 (1) sentence 1 letter f) GDPR. The responsible party has a legitimate interest in data processing for the purpose of
- establishing a connection to the website quickly,
- enabling the website to be used in a user-friendly manner,
- recognising and ensuring the security and stability of the systems, and
- facilitating and improving the administration of the website.
This processing is expressly not carried out for the purpose of gaining knowledge about the person visiting the website.
Disclosure of data
Personal data is transferred to third parties if
- in accordance with Art. 6 (1) sentence 1 letter a) GDPR it has been expressly agreed to by the data subject,
- disclosure in accordance with Art. 6 para. 1 sentence 1 letter f) GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that the data subject has an overriding legitimate interest in the non-disclosure of their data,
- there is a legal obligation to transfer data pursuant to Art. 6 para. 1 sentence 1 letter c) GDPR, and/or
- this is required in accordance with Article 6 para. 1 sentence 1 letter b) GDPR for the fulfilment of a contractual relationship with the data subject.
In other cases, personal data will not be passed on to third parties.
So-called cookies are used on the website. These are data packages that are exchanged between the server of the website and the visitor’s browser. These are saved by the respective devices used (PC, notebook, tablet, smartphone, etc.) when you visit the website. In this respect, cookies cannot cause any damage to the devices used. In particular, they do not contain viruses or other malware. The cookies store information that arises in connection with the specific end device used. Under no circumstances can we gain direct knowledge of the identity of the visitor to the website.
Cookies are largely accepted according to the basic settings of the browser. The browser settings can be set so that cookies are either not accepted on the devices used or so that a special notice is given in each case before a new cookie is created. However, it should be noted that deactivating cookies can mean that not all functions of the website can be used in the best possible way.
Temporary cookies are used to improve user-friendliness. They are stored on the visitor’s device for a temporary period. When the visitor visits the website again, it is automatically recognised that the visitor has already accessed the page at an earlier time and what entries and settings were made so that they do not have to be repeated.
The data processed by cookies is used for the purposes mentioned above to protect our legitimate interests in accordance with Art. 6 (1) sentence 1 letter f) GDPR.
No cookies requiring consent are used, but only technically necessary cookies that are used solely for the convenient provision of the website and not for the identification of website visitors.
Analysis services for websites, tracking
No tracking or analysis tools are used on this website.
Direct links to our Facebook, Twitter and Instagram presences are provided on our website. When you access these links, you will be redirected directly to the corresponding pages and will leave the area for which we are considered the responsible party and which we can control. You can find the data protection information of these providers at:
For Facebook and Instagram: https://de-de.facebook.com/about/privacy/
For Twitter: https://twitter.com/privacy?lang=de
Your rights as a data subject
Insofar as your personal data is processed when you visit our website, you as a “data subject” have the following rights within the meaning of the GDPR:
You can request information from us as to whether personal data about you is being processed by us. There is no right to information if the provision of the requested information would violate a duty of confidentiality or the information must be kept confidential for other reasons, in particular due to an overriding legitimate interest of a third party. By way of derogation from this, there may be an obligation to provide information if, in particular taking into account impending damage, your interests outweigh the interests of confidentiality. The right to information is also excluded if the data is only stored because it cannot be deleted due to statutory or statutory retention periods or only serves the purposes of data backup or data protection monitoring, insofar as the provision of information would require a disproportionate amount of effort and processing for other purposes is excluded by suitable technical and organisational measures. If the right of access is not excluded in your case and your personal data is processed by us, you can request information from us about the following information:
- the purposes of the processing,
- categories of personal data processed about you,
- recipients or categories of recipients to whom your
personal data is disclosed, in particular to recipients in
- if possible, the planned duration for which your personal data will be stored
or, if this is not possible, the criteria for determining the
- the existence of a right to rectification or erasure or restriction of the
processing of personal data concerning you or a
right to object to this processing,
- the existence of a right to lodge a complaint with a supervisory authority for data protection,
- if the personal data has not been collected from you as the data subject,
the available information on the origin of the data,
- if necessary the existence of automated decision-making, including profiling and meaningful information about the logic involved as well as the scope and
the intended impact of automated decision-making;
- if necessary, in the case of transmission to recipients in third countries, if there is no EU Commission decision on the adequacy of the level of protection pursuant to Art. 45 (3) GDPR, information on which suitable guarantees pursuant to Art. 46
para. 2 GDPR are envisaged for the protection of personal data.
Rectification and completion
If you establish that we have incorrect personal data about you, you can request that we correct this incorrect data immediately. In the case of incomplete personal data concerning you, you may request completion.
You have the right to erasure ("right to be forgotten") if the processing is not for the exercise of the right of freedom of expression, the right to information or the performance of a legal obligation or a task carried out in the public interest and one of the following reasons applies:
- The personal data is no longer necessary for the purposes for which it was processed.
- The justification for the processing was exclusively your consent, which you have revoked.
- You have objected to the processing of your personal data that we have made public.
- You have objected to the processing of personal data that we have not made public and there are no overriding legitimate reasons for the processing.
- Your personal data has been unlawfully processed.
- The erasure of personal data is necessary to fulfil a legal obligation to which we are subject.
There is no entitlement to erasure if erasure is not possible or only possible with disproportionate effort in the case of lawful non-automated data processing due to the special type of storage and your interest in erasure is low. In this case, erasure is replaced by restriction of processing.
Restriction of processing
You can request that we restrict processing if one of the following reasons applies:
- You dispute the accuracy of the personal data. In this case, the restriction can be requested for the duration that allows us to verify the accuracy of the data.
- The processing is unlawful and you request the restriction of the use of your personal data instead of erasure.
- Your personal data will no longer be required by us for the purposes of processing, but you will need it for the assertion, exercise or defence of legal claims.
- You have objected in accordance with Art. 21 (1) GDPR. The restriction of processing can be requested as long as it has not yet been determined whether our legitimate reasons outweigh your reasons.
Restriction of processing means that the personal data is only processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. Before we lift the restriction, we have an obligation to inform you of this.
You have the right to data portability if the processing is based on your consent (Art. 6 (1) sentence 1 letter a) or Art. 9 (2) letter a) GDPR) or is based on a contract to which you are party and which is processed using automated procedures. In this case, the right to data portability includes the following rights, provided that this does not affect the rights and freedoms of other persons: You may request us to receive the personal data you have provided to us in a structured, commonly used and machine-readable format. You have the right to transfer this data to another responsible party without hindrance on our part. Where technically feasible, you may request that we transfer your personal data directly to another responsible party.
If the processing is carried out in accordance with Art. 6 (1) sentence 1 letter e) GDPR (performance of a task in the public interest or in the exercise of official authority) or in accordance with Article 6 (1) sentence 1 letter f) GDPR (legitimate interest of the responsible party or a third party), you have the right to object to the processing of personal data concerning you at any time for reasons arising from your particular situation. This also applies to profiling based on Art. 6 (1) sentence 1 letter e) or f) GDPR. Once the right to object has been exercised, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
You can object to the processing of personal data concerning you for direct advertising purposes at any time. This also applies to profiling associated with such direct advertising. After exercising this right to object, we will no longer use the relevant personal data for direct advertising purposes.
You have the option of submitting your objection by telephone, e-mail or, if necessary, by fax or to our postal address listed at the beginning of this data protection policy.
Withdrawal of consent
You have the right to withdraw your consent at any time with future effect. Withdrawal of consent can be made informally by telephone, e-mail, or, if necessary, by fax or to our postal address. The withdrawal shall not affect the lawfulness of data processing that took place on the basis of the consent until receipt of the withdrawal. After receipt of the withdrawal, the data processing that was based exclusively on your consent will be discontinued.
If you believe that the processing of personal data concerning you is unlawful, you may lodge a complaint with a supervisory authority for data protection, which is responsible for the location of your stay or workplace or for the location of the alleged breach.
Status and updating of this data protection policy
This data protection policy is dated September 2022. We reserve the right to update the data protection policy in due course in order to improve data protection and/or to adapt it to changed official practice or case law.