Address

IronShark GmbH
Leutragraben 1
07743 Jena
Germany

Business Hours

Mon – Fri 9AM – 5PM

Privacy Policy

 

Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

IronShark GmbH
Leutragraben 1
07743 Jena
Phone: +49 3641 59711 0
E-Mail: [email protected]
www.ironshark.de

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Ironshark GmbH. By means of this data protection declaration, our enterprise would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.

 

The data protection officer of IronShark GmbH is:

Lawyer
André Stämmler
Market 22
07743 Jena
E-Mail: [email protected]

For all questions and suggestions on data protection, you can directly contact our data protection officer.

 

1.  Collection of general data and information

The website of the Ironshark GmbH collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.

When using these general data and information, the Ironshark GmbH does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the Ironshark GmbH analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

 

Disclosure of data

A transfer of your personal data to third parties for purposes other than those listed below does not take place.

We only disclose your personal information to third parties if:

  • You according to Article 6(1) lit. f GDPR have expressly consented to this,
  • the disclosure pursuant to Article 6(1) lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
  • in the event that disclosure pursuant to Article 6(1) lit. f GDPR there is a legal obligation,
  • as permitted by law and in accordance with Article 6(1) lit. f GDPR is required for the settlement of contractual relationships with you.

 

Cookies

The Internet pages of the Ironshark GmbH use cookies. Cookies are text files that are stored in a computer system via an Internet browser.

Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the dats subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

Through the use of cookies, the Ironshark GmbH can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie, the information and offers on our website can be optimized with the user in mind. Cookies allow us, as previously mentioned, to recognize our website users. The purpose of this recognition is to make it easier for users to utilize our website. The website user that uses cookies, e.g. does not have to enter access data each time the website is accessed, because this is taken over by the website, and the cookie is thus stored on the user’s computer system. Another example is the cookie of a shopping cart in an online shop. The online store remembers the articles that a customer has placed in the virtual shopping cart via a cookie.

The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.

 

Integration of services and content of third parties

This website incorporates content from third-party providers. These services or contents can be, for example, Youtube videos or graphics of other websites. In such case, the third party will use your IP address to enable the presentation of that content.

 

Newsletter

On the website of the Ironshark GmbH, users are given the opportunity to subscribe to our enterprise’s newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter is ordered from the controller.

The Ironshark GmbH informs its customers and business partners regularly by means of a newsletter about enterprise offers. The enterprise’s newsletter may only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter shipping. A confirmation e-mail will be sent to the e-mail address registered by a data subject for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.

During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.

The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. The subscription to our newsletter may be terminated by the data subject at any time. The consent to the storage of personal data, which the data subject has given for shipping the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly via e-mail: [email protected].

 

MailChimp (Newsletter)

When using the e-mail distribution list, the e-mail address of the user is initially stored in the “MailChimp” directory. Storage is solely for the purpose of confirming the registration under the “double opt-in” – process. If the e-mail address has been confirmed, it will be permanently stored by MailChimp. The storage takes place until the e-mail address is deleted by the user (owner of the e-mail address) or by the operator of this website. It also saves the date of registration and the IP address of the user. This storage takes place for the purpose of proof against the allegation of unsolicited sending of e-mails. Any other use of the IP address does not occur.

 

Contact possibility via the website

The website of the Ironshark GmbH contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

 

Comments function in the blog on the website

The Ironshark GmbH offers users the possibility to leave individual comments on individual blog contributions on a blog, which is on the website of the controller. A blog is a web-based, publicly-accessible portal, through which one or more people called bloggers or web-bloggers may post articles or write down thoughts in so-called blogposts. Blogposts may usually be commented by third parties.

If a data subject leaves a comment on the blog published on this website, the comments made by the data subject are also stored and published, as well as information on the date of the commentary and on the user’s (pseudonym) chosen by the data subject. In addition, the IP address assigned by the Internet service provider (ISP) to the data subject is also logged. This storage of the IP address takes place for security reasons, and in case the data subject violates the rights of third parties, or posts illegal content through a given comment. The storage of these personal data is, therefore, in the own interest of the data controller, so that he can exculpate in the event of an infringement. This collected personal data will not be passed to third parties, unless such a transfer is required by law or serves the aim of the defence of the data controller.

 

Skype

Users can contact IronShark GmbH via Skype. It is a service provided by Microsoft Corporation: One Microsoft Way, Redmond, WA 98052-6399, USA. The service can be recognized by the Skype symbol. If the user calls the controller suing this service, it is necessary to log in to Skype with the user account. During the use of this service, a direct connection to the servers of Skype is made. Detailed information (in particular on the purpose and scope of data collection, processing and use of data, rights and setting options for the protection of privacy) can be found in the Micrososft privacy policy under the following link: https://privacy.microsoft.com/en-us/privacystatement/ .

 

Facebook-Messenger

Users have the opportunity to contact IronShark GmbH via Facebook Messenger service. This is a service by the social network Facebook: 1601 South California Avenue, Palo Alto, CA 94304, USA. The service can be recognized by the “Facebook Messenger” icon. If the user uses the service, a direct connection to the servers of Facebook is established. Detailed information (in particular on the purpose and extent of data collection, processing and use of data, rights and setting options for privacy protection) can be found in the Facebook Privacy Policy at https://www.facebook.com/policy.php.

 

2. Social Media

Social networks

We use social network plug-ins. A social network is generally a platform or app that allows users to communicate with each other, share opinions, or share content such as pictures with other users or in the social network. Users typically have the ability to create private or business profiles, network with each other, or provide private or business-related information.

 

Google+

We use the “Google +” button of the social network Google Plus on this website. Google Plus is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States.

By calling up a single site of this website, which contains a “Google +” button, a connection will be established to Google’s servers. The content of the button is transmitted by Google directly to the browser of the user and incorporated into the website. At the same time, Google receives information about which specific sub-page of our website users are visiting, regardless of whether you click on a button or not. More detailed information about Google+ is available at https://developers.google.com/+/.

If you are logged in to Google+ during your visit to our website, Google recognizes which specific subpage you visit each time and during the entire visit. This information is collected through the Google+ button. Google maps this information to your Google Plus account. If you press a Google Plus button while visiting our website and submit a Google + 1 recommendation, Google also assigns this information to your personal account and saves it. Google stores and processes this information along with other information, such as your name, search results, photos. Google is able to link this information together, and uses that data to improve its services.

If you are a Google Plus member and do not wish to have such data collection and / or linking, you can prevent the transfer by logging out of the respective Google Plus account.

For detailed information on the purpose and scope of the data collection, as well as the further processing and use of the data by Google and the privacy policy, please visit https://www.google.de/intl/de/policies/privacy/. For information about the Google +1 button, visit https://developers.google.com/+/web/buttons-policy.

 

Use of the Facebook-Plugin

On this website, plugins of the social network Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA) are integrated. If you live outside of Canada or the United States, the Responsible for processing of personal data is Facebook Ireland Ltd., (4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland).

Facebook plugins can be recognized by the Facebook logo or the “Like-Button” (“Like”). An overview of the Facebook plug-ins can be found at http://developers.facebook.com/docs/plugins/?locale=en_US.

When loading a page of this website containing a Facebook plugin, a connection with the Facebook servers is established. The contents of the button is transmitted from Facebook directly to the user’s browser and integrated into the website. At the same time, Facebook receives information about which specific sub-page of our website you are visiting, regardless of whether you click on a button or not.

If a user clicks the Facebook “Like-Button” while logged in with his Facebook account, the user can link the contents of this website to his Facebook profile. As a result, Facebook can assign the visit of this website to the user account of the user. It should be noted that the provider of this website does not receive any knowledge of the content of the transmitted data and its usage in Facebook. Further information can be found in the facebook privacy policy at http://de-de.facebook.com/policy.php.

An assignment of the visit of this Internet appearance by Facebook to the Facebook user account does not take place, if the user logs out of his Facebook account.

 

Use of the Twitter-Plugins

This website integrates the functions of Twitter services. These features are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. By using Twitter and the function “Re-Tweet”, the websites visited by the user are linked to the respective Twitter account and made known to other users. This data is also transmitted to Twitter.

It should be noted that the provider of this website does not receive any knowledge of the content of the transmitted data and its usage by Twitter. Further information can be found in the privacy policy of Twitter at https://twitter.com/privacy?lang=en.

The privacy settings on Twitter can be changed by the user in their account settings.

 

Use of the XING Share button

This website uses the “XING Share Button”. When the website is called up, the user’s browser quickly establishes a connection to servers of XING AG (“XING”) with which the “XING Share Button” functions (in particular the calculation / display of the counter value) are provided. XING does not store any personal data of the user by calling this website. In particular, XING does not store any IP addresses. There is also no evaluation of the user behavior regarding the use of cookies in connection with the “XING Share Button”. The current data protection information on the “XING Share Button” and additional information can be found on this website: https://www.xing.com/app/share?op=data_protection

 

LinkedIn

This website uses plug-ins of the social network LinkedIn of LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043), based in the US. With the LinkedIn plugin, users of this website can share content through their LinkedIn account. The user must be logged in to LinkedIn. The content is shared by clicking on the LinkedIn button. The LinkedIn button can be recognized by the corresponding LinkedIn logo.

The LinkedIn plugin will connect to and transfer data between the user’s Internet browser and the LinkedIn server when visiting this website. If the user is signed in to LinkedIn, LinkedIn will link the visit to the user’s website and LinkedIn account.

The provider of this website has no knowledge of which data is transmitted to LinkedIn.

For more information, including how to collect information, legal opportunities, and options, please refer to LinkedIn’s privacy policy and http://www.linkedin.com/legal/privacy-policy.

 

Instagram

This site uses plugins from Instagram, Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA. The Instagram plugins can be recognized by the Instagram logo.

When visiting this website, the plugin establishes a direct connection between the user’s browser and the Instagram server. Instagram receives the information that the user has visited this page with their IP address. If a user clicks the Instagram button while logged in with their Instagram account, the user can link the contents of this website to his Instagram profile. This allows Instagram to associate the visit of this website with the user account. It should be noted that the provider of this website does not receive any knowledge of the content of the transmitted data and its usage by Instagram. More information can be found in Instagram’s privacy policy at https://help.instagram.com/155833707900388/

If the user logs out of Instagram, there is no assignment of the visit of this website by Instagram to the user account.

 

3. Tracking

Google Analytics (with anonymization function)

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”), Google Analytics component is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA. Google Analytics uses so-called “cookies”. These are text files that are stored on the user’s computer and that allow an analysis of the user’s use of the website. The information generated by the cookie about the use of this website (including the IP address) is transmitted to a Google server in the USA and stored there. Your IP address will be shortened and processed further anonymously with the method _anonymizeIp (), if the access to this website is from a member state of the European Union or another contracting state of the Agreement on the European Economic Area. A person-related ability can thus be excluded. As far as the collected data of the user has a personal reference, this is therefore immediately excluded. The personal data will be deleted immediately.

Google will use the information to evaluate the use of the website, to compile reports on website activity for website operators and to provide other services related to website activity and internet usage. Google may also transfer this information to third parties if required by law or as far as third parties process this data on behalf of Google. Google will not associate IP address of the user with other data held by Google.

Users may refuse the use of cookies by changing the settings on their browser; It should be noted that users may not be able to use all features of this website to their full extent in this case. By using this website, the user agrees to the processing of data about him by Google in the manner described and for the aforementioned purpose.

Downloading and installing the browser plug-in at https://tools.google.com/dlpage/gaoptout?hl=en allows users to collect and send their usage-related information (including IP address) to Google and prevent the processing of this data by Google. In addition, users can prevent Google Analytics from collecting their personal data in the future by clicking on “Disable Google Analytics”. The future collection of information by visiting this website is thereby prevented by setting a so-called opt-out cookies. Additional information about Google Analytics and Google’s applicable privacy policy can be found at https://www.google.com/intl/en/policies/privacy/ and http://www.google.com/analytics/terms/en.html be retrieved. Google Analytics is explained in more detail at https://www.google.com/intl/de_de/analytics/.

This website uses Google Universal Analytics. This enables a cross-device analysis of user behavior. The evaluation takes place via a user ID. You can disable the cross-device analysis of your usage under “My Account”, “Personal Information” in your customer account.

HubSpot

We use HubSpot, a service of HubSpot Ireland Limited, Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Ireland.
HubSpot allows us to optimize marketing, customer service and customer management and to digitalize various services. For example, we use HubSpot to analyze visitor behavior from our website, to generate leads, for newsletter marketing and to manage our contacts.
When using HubSpot, certain personal data – such as IP address, location or time of page view – is collected and processed. This information is stored on servers of HubSpot and evaluated on our behalf.
Legal basis for this data processing is Art. 6 para. 1 lit. a DSGVO, if the data is processed for marketing purposes such as website tracking or newsletter. If we process the data as part of customer service and customer management the legal basis is Art. 6 para. 1 lit. b DSGVO.More information about data processing by HubSpot can be found at https://legal.hubspot.com/de/datenschutz

 

Notice about the use of Hotjar

Your trust is important to us. If you have any questions that cannot be answered by our legal notice and our privacy policy or if you would like any further information on a specific topic, please use our contact form.

Ironshark GmbH uses the web analysis service Hotjar of Hotjar Ltd on some websites. Hotjar Ltd. is a European company based in Malta (Hotjar Ltd, Level 2, St Julian’s Business Center, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta, Europe tel: +1 (855) 464-6788). With this tool, movements on the websites where Hotjar is integrated can be understood with the help of so-called heat maps. For example, you can see how far users are scrolling and which buttons users click and how often. Furthermore, the tool also allows feedback to be obtained directly from the users of the website. This helps us to gain valuable information to make our websites faster and more user-friendly. Ironshark GmbH pays special attention to the protection of your personal data when using this tool. The tool allows us to track which buttons are clicked, shows the mouse movements, how far users have scrolled, the screen size of the device, device type and browser information, geographic viewpoint (country only) and preferred language to represent our website. Areas of the websites in which personal data of you or third parties are displayed are automatically hidden by Hotjar and are thus at no time comprehensible. Hotjar offers every user the option of using a “Do Not Track header” to prevent the use of the tool Hotjar, so that no data on the visit of the respective website are recorded. This is a setting that supports all common browsers in current versions. For this, your browser sends a request to Hotjar, with the hint to disable the tracking of the respective user. If you use sipgate websites with different browsers/computers, you must set up the “Do Not Track header” for each of these browsers/computers separately. For detailed instructions with information about your browser, visit: https://www.hotjar.com/opt-out More information about Hotjar Ltd. and via the Hotjar tool, visit: https://www.hotjar.com The privacy policy of Hotjar Ltd. can be found at: https://www.hotjar.com/privacy

 

4. Marketing

Google Adwords

This website uses Google Adwords for online advertising. Cookies are used by Google as well as by third-party providers (eg double-click cookies) – if necessary also combined. This allows the circuit of optimized ads on websites of Google and third-party due to the previous visits of the user of this website.

This website uses the following Google AdWords features:

  • Remarketing
  • Interest categories
  • Similar target groups
  • Conversion Tracking
  • Other types of interest-based advertising

The information generated by the cookies of the user (including his IP address) are transmitted to a Google server in the United States and stored there. Google shortens the last 3 digits of the IP address thereby excluding an assignment of the IP address. Google has joined the Safe Harbor Agreement and complies with its privacy policy. A transfer of the data by Google to third parties takes place only due to legal regulations or in the context of order data processing. In no case Google will match data of the user with other data collected by Google.

This website also uses “retargeting tags”. This is a JavaScript element placed in the source code of this website. When visiting a page of this website which includes a “retargeting tag”, a cookie is placed on the user’s computer by a provider of online advertising (e.g., Google) and associated with a retargeting audience list. The placement of the cookie enables the placement of interest-based advertising on other websites visited by the user.

Users of this website may object to data collection and storage at any time with effect for the future. The deactivation of cookies is possible via the following links

Google advertising and double-click cookies setting

Setting for third-party cookies and double-click cookies

 

Conversion Tracking with Google

This website uses conversion tracking as part of Google AdWords. This is an analysis service provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”).

When you click on an ad delivered by Google a cookie for conversion tracking is stored on the user’s computer. These cookies are valid for 30 days, do not contain any personal data. Personal identification is therefore not possible.

If you visit this website before the cookie expires, both Google and we may recognize that the user clicked on a particular ad and was redirected to that page. Cookies can not be tracked on the Webseites of Adwords customer, as each AdWords customer receives a separate cookie.

The information can be used to generate conversion statistics for AdWords advertisers. These are, for example, information on the total number of users who clicked on the ad. A personal identification of users is not possible. Participation in the tracking can be prevented by preventing the use of cookies by changing the settings of the browser. You can also prevent the collection of your data by Google Analytics by clicking on the link below. It will set an opt-out cookie, which prevents the recording of your data for future visits to this website: To read the privacy policy of Google and to disable Google Analytics for collecting further information, visit: http://www.google.com/policies/technologies/ads/ and http://www.google.de/policies/privacy/

 

Facebook Pixel

This website uses the remarketing feature “Custom Audiences” of Facebook Inc. (“Facebook”). As a result, the effectiveness of the Facebook advertisements for statistical and market research purposes can be evaluated and future advertising measures to be optimized. Through this tag, a direct connection to the Facebook servers is made when visiting the website. We ourselves can not draw any conclusions about individuals. However, we have to point out, that Facebook collects and processes data and thus conclusions on individuals are possible. For more information on the collection and use of data by Facebook, as well as your rights in this regard and ways to protect your privacy, please refer to the privacy policy of Facebook at https://www.facebook.com/about/privacy/. Alternatively, you can disable the remarketing feature “Custom Audiences” at https://www.facebook.com/settings/?tab=ads#_=_. This requires you to be logged in to Facebook.

 

5. Rights of the data subject

  • Right to withdraw data protection consent
    Each data subject shall have the right granted by the European legislator to withdraw his or her consent to processing of his or her personal data at any time. If the data subject wishes to exercise the right to withdraw the consent, he or she may, at any time, contact any employee of the Ironshark GmbH.
  • Right of access
    Each data subject shall have the right granted by the European legislator to obtain from the controller free information about his or her personal data stored at any time and a copy of this information. Furthermore, the European directives and regulations grant the data subject access to the following information:
  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning the data subject, or to object to such processing;
  • the existence of the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from the data subject, any available information as to their source;
  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.

Furthermore, the data subject shall have a right to obtain information as to whether personal data are transferred to a third country or to an international organisation. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.

If a data subject wishes to avail himself of this right of access, he or she may, at any time, contact any employee of the controller.

  • Right to rectification;
    Each data subject shall have the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact any employee of the controller.
  • Right to erasure (Right to be forgotten)
    Each data subject shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
  • The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
  • The data subject withdraws consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
  • The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR.
  • The personal data have been unlawfully processed.
  • The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by the Ironshark GmbH, he or she may, at any time, contact any employee of the controller. An employee of Ironshark GmbH shall promptly ensure that the erasure request is complied with immediately.

Where the controller has made personal data public and is obliged pursuant to Article 17(1) to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested erasure by such controllers of any links to, or copy or replication of, those personal data, as far as processing is not required. The employees of the Ironshark GmbH will arrange the necessary measures in individual cases.

  • Right of restriction of processing
    Each data subject shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:
  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use instead.
  • The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
  • The data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by the Ironshark GmbH, he or she may at any time contact any employee of the controller. The employee of the Ironshark GmbH will arrange the restriction of the processing.

  • Right to data portability
    Each data subject shall have the right granted by the European legislator, to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format. He or she shall have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.In order to assert the right to data portability, the data subject may at any time contact any employee of the Ironshark GmbH.
  • Right to object
    Each data subject shall have the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.The Ironshark GmbH shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.If the Ironshark GmbH processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to the Ironshark GmbH to the processing for direct marketing purposes, the Ironshark GmbH will no longer process the personal data for these purposes.In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her by the Ironshark GmbH for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.In order to exercise the right to object, the data subject may contact any employee of the Ironshark GmbH. In addition, the data subject is free in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to use his or her right to object by automated means using technical specifications.If you would like to exercise your right of revocation or objection, please send an e-mail to [email protected]

 

 

6. Data security

During the visit of this website, the Secure Socket Layer (SSL) method is used in conjunction with the highest level of encryption supported by the user’s browser. This is usually a 256 bit encryption. If the user’s browser does not support 256-bit encryption, a 128-bit v3 technology is used. The encrypted transmission of a page of this website can be recognized by the key or lock symbol in the status bar of the browser.

In addition to the SSL encryption technical and organizational security measures are used to protect the data against accidental or intentional manipulation, loss, destruction or against unauthorized access by third parties. These security measures are continuously being improved in line with technological developments.

 

7. The current version of the privacy policy

This Privacy Policy is from: May, 2018.

Due to changes in the legal situation, regulatory requirements or the further development of this website and corresponding offers on this, an adaptation of this privacy policy may become necessary. In this case, the latest privacy policy can be accessed and printed at any time at the URL.

Our Privacy Policy is provided by STÄMMLER | MEDIENRECHT

 

A regulatory opinion on the use of Universal Analytics is not yet available. This leaves a certain amount of legal uncertainty until either an opinion or, if necessary, a court ruling is available.

In any case, the data subject must be informed about the extended use and be shown the possibility to opt-out.