With the following privacy policy, we would like to inform you about which types of your personal data (hereinafter shortly referred to as “data”) we process for which purposes and to what extent. This privacy policy applies for all personal data processing performed by us, in the course of our service delivery as well as on our website, in mobile applications and within our external online presence, e.g. our social media profiles (hereinafter collectively referred to as “online offer”). The used terms are not to be considered gender-specific. Status: 30/08/2022
d3sign.me
Leopoldstr. 2-8
32051 Herford
E-mail: admin@d3sign.me
The following overview summarises the types of processed data and the purposes of their processing and refers to the data subject.
Processing Purposes
Appropriate Legal Basis
In the following, we will inform you about the legal basis of the General Data Protection Regulation (GDPR), which serves as a guideline for our personal data processing. Please be aware that national data protection guidelines of your or your company’s country of residence may apply in addition to GDPR regulations.
In addition to the data protection regulations of the General Data Protection Regulation, there are national regulations for data protection applying in Germany. In particular, these include the Federal Data Protection Act (BDSG), which protects personal data against abuse during processing. The BDSG includes special regulations regarding the right of access, the right to erasure, the right to object, the processing of special categories of personal data, the processing for other purposes and the data transfer, and automated individual decision-making including profiling. Furthermore, it regulates the data processing for employment-related purposes (§26 BDSG), particularly regarding commencing, carrying out or terminating employment relationships, and the employees’ consent. Also, federal-state data protection laws of the individual federal states may apply as well.
In accordance with legal requirements and consideration of state of the art, the implementation costs and the type, the extent, the circumstances and the purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we take suitable technical and organisational measures to guarantee a level of protection appropriate to the risk. These measures especially include the safeguarding of confidentiality, integrity and availability of data by controlling the physical and electronic access to the data and their entering, transferring, securing their availability and separation. Furthermore, we established methods to ensure the awareness of the data subjects’ rights, the erasure of data and reactions to data threats. Also, we consider the protection of personal data already in the development and selection of hardware, software and methods according to the principle of data protection, with technology design and privacy by default settings.
IP Address Shortening: If an IP address storage is not necessary and if it is in our realm of possibilities, your IP address will be shortened either by us or others. In case of an IP address shortening (also known as “IP masking”), the last octet, i.e. the last two numbers of an IP address, will be deleted. In this context, the IP address is an individually assigned identifier of an internet connection provided by the online service provider. The goal of this IP address shortening is to prevent or impede the identification of a person significantly.
SSL Encryption (https): To save your data submitted by our online offer, we use SSL encryption. You can identify connections encrypted like that by the prefix https:// in the address bar of your browser.
Cookies are text files that contain data of visited websites or domains and are saved on the user’s computer by the browser. The primary purpose of a cookie is to save information about a user during or after a visit on an online offer. To the information saved belong e.g. language settings on a website, the login status, a shopping cart or the point on which a video was watched. To the concept of cookies, we also count other technologies that fulfil the same functions as cookies (e.g., if user details are saved using pseudonymous online identifications, also known as “user IDs”).
Information on Legal Bases:
The legal basis on which we process your personal data using cookies depends on whether we ask for your consent or not. If we do ask and you give your consent, the legal basis of the data processing is the declared consent. If not or if consent on cookies is required to fulfil our contractual obligations, the data will be processed based on our legitimate interests (e.g. on an economical operation of our online offer and its improvement) using cookies.
General Information on Revocation and Objection (Opt-Out): Depending on whether or not the processing takes place based on consent or legal permission, you have the chance to revoke your given consent or to object against the processing of your data using cookie technology at any time (collectively referred to as “Opt-Out”). First, you can declare your objection using your browser settings e.g., by deactivating the use of cookies. Please note that this may limit the functionality of our online offer. You can declare your objection against the use of cookies for online marketing purposes using a variety of services, especially in case of tracking, on the websites http://optout.aboutads.info and http://www.youronlinechoices.com/. In addition, you can get further information on the objection in the framework of details on our service providers and cookies.
Processing of Cookie Data on Consent Basis: Before we process or have data processed in the framework of cookie usage, we ask the user for consent revocable at any time. Until the consent is given, we will at most use cookies necessary for the operation of our online offer. Their usage takes place based on our and the users’ interests in the expected functionality of our online offer.
We maintain an online presence on social networks to communicate with their active users or provide information about us on them. Furthermore, the users’ data within social networks are generally processed for market research and advertising purposes. In addition to that, user profiles can be generated, e.g. through the usage behaviour and the resulting interests of the users. On the other hand, these user profiles can be used, e.g. to generate adverts in and outside of the network that presumably meet the users’ interests. Therefore, cookies are typically stored on the users’ computers in which the usage behaviour and the users’ interests are stored. Also, the data stored in these user profiles do not depend on the device used (especially when the users are members of the platform in question and logged into their accounts). For a detailed description of the particular processing types and the appropriate opt-out options, please see the privacy policies and the information given by the network operators in question. Also, in the case of information requests and the assertion of data subject rights, we point out that these are most effectively requested from the service provider. Only the service providers have access to their users’ data and can take the appropriate measures and provide information. If you still need help, feel free to contact us.
In accordance with legal requirements, we will erase data processed by us as soon as the consent given for their processing will be revoked or other permits lapse (e.g. when the processing purpose of these data lapsed or when they are not necessary for the purpose). As long as data are not erased because they are necessary for other purposes permitted by law, their processing will be limited on these purposes. In other words, the data will be blocked and not processed for other purposes. This applies, e.g. for data, that have to be stored because of commercial or fiscal reasons or whose storage is necessary for the establishment, exercise or defence of legal claims or for the protection of another natural or legal person’s rights. Further information on the erasure of personal data can also be given in the framework of the data protection notices in this privacy policy.
We kindly ask you to inform yourself about the content of our privacy policy regularly. We will adjust our privacy policy as soon as the changes in our performed data processing make it necessary. We will inform you if the changes made require an act of cooperation from your side (e.g. consent) or another individual notification. Suppose we provide addresses and contact information of companies and organisations in this privacy policy. In that case we kindly ask you to be aware that these addresses can change over time, and we ask you to check these details before contacting them.
According to the GDPR, you as a data subject are entitled to several rights that especially arise out of Art. 15 to 18 and 21 GDPR:
This paragraph provides an overview of the terms used in this privacy policy. Many of these terms are extracted from the law and especially defined in Art. 4 GDPR. The legal definitions are binding. On the other hand, the following explanations should primarily serve for a better understanding. The terms are arranged alphabetically.
automated conformance GmbH
Kolbestrasse 37
D – 90425 Nürnberg (Nuremberg)
Germany