For Bayern Innovativ compliance with data protection laws is not only a legal obligation, but a necessary element of trust. In the following we want to transparently inform you about the methods, scope and purpose of the processing of your personal data which might be collected from you while visiting this website. We will also inform you about your rights. As operator of the website www.easyres-project.eu Bayern Innovativ (subsequently referred to as “we" and “us") is the controller pursuant to Art. 4 No. 7 of the General Data Protection Regulation (GDPR). You can contact us at info@bayern-innovativ.de with any questions about this privacy policy. You can reach our DPO at: E-Mail: datenschutz@bayern-innovativ.de As a data subject you have the following rights concerning your personal data. You have When you claim your rights toward us according to the GDPR and the BDSG, we will process the data you thereby submit to fulfill your claims. Subsequently, we will store the data submitted by you and the data submitted by us to you in return for the purpose of documentation until the expiry of the regulatory offenses limitation period (3 years). The lawfulness of processing and storing the data is based on Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest results from our obligation to fulfill your requests and the need to exonerate ourselves in possible fine proceedings by proving that we have lawfully fulfilled your requests. You can object to the processing of your personal data based on our legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. We would like to note that the processing of your personal data is mandatory for the verification of compliance with data protection rights of the data subject according to Art. 21 (1) GDPR, as other methods of verification do not exist or are not equally suitable. We secure our website and other systems — and thus your data — through technical and organizational measures against loss, destruction, access, change or dissemination through unauthorized persons. In particular your personal data will be transmitted encrypted through the internet. Therefore we operate with the coding system TLS (Transport Layer Security). Having said this, the transmission of information via internet is never fully safe, which is why we cannot guarantee the safety of the data transmitted by our website to a 100%. We process your personal data insofar as it is necessary for the statement, content-related configuration or modification of a contractual relationship between you and us (inventory data). In particular the following can be inventory data: Name, form of address, contact details (postal address, telephone, email address), date of birth , etc. Furthermore, we process your usage data. Usage data is data that is collected when you interact with our web content and our services, in particular your IP address, start and end of your visit on our website and information on the contents you have viewed on our website. We collect the data mentioned directly from you (e.g., through the visit of our website), or, provided that it is permitted by data protection laws, from third parties or respectively from publicly accessible sources (e.g., commercial or association register, the press, media, internet). All information we acquire from or on you will generally be processed on servers located within the European Union. A transmission of your data or a processing of your data in third party countries will occur without your explicit consent solely if this is legally intended or permitted and if an appropriate data protection level is guaranteed in the third party country. We will never illicitly disclose your personal data to third parties. However, we may disclose your data to third parties, in particular if you have agreed to data disclosure, if the disclosure is necessary to fulfill our legal obligations or if we are obligated or authorized to disclose said data by law or administrative or judicial orders. In particular this may be the case for the purposes of criminal proceedings, averting of dangers or enforcement of intellectual property rights. Under certain circumstances we may transmit your data to external Service providers which process data on our behalf and in accordance with our instructions (data processor) to simplify and disburden our own data processing. Every data processor will be bound by contract according to Art. 28 GDPR. In particular this means that the data processor has to offer sufficient guarantees that appropriate technical and organizational measures are implemented so that data processing is compliant with the requirements of the GDPR and your rights as a data subject are ensured. Despite commissioning data processors we remain the responsible party for the processing of your personal data according to the GDPR. In general we will use the data solely for the purpose for which the data was gathered. We may subsequently process the data for another, different purpose, provided that this other purpose is not incompatible with the original purpose (Art. 5 (1) point (c) GDPR). Unless specified otherwise, we will store data gathered from you only for as long as it is necessary for each respective purpose and unless there are legal retention obligations preventing deletion, for example from commercial law or tax law. In the following we want to outline as transparently as possible, which of your data we will process under which circumstances, on what basis and for what purpose. Each time our website is accessed, the following general information will be automatically sent to our servers by your browser (so called server log files): Your IP address, product and version information of the browser and operating system used (so called user agent), the webpage from which the access originated (so called referer), date and time of the request and possibly your internet service provider. Furthermore, the status and the volume of data will be recorded. Your computer’s IP address will be stored only for the duration of your visit to the website and subsequently will immediately be deleted or made partially unrecognizable through reduction. The rest of the data will be stored for a limited period of time (to a maximum of 7 days1). The legal basis for the usage of these server log files is Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest arises from the necessity to operate our website, especially to discover and remove website errors, to determine the utilization of the webpage, to make adjustments and improvements and to guarantee the security of the system. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. We would like to point out that the processing of your server log files is mandatory in accordance with Art. 21 (1) GDPR, as otherwise the website cannot be operated at all. To improve user-friendliness we use so called “cookies" on our website. Simply put, a cookie is a small text file, that stores data about visited websites. Cookies can store a kind of “user profile", including information like your preferred language or other page set-ups, that are required by our website to be able to offer you certain services. This file will be stored on your terminal device and also helps with recognizing you in the event of a new visit to our website. Under certain circumstances we can gather information on your preferred activities on our webpage through these cookies, and thus align the webpage according to your individual interests and even increase the navigation speed on our website. You can manually delete the cookies in your browser’s security settings at any time. Optionally, you can prevent the storage of cookies by default via the respective settings of your browser. Please do note that in this case you possibly will not be able to use all functions of our website entirely or that errors may occur in the presentation or usage of the website. It is possible that third party service providers, with the help of whom we develop and operate our website, independently store cookies on your terminal device, in particular through so called plugins (see section below “Third-party services"). Should you solely want to accept our own cookies, but not the cookies of these third parties, you can prevent these third Party cookies by use of the respective browser setting “Block third-party cookies". In detail our webpage places the following cookies: The legal basis for the usage of cookies generally is Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest results from our need to be able to provide you with a user friendly website. Relating thereto Cookies are essential as they are an integral part of the current internet technology and numerous of our present website’s different functions would not be available without cookies. You can object to the processing of your data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. We would like to note that the processing of your data in certain cookies is mandatory in accordance with Art. 21 (1) GDPR, as otherwise the website cannot be operated at all and that we do not have the technical possibilities to prevent the storage of cookies on specific individual terminal devices. Nevertheless, it is possible for you to take care of this yourself (see above, “how you can avoid cookies"). In individual cases we will ask your consent to the application of cookies. In these cases the legal basis for the use of the respective cookies is Art. 6 (1) point (a) GDPR (consent of the subject). You can revoke your consent with effect for the future at any time. Please use the contact details provided in the imprint. Our webpage offers possibilities to contact us directly. By contacting us you declare your consent to the processing and recording of your transmitted data (in particular your email address) in order to process your request. You can revoke your consent to this processing with effect for the future at any time. Please use the contact details stated in the imprint for this. However, please note that in this case we will no longer process your request. The data transmitted to us by you will be processed solely up until the point in which the purpose of your request is reached, unless contradicting legal retention periods exist. If the purpose of your contact is assertion of the rights of the data subject the section “your rights as a data subject" applies. We mandatorily require the following information from you: [Email]: The information of your Email is necessary, because we require a way to contact you. We use your information exclusively for this purpose. The legal basis for the usage of the data transmitted by you to us by contacting us is Art. 6 (1) point (a) GDPR (consent of the data subject). You can revoke your consent with effect for the future at any time. Please use the contact details provided in the imprint. The legal basis for processing mandatory information is Art. 6 (1) Point (f) GDPR (legitimate interest of data processing). We have described the legitimate interest in the listing above. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. We offer to keep you up to date and regularly inform you about special offers through our newsletter service. To subscribe to the newsletter you can enter your email address into our distribution list. Following this you will have to confirm your registration (Double-Opt-In-Procedure). We use the data transmitted by you to us solely in regard to the newsletter service and do not distribute it to third parties for other purposes. The legal basis for the usage of your email address is Art. 6 (1) point (a) GDPR (consent of the data subject). You can revoke your consent with effect for the future at any time. Please use the link included in every newsletter email or the contact details stated in the imprint. For simplification of our data processing and to extend the functionality of our website we use third party services and resources, for example plugins, external content, software or other external service providers (services). In doing so the possibility exists that personal data will be transmitted to the service provider. If required, to protect your data, we have contractually obligated the service provider according to Art. 28 GDPR to solely process the data according to our instructions. We would like to explicitly point out that we are regularly only responsible for the data acquisition and transmission by the service according to the GDPR, but not for a possible subsequential processing by the respective service provider. In detail we use the following services: Our webpage uses services from the company Google Ireland Limited (“Google EU"), Gordon House, Barrow Street, Dublin 4, Irland. This company represents the company Google LLC (“Google US"), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA in the EU. The company Google US fulfills the requirements of the “EU-US-privacy-shield". The Privacy-shield-agreement regulates the protection of personal data that is transmitted from an European Union member country to the USA. It ensures that the transmitted data will be subject to a data protection Standard comparable to the one of the European Union. You can find the list of certified companies here: https://www.privacyshield.gov/list By using the services data will be transmitted to Google EU and possibly from Google EU to Google US. Google as a whole can use the transmitted data to create anonymized user profiles for statistical purposes. In addition, if you possess a Google-account and are logged into it, Google can associate the transmitted data with your account, even across multiple devices. In general we do not have any influence regarding this data processing. Controller of this data processing is therefore Google EU. You can find more information about the handling of user data in the privacy policy of Google: https://policies.google.com/privacy. You can change your individual Google ad-settings on the following website: https://adssettings.google.com/?hl=de (Please note: The settings made are deleted when you delete the cookies in your browser) We use: Our website uses the service “Google Analytics" from Google. Google Analytics uses cookies (see above under “cookies") to enable us an analysis of the website usage of website visitors. The information produced by the cookies about the usage of this website through the users will generally be transmitted to a Google server in the USA and stored there. Among other things the following can be transmitted: Your IP address, product- and version Information about the used browser and operating system (so called user agent), the webpage from which your access took place (so called referrer), date and time of your request and possibly your internet-service-provider. Our website has activated the IP-anonymization, so that your transmitted IP address will be reduced before transmission from the jurisdiction of the GDPR, and thereby made partially unrecognizable (anonymized). Only in exceptional cases your IP address will be first transmitted to a Google server in the USA and immediately reduced thereafter. Google will use the transmitted information on our account to evaluate the usage of our website, to compose reports about website activity, and to deliver us further services related to the website usage and internet usage. The IP address transmitted by your browser within the frames of Google analytics will not be matched with other data from Google. You can find more information about the terms of service and data protection by Google analytics at http://www.google.com/analytics/terms/de.html and under https://policies.google.com/technologies/partner-sites?hl=de You can prevent the transmission and processing of data to google that is produced by the cookie related to the website usage (including IP address), by downloading the browser-plugin available from the following link and installing it in your browser. The current link is: http://tools.google.com/dlpage/gaoptout?hl=de. You can also prevent the setting of cookies in general (see above “How you can avoid Cookies"). You can prevent the acquisition of your data by Google analytics by clicking the following link. This will set an Opt-Out-Cookie, that will prevent the acquisition of your data for future visits of this website: [Deactivate Google Analytics]2 The legal basis for the usage of Google Analytics is Art. 6 (1) point (a) GDPR (consent of the data subject) 3, since no data processing occurs as long as you do not accept our cookies via the cookie-banner. You can revoke your consent with effect for the future at any time. For this purpose, please delete the cookies stored in your Browser, or use the contact details stated in the imprint. Our website uses the external font-service “Google Fonts" by Google. This service allows us to present our website in a unified and appealing way even for variously configured user terminals by loading fonts from an external server instead of the user terminal. For this purpose the required fonts will generally be requested from a Google server in the USA. Through this request the following information, amongst others, will be transmitted to the Google servers and stored there: Your IP address, product- and version information about the used browser and operating system (so called user agent), the webpage from which your access took place (so called referrer), date and time of your request and possibly your internet-service-provider. The legal basis for the usage of Google Fonts is Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest results from our need to present our website and online services in an appealing and unified way. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. Our website uses the external map service “Google Maps" by Google. Google Maps serves our ability to offer an interactive map on our website, that shows you how you can find and reach us. This service allows us to present out website in an appealing way by loading maps from an external server. The required data is generally requested from a Google server in the USA. Through this request the following information, amongst others, will be transmitted to the Google servers and stored there: Your IP address, product- and version information about the used browser and operating system (so called user agent), the webpage from which your access took place (so called referrer), date and time of your request and possibly your internet-service-provider. In addition to this cookies (see above under “cookies") will be set through the service on your terminal and analyzed by Google. The legal basis for the usage of Google Maps is Art. 6 (1) point (a) GDPR (consent of the data subject), since no data processing occurs as long as you do not accept our cookies via the cookie-banner. You can revoke your consent with effect for the future at any time. For this purpose, please delete the cookies stored in your Browser, or use the contact details stated in the imprint. You can find further information regarding Palisis privacy policy at: https://www.palisis.com/privacy-policy/. Our Webpage operates with so called Content Delivery Networks (CDN). A CDN is a network of efficient servers, that cache contents in different locations all around the world. Thereby a CDN has two main purposes: On one hand it is supposed to quickly provide information, on the other hand it is supposed to relieve the Web-Host by distributing the data traffic. CDNs transmits two types of content: Static and dynamic content. All website visitors gain the static content in equal form, for example video content from streaming services or Code frameworks (such as Javascript, jQuery). Dynamic content is adjusted to the user and created only in the instant of a request. Dynamic content consists of content from web-applications, e-mails or online shops and are personalized. To use the latter content, information about the website visitor has to be previously transmitted to the CDN. In doing so, personal data may also be transmitted. With each request to this application general Information of your Browser will automatically be transmitted to the Server (so called server-log-data). Further information regarding this can be found above under the key point “server-log-data”. The legal basis for the usage of Google Fonts is Art. 6 (1) point (f) GDPR (legitimate interest of data processing), so far as Nothing different is specified at the respective service. The legitimate interest results from our need to present our Website in a technically faultless and rapid way, including the need to relieve our IT-infrastructure . You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. We use: We use the CDN-service “BootstrapCDN” (also called “MaxCDN”) of the company StackPath LLC („StackPath“), 2021 McKinney Ave., Suite 1100, Dallas, TX 75201, USA. The company StackPath LLC fulfills the requirements of the “EU-US-privacy-shield". The Privacy-shield-agreement regulates the protection of personal data that is transmitted from a European Union member country to the USA. It ensures that the transmitted data will be subject to a data protection standard comparable to the one of the European Union. You can find the list of certified companies here:https://www.privacyshield.gov/list You can find further information about the privacy policy of StackPath at: https://www.stackpath.com/privacy-statement/ or in the privacy policy of BootstrapCDN at: We use certain services that record data from website users and provide it to us for analytical purposes. We use this data to make user-oriented improvements to our website, our services and offers. In particular the following information regarding user-behavior can be recorded: Your IP address, product- and version Information About the used browser and operating system (so called user agent), the webpage from which your access took place (so called referer), date and time of your request and possibly your internet-service-provider, approximate origin (country and city), language, clicks on content and display time. The legal basis for the usage of Google Analytics is Art. 6 (1) point (a) GDPR (consent of the data subject), since no data processing occurs as long as you do not accept our cookies via the cookie-banner. You can revoke your consent with effect for the future at any time. For this purpose, please delete the cookies stored in your Browser, or use the contact details stated in the imprint. We use: Our website uses the service “Google Analytics" from the company Google. Please note the privacy policy statement above regarding Google Analytics. We use certain services to fill and supplement our website with digital content. For this we generally use the integration functions of external platforms. By requesting content from the server of the service provider certain data will be generally transmitted to the service provider and stored there, for example your IP address, product- and version information about the used browser and operating system (so called user agent), the webpage from which your Access took place (so called referrer), date and time of your request and possibly your internet-service-provider. The legal basis for the usage of media services is Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest results from our need to be able to offer you an optically and content wise appealing website. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact Details provided in the imprint. We use: Our website uses the service “Google Fonts" by Google. Please note the privacy policy statement above regarding Google Fonts. Our website uses the external map Service “Google Maps" by Google. Please note the privacy policy statement above regarding Google Maps. In addition to our website we maintain an online presence on social platforms in order to communicate with our active customers, interested parties and users, and to inform them about our services. When you visit our presence on a social platform, your data will generally be gathered and processed by the respective platform provider for our market research and advertisement purposes. The provider can also process the data for their own purposes. From your user behavior and your interest resulting from this behavior user profiles can be made. These user profiles can in turn be used to, for example, Show advertisements within and outside of the platform, that presumably corresponds with your interests. For These purposes cookies (see above) are generally stored on your terminal device, in which your user behavior and your interests will be recorded. Especially if you are a member of the respective platform and are logged in, further data may be stored independently in the user profiles. For a detailed presentation of each respective data processing and the possible contradiction possibilities we point to the following linked Details of the service providers, as only they fully know the exact procedures of their data processing. We point out, that your data may also be processed outside of the European Union. This can yield risks, as for example the enforcement of your rights may be more difficult. The legal basis for the usage of online presences and the data procession related to it is generally Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest results from our need to be able to present ourselves to visitors in social media as well as having the ability to introduce statements of all sorts into the media- and opinion market. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. The legal basis for the usage of statistical data of all visitors on our social media sites, that is gathered, prepared and made available to us by the respective platform providers is Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest results from our need for user-oriented improvements of our online services and design and the optimization of the communication with interested parties by analysing anonymised visitor- and user behaviour. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact Details provided in the imprint. If you are asked for consent regarding data processing by the respective service provider, the legal basis for data processing is Art. 6 (1) point (a) GDPR (consent of the data subject). You can revoke your consent with effect for the future at any time. Please contact the Service provider that asked for your consent regarding this. In the event that you would like to assert your rights, we note that these rights, regardless of a possible joint responsibility and control, are most effectively enforced against the respective service provider. As a rule only the service providers have direct access to your data and can take appropriate measures directly or provide information. Should you need help nonetheless, you can contact us at any time and we will support you in the scope of our possibilities. We are represented on: Facebook is a social network of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The company Facebook Ireland Ltd. is the European subsidiary company of the company Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA. The company Facebook Inc. fulfills the requirements of the “EU-US-privacy-shield". The Privacy-shield-agreement regulates the protection of personal data that is transmitted from a European Union member country to the USA. It ensures that the transmitted data will be subject to a data protection Standard comparable to the one of the European Union. You can find the list of certified companies here: https://www.privacyshield.gov/list You can find further information about the privacy policy of Facebook at: https://www.facebook.com/about/privacy/. We inform you about our own data processing in this statement. We have concluded an additional agreement with facebook within our license agreement that regulates the responsibility and control of the data processing regarding the site-insights-function according to Art. 26 GDPR. You can find the details of this agreement here:https://www.facebook.com/legal/terms/page_controller_addendum. LinkedIn is a work-related network of the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland. This company represents in the EU the LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085, USA. The company LinkedIn Corp. fulfills the requirements of the “EU-US-privacy-shield". The Privacy-shield-agreement regulates the protection of personal data that is transmitted from a European Union member country to the USA. It ensures that the transmitted data will be subject to a data protection standard comparable to the one of the European Union. You can find the list of certified companies here: https://www.privacyshield.gov/list You can find further information about the privacy policy of LinkedIn at: https://www.linkedin.com/legal/privacy-policy. You can configure the data collection of Twitter on the following page: https://www.linkedin.com/psettings/guest-controls/
YouTube is a social video platform of YouTUbe LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, represented by Google Ireland Ltd. („Google EU“), Gordon House, Barrow Street, You can find further information about the privacy policy of YouTube at: Twitter is a social network of the Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. The company Twitter International Company is the european subsidiary company of the company Twitter Inc.,1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The Company Twitter Inc. fulfills the requirements of the “EU-US-privacy-shield". The Privacy-shield-agreement regulates the protection of personal data that is transmitted from a European Union member country to the USA. It ensures that the transmitted data will be subject to a data protection standard comparable to the one of the European Union. You can find the list of certified companies here: https://www.privacyshield.gov/list You can find further information about the privacy policy of YouTube at: https://twitter.com/de/privacy. You can configure the data collection of Twitter on the following page: https://twitter.com/personalization
Effective: 27.02.2020 Source:
Preface
Controller
Data protection officer
Rights of the data subject
Your rights as a data subject
processing, including profiling, which entails legal effects concerning you or significantly affects you in a similar way.Procedure
Data protection measures / arrangements
Data processing modalities
Sources and categories of personal data
Data transfer to third party countries outside the EU
Data disclosure, processing on
behalf of the controllerPurpose / Objective of the
data processingStorage period
Individual processing activities / operations
Server log files
Cookies
What Cookies are
How you can avoid Cookies
Third party Cookies
Which Cookies are implemented
Name
Description
Domain
Validity
Third party access
_gali
This cookie is used to distinguish users.
.easyres-project.eu
1 Minute
Yes, Google
_gat
This cookie is used to throttle request ate.
.easyres-project.eu
1 Minute
Yes, Google
_ga
This cookie is used to distinguish users by assigning a randomly
generated number as a client identifier. It is included in each
page request in a site and used to calculate visitor, session and
campaign data for the sites analytics reports..easyres-project.eu
2 Years
Yes, Google
_gid
This cookie registers a unique ID that is used to generate
statistical data on how the visitor uses the website..easyres-project.eu
24 hours
Yes, Google
cookie_notice_accepted
This cookie saves the user status regarding the cookie-consent.
www.easyres-project.eu
1 Month
No
PHPSESSID
This cookie is generated by applications based on the PHP
language. This is a general purpose identifier used to maintain
user session variables.www.easyres-project.eu
End of session
No
Legal basis
Contacting us
Newsletter
Third party services
Google services
Google Analytics
Google Fonts
Google Maps
Content Delivery Networks
Bootstrap
https://www.bootstrapcdn.com/privacy-policy/.Analysis-tools
Google Analytics
Media services
Google Fonts
Google Maps
Social media fan pages
Facebook
Facebook has, among other things, obligated themselves to inform you about data processing within the site-insights-function. You can find
this information here: https://www.facebook.com/legal/terms/information_about_page_insights_data.LinkedIn
Youtube
Dublin 4, Ireland. In the EU this company represents the company Google LLC („Google US"), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The company Google US fulfills the requirements of the “EU-US-privacy-shield". The Privacy-shield-agreement regulates the protection of personal data that is transmitted from a European Union member country to the USA. It ensures that the transmitted data will be subject to a data protection standard comparable to the one of the European Union. You can find the list of certified companies here: https://www.privacyshield.gov/list
https://policies.google.com/privacy.Twitter
Süddeutsche Datenschutzgesellschaft
mbH