A. Name and contact details of the processing controller
The operator of this website and responsible according to Article 4(7) GDPR for the collection, processing and use of your personal data within the meaning of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG 2018) is
Integration Matters GmbH
Phone: +49 (0) 2324 / 569 77-0
The data protection officer of Integration Matters is available at the above mentioned address, attention Data Protection Officer, or via firstname.lastname@example.org.
B. Collection and storage of personal data and the nature and purpose of their use
1. General information
Personal data within the meaning of the data protection regulations refers to any information relating to an identified or identifiable natural person. In particular, this includes your name, e-mail address, address and phone number.
Personal data also includes information about your visit and use of this website and your IP address.
In Article 4 No. 1 GDPR, you are referred to as the “data subject”; if we process your personal data, we are the “controller” according to Article 4 No. 7 GDPR.
Specifically, the following “types” of personal data are identified:
Inventory data (e.g., names, addresses).
Inventory data (e.g., names, addresses).
Contact information (e.g., e-mail, phone numbers).
Meta/communication data (e.g., device information, IP addresses).
Usage data (e.g., web pages visited, interest in content, access times).
Location data (information about the geographical position of a device or person).
Contract data (e.g., subject matter of the contract, term, customer category).
Payment data (e.g., bank details, invoices, payment history).
As a matter of principle, we only process personal data on this website to the extent needed to provide a functional website and to present and render the content and services.
People may visit or use this website for a variety of reasons. For example, you may be a mere visitor to the website – then you are a user. You may be an interested party because you are interested in our services. You may be a customer if we do business for you. Or you may be a contracting party if we enter into a contract with you. These are also called “categories of data subjects.”
The categories of data subjects are as follows:
Users (e.g., website visitors)
Business and contracting partners
The personal data of users, interested parties, customers, communication partners and business or contracting partners is regularly processed for the fulfillment of contracts or at the request of the user in the area of pre-contractual measures (sentence 1 of Article 6(1)(b) GDPR) or after consent of the user (sentence 1 of Article 6(1)(a) GDPR). An exception applies in cases where it is not possible to obtain prior consent for practical reasons and where processing the data is permitted by legal regulations.
In order to process inquiries and fulfill contracts, we generally process the names and addresses of customers, interested parties and contracting partners, the names of the respective contact persons, contact data such as telephone numbers and e-mail addresses, and the respective content of the contract.
For what reasons do we even process personal data?
Provision of this website
Ease of use
Contact requests and communication
Provision of contractual services and customer service
Management and response to requests
2. Legal basis for processing personal data
Where consent has been obtained from you (the data subject) for the processing of personal data, the legal basis is Article 6(1)(a) of the EU General Data Protection Regulation (GDPR).
Where processing is necessary for the performance of a contract to which you are party, the legal basis is Article 6(1)(b) GDPR. This also applies to processing operations required for pre-contractual measures.
If necessary for compliance with a legal obligation to which we are subject, the legal basis is Article 6(1)(c) GDPR.
If processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms, the legal basis for processing is Article 6 (1)(f) of the GDPR.
• Processed data types: inventory data (e.g., names, addresses), contact data (e.g., e-mail, telephone numbers), content data (e.g., entries in online forms), usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).
• Data subjects: communication partners, users (e.g., website visitors), customers, contracting partners.
• Purpose of processing: Provision of contractual services and customer service, contact requests and communication, office and organizational procedures, direct marketing (e.g., by e-mail or postal mail).
• Legal basis: consent (sentence 1 of Article 6(1)(a) GDPR), contract fulfillment and pre-contractual inquiries (sentence 1 6(1)(b) GDPR, justified interests (sentence 1 of Article 6 (1)(f) GDPR).
3. Provision of the online offer, web hosting, and data processing when visiting the website
In order to provide this online offer securely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers managed by them) the online offer can be accessed. To this end, we may use infrastructure and platform services, computing capacity, storage space, and database services, along with security services and technical maintenance services.
The data processed while providing the hosting offer may include all information concerning the users of my online offer that arises in the course of use and communication. It regularly includes the IP address, which is necessary for delivering the contents of online offers to browsers, and all entries made within my online offer or from websites.
If you visit this website, you are a user. Each time this website is accessed, the system automatically collects data and information from the computer system of the accessing computer.
The following data is usually collected in the process:
Information about the type of browser, version, and language used.
The user’s operating system
The user’s Internet service provider
The user’s IP address
Date and time of access
Time zone difference from Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status / http status code
Websites from which the user’s system accesses this website (previously visited page, the “referrer URL”)
Websites that are called up by the user’s system via this website
The data is also stored in the log files of the system. This data is not stored together with other personal data of yours.
The legal basis for temporarily storing the data and the log files is Article 6(1)(f) GDPR.
The data is temporarily stored by the system for the following purposes:
Delivering the website to the user’s computer, for which reason the user’s IP address must remain stored for the duration of the session
Ensuring a smooth connection to the website
Ensuring comfortable use of my website
Evaluating system security and stability
Other administrative purposes.
The data is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and ensure the security of the information technology systems. The data is not evaluated for marketing purposes in this context.
These purposes also constitute our legitimate interest in data processing according to Article 6(1)(f) GDPR. We never use the collected data in order to draw conclusions about your person.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
4. Data processing during contact by e-mail, the contact form, phone, or social media
It is possible to contact us via our website using the e-mail address provided and via the contact form. Moreover, you can also call us or reach out to us on social media. In this case, your personal data transmitted via e-mail, contact form, telephone, or social media will be stored and used for correspondence with you.
The legal basis for processing the data in order to respond to e-mails, inquiries via the contact form, phone calls or inquiries via social media is usually your consent according to Article 6(1)(a) GDPR. If the contact is aimed at having an offer sent or entering into a contract, the additional legal basis for processing is Article 6(1)(b) GDPR. If the e-mail involves the assertion, exercise, or defense of legal claims or information in this regard, there is a legitimate interest for processing according to Article 6(1)(f) GDPR.
5. Web analysis with Matomo
We use the open source software tool Matomo (formerly PIWIK) on our website to analyze the surfing behavior of our users. This is an open source tool for web analysis. Matomo does not transmit data to servers that are outside of our control.
C. Erasure of data and storage period
Your personal data processed by us will be deleted according to legal requirements as soon as you have revoked your consent to processing or other permissions cease to apply – for example, as soon as it is no longer required to achieve the purpose for which it was collected or as soon as the purpose for which it was stored no longer applies.
Storage may be continued beyond that time if this has been provided for by European or national legislators in EU legal regulations, laws or other regulations to which I am subject as the controller.
Received e-mails, calls, or messages via social media that lead to offers or the conclusion of contracts will be deleted after the corresponding legal retention periods.
Received e-mails, calls, or messages via social media in connection with the assertion, exercise, or defense of legal claims or information in this regard will be deleted after the statutory retention periods or, if no assertion is made, after the expiration of the statutory limitation periods.
Unless you have given your consent to further storage, other e-mails, calls, or messages will be deleted after the request has been dealt with.
We review the necessity of storing the data once a year.
D. Disclosure of data
Data will not be disclosed to third parties for purposes other than those listed below.
We only share your personal data with third parties if
– you have given your express consent to the disclosure according to sentence 1 of Article 6(1)(a) GDPR,
– disclosure is legally permissible and required according to sentence 1 of Article 6(1)(b) GDPR for the processing of the contractual relationship with you,
– when there is a statutory obligation for the disclosure according to sentence 1 of Article 6(1)(c) GDPR.
– the disclosure according to sentence 1 of Article 6(1)(f) GDPR is necessary for the assertion, exercise, or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.
E. Rights of the data subject
If your personal data is processed by us, you are the data subject as defined by the GDPR and are entitled to the following rights in your relations with us, the controller:
• according to Article 7(3) GDPR, to withdraw at any time the consent you have given to us. As a result of the withdrawal of your consent, we will no longer be able to process data based on this consent in the future. To exercise your right to withdraw consent, simply e-mail us at email@example.com
• according to Article 15 GDPR, you can request information about your personal data processed by us. In particular, you can request information regarding the purposes of processing, the category of personal data, the categories of recipients to whom your data will be or has been disclosed, the planned retention period or the criteria for determining the retention period, the existence of a right to rectification, erasure, limitation of processing or revocation, the existence of a right to lodge a complaint, information on the origin of your data, provided it was not collected by us, and the existence of an automated decision-making process, including profiling and potentially meaningful information in regard to their details;
• according to Article 16 GDPR, you can request the immediate rectification of incorrect or incomplete personal data stored by us;
• according to Article 17 GDPR, you can request the deletion of your personal data stored with us, unless processing by us is required to exercise the right of free expression and information, to fulfil a legal obligation, for reasons of public interest, or to assert, exercise, or defend legal claims;
• according to Article 18 GDPR, you can request the restriction of processing of your personal data; if you contest the accuracy of the data, the processing is unlawful; however, if you object to the deletion of said data and we no longer require the data, but you require it to assert, exercise, or defend legal claims or you have objected to processing pursuant to Article 21 GDPR;
• according to Article 20 GDPR, you can ask to obtain the data you provided to us in a structured, standard, and machine-readable format or to have it transferred to another controller; and
• according to Article 77 GDPR, you can lodge a complaint with a supervisory authority. As a rule, contact is with the supervisory authority of your normal place of residence or of our registered office for this purpose.
F. Right to object
If your personal data is processed by us based on our legitimate interest according to sentence 1 of Article 6(1)(f) GDPR, you have the right according to Article 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation or if you object to direct advertising.
Should you wish to exercise your right of withdraw your consent, please email us at firstname.lastname@example.org
G. Data security
All information you submit to us is stored on servers in the European Union.
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. An encrypted connection can be identified by the address line of the browser changing from “http://” to “https://” and by the lock symbol in your browser line. With SSL encryption enabled, third parties cannot gain unauthorized access to the data that you transmit to us.
We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, corruption or unauthorized access by third parties. Our security measures are continuously enhanced to correspond with technological developments.
If you have any questions regarding data protection on this website, feel free to send us an e-mail at email@example.com
This data protection policy is currently valid and as of November 2022.
It may become necessary to alter this data protection policy based on the further development of the website and offers or due to changes in legal or official requirements. You can access and print out the current data protection policy at any time on the website at www.integrationmatters.com/en/privacy.