Data Protection Declaration
When visiting the website www.labratry.de, it is of particular concern to us that all personal data which you entrust to us are indeed protected and securely stored. In this document, you will find out more regarding how we use and process your personal data during your visit to our website.
Data Protection Declaration in accordance with the GDPR
The Responsible Party in accordance with the General Data Protection Regulation and other national data protection laws of the member countries as well as other provisions under data protection law is:
Barger Weg 12
23611 Bad Schwartau
I. General Information regarding Data Processing
1. Scope of the Processing of Personal Data
We shall process our users’ personal data in principle only insofar as this is required for the supplying of a functional website as well as our contents and services. The processing of our users’ personal data shall be done upon a regular basis only having received the respective user’s consent to do so. An exception shall be valid in such cases in which it is not possible to obtain a prior consent owing to factual reasons and the processing of the data is permitted by the statutory guidelines.
2. Legal Basis for the Processing of Personal Data
Insofar as we obtain a consent from the affected person for the processing of personal data, Art. 6 Para. 1 lit. a EU General Data Protection Regulation (GDPR) shall serve as the legal basis.
During the processing of personal data which is required for the fulfilment of an agreement whose contractual party is the affected person, Art. 6 Para. 1 lit. b GDPR shall serve as the legal basis. This shall also be valid for the processing operations which are required for the implementation of pre-contractual measures.
Insofar as a processing of personal data is required for the fulfilment of a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c GDPR shall serve as the legal basis.
For the case that vital interests of the affected person or another natural person make a processing of personal data necessary, Art. 6 Para. 1 lit. d GDPR shall serve as the legal basis.
If the processing is required in order to safeguard an entitled interest of our company or of a third party and the interests, fundamental rights and fundamental freedoms of the affected party do not outweigh the initially-mentioned interest, then Art. 6 Para. 1 lit. f GDPR shall serve as the legal basis for the processing.
3. Data Deletion and Storage Timeframe
The personal data of the affected person shall be deleted or blocked as soon as the purpose for the storage ceases to be valid. Moreover, storage may also be made if this has been prescribed by the European or national lawmakers in the European Union’s legal guidelines, laws or other directives to which the Responsible Party is subject. A blocking or deletion of the data shall also then be made if a storage timeframe prescribed by the aforementioned norms lapses unless it is necessary to continue to store the data for the conclusion or fulfilment of a contractual agreement.
4. Data Collection during the Usage of the Internet Site
When visiting our Internet site www.labratry.de, personal data shall be processed in the following cases:
a. Usage of Our Contact Form
If you have questions of any kind, we offer you the option of contacting us via a form provided on the website. In this case, it is necessary to provide a valid e-mail address so that we know from whom the inquiry originates and in order to be able to answer it. Additional data may be provided voluntarily.
The data processing for the purpose of contacting us shall be done in accordance with Art. 6 Para. 1 Clause 1 lit. a GDPR upon the basis of your consent which you have issued voluntarily. You may revoke this consent at any time. In order to do so, an informal notification via e-mail to us (firstname.lastname@example.org) shall suffice. The legality of the data processing operations that have been done until revocation is made shall remain unaffected by the revocation.
The data which you have provided on the contact form shall be retained by us until you request that we delete them, you revoke your consent for their storage or the purpose for the data storage ceases to be valid (e.g. after your inquiry has been completely processed). Any mandatorily statutory provisions – particularly retention timeframes – shall remain unaffected.
b. Wordfence Security
In order to safeguard our online website, we use the “Wordfence Security” service which is operated by Defiant Inc., 800 5th Ave., Suite 4100, Seattle, WA 98104, USA. The usage is done upon the basis of our entitled interests in accordance with Art. 6 Para. 1 lit. f) GDPR.
The website uses the plug-in in order to protect against viruses and malware and in order to ward off attacks by computer criminals. In order to protect against brute force and DdoS attacks or comment spam, IP addresses are stored on the Wordfence servers. The IP addresses that are classified as being unobjectionable are placed on a White List. Wordfence Security safeguards our website and thus protects the visitors to the website from viruses and malware. This constitutes an entitled interest in accordance with Art. 6 Para. 1 lit. f GDPR.
Detailed information regarding the collection and usage of the data by Wordfence Security can be found in Defiant’s Data Protection Guidelines: https://www.wordfence.com/privacy-policy/.
We have concluded a Contracted Data Processing Agreement with the aforementioned operator Defiant and comprehensively fulfil the strict standards prescribed by the German data protection authorities during the usage of Wordfence Security.
An automated data collection of your IP address by our system is neither done nor also no logging on our side for the technical supplying of our Internet site.
5. Initiating Contact via E-Mail
If contact is initiated via the e-mail address, the user’s personal data shall be stored that have been transmitted with the e-mail.
In this context, the data shall not be disseminated to third parties. The data shall be used exclusively for the processing of the conversation.
Legal Basis for the Data Processing
The legal basis for the processing of the data that are transmitted during the sending of an e-mail shall be Art. 6 Para. 1 lit. f GDPR. If the e-mail contact is for the purpose of concluding an agreement, then the supplemental legal basis for the processing shall be Art. 6 Para. 1 lit. b GDPR.
Purpose of the Data Processing
The processing of the personal data shall serve us solely for the processing of the inquiry. Herein also lies the required entitled interest in the processing of the data.
Duration of the Storage
The data shall be deleted as soon as they are no longer required for the attainment of the purpose of their collection. For the personal data which have been sent via e-mail, this shall then be the case if the respective conversation has been ended with the user. The conversion shall then be considered to have been ended if, based upon the respective circumstances, it can be inferred that the affected issue has been definitively clarified.
Rights of Objection and Revocation
The user shall have the opportunity at any time to revoke his consent for the processing of the personal data. If the user contacts us via e-mail, then he may at any time object to the storage of his personal data.
You may revoke this consent at any time. In order to do so, an informal notification via e-mail to us (email@example.com) shall suffice.
In such a case, the conversation cannot be continued.
6. Rights of the Affected Person
If your personal data are processed, you shall be considered to be the Affected Person in accordance with the GDPR and you shall be entitled to the following rights vis-à-vis the Responsible Party:
To demand information regarding your personal data which we have processed in accordance with Art. 15 GDPR. In particular, you may demand information regarding the processing purposes, the category of the personal data, the category of recipients to whom your data have been disclosed or are being disclosed, the planned storage timeframe, the valid existence of a right of correction, deletion, restriction of the processing or objection, the valid existence of a right to lodge a complaint, the origin of your data insofar as they have not been collected by us as well as regarding the valid existence of an automated decision-making process including profiling and, where applicable, extensive information regarding their details;
In accordance with Art. 16 GDPR, to demand the prompt correction of your personal data which we have stored which are incorrect or to demand the completion of your personal data which we have stored which are incomplete;
In accordance with Art. 17 GDPR, to demand the deletion of your personal data which we have stored unless the processing is required for the exercising of the right to free expression and information, for the fulfilment of a legal obligation, owing to reasons of the public interest or in order to assert, exercise or ward off legal claims;
In accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data insofar as you dispute the correctness of the data, the processing is illegal but you reject their deletion and we no longer need the data but you nonetheless require them in order to assert, exercise or ward off legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;
In accordance with Art. 20 GDPR, to demand to receive your personal data, which you have provided to us, in a structured, standard and machine-readable format or to demand the transmission thereof to another Responsible Party;
In accordance with Art. 7 Para. 3 GDPR, to revoke your consent at any time which you have already issued to us. This shall have the consequence that we may no longer continue the data processing for the future which was based upon this consent and
In accordance with Art. 77 GDPR, you shall also have the right to lodge a complaint to a government supervisory agency. As a rule, in order to do so, you may contact the government supervisory agency which is competent for your customary abode or workplace or our commercial residence.
7. Right of Objection
Insofar as your personal data are being processed upon the basis of entitled interests in accordance with Art. 6 Para. 1 Clause 1 lit. e and f GDPR, you shall have the right to, in accordance with Art. 21 GDPR, to lodge an objection against the processing of your personal data insofar as reasons exist which are derived based upon your special situation or the objection is being lodged against direct advertising. In the latter case, you shall have a general right of objection which we shall implement without your being required to specify a special situation.
If you would like to exercise your right of revocation or right of objection, an e-mail sent to firstname.lastname@example.org shall suffice.
8. Right to the Revocation of the Declaration of Consent under Data Protection Law
You shall have the right at any time to revoke your Declaration of Consent under data protection law. However, by revoking your consent, this shall not affect the legality of the processing that has been done based upon the consent until its revocation.
9. Automated Decision-Making in the Individual Case Including Profiling
You shall have the right to not be subjected to decision-making which is exclusively based upon automated processing – including profiling – which creates legal ramifications for you or which substantially restricts you in a similar manner. This shall not be valid if the decision-making
(1) Is required for the conclusion or the fulfilment of an agreement between you and the Responsible Party,
(2) Is permissible in accordance with the legal guidelines of the European Union or the member countries to which the Responsible Party is subject and these legal guidelines contain appropriate measures for the safeguarding of your rights and freedoms as well as your entitled interests or
(3) Is done with your express consent.
However, these decisions may not be based upon special categories of personal data in accordance with Art. 9 Para. 1 GDPR unless Art. 9 Para. 2 lit. a or g GDPR is valid and appropriate measures have been concluded for the protection of rights and freedoms as well as your entitled interests.
With regards to the cases specified in (1) and (3), the Responsible Party shall undertake appropriate measures in order to safeguard rights and freedoms as well as your entitled interests whereby this shall include at least the rights to affect the intervention of a person by the Responsible Party, to state one’s own viewpoint and to contest the decision.
10. Dissemination of Data
No dissemination of your personal data shall be made to third parties for any other purposes than those purposes specified below.
We shall disseminate your personal data to third parties only if:
You have issued your express consent in this regard in accordance with Art. 6 Para. 1 Clause 1 lit. a GDPR,
The dissemination is required in accordance with Art. 6 Para. 1 Clause 1 lit. f GDPR in order to assert, exercise or ward off legal claims and no reason exists to assume that you have a prevailing interest worthy of protection in the non-dissemination of your data,
For the case that a legal obligation exists for the dissemination in accordance with Art. 6 Para. 1 Clause 1 lit. c GDPR as well as
This is legally permissible and is required in accordance with Art. 6 Para. 1 Clause 1 lit. b GDPR for the implementation of the contractual relationships with you. Insofar as we commission third parties with the processing of data in accordance with a so-called “Contracted Data Processing Agreement”, this shall occur upon the basis of Art. 28 GDPR.
11. Data Security
With the website visit, we use the widely-used SSL procedure (secure socket layer) in conjunction with the respectively-highest encryption level which is supported by your browser. Whether an individual page of our Internet site is being transmitted in encrypted fashion can be recognised based upon the locked depiction of the key and/or the lock symbol in the lower status bar of your browser.
Moreover, we utilise suitable technical and organisational security measures in order to protect your data against accidental or intentional manipulations, partial or complete loss, destruction or unauthorised third-party access. Our security measures are continuously being improved in view of the technological development.
12. Currentness of and Changes to This Data Protection Declaration
As the result of the continued development of our website and the offerings from it or owing to the changed legal and/or government guidelines, it may become necessary to alter this Data Protection Declaration. The respectively-current Data Protection Declaration may be retrieved and printed out by you at any time on the website at https://läubisoft.gmbh/datenschutzerklaerung/#datenschutz.
This Data Protection Declaration is currently valid in the version of August 2021.