Privacy Policy
Personal data (usually referred to just as „data“ below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.
Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the „GDPR“), „processing“ refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.
The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience which may result in said third parties also processing data they collect and control.
Our privacy policy is structured as follows:
I. Information about us as controllers of your data
II. The rights of users and data subjects
III. Information about the data processing
I. Information about us as controllers of your data
The party responsible for this website (the „controller“) for purposes of data protection law is:
Otten Projectmanagement GmbH (Private limited company under German law)
Friedrich-Ebert-Str. 35
D-64625 Bensheim
Phone: +49 6251 8533 500
Email: imprint@otten-pm.de
Represented by the Managing Director: Marco Otten
Responsible Supervisory Authority for Data Protection:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163, 65021 Wiesbaden
Web: https://datenschutz.hessen.de
Email: poststelle@datenschutz.hessen.de
II. The rights of users and data subjects
With regard to the data processing to be described in more detail below, users and data subjects have the right
- to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
- to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
- to the immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
- to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
- to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).
In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.
Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller’s future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.
III. Information about the data processing
Your data processed when using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Cookies
a) Session cookies
We use so-called cookies on our website. Cookies are small text files or other storage technologies that are placed and stored on your device by the Internet browser you use. Through these cookies, certain information from you, such as your browser or location data or IP address, may be processed to an individual extent.
This processing makes our website more user-friendly, effective, and secure, as the processing allows, for example, the display of our website in different languages or the offering of a shopping cart function.
The legal basis for this processing is Article 6(1)(b) GDPR, insofar as these cookies are used to initiate or fulfill a contract.
If the processing is not for the initiation or performance of a contract, our legitimate interest lies in improving the functionality of our website. In this case, the legal basis is Article 6(1)(f) GDPR.
When you close your Internet browser, these session cookies are deleted.
b) Third-party cookies
We currently do not use third-party cookies for advertising, analytics, or tracking purposes.
If this changes in the future, we will inform you transparently within the scope of the cookie consent, including information about usage, purposes, and legal basis (Article 6(1)(a) GDPR in conjunction with § 25 TDDDG).
c) Options for removal
You can prevent or restrict the installation of cookies through the corresponding settings of your Internet browser. You can also delete previously stored cookies at any time. The necessary steps and measures depend on the specific Internet browser you use. If you have any questions, please use the help function or documentation of your Internet browser or contact the browser manufacturer or support.
Processing of so-called Flash cookies cannot be prevented via the browser settings. Instead, you must change the settings of your Flash Player accordingly. The necessary steps and measures also depend on the specific Flash Player you use. If you have any questions, please use the help function or documentation of your Flash Player or contact the manufacturer or user support.
If you prevent or restrict the installation of cookies, this may mean that not all functions of our website are fully usable.
d) Cookie Consent using Real Cookie Banner
We use the “Real Cookie Banner” consent tool to manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and the associated consents. Details on the functionality of “Real Cookie Banner” can be found at: https://devowl.io/de/rcb/datenverarbeitung/.
The legal bases for processing personal data in this context are Article 6(1)(c) GDPR and Article 6(1)(f) GDPR. Our legitimate interest lies in managing the cookies and related consents.
The provision of personal data is neither legally nor contractually required, nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we cannot manage your consents.
As part of the consent process, Real Cookie Banner collects the following personal data:
- Date and time of consent or rejection,
- technical information about the browser and device used,
- IP address in anonymized or pseudonymized form (e.g., salted hash of a shortened IP address range to prevent misuse),
- a randomly generated ID, and
- the consent status as proof in accordance with Article 7(1) GDPR.
These data are stored exclusively on our web server and are not transmitted to third parties.
The stored consents are retained for up to 12 months for compliance with data protection regulations and then automatically deleted, unless a longer retention is required by law. The legal basis is Article 5(2) GDPR (accountability).
No use of analytics tools
We do not use any tools for analyzing user behavior on our website, such as Google Analytics, Matomo, or similar services. Your browsing behavior is not evaluated for statistical or marketing purposes.
Contact requests / Contact option
If you contact us via contact form or email, the data you provide will be used to process your request. The provision of this data is necessary to process and respond to your inquiry – without it we cannot respond to your request or only to a limited extent.
The legal basis for this processing is Article 6(1)(b) GDPR.
Your data will be deleted once your inquiry has been conclusively answered and there are no legal retention obligations to prevent deletion, such as in the case of a subsequent contract.
The legal basis may also be the user’s consent in accordance with Article 6(1)(a) GDPR. As part of the contact form, the user’s consent to the processing may be obtained, with reference made to this privacy policy.
A granted consent can be revoked by the user at any time in accordance with Article 7(3) GDPR by informing the controller. The data processed in this context will be deleted as soon as their processing is no longer necessary.
Web hosting via IONOS
Our website is hosted by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.
In the course of hosting, personal data of website visitors (e.g., IP addresses, metadata and communication data, website accesses) is processed on the servers of IONOS. This is necessary to ensure secure and efficient operation of our website (Article 6(1)(f) GDPR).
We have concluded a data processing agreement (DPA) with IONOS pursuant to Article 28 GDPR. This contract obliges IONOS to process the data of our website visitors only in accordance with our instructions and to comply with applicable data protection regulations.
More information about data processing by IONOS can be found at: https://www.ionos.de/terms-gtc/datenschutzerklaerung
Server data
For technical reasons, in particular to ensure a secure and stable website, your Internet browser automatically transmits data to us or to our web hosting provider (IONOS SE). These server log files include:
- Browser type and version,
- Operating system used,
- Website from which you accessed our site (referrer URL),
- Subpages visited on our site,
- Date and time of each access, and
- IP address of your Internet connection.
The IP address is used only for the duration of the connection and exclusively for technical purposes (e.g., error analysis and maintaining secure operation). Depending on the server configuration, the IP address may be stored in an anonymized form (e.g., shortened or hashed).
Temporary storage of this data is based on Article 6(1)(f) GDPR. Our legitimate interest lies in improving, stability, functionality, and security of our website.
This data is not merged with other personal data. Server log files are stored for a maximum of seven days and then automatically deleted, unless longer storage is required to investigate security incidents. In such cases, the data concerned is excluded from deletion until the incident is finally clarified.
Contract processing
The data you submit for the use of our goods and/or services is processed by us for the purpose of contract fulfillment and is required for that purpose. Contract conclusion and processing are not possible without the provision of your data.
The legal basis for processing is Article 6(1)(b) GDPR.
We delete the data once the contract has been fully executed, but must observe retention periods under tax and commercial law.
As part of the contract processing, we pass your data on to the transport company tasked with the delivery of goods or to the financial service provider, if the transfer is necessary for the delivery of goods or for payment purposes.
The legal basis for the transfer of data is also Article 6(1)(b) GDPR.
Google Web Fonts (local hosting)
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. No connection to Google servers is established.
More information about Google Web Fonts can be found at: https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en.
No automated decision-making
We do not use any automated decision-making procedures pursuant to Article 22 GDPR.
This means that we do not make decisions solely based on automated processing — including profiling — that have legal effects or similarly significantly affect you.
Model Data Protection Statement for Anwaltskanzlei Weiß & Partner