General data protection declaration in accordance with the Data Protection Regulation (GDPR) and the Telecommunications Telemedia Data Protection Act (TTDSG) for the Internet offering on “arendar.io” – Status 01.2022
The responsible party within the meaning of Art. 4 No. 7 DSGVO is: Arendar IT-Security GmbH
Am Kleinen Rotenberg 21 Wittlich54516
Phone: +49657195579 – 0
Fax: + 49657195579– 28
II. Availability of the Data Protection Officer
If you have any questions about whether Arendar IT-Security GmbH is processing your data in accordance with data protection, you can contact Arendar IT-Security’s data protection officer. The e-mail address is firstname.lastname@example.org.
Alternatively – and for general questions on data protection – you can also contact the Rhineland-Palatinate State Commissioner for Data Protection and Freedom of Information, Hintere Bleiche Mainz,34,55116 telephone +49 61318920
0, Fax +49 E-Mail 61318920299,poststelle(at)datenschutz.rlp.de.
III. General information on data processing
We process personal data of our users insofar as this is necessary for the provision of a functional website as well as our contents and services. Afterwards, the data is deleted immediately. They are treated confidentially at Arendar IT-Security GmbH. In the case of individual e-government offers on these pages, please note the special information on data protection provided there. You should also note that if data is transmitted over the Internet without encryption, it is possible for third parties to take note of or falsify it. Data via online procedures and forms offered at www.arendar.eu are therefore always exchanged in encrypted form (HTTPS/SSL); they are thus protected from being read and manipulated. Confidential data should never be sent by unencrypted e-mail. For more information, please refer to the general conditions for electronic communication with Arendar IT-Security GmbH.
If you use the forms offered on our pages, they are provided with transport encryption (SSL encryption). This ensures that your data is transported securely to us.
Your personal data will be processed in the following on the basis of either a legal basis or your consent. These bases are listed in Art. 6 (1) GDPR. Processing is permitted by law if it serves the fulfilment of the tasks of Arendar IT-Security GmbH; in this case, either the general data protection law from Art. 6 (1) GDPR in conjunction with. § Section 3 of the Data Protection Act (DPA) of North Rhine-Westphalia or an area-specific legal regulation. In addition, your consent may be a viable basis for data processing.
Data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. In the case of the storage of data in the log files of the web server, this is the case after seven days at the latest.
IV. Provision of the website and creation of log files
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:
- Information about the browser type and version used,
- the operating system of the user,
- the user’s internet service provider,
- the IP address of the user,
- Date and time of access,
- Websites from which the user’s system accesses our website,
- Web pages that are accessed by the user’s system via our website.
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
The legal basis for the temporary storage of the data and the log files is Art. 6 Para. lit1. e) GDPR.
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes also constitute the public interest in data processing according to Art. 6 Paragraph e) GDPR1.
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Therefore, there is no possibility for the user to object.
Technical programmes such as etracker, PIWIK, Google Analytics, for example, which serve to record and analyse the user’s usage behaviour, are described, insofar as they are used, in the special data protection notices of the corresponding departments. On these websites, data is collected and stored for analysis and optimisation purposes. From this, usage profiles can be created under a pseudonym. The collection and storage of data can be objected to at any time with effect for the future.
VI. Rights of the data subject
In general, the data subject has the following rights when personal data are processed under the GDPR:
- Right of access, Art. 15 GDPR
Data subjects have the right to obtain information about their personal data processed by Arendar IT-Security GmbH and, in particular, about the purposes for which they are processed and the duration for which they are stored.
- Right to rectification, Art. 16 GDPR
This right includes having inaccurate personal data corrected or having incomplete personal data completed.
- Right to erasure, Art. 17 GDPR
Data subjects have the right to have personal data deleted by Arendar IT-Security GmbH as data controller. Data can be deleted if the use for the specific purpose is no longer necessary, the consent given has been revoked or the personal data has been processed unlawfully. The request for deletion must not be opposed by any legal grounds, such as those mentioned in particular in Art. 17 (DSGVO3).
- Right to restriction of processing, Art. 18 GDPR
The data subjects have the right to restrict the further processing of personal data if the legal requirements are met.
- Right to data portability, Art. 20 GDPR
In accordance with Article 20 of the GDPR, the data subject shall have the right to obtain from the controller the data concerning him or her in a commonly used, machine-readable format and shall have the right to have that data provided to another controller.
- Right of objection, Art. 21 GDPR
In accordance with Art. 21 The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of his or her personal data collected by the controller.
- Automated decision in individual cases including profiling, Art. 22 GDPR
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, unless an exception is made under paragraph 1 of this 2provision.
- Right to revoke the declaration of consent given
Insofar as the data processing is based on consent, the data subject has the right to revoke his or her declaration of consent at any time.
- Right of access, Art. 15 GDPR
VII. Supervisory authority and the right of appeal
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate, Hintere Bleiche 34, 55116 Mainz, telephone +49 6131 8920 0, fax +49 6131 8920 299, e-mail poststelle(at)datenschutz.rlp.de. You can exercise this right if you believe that the processing of your personal data violates the provisions of the GDPR.