02. Definitions set out in art. 4 GDPR
03. Name and contact details of the responsible authority (art. 13 paragraph 1 lit. a GDPR)
04. Which data do we use?
05. Legal basis and purpose of data processing
06. How long will my data be retained?
07. Who gets my data?
08. Encryption of personal data (SSL- or TLS-encryption)
09. Special data protection advice on the use of data collection, analysis tools and advertising in our online offers
10. Privacy protection for applications and in the application progress
11. Rights of the data subject (art. 12 ff. GDPR)
12. Exercise of the rights of the data subject
Thank you for your interest in the company websites and other online offers of GLASSCON GmbH, Mergenthalerallee 77, 65760 Eschborn (at Frankfurt am Main), Germany; hereafter referred to as „GLASSCON“.
We take the issues of data protection and confidentiality very seriously and follow applicable European and national data protection rules; In particular, these are the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), the Telemedia Act (TMG) and the Hessian Data Protection and Freedom of Information Act (HDSIG).
For this reason, with the following information we would like to give you an overview of the processing of your personal data by us and of your rights under data protection law, in particular set out in articles 13, 14 and 21 GDPR.
Which data will be processed in detail and in which way it will be used depends on the requested or agreed services. Therefore, not all parts of this information will apply to you.
a) Personal data
„Personal data“ means any information referring to an identified or identifiable natural person(hereinafter the “data subject”). A natural person is considered to be identifiable, who, directly or indirectly can be identified, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, which expresses the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
„Processing“ is any operation or set of operations performed upon personal data with or without the aid of automated procedures, such as specification, collection, organization, ordering, storage, adaptation or modification, reading, querying, use, disclosure through submission, dissemination or any other form of provision, reconciliation or association, restriction, erasure or destruction.
c) Restriction of processing
„Restriction of Processing “is the marking of personal data retained with the aim of limiting its future processing.
„Profiling“ is any kind of automated processing of personal data that consists in using this personal information to evaluate certain personal aspects relating to a natural person, and in particular to analyze or predict aspects related to job performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts, or relocation of that natural person.
“Pseudonymization” means the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the help of additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that that personal data information is not assigned to an identified or identifiable natural person.
f) The person concerned
”The person concerned” means any identified or identifiable natural person whose personal data is processed by the controller.
g) File system
“File system” means any structured collection of personal data accessible by specific criteria, whether that collection is centralized, decentralized or organized according to functional or geographical considerations.
„Controller“ is a natural or legal person, public authority, agency or other entity, who decides alone or jointly with others on the purposes and means of processing personal data. If the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.
“Processor” means a natural or legal person, public authority, agency or other entity that processes personal data on behalf of the controller.
“Receiver” is a natural or legal person, public authority, agency or other entity to which personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered to be beneficiaries.
k) Third party
“Third party” means a natural or legal person, public authority, agency or other entity than the data subject, the controller, the processor and the persons empowered under the direct responsibility of the controller or the processor to process the personal data
“Consent” means any expression of will voluntarily and unambiguously delivered by the data subject in the form of a statement or other unambiguous confirmatory act by which the data subject indicates that they agree with the processing of the personal data concerning them.
The responsible position for the data processing is:
D-65760 Eschborn (near Frankfurt am Main)
VAT identification number: DE 295 381 120
Registry Court: Local court Frankfurt am Main
Registry Number: HRB 109242
Representative managing director: Mr. Dipl.-Ing. Konstantinos Kotalakidis
We only process personal data that we have received from you as part of our contractual or other business relationship.
In addition, we process personal information that we have legitimately gained from publicly available sources (such as debtor directories, land registers, trade and association registers, press, media) and have permission to process.
Finally, we also work with personal information that we have legitimately received from other third parties (such as Schufa); for example, on the basis of your consent. These are used to execute orders or to fulfill contracts.
Below is an example of some data that we process in cooperation with our customers, suppliers and employees:
We process personal data only for the fulfillment of contractual obligations, due to legal requirements, for our own advertising purposes and for the protection of legitimate interests. The lawfulness of the processing is based on the provisions listed under no. 1 (see above), in particular on art. 6 GDPR.
Depending on the nature of the contract, we process personal data as listed below:
a) Based on your consent
(art. 6 paragraph 1 (a) GDPR)
Insofar as you have given us consent to the processing of personal data for specific purposes (for example, disclosure of personal data to tax consultants as processors within the meaning of art. 28 GDPR or to financial and social authorities, etc.; evaluation of customer data for internal marketing purposes, for example, to Schufa), the legality of this processing is based on your consent.
A given consent can be revoked at any time; see art. 7 para. 3 GDPR. This also applies to the revocation of declarations of consent, which – such as the SCHUFA declaration – were granted to us before the validity of the GDPR, that is before 25 May 2018.
Please note that the revocation only works for the future. Processing that occurred before the revocation is not affected.
a) For the fulfillment of contractual obligations
(art. 6 paragraph 1 (b) GDPR)
The processing of personal data is done, for example
Further details on the purpose of data processing can be found in the respective contract documents and the terms and conditions.
b) Due to legal requirements, for the protection of vital interests or in the public interest
(art. 6 paragraph 1 (c, d, e) GDPR)
In addition, as GLASSCON we are subject to various legal obligations, which means legal requirements that may also be justified in the public interest:
The processing of personal data may therefore be necessary, for example, to fulfill tax control and reporting obligations, to prevent fraud and money laundering and / or to verify identity and age; such arise among others from the banking act, money laundering act and / or various tax laws.
In rare cases, the processing of personal data may be required even if the vital interests of the data subject or another natural person are to be protected. This would be the case, for example, if a visitor (for example customer) would be injured in our company based in Mergenthalerallee 77, 65760 Eschborn), on one of our exhibition stands, transfer areas of the motorhomes or in our rented seminar facilities and then his data (including name, age, health insurance data or other vital information) would have to be forwarded to a doctor, hospital or other third party.
c) In the context of the balance of interests
(art. 6 paragraph 1 (f) GDPR)
In the end, processing of your personal data can be based on art. 6 I lit. f GDPR. Processing operations are based on this legal basis if processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person concerned prevail.
An overriding legitimate interest can also be accepted according to the second sentence of recital 47 GDPR if the person concerned is a customer of the person responsible.
Therefore, we process your data in addition to the actual fulfillment of the contract for the protection of legitimate interests of us or third parties. Examples are:
If necessary, we process and store your personal data at least for the period required by applicable law. The respective legal storage and documentation obligations serve the fulfillment of legal claims; they result from the Commercial Code (HGB), the Tax Code (AO), the Banking Act (KWG) or the Money Laundering Act (GwG).
However, the storage period is also judged by the statutory limitation periods, which, for example, after §§195 ff. of the Civil Code (BGB) can generally be 3 years, but in certain cases up to 30 years.
Longer retention periods are possible as far as operational needs (for example: proper administration of customer, supplier and personal data) or the compliance with official regulations require this.
For example, we at GLASSCON retain most customer data for the duration of the contract and for a period of 11 years after the end of the contract.
This is due to the 10-year limitation period pursuant to §199 paragraph 3 sentence 1 no. 1 and paragraph 4 BGB. For interested parties without subsequent contract conclusion, depending on the intensity of the contract initiation, a retention period of six to 14 months applies; in special cases up to 3 years (limitation of claims for damages due to culpa in contrahendo in accordance with § 311 paragraph 2 BGB i.V.m. § 195 BGB).
Within the company GLASSCON, those entities receive your data, which they need to fulfill our contractual and legal obligations. External processors (within the meaning of article 28 GDPR) employed by us may also receive data for these purposes. These are companies in the categories of credit-related services, IT services, logistics, printing services, telecommunications, debt collection, tax consultancy and sales and marketing.
With regard to the data transfer to recipients outside of GLASSCON, it should first be noted that we are bound to secrecy about all customer-related facts and valuations of which we become aware.
We may only disclose information about you if statutory provisions require it, if you have consented to it or if we are otherwise authorized to do so. Under these conditions, recipients of personal data may be, for example: tax authorities; social funds and authorities; employment agencies; bureaus; Schufa; other public entities and institutions.
For security reasons and to protect the transmission of confidential content, our company homepage uses a transmission method based on the SSL protocol (Secure Sockets Layer) or on a TLS (Transport Layer Security) encryption.
These protocols allow encryption of all traffic between your browser and our servers. This protects your data during transmission against manipulation and unauthorized access by third parties as far as possible.
An encrypted connection is indicated by the browser’s address bar changing from “http: //” to “https: //” and by the lock icon in your browser bar. If SSL or TLS encryption is enabled, the data you submit to us can basically not be read by third parties
Our social media appearances are designed to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of article 6 (1) (a) GDPR).
a) Description and scope of data processing
b) Legal basis for data processing
The legal basis for the processing of personal data using cookies is article 6 (1) lit. F GDPR.
c) Purpose of the data processing
Among other things, we need cookies for the following applications:
aa) simplification of the login process (storage subdomain, if necessary username)
bb) if necessary assignment of a registration to a cooperation partner (affiliate)
cc) permanent storage of UI settings (here: preferred language)
The user data collected by technically necessary cookies will not be used to create user profiles. For these purposes, our legitimate interest in the processing of personal data pursuant to art. 6 paragraph 1 lit. f GDPR.
d) Duration of retention, objection and disposal
So you have the option to allow or block the setting of cookies only for individual cases or to exclude them in general and to delete already set cookies. In such a case, we must point out that certain features on our website no longer work, or not properly or only partially. If needed you can deactivate the storage of cookies in the corresponding settings for “third party cookies” of your web browser. The settings can be found for the respective common browsers under the following links:
09.2 Data protection advice on the use of so-called “server log data”
a) Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer. The following data is collected here:
(1) information about the browser type and version used
(2) the operating system of the user as well as the internet service provider of the user
(3) the IP address of the user; date and time of access
(4) websites from which the system of the user gets to our website
(5) websites that are accessed by the user’s system through our website
The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection In the case of collecting the data for providing the website, this is the case when the respective session is completed.
b) Legal basis for data processing
The lawfulness of the processing (temporary storage of data and log files) is based – in order to safeguard our legitimate interest in improving the functionality and stability of our website – on art. 6 (1) lit. f GDPR.
c) Purpose of the data processing
The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user’s IP address must be kept for the duration of the session.
Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. For these purposes, we have our legitimate interest in the processing of data according to art. 6 paragraph 1 lit. f GDPR.
d) Contradiction and removal option
The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no contradiction on the part of the user.
09.3 Data protection advice on the use of ZOHO
a) CRM system via: ZOHO CRM
On our website is a contact form available, which can be used for electronic contact:
Personal data that you have communicated to us through a contact request described above, but also via telephone, fax or in person, a newsletter subscription or direct business relationships, are processed and maintained by us using a customer relationship management system(in short “CRM system”).
In this connection we use the Customer Relationship Management System “ZOHO CRM”.
b) Order and send newsletters via: ZOHO Campaigns
We offer on our website the possibility of ordering a newsletter. For sending our newsletter we use the service “ZOHO Campaigns”.
The only requirement for sending the newsletter is your e-mail address. We save your e-mail address for the purpose of delivering the newsletter. The specification of further separately marked data and information is voluntary. They are used for the purpose of personal contact and / or personalization of the e-mail newsletter.
Registration for our newsletters takes place in a so-called “double opt-in procedure”. This means that after signing up you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. By subscribing to our newsletter your data will be automatically transferred to our account at Zoho Campaigns; If necessary, we feed your data into Zoho Campaigns.
Registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of both the login and the confirmation time as well as the IP address.
It also logs the changes to your data stored in Zoho Campaigns. In addition, the newsletter sent via Zoho Campaigns contains a so-called counting pixel, also known as web beacon. With the help of this pixel we can evaluate, if and when you have read our newsletter and if you have followed the links in the newsletter. In addition to other technical data, such as the data of your computer system and your IP address, the data processed thereby are stored, so that we can optimize our newsletter offer and respond to the interests of our subscribers. The data will thus be used to increase the quality and attractiveness of our newsletter offer.
c) ZOHO Corporation B.V. as our contract partner
Both “ZOHO CRM” and “ZOH Campaigns” are services of “Zoho Corporation Pvt. Ltd “, located in: Chennai, Estancia IT Park, Plot No. 140 & 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, INDIA (India);https://www.zoho.com/contactus.html
Our direct contractor is Zoho Corporation B.V. with headquarter in: Hoogoorddreef 15, 1101 BA Amsterdam, Netherlands, and therefore fully subject to European data protection law. Zoho Corporation B.V. stores data exclusively on servers in the EU. For technical support purposes, Zoho employees in India can access the data. The Indian subsidiary of Zoho has a corresponding data protection agreement according to European standards.
We have entered into a corresponding contract data processing (“DPA” or “Data Processing Agreement”) with Zoho Corporation.
d) Legal basis and purposes of the newsletter, contact form and e-mail contact
Legal basis for the data processing is in the presence of the consent of the user art. 6 paragraph 1 lit. a GDPR i.V.m. art. 7 GDPR. The legal basis for the data processing, which is transmitted by sending an e-mail, is article 6 (1) lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is art. 6 para. 1 lit. b GDPR.
The processing of the personal data from the input mask serves us only to process the contact. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
e) Duration of storage
The personal data from the input form of the contact form and those sent by e-mail will be deleted when the respective conversation with the user has ended (this is the case after termination of the newsletter or revocation of your consent). The conversation ends when it can be inferred from the circumstances that the matter in question has been finally clarified. The additional personal data collected during the sending process will be deleted at the latest after a period of ninety days. After your cancellation or after the revocation of your consent, we store data purely statistically and anonymously.
f) Contradiction and removal option
The user has the opportunity to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he may object to the storage of his personal data at any time. In such a case, the conversation cannot continue. All personal data stored in the course of contacting will be deleted in this case.
You can also revoke your consent to the transmission of the newsletter at any time and unsubscribe from the newsletter (so-called opt-out). You can cancel the cancellation by clicking on the link provided in each newsletter or by sending an e-mail to firstname.lastname@example.org.
The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
09.4 Data protection advice on the use of YouTube
On our website we use the “Social Bookmark” of the social video portal YouTube, a subsidiary of Google LLC. This is just a link and not a so-called “social plugin”. If you do not use the button, no information will be transmitted to YouTuber and no YouTube cookie will be placed on your computer. As soon as you click on the button without being logged in to YouTube, the following login window opens in a new window: https://www.youtube.com/user/TheGlasscon
At the same time YouTube places cookies on your hard drive. If you click the button as an already logged in YouTube user, YouTube can assign the visit to your YouTube account.
Information about GLASSCON GmbH via the social video portal YouTube is made in the interest of an appealing presentation of our online offers. This constitutes a “legitimate interest” within the meaning of art. 6 (1) lit. f GDPR.
09.5 Data protection advice on the use of Instagram
On our website we use the “social bookmark” of the social network Instagram. This is just a link and not a so-called “social plugin”. If you do not use the button, no information will be transmitted to Instagram and no Instagram cookie will be placed on your computer. As soon as you click on the button without being logged in to Instagram, the following login window opens in a new window: https://www.instagram.com/explore/tags/glasscon/
At the same time Instagram places cookies on your hard drive. If you click the button as an already logged in Instagram user, Instagram can assign the visit to your Instagram account.
Information about GLASSCON GmbH via the social network Instagram is made in the interest of an appealing presentation of our online offers. This constitutes a “legitimate interest” within the meaning of art. 6 (1) lit. f GDPR.
09.6 Data protection advice on the use of Facebook
On our website we use the “Social Bookmark” of the social network Facebook. This is just a link and not a so-called “social plugin”. If you do not use the button, no information will be transmitted to Facebook and no Facebook cookie will be placed on your computer. As soon as you click on the button without being logged in to Facebook, the following login window opens in a new window: https://www.facebook.com/GlassconGmbH
At the same time Facebook places cookies on your hard drive. If you click the button as an already logged in Facebook user, Facebook can assign the visit to your Facebook account.
Information about GLASSCON GmbH via the social network Facebook is made in the interest of an appealing presentation of our online offers. This constitutes a “legitimate interest” within the meaning of art. 6 (1) lit. f GDPR.
09.7 Data protection advice on the use of Twitter
On our website we use the “Social Bookmark” of the online short message service Twitter. This is just a link and not a so-called “social plugin”. If you do not use the button, no information will be transmitted to Twitter and no Twitter cookie will be placed on your computer. As soon as you click on the button without being logged in to Twitter, the following login window opens in a new window:
At the same time Twitter places cookies on your hard drive. If you click the button as an already logged in Twitter user, Twitter can assign the visit to your Twitter account.
Information about GLASSCON GmbH via the social network Twitter is made in the interest of an appealing presentation of our online offers. This constitutes a “legitimate interest” within the meaning of art. 6 (1) lit. f GDPR.
09.8 Data protection advice on the use of Google Analytics
We include functionality in our web analytics service “Google Analytics” provided by the US company “Google LLC” at: 1600 Amphitheater Parkway, Mountain View, CA 94043, California, USA.
Google Analytics processes the website usage data on our behalf and is contractually committed to taking measures to ensure the confidentiality of the processed data. During your visit to the Site, the following information is recorded, including:
Your IP address (in abbreviated form, so that no unique assignment is possible); called websites; Your approximate location (country and city respectively); technical information such as browsers, internet service providers, end devices; Source of origin of your visit (ie via which website or via which advertising material you came to our website).
The storage of this data is based on art. 6 para. 1 lit. f DS-GMO. The website operator has a legitimate interest in the anonymous analysis of user behavior in order to optimize both its website and its advertising.
Google Analytics stores the cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID that will allow you to be recognized during future website visits. These cookies contain a randomly generated user ID that will allow you to be recognized during future website visits. The recorded data is stored together with the randomly generated user ID, which allows the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form for an indefinite period.
You have the option to prevent the storage of cookies on your device by making the appropriate settings in your browser. However, there is no guarantee that you will be able to access all features of this website without restrictions if your browser does not allow cookies. Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to Google and used by Google; This is done by installing the browser add-on for disabling Google Analytics once: https://tools.google.com/dlpage/gaoptout?hl=en
There you will also find information about how to change your privacy settings, e.g. in your user account.
09.9 Data protection advice on the use of LinkedIn
We have a LinkedIn profile: https://www.linkedin.com/company/glasscon
Provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
For details on how to handle your personal information, see the LinkedIn privacy statement: https://www.linkedin.com/legal/privacy-policy.
09.10 Data protection advice on the use of Pinterest
Within our online offer functions and contents of the service Pinterest can be integrated: https://www.pinterest.de/GLASSCONgmbh
This may include, for example, content such as images, videos, or text and buttons that users use to promote their content, subscribe to the content creators, or subscribe to our submissions. If the users are members of the platform Pinterest, Pinterest can assign the call of the abovementioned contents and functions to the profiles of the users there.
Provider is Pinterest Inc., located at, 635 High Street, Palo Alto, CA, 94301, United States. Pinterest is certified under the EU-US Privacy Shield. Pinterest uses advertising cookies.
Pinterest processes the data as part of Pinterest’s Data Usage Policy: https://policy.pinterest.com/en/ad-data-terms
09.11 Other links to external providers
We collect and process personal data of applicants for the purpose of proceeding with the application process.
The processing can also be done electronically. This is particularly the case if an applicant submits the corresponding application documents to us electronically, for example by e-mail. To this end, we reserve the right to offer on our website the possibility to send an application by e-mail (email@example.com) to us via a click of a corresponding e-mail address listed there.
If there is a contract of employment with an applicant, we store the data transmitted to us for the purpose of processing the employment relationship in accordance with the legal regulations.
However, if no contract of employment is concluded with the applicant, the application documents will be automatically deleted seven months after notification of the rejection decision, unless we claim any other legitimate interests in deletion. Another legitimate interest in this sense is, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG).
Your rights as a “data subject” are fully guaranteed by GLASSCON. With regard to your stored personal data, you are entitled to the following listed rights that you can assert against us.
To exercise these rights, please refer to the following chapter (“Exercise of the rights of the affected person”).
a) Right to information (art. 15 GDPR)
In principle, you have the right to request confirmation from us as to whether personal data relating to you is being processed. However, this right to information is subject to certain restrictions under § 34 BDSG.
b) Right to rectification (art. 16 GDPR)
If, in your opinion, your personal information is incorrect or incomplete, you may request that such information be changed accordingly.
c) Right to delete (art. 17 GDPR)
You may request that your personal information be (immediately) deleted, to the extent permitted by applicable law. Restrictions are provided for in § 35 BDSG.
d) Right of restriction of processing (art. 18 GDPR)
Each data subject is entitled to a restriction of the processing of his data (under the further requirements of art. 18 paragraph 1 of the GDPR).
e) Right of data transferability (art. 20 GDPR)
As far as legally possible, you can have the personal data provided to us reclaimed or have it transmitted to a third party, if this is technically feasible.
f) Right of withdrawal (art. 7 paragraph 3 GDPR)
You have the right to revoke your consent to data collection at any time. This right applies with effect for the future; the data collected up to the legal force of the revocation remain unaffected.
g) Right to object (art. 21 GDPR)
aa) Individual right of objection
You have the right at any time, for reasons arising from your particular situation, to object against the processing of personal data concerning you, e.g. based on art. 6 para. 1 lit. f GDPR (“data processing on the basis of a balance of interests”; this also applies to a profiling based on this provision (in the sense of article 4 No. 4 GDPR), which we use, for example, for advertising purposes.
If you object, we will no longer process your personal information unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims. This also applies to profiling based on these provisions.
bb) Right to object against the data processing for direct marketing purposes
In individual cases, we process your personal data in order to operate direct marketing. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising or market and opinion research; this also applies to profiling insofar as it is associated with such direct marketing.
If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes; for this purpose, the data must then be blocked.
h) Right to complain to a data protection supervisory authority (art. 77 GDPR in connection with § 19 BDSG)
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of its place of residence, employment or the place of the alleged infringement, if you believe that the processing of the personal data concerning you is against the GDPR violates.
The addresses of the respective supervisory authorities can be found in the following link:
The supervisory authority responsible for us is:
The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1, 65189 Wiesbaden
tel: 0611 – 1408 0
Fax: 0611 – 1408 611
To claim your rights listed in No. 11, please contact us in writing or by e-mail:
D-65760 Eschborn (near Frankfurt am Main)
Please understand that we may have to verify your identity before any information. Please enclose a (scanned) copy of your identity card (front and back) or of a corresponding official ID or passport.