NEWS
Thank you for visiting our website and for your interest in our services.
The protection of your data is important to us! We would therefore like to provide you with comprehensive, transparent and understandable information on the handling of personal data by fka GmbH („fka“) within the scope of the following explanations. With the help of our privacy policy, you can find out for what purposes, to what extent and in what way we process personal data about you and what rights you are entitled to as a person affected by data processing.
This data protection declaration also fulfils our information obligations under Articles 13 and 14 of the General Data Protection Regulation (GDPR).
This information refers not only to data processing processes in connection with the use of our website, but also to other processing processes for which we refer to this data protection declaration.
Under sections 2, 3, 4 and 5 you will find general information regarding data protection law. If you require specific information, in particular regarding data processing in connection with the use of our website, communication with fka or the application procedure or communication with fka, you will find this under sections 6- 9. "Our website" in the sense of this data protection declaration refers to the main page available at www.project-alive.eu and all websites under it without externally linked third-party websites over whose content we have no influence.
Within the scope of this privacy policy we use, as far as possible, the definitions defined in Article 4 GDPR by the European regulator. In order to make the explanations in this privacy policy as simple as possible, we would like to introduce the most important definitions below.
“Personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
“Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
“Third Party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
“Controller“ in the sense of data protection law, i.e. the body which alone or jointly with others decides on the purposes and means of processing personal data, is in this case the:
fka GmbH
Steinbachstraße 7
52074 Aachen
Germany
Phone: +49 241 8861 0
Fax: +49 241 8861 110
E-mail: info@project-alive.eu
Website: http://www.project-alive.eu/index.php?content=imprint
fka GmbH is represented by its managing director Dr. Markus Bröckerhoff.
For the purposes of this privacy policy, "we" always refers to the aforementioned controller.
We have appointed data protection officers:
Herrn
Harald Krischke
Krischke IT Service
The easiest way to contact our data protection officer is by telephone:
Steinbachstraße 7
52074 Aachen
E-mail: dsb@fka.de
If you have any questions or other concerns regarding data protection, please do not hesitate to contact our data protection officer at any time using the contact details given above.
The following explanations provide you with general information on data protection law, in particular on which legal bases we may rely on the processing of personal data (cf. Section 5.1) and which rights data subjects have (cf. Section 5.5).
This information applies generally and in all cases in which we process personal data.
Any processing of personal data is only legal if it can be based on a legal basis which allows such processing. The European regulator has provided the following legal bases for the processing of personal data. We would like to give you an overview of these in the following. In any case, we provide information on the respective legal basis on which we base concrete processing.
According to Article 6 (1)(a) GDPR, we are entitled to process personal data if we have obtained the data subject's consent for one or more specific processing purposes.
Article 6(1)(b) of the GDPR allows us to process personal data if this is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the data subject's request.
This legal basis is particularly relevant for enquiries in connection with the provision of services, in particular in connection with the implementation of research and development contracts.
Processing of personal data is also permitted under Article 6(1)(c) of the GDPR if this is necessary for processing in order to fulfil a legal obligation to which we are subject as data controllers.
These include in particular tax obligations.
Article 6(1)(d) GDPR allows the processing of personal data when necessary to protect the vital interests of the data subject or another natural person.
We may use this legal basis to process personal data in special cases, e.g. if we pass on personal data to third parties, in particular rescue services, in the event of accidents.
In accordance with Article 6 (1) (e) GDPR, we may exceptionally also process personal data if this is necessary for the performance of a task in the public interest or in the exercise of official authority delegated by the controller.
This would be the case, for example, if we are entrusted with a public task and process personal data in carrying out this task.
Finally, in accordance with Article 6(1)(f) GDPR, we may base the processing of personal data on the fact that this is necessary to safeguard our legitimate interests or those of a third party, unless the interests or fundamental rights or freedoms of the data subject, which require the protection of personal data, prevail, in particular where the data subject is a child. According to the European regulator, a legitimate interest may arise in particular from an existing customer or employment relationship and the interest of the controller for direct advertising. The assessment decision shall in particular take into account whether the data subject can reasonably foresee, at the time when the personal data are collected and in view of the circumstances in which they are collected, that processing for this purpose may take place.
The following interests of the fka in particular are conceivable as legitimate interests for processing on the basis of the legal basis described:
The European regulator provides for data subjects to be informed of existing obligations to provide personal data and of the consequences of failure to provide personal data when personal data are collected from the data subject. We inform about this individually in the specific case of processing.
Certain legal provisions may require the provision of personal data of the data subject. This may result in particular from tax regulations or regulations on money laundering prevention.
If necessary, contractual regulations may also prescribe the provision of personal data of the data subject or the provision of personal data is required for the conclusion of a contract. For the conclusion of a contract, for example, we need the name of the contractual partner. For the execution of a delivery we need a delivery address.
For certain legal reasons, you may be required to provide us with personal information. If this is the case, we will expressly point this out to you in individual cases. As a rule, there is no contractual obligation to provide personal data. In individual cases, however, you may be required by contract to provide personal data. We will expressly point this out to you in individual cases.
Failure to provide personal data can have legal disadvantages for you, such as the loss of legal positions. If there is a legal obligation to provide information, there may be the threat of legal disadvantages. A contractual obligation or requirement for the purpose of concluding a contract may have the consequence that a breach of contractual obligations exists or a contract cannot be concluded. We will explicitly inform you of this in each individual case.
If you have any questions, you can always contact our data protection officer, who can provide you with information on the existence of provision obligations and the consequences of nonprovision.
If we have not collected the personal data from the data subject, the European regulator provides for the data subject to be informed of the source of the data and, where appropriate, whether they come from publicly available sources.
We always provide information about the respective source of the data in the specific individual case. We use data from publicly accessible sources in particular when we check and correct obviously incorrect addresses with the help of an Internet search.
We only pass on personal data to third parties in justified cases. To this end, we have either obtained the consent of the person concerned in advance or base the disclosure on another legal basis, in particular for the execution of a contract or the necessity to safeguard our legitimate interests. We will inform you about this in the specific individual case.
Recipients of personal data who are generally considered in certain situations are:
As the data subject, you have numerous rights granted by the European regulator, so-called “rights of data subjects”. We would like to present these to you in a transparent and comprehensible way. Please note that the following description is neither intended to replace the wording of the relevant regulations nor to restrict the rights to which you are legally entitled by the following explanations.
If you have any questions about the rights of data subjects or would like to exercise your rights, you can contact our data protection officer at any time using the contact details provided.
Any data subject has the right to request confirmation from the controller as to whether personal data concerning him/her are being processed and, if so, the right to request information on such personal data and on the following information:
Where personal data are transferred to a third country or an international organisation, the data subject shall also have the right to be informed of the appropriate guarantees relating to the transfer.
The data subject also has the right to obtain from the controller a free copy of the personal data which are the subject of the processing, provided that the rights and freedoms of other persons are not affected.
In special cases, the right may also be limited by the provisions of Sections 27 (2), 28 (2), 29 (1) sentence 2 and 34 German Data Protection Act (BDSG).
Please contact our data protection officer if you wish to make use of these rights.
A data subject shall have the right to request the controller to rectify any inaccurate personal data concerning him/her without delay and, taking into account the purposes of the processing, to request the completion of incomplete personal data, including by means of a supplementary declaration.
Please contact our data protection officer if you wish to make use of these rights.
Any data subject shall have the right to require the controller to delete personal data concerning him/her immediately, provided that one of the following reasons applies:
Where the controller has made the personal data public and the controller is obliged to delete them for one or more of the above reasons, the controller shall take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform data processors who handle the personal data that a data subject has requested the erasure of all links to such data or of copies or replications of same.
The right to erasure according to the above description does not exist if the processing is necessary for certain reasons specified in Article 17 para. 3 GDPR (in particular, for example, to fulfil a legal obligation or to assert, exercise or defend legal claims).
The right may also be limited in special cases by the provision of § 35 BDSG.
If one or more of the above-mentioned reasons apply and you would like to have the data stored at fka deleted, please contact our data protection officer.
Any data subject shall have the right to require the controller to restrict processing if one of the following conditions applies:
If you wish to exercise this right, please contact our data protection officer at the above contact details.
Any data subject shall have the right to receive the personal data relating to him/her which he/she has provided to a controller in a structured, current and machine-readable format and shall have the right to transmit such data to another controller without interference by the controller to whom the personal data have been provided, on condition that
If the data subject exercises this right, he or she also has the right to have the personal data transferred directly by one data controller to another data controller, provided that this is technically feasible and provided that the rights and freedoms of other persons are not affected by this.
The right of erasure (“right to be forgotten”) remains unaffected by the right to data portability. The right to portability of data shall not apply to processing necessary for the performance of a task in the public interest or carried out in the exercise of official authority delegated to the controller.
If you wish to exercise this right, please contact our data protection officer at the above contact details.
Any data subject has the right to object at any time to the processing of personal data concerning him/her on the basis of Article 6(1)(e) (task in the public interest or exercise of sovereign power) or f (prevailing interest of the controller or a third party) GDPR for reasons arising from his/her particular situation. This also applies to profiling based on these provisions.
In the event of an objection, the fka will no longer process the personal data unless it can prove compelling grounds for processing that outweigh the interests, rights and freedoms of the data subject or the processing serves to assert, exercise or defend legal claims.
Where personal data are processed for the purpose of direct marketing, any data subject shall have the right to object at any time to the processing of personal data concerning him/her for the purpose of such advertising, including any profiling related to such direct marketing.
In addition, any data subject shall have the right to object to the processing of personal data concerning him/her for reasons arising from his particular situation, for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1) GDPR, unless such processing is necessary for the performance of a task in the public interest.
In connection with the use of information society services, notwithstanding Directive 2002/58/EC, the data subject may exercise his/her right of objection by means of automated procedures using technical specifications (objection using technical means “by default”).
The right can be limited in special cases by the regulation of § 36 BDSG.
If you wish to exercise this right, please contact our data protection officer at the above contact details.
Any data subject shall have the right not to be subject to a decision based solely on automated processing (including profiling) which has legal effect against him or her or significantly affects him or her in a similar manner. This does not apply if the decision
If the decision to conclude or perform a contract between the data subject and the controller is necessary or is taken with the express consent of the data subject, the fka as controller shall take appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject. This includes at least the right to obtain the intervention of a person by the controller, to state his own position and to challenge the decision.
The right can be limited in special cases by the regulation of Section 37 BDSG.
If you wish to exercise this right, please contact our data protection officer at the above contact details.
Any data subject has the right to object to the processing of personal data at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until withdrawal.
The objection can be declared by post, e-mail, fax or by any other means provided by fka (e.g. a corresponding link in an e-mail).
In the event of withdrawal, the stored data will be erased immediately unless the person concerned has expressly consented to further use of the data in this regard or a further use of the data has been reserved, which is legally permitted and about which fka has informed.
Each data subject has the right to complain to a supervisory authority (see Article 51 GDPR) under Article 57(1)(f) and (2) GDPR.
Responsible for fka is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (Landesbeauftragte für Datenschutz- und Informationsfreiheit Nordrhein-Westfalen), Kavalleriestraße 2 - 4, 40213 Düsseldorf, Germany.
If we provide a specific storage period for certain personal data, we will inform you of this in the individual case. If we are unable to specify the concrete duration of the storage, we will inform you of the relevant criteria for determining the particular storage period.
In principle, the duration of the storage of personal data is measured according to the respective legal retention periods. For example, we store certain personal data for the duration of retention periods prescribed by commercial or tax law.
As far as personal data are required for the defense or enforcement of claims, they are stored until the expiry of relevant limitation periods, unless the reason for this no longer applies, or for other reasons a longer storage period is possible.
After expiry of these periods, the corresponding data will be routinely erased, unless they are no longer required for contract execution or contract initiation and/or if we have no legitimate interest in further storage, including in favor of a third party.
In principle, we do not use automated decision making processes/profilings
If, in exceptional cases, credit information is obtained about a natural person, we will inform the data subject separately.
The European regulator provides that data subjects must be informed as to whether the controller intends to transfer the personal data to a recipient in a third country or an international organisation and whether an adequacy decision is available or lacking or there are equivalent guarantees, including information on how these can be obtained.
In principle, fka neither transfers personal data to a third country nor does it intend to do so. Should this deviate from the aforementioned principle in individual cases be intended or take place, we will inform the data subject separately.
In this section we would like to inform you in detail about which personal data we process for which purposes in the context of using our website.
As part of your informational visit to our website, i.e. if you do not use any of the registration functions provided or otherwise provide us with information, we only collect the technical information that your browser transmits to our server each time you visit the website. The following information can be collected:
The information is stored on our servers as part of an automatically generated log file. We do not draw any conclusions about the identity of the visitor from the information collected.
We use this information to optimize the presentation of our website, to optimize the functions and content and to statistically evaluate the number of visitors to our website or certain contents. In the event of a hacker attack on our website, necessary data may be made available to the law enforcement authorities.
The legal basis for processing the information includes the following:
The recipients of the data may be criminal prosecution or regulatory authorities or similar bodies in order to defend against and prevent misuse of our Internet presence.
The provision of the information is not required by law or by contract or is necessary for the conclusion of a contract and there is no obligation to provide personal data. Please note, however, that information is collected automatically when you visit our website. If you prevent - for example with the help of appropriate tools - the provision of data (e.g. the transmission of the screen size, the device used or the browser used), certain functions of our Internet presence can no longer be displayed or used correctly.
Log files are automatically deleted after seven days, unless a longer storage period is required in the event of violations to clarify and enforce claims and for criminal prosecution.
Subject to the conditions specified in more detail, you are entitled to the rights of the data subjects referred to in Section 5.5.
We respect your right to privacy and, therefore, we do not use web analytics services and cookies.
Herewith you inform about the processing of your personal data, if you contact us about the possibilities offered on our website, in particular by e-mail, by fax or by telephone, or independently of this on the named ways (including postal correspondence).
When you contact us, we collect the data you have provided, in particular:
We process the data generally for the execution of a contract or for pre-contractual measures in accordance with Article 6 (1) (a) DSGVO, if the information is communicated on the occasion of a contract or a contract initiation (for example a concrete inquiry for sending an offer or an e-mail notification with reference to a concrete project). In addition, the processing of your data for the protection of legitimate interests pursuant to Article 6 (1) (f) DSGVO may be considered as a legal basis. Our legitimate interest is to be seen in the provision of services and the possible expansion of our customer base.
We only process your data within our company and do not pass it on to third parties without your express consent. An exception to this is made, if the matter you contacted us with concerns one of our project partners. In this case, we may decide to forward your request to our project partners as shown on our website.
Your request will be forwarded to the appropriate department within our company. This can be, depending on the request to be able to work on, in particular the project responsible persons in the context of projects, the bookkeeping, the Controlling, the personnel department, the IT department, or PR/media. Within our company, only those persons have access to your data who need this for the proper answer to your request.
The provision of the information is neither required by law nor by contract, nor is it necessary for the conclusion of a contract. There is also no provision obligation. If you do not provide us with certain information, we may not be able to process your request or only to a limited extent. Exceptionally, for legal reasons, it may be necessary for you to provide us with certain information in order to be able to process declarations with legally binding effect, for example for the conclusion or execution of a contract.
Data collected in the course of establishing contacts or inquiries will be stored for as long as their processing and any measures that may follow make this necessary. We delete the data after a storage is no longer necessary or limit the processing, if legal storage obligations exist.
Under the conditions described in more detail, they are entitled to the rights of the persons concerned mentioned in Section 5.5.
Your contact data, which we have received from you in connection with the sale of goods or services by or from us (name, company, address, telephone and, if applicable, fax number, e-mail address), we use within the framework of the legal requirements according to § 7 para. 3 UWG, Article 6 para. 1 lit. f DSGVO to send you information about similar goods or services of fka.
If you do not wish to receive such information or no longer wish to receive it, you can object to the further use of your data for this purpose. You can send your objection by post, e-mail, fax or any other means provided by fka (e.g. a corresponding link in an E-Mail).
In the event of objection, we will delete the data immediately, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we have informed you or informed you.
As on: 24.05.2018