DATA PRIVACY STATEMENT

The protection of your privacy is very important to us. We therefore proceed according to the statutory regulations of the European and German data privacy legislation in all operations of data processing (e.g. collecting, processing and transmission).

0

The following statement gives you an overview of which of your data is asked for on our websites, how this data is used and forwarded, in which way you can find out about the information given to us and which security measures we take to protect your data.
1. WHO IS YOUR CONTACT PERSON (CONTROLLER) FOR DATA PRIVACY CONCERNS?
The controller as defined in the data privacy regulations for all data processing procedures performed via our websites is:

0

DIAGRAMMATIC DESIGNS GMBH

Gottlieb Daimler Straße 5

D-78467 Konstanz

info(at)diagrammaticdesigns.de

0

We have not appointed a data privacy officer as the statutory prerequisites for an appointment do not exist in our company.

0

Please address your enquiries on the topic of data privacy and the assertion of the rights of data subjects (cf. below) to the above address.

2. WHICH DATA DO WE NEED FROM YOU FOR THE USE OF OUR WEBSITES? WHICH DATA IS COLLECTED AND STORED DURING USE?
Personal data is any information that refers to an identified or identifiable natural person (“data subject”), such as, e.g. your name, your address, your phone number, your date of birth, your bank details and your IP address.

Basically, we only collect and use personal data of our users when this is necessary in order to provide a functioning website and our contents and services. The collection and use of personal data of our users is only carried out as a rule after obtaining the consent of the user. An exception applies in such cases, where obtaining prior consent is not possible for practical reasons and the processing of data is permitted by statutory regulations.

0

Usage data

The following data is recorded when using our websites, whereby storage ensues solely for internal system-related and statistical purposes; so-called usage data:

0

- the called domain

- the IP that accesses the domain

- date and time

- the files retrieved and how they were retrieved (e.g. POST or GET)

- the protocol used (HTTP/1.1, HTTP/2)

- the HTTP status code (e.g. 301 or 200)

- the size of the transferred file

- the referrer

- the user agent (usually the browser used and information about the operating system)

0

Further personal data is only collected if you voluntarily provide it to us, for example in the context of an e-mail enquiry.

0

Legal basis for the temporary storage of data and log files is Art. 6 Par. 1 lit. f GDPR (General Data Protection Regulation).

0

The temporary storage of the IP address is required by the system, in order to enable the delivery of the website to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.

The storage in log files is carried out to ensure the functioning of the website. In addition, the data is used to optimise the website and ensure the security of our IT systems. An analysis of the data for marketing purposes does not take place in this context.

Our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR also lies in these purposes.

0

The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of recording data to make the website available, this is the case when the respective session is terminated.

In the case of storing the data in log files, this is the case at the latest after three days. The data is stored for security reasons, e.g. to clarify cases of misuse. If data has to be deleted for reasons of proof, they are excluded from deletion until the incident has been finally clarified.

0

The recording of data to make the website available and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option of contesting this.

0

Initiation and performance of contracts

If you request a booklet or register for a course, the data requested in the order or registration form will be collected. This data will be processed at your request in accordance with Art. 6 Par. 1 lit. b GDPR for the purpose of performing pre-contractual measures and any contract that might subsequently arise. The personal data collected by DIAGRAMMATIC DESIGNS GmbH will be stored for as long as necessary to comply with the retention and documentation obligations stipulated in tax and commercial law. The data will then be deleted.

Your personal data will only be disclosed to third parties if this is necessary to perform a contract in accordance with Art. 6 Par. 1 lit. b GDPR. In such cases, your data will be received by logistics companies and payment service providers.

0

Cookies

When using our websites, no cookies are stored on your computer.

0

Contact us

You can contact us by letter, telephone or via the e-mail address provided. In this case the transmitted personal data of the user will be stored.

We only use your data to process your enquiry and can contact you for this purpose using the contact data given. Use of this data for advertising purposes or forwarding to third parties does not take place.

The legal basis for the processing of the data, which is transmitted in the course of the transmission of an e-mail or via other kinds of communication, is Art. 6 Par. 1 lit. f GDPR. The justified interest in the processing of the data lies in the processing of the establishment of contact. If making contact also aims at concluding a contract, additional legal basis for processing is Art. 6 Par. 1 lit. b GDPR.

The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data that was sent by e-mail or otherwise, this is then the case when the respective conversation with the user is terminated. The conversation is terminated when it can be inferred from the circumstances that the situation concerned has been conclusively clarified.

0

Right to objection

When the user contacts us, he or she can object to the storage of his or her personal data at any time, by using the above contact information. The conversation cannot be continued in such a case.

0

In this case all personal data that was processed in the course of making contact will be deleted.

3. HOW IS MY DATA USED AND POSSIBLY FORWARDED TO THIRD PARTIES, AND FOR WHICH PURPOSE IS THIS CARRIED OUT?
We use the personal data provided by you to answer your enquiries and for the technical administration of our websites.

0

Your personal data will only be passed on or otherwise transferred to third parties if you have expressly consented to this.

0

The legal basis for the transfer of data to third parties is Art. 6 Par. 1 lit. a GDPR if you have given your consent.

0

Any data you provide in an order or registration form may be forwarded to logistics companies and payment service providers if this is necessary to perform a contract. The legal basis for the transfer of such data to the third parties indicated above is Art. 6 Par. 1 lit. b GDPR.

0

Forwarding in legally prescribed cases

We point out that we are entitled in individual cases to give information on data upon instructions of the competent body, where this is required for the purposes of law enforcement, averting danger by the police forces of the German federal states, for complying with the legal assignments of the state and federal offices of the protection of the constitution, of the federal intelligence service or the military counter-intelligence service or to enforce intellectual property rights. In these cases, Art. 6, Par. 1, lit. b of the GDPR forms the legal basis for this.

4. WHAT SECURITY MEASURES HAVE WE TAKEN TO PROTECT YOUR DATA?
We have taken a variety of security measures to protect personal information appropriately and adequately.

Our databases are protected by physical and technical measures, as well as by means of procedural measures that restrict access to the information to specially authorised persons in compliance with this data privacy statement.

When communicating by e-mail, we cannot guarantee full data security.

5. RIGHTS OF DATA SUBJECTS
If personal data relating to you is processed, you are a data subject as defined in the GDPR and you are entitled to the following rights towards the controller:

0

Information, rectification, restriction of processing and erasure

You have the right at any time to obtain information free of charge about any personal data we have stored about you, about the origin and recipient, as well as the purpose of data processing via our websites. In addition, you have the right to rectification, erasure and restriction of the processing of your personal data, where the statutory provisions exist.

0

Right to data portability

You have the right to receive the personal data relating to you that you have made available to us as controller in a structured, commonly used and machine readable format. We can meet this right by providing a csv-export of the customer data processed relating to you.

0

Right to information

When you have asserted your right to rectification, deletion or restriction of processing to the responsible office, this office is obliged to inform all recipients, to whom the personal data relating to you was disclosed, about this rectification or deletion of the data or the restriction of processing, unless this proves to be impossible or involves an unreasonable expense or effort

You have the right vis-à-vis the responsible office to be informed about these recipients.

0

Right to object

For reasons arising from your particular situation, you have the right to object at any time to the processing of personal data relating to you that is carried out pursuant to Art. 6 Par. 1 lit. e or lit. f GDPR: this shall also apply to any profiling that is supported by these provisions.

The controller no longer processes the personal data relating to you, unless he can prove compelling legitimate reasons for the processing that override your own interests, rights and liberties, or when the processing serves the assertion, exercise or defence of legal claims.

You have the possibility, in connection with the use of services of the information society – irrespective of the Directive 2002/58/EC – to exercise your right to object by means of automatic processes with which technical specifications are used.

0

Revocability of data privacy consent declarations

In addition, you may revoke the consents that you have given us with effect to the future at any time at the contact details stated below.

0

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular, in the member state of your place of residence, your place of work or the place of alleged infringement, if you consider that the processing of the personal data relating to you infringes the EU general data privacy regulation.

The supervisory authority, with which the complaint has been lodged, informs the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

6. CHANGES TO THIS DATA PRIVACY STATEMENT
We reserve the right to change this data privacy statement when the occasion arises and without prior notice. Please therefore consult this page regularly to find out about possible changes to this data privacy statement.