Privacy policy

Data protection declaration

From May 25, 2018, the General Data Protection Regulation (GDPR) issued by the European Union will apply directly. We would like to inform you about the following:

Responsible for the processing of your data is:

KOLL & CIE. GmbH & Co. KG
Industriestr. 10
D-92431 Neunburg v. Wald, Germany

Phone +49 (0) 96 72 / 505 -0
Fax +49 (0) 96 72 / 505 -77
eMail: info@kollgermany.de

You can reach our data protection officer / our person responsible for data protection at:

datenschutz@itago.de
info@kollgermany.de

In order to process your request, we need various information, including personal data from you.

We take the protection of your data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations, and only within the scope of our legal mandate or the fulfillment of a contract or within the scope of your consent (if available).

If you do not provide the required data, you must expect that your request cannot be processed or that a contract cannot be concluded with you.

Your data will be stored by the responsible body for as long as is necessary to fulfill the task, taking into account the respective statutory retention periods.

You also have the right to information about the data stored about you (Article 15 GDPR). If incorrect data has been processed, you have the right to rectification (Article 16 GDPR). In exceptional cases, you may be able to request the deletion or restriction of processing and object to processing (Articles 17, 18 and 21 GDPR). If you have consented to the data processing or if there is a contract for data processing and the data processing is carried out using automated procedures, you may have a right to data portability (Art. 20 GDPR). If you wish to make use of these rights, the responsible body will check whether the legal requirements have been met.

You can contact a supervisory authority at any time with a complaint, e.g. to the competent supervisory authority of the federal state of your place of residence or to the authority responsible for us as the responsible body.

For Bavaria:

A list of the supervisory authority (for the non-public area) with address can be found at:
https://www.lda.bayern.de/media/veroeffentlichungen/flyer_baylda_organisation_de.pdf

A list of the supervisory authority (for the public sector) with address can be found at:
https://www.bfdi.bund.de/SharedDocs/Adressen/LfD/Bayern.html?nn=5217144

For all other federal states (except Bavaria):

You can find a list of the supervisory authorities (for the non-public area) with their addresses at:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

If you have consented to the processing of your data by means of a corresponding declaration, you can revoke your consent to data processing at any time with effect for the future. This does not affect the lawfulness of the processing up to the time of revocation. However, your request may then not be processed further.

If you would like further information on the purpose and legal basis of data processing, possible additional recipients and storage periods or criteria for deletion, you can obtain this information in writing or verbally from the responsible body.

Your rights concerned

You can exercise the following rights at any time by contacting our data protection officer:

  • Information about your data stored with us and its processing (Art. 15 DSGVO),
  • Correcting incorrect personal data (Art. 16 DSGVO),
  • Deletion of your data stored by us (Art. 17 DSGVO),
  • Restriction of data processing, provided that we are not yet allowed to delete your data due to legal obligations (Art. 18 DSGVO),
  • opposition to the processing of your data by us (Art. 21 DSGVO) and
  • Data transferability, provided you have consented to data processing or have concluded a contract with us (Art. 20 DSGVO).

If you have given us your consent, you can revoke it at any time with effect for the future. You may at any time submit a complaint to a supervisory authority, e.g. to the competent supervisory authority of the federal state of your residence or to the authority responsible for us as the responsible body. A list of the supervisory authorities (for the non-public sector) with their addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Collection of general information when visiting our website / server log files

The nature and purpose of the processing

When you access our website, i.e. when you do not register or otherwise submit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, your IP address and similar.

  • They are processed in particular for the following purposes:
  • Ensuring that the website can be connected without problems,
  • Ensuring a smooth use of our website,
  • evaluation of system safety and stability, and
  • to optimise our website.

We take data protection seriously. We do not use your data to draw conclusions about your person. Information of this kind will be statistically evaluated by us, anonymously if necessary, in order to optimise our Internet presence and the technology behind it.

Legal basis and legitimate interest

Processing is carried out in accordance with Art. 6 para. 1 letter f DSGVO on the basis of our justified interest in improving the stability and functionality of our website.

Receiver

Recipients of the data may be technical service providers who act as contract processors for the operation and maintenance of our websites.

Storage duration

The data will be deleted as soon as they are no longer required for the purpose of the collection. This is generally the case for the data used to provide the website, when the respective session has ended.

If the data is stored in log files, this is the case after 14 days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are made anonymous, so that an allocation of the calling client is no longer possible.

Provision is mandatory or necessary

The provision of the aforementioned personal data is not required by law or contract. Without the IP address, however, the service and functionality of our website cannot be guaranteed. In addition, individual services may not be available or may be restricted. For these reasons, an objection is excluded.

Technically not necessary cookies

The nature and purpose of the processing

Like many other websites, we also use so-called “cookies”. Cookies are small text files that are stored on your end device (laptop, tablet, smartphone or similar) when you visit our website.

This enables us to obtain certain data such as IP address, browser used and operating system.

Cookies cannot be used to start programs or transfer viruses to a computer. We can use the information contained in cookies to make navigation easier for you and to enable our web pages to be displayed correctly.

Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent.

Of course, you can always view our website without cookies. Internet browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time via the settings of your browser. Please use the help functions of your internet browser to find out how to change these settings. Please note that individual functions of our website may not work if you have deactivated the use of cookies.

Legal basis and legitimate interest

The legal basis for the use of cookies is our legitimate interest (Art. 6 para. 1 lit. f DSGVO).

Storage duration and cookies used

If your browser settings or consent allow us to use cookies, the following cookies may be used on our websites:

Storage time / current browser session:

  • PHPSESSID
  • sh-theme-options
  • tk_tc

Storage time / 1 Day:

  • wp-saving-post
  • wp-wpml-current-admin-language-(userID){user}
  • wp-wpml-current-language

Storage time / 30 Days:

  • vchideactivationmsg_vc11

Storage time / 1 Year:

  • wordpress-logged-in-(userID){user}
  • wordpress_sec_(userID){user}
  • wp-settings-(UserID){user}
  • wp-settings-time-(userID){user}

Insofar as these cookies can (also) affect personal data, we will inform you about this in the following sections.

You can delete individual cookies or the entire cookie inventory via your browser settings. You will also receive information and instructions on how to delete these cookies or block their storage in advance. Depending on the provider of your browser, you will find the necessary information under the following links:

Provision is mandatory or necessary

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely disabling cookies may mean that you will not be able to use all the functions of our website.

SSL Encryption

To protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS.

Use of script libraries (Google Webfonts)

Type and purpose of processing:

In order to display our content correctly and graphically appealing across browsers, we use “Google Web Fonts” from Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; hereinafter “Google”) to display fonts on this website.

The privacy policy of the library operator Google can be found here:
https://www.google.com/policies/privacy/

Legal basis:

The legal basis for the integration of Google Webfonts and the associated data transfer to Google is your consent (Article 6 (1) (a) GDPR).

Recipient:

Calling up script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible – although it is currently unclear whether and, if so, for what purposes – that the operator collects Google data in this case.

Storage duration:

We do not collect any personal data through the integration of Google Webfonts.
For more information about Google Web Fonts, see https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

Third country transfer:

Google processes your data in the USA and has submitted to the EU_US Privacy Shield https://www.privacyshield.gov/EU-US-Framework. Provision prescribed or required: The provision of personal data is neither legally nor contractually required. However, it may not be possible to display the content correctly using standard fonts.

Withdrawal of consent:

The programming language JavaScript is regularly used to display the content. You can therefore object to the data processing by deactivating the execution of JavaScript in your browser or by installing a JavaScript blocker. Please note that this can lead to functional restrictions on the website.

Change of our data protection regulations

We reserve the right to adapt this data protection declaration so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration will then apply to your next visit.

Questions to the Data Protection Officer

If you have any questions about data protection, please send us an e-mail or contact the person responsible for data protection in our organisation directly: datenschutz@itago.de.