Privalexx Ukraine

Data Protection Officer

You can reach our Data Protection Officer at the following contact details:

Axel Lehmann
Goldberger Str. 81a
D – 18273 Güstrow
Phone: +49 3843-229133
Fax: +49 3843-2456021
E-Mail: moin@datenschutz-nordost.de

Scope

This Privacy Policy applies to our online offering on the websites we operate. 

Use of our Websites

Whenever you access our websites, information is transmitted by the internet browser of your device to our website server and temporarily stored in protocol files, the so-called log files. The stored data sets may contain the following data, which will be retained until automatically deleted:

• Date and time of access
• Name of the page accessed
• IP address of the requesting device
• Referrer URL (the URL from which you came to our websites)
• Amount of data transferred
• Loading time
• Product and version information of the browser used, your operating system, and the name of your access provider.

Legal basis for processing this data is Art. 6(1)(f) GDPR.

Our legitimate interest arises from the need to

• ensure a smooth connection to our websites,
• ensure a convenient use of our websites,
• analyze system security and stability.

It is not possible for us to directly identify you from this information, nor will we attempt to do so. You may object to the processing of your personal data based on our legitimate interests at any time.

Security Measures

We take appropriate technical and organizational measures in accordance with statutory requirements to guarantee a level of protection appropriate to the risk. In doing so, we take into account the state of the art, implementation costs, the nature, scope, circumstances and purposes of the processing, as well as the probability and severity of any risk to the rights and freedoms of natural persons.

These measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as controlling access, entry, transfer, securing availability, and separation of data. In addition, we have established procedures to exercise data subject rights, delete data, and respond to data threats. We also comply with data protection principles when developing and selecting hardware, software, and processes through data protection by design and by default.

We describe below other processing activities and services we use in this context:

Shortening of IP addresses: If we or service providers and technologies we use process IP addresses and full IP processing is not required, the IP address is shortened (“IP masking”). This means that the last two digits or the last part of the IP address after a dot are removed or replaced with placeholders. Shortening the IP address is intended to prevent, or at least significantly hinder, identification of a person based on their IP address.

TLS/SSL encryption (https): To protect user data transmitted through our online services, we use TLS/SSL encryption. Secure Sockets Layer (SSL) is a standard technology that ensures the security of internet connections by encrypting data transmitted between a website or app and a browser (or between two servers). Transport Layer Security (TLS) is an updated and more secure version of SSL. You can recognize that a website is protected by an SSL/TLS certificate by the display of Hyper Text Transfer Protocol Secure (HTTPS) in the URL.

Deletion of Data

In accordance with legal requirements, we delete data we process as soon as the original consent to processing is revoked or other legal grounds cease to apply (e.g., if the processing purpose no longer exists or the data is no longer necessary for that purpose). If data cannot be deleted because it is needed for other legally permissible purposes, its processing will be restricted to those specific purposes. This means that data will be blocked and used exclusively for those purposes. This may include, for example, data that must be retained for commercial or tax law reasons, or whose storage is required for the enforcement, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person. Information on specific storage and deletion periods may be included in our privacy notices.

Amendment and Updating of the Privacy Policy

If we make changes to our data processing procedures, we will also adjust this Privacy Policy accordingly. We will inform you if such changes require your cooperation (e.g., consent) or an individual notification. For all other changes, we ask you to regularly review our Privacy Policy to stay informed about its contents.

Please note that the addresses and contact details of companies and organizations listed in our Privacy Policy may change over time. Therefore, please check this information before contacting them.

Your Rights

In connection with the processing of personal data by us, you are entitled to rights as a data subject. For example, you have the right to request information about the data we hold about you. You can also withdraw consents you have given us and object to specific processing of data. Furthermore, you have the right to have incorrect data corrected and can demand that we provide you with certain data in a common electronic format. In addition, you have a right to deletion of the data we hold about you. Please note that we may be legally obliged to continue storing data despite the exercise of your right to deletion. In some cases, we may also have a legitimate interest in continuing storage of your data that outweighs your interest in deletion (e.g., if we still have outstanding claims against you).

Your rights in detail

The rights set out in this section may be exercised either directly with us (Controller) or with our Data Protection Officer. Contact details can be found above in this statement.

In addition to the right to withdraw consents granted to us, you also have the following rights, provided the respective statutory conditions are met:

• Right of access to your personal data stored by us (Art. 15 GDPR): In particular, you may request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned storage period, the origin of your data (if not collected directly from you);
• Right to rectification of incorrect data or completion of correct data (Art. 16 GDPR);
• Right to erasure of your data stored by us (“right to be forgotten”) (Art. 17 GDPR), as long as no statutory or contractual storage requirements or other legal obligations or rights prevent further storage;
• Right to restriction of processing (Art. 18 GDPR), if the accuracy of the data is disputed by you, processing is unlawful but you oppose deletion, we no longer need the data but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing pursuant to Art. 21 GDPR;
• Right to data portability (Art. 20 GDPR), i.e., the right to have selected data about you stored by us transferred in a commonly used, machine-readable format, or to request transfer to another controller;
• Right to lodge a complaint with a supervisory authority. You can usually contact the supervisory authority at your habitual residence, place of work, or our company headquarters.

Right to Object

Under the conditions of Art. 21(1) GDPR, processing may be objected to on grounds relating to your particular situation.

The above general right to object applies to all processing purposes described in this Privacy Policy, which are processed on the basis of Art. 6(1)(f) GDPR. Unlike the specific right to object to data processing for advertising purposes, we are only obliged to implement such a general objection under the GDPR if you provide us with reasons of overriding importance (e.g., a possible risk to life or health).

Right to Withdraw Consent

If we process data on the basis of consent you have given, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

Supervisory Authority and Right of Complaint

You have the right to lodge a complaint with the supervisory authority responsible for our company. The responsible authority is:

State Commissioner for Data Protection and Freedom of Information Mecklenburg-Vorpommern
Lennéstraße 1  
19053 Schwerin  
Phone: +49 385 59494-0  
E-Mail: info@datenschutz-mv.de  
Website: www.datenschutz-mv.de