In accordance with Art. 13 and 14 DGSVO I inform you about data processing by me or initiated by my, if you enter into a business relationship with me (for example, consulting, coaching, moderation, lecture).
Controller is Dr. Jana Moser, Cottaer Str. 21A, 01159 Dresden, Germany, Email: jana.moser_ at_datareality.eu.
2. Purposes, legal bases and duration of data processing
In the case of purely informative use of the website, i.e. if you do not contact me directly (e.g. via an e-mail to me) or leave a comment on the website, no information will be processed which can be directly assigned to your person.
However, with additional information, a personal reference can be made for some data, which is why I treat this data as so-called pseudonymous data. This includes automatically processed information in so-called server log files that your browser transmits. These are browser type/browser version, the operating system used, referrer URL (previously visited page), host name of the accessing computer and the time of the server request. These data are used to represent the website you are visiting so that the pre-contractual relationship with you in accordance with Art. 6 para. 1 lit. b) DSGVO is the legal basis for this processing.
b. Presence in third-party portals
I am also present on other portals such as social networks (e.g., Twitter) („Third-Party Portals“). The goal is that I increase my awareness and you also outside of my website as a contact and contact available.
I do not operate these third portals. Rather, I can only use them within the framework offered by the respective operator and under acceptance of the usage and data protection conditions applicable there. More about the privacy conditions of third-party portals can be found here:
Depending on the data processing you have agreed with the portal operator, the purpose of the Third-Party Portal is that I receive certain information about you when you interact with me in the portal (for example, followers on Twitter). Please note that all communication with me via these third portals is processed by these portal operators and may be accessible to them.
Legal basis is your contract with the portal operator gem. Art. 6 para. 1 lit. b) GDPR. Your interaction with me about and in the portals is voluntary. If you also provide me with information (eg in a short message in the Third-Party Portal), this either serves to contact me in advance (Article 6 (1) (b) GDPR) or you grant me your consent voluntarily (Art 6 (1) (a) GDPR).
If you have given me your consent, you have the right under Art. 7 (3) GDPR at any time to revoke your consent with effect for the future. To do this, you will need to adjust (for example, not follow me) into the settings for your respective account in the Third-Party Portal. If you want me to stop using and deleting your previously received data for the future, contact me.
c. Contact by mail
If you contact me by mail or phone, I process your data as far as is necessary to answer your questions. The legal basis is therefore also the contract with you, Art. 6 para. 1 lit. b) GDPR. The data for this is stored until the request is completed. If a contract results from the contact, the conditions of the contract apply.
If you sign a contract with me, I collect personal information from you and your employees in order to prepare, execute and perform services under the agreement with you. Therefore, the legal basis is the contract, Art. 6 para. 1 lit. b) GDPR, as the processing of this data is necessary to fulfil the contract.
In addition, I process personal data in order to fulfil the legal obligation, in particular from tax and commercial law, provided that I am required by law to do so. The legal basis is Art. 6 para. 1 lit. c) GDPR.
Personal data processed by me will be stored by me for the duration of the business contact and in the case of the termination thereof after the expiration of the regular limitation period of 3 years. This does not apply if, in accordance with Art. 6 para. 1 lit. c) GDPR. I am obligated to a longer storage due to tax and commercial legal storage and documentation obligations or you agree to an extended storage term according, Art. 6 Abs. 1 lit. a) GDPR.
If you contact me by mail or phone, I process your data as far as is necessary to answer your questions. Therefore, the legal basis is also the contract with you, Art. 6 para. 1 lit. b) GDPR. For the storage duration clause 2.a. applies. The transmission of e-mails takes place in accordance with TLS / SSL. Mails and mail content are encrypted if requested by you.
Finally, the hoster of the website and the e-mail provider whom I have hired processes data in my and my interest in order to ensure the integrity, confidentiality, and availability of the data processing systems, i. E. In particular, to ensure the security and availability of your information. It is not possible to use DATAREALITY without processing data for this purpose. The legal basis for the processing of this data is Art. 6 para. 1 lit. f) GDPR; my legitimate interest is in the maintenance and safe provision of my services.
g. Data storage
I store information about my clients and contacts, including communications in the Office 365 Cloud solution offered by Microsoft Inc. (US). Using the Office 365 Cloud, I follow my legitimate interest of being cost-effective, efficient, fast and flexible. Additionally, data security measures of the specialized cloud provider are much more effective than measure I could establish as an individual business person. In addition, online access to data storage allows me to work independently of time and place. The use of Office 365 is also based on a contract processing contract pursuant to Art. 28 GDPR (see below, points 3 and 4). Legal basis is, therefore, Art. 6 para. 1 lit. f) GDPR. If you would like to use another data storage or communication solution during the term of our agreement, please inform me.
I will not share your personal information with third parties unless you have previously and expressly agreed, or if there is another legal basis or duty to do so. I also use a tax consultant to handle my bookkeeping and tax affairs. I follow the legitimate interest to have these activities carried out correctly by an expert, Art. 6 (1) (f) GDPR.
For the storage of documents and for online communication, I have also commissioned the following categories of service providers to work for me based on data processing agreements under Art. 28 GDPR:
– Email provider
– Provider of accounting software
– Provider of an online cloud
4. Transmission to third countries
If I transfer personal data to other authorized service providers outside the EU or the European Economic Area (EEA), the transfer takes place insofar as the EU Commission has confirmed the appropriate level of data protection by the EU Commission or according to the principles of the Privacy Shield and so-called standard contractual clauses the European Commission.
5. Right of revocation and objection
If you have given me consent to the processing of your personal data, you have the right under Art. 7 (3) GDPR at any time to revoke your consent with effect for the futu,re. In this event your data will not be further processed for the purpose for which you consented. At the same time, this data will be deleted if there is no other legal basis for further processing (e.g., contract performance, legal retention requirements).
If the processing of your personal data is based on a legitimate interest, Art. 6 (1) lit. f) DSGVO, you can object to this processing at any time. Your personal data will no longer be processed unless I can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
6. Your further rights under the GDPR
In addition to the above-mentioned rights to revoke consent and objection to the processing of data, you have the following rights towards me as the person responsible in accordance with the provisions of the GDPR regarding your personal data:
– Right to information,
– Right to rectification,
– Right to restriction of processing,
– Right to deletion,
– Right to data portability,
Simply contact me directly by mail or e-mail (contact details see above).
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of its place of residence, employment or the place of the alleged infringement, if you believe that the processing of the personal data concerning you is against the DSGVO violates