Dear visitors to ELISE.
To ensure that you feel secure when visiting our website, we would like to inform you below about how we handle your data. We neither publish your data nor pass it on to third parties without your consent. Below we explain what types of data we collect when you visit our web pages and precisely how it is used:
A. General information
1. Extent of data processing
We only process personal data collected from our users insofar as this is necessary for the provision of a functional web presence and our content and services. As a rule, personal data provided by our users is only processed with their consent. One exception is where statutory regulations permit the processing of data.
2. Legal basis for data processing
Art. 6 (1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis whenever we obtain the consent of the person concerned (“data subject”) for the processing of their personal data.
Art. 6 (1)(b) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data which is necessary for performing a contract to which the data subject is a party. The same applies to processing that is required for carrying out pre-contractual measures.
Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR) serves as the legal basis when processing is necessary to safeguard a legitimate interest of ELISE or a third party, and provided this legitimate interest is not outweighed by the data subject’s interests and fundamental rights and freedoms.
3. Data erasure and storage duration
The personal data of the data subject is erased, anonymised or blocked as soon as the purpose of the storage ceases to apply. In addition, storage may take place if required by European or national law in EU regulations, laws or other regulations to which ELISE is subject. Blocking, anonymisation or deletion of the data also takes place if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfil the contract
4. Controller’s contact details
Data controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection legislation as well as any other data protection regulations:
5. Contact details of the data protection officer:
The controller’s data protection officer is:
B. Contact form
There is a contact form on our website that can be used to contact us electronically. If you use this option, the data entered voluntarily in the input screen is transmitted to us and stored. This normally comprises your email address, first name and surname. We inform you about the actual processing of data while you are using the form and we obtain your consent. Reference is also made to the privacy notice. The data is used solely for processing the conversation.
The legal basis for processing the data when using the contact form, if the user’s consent has been given, is Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR). Personal data from the input screen is processed solely for the purpose of acting on the contact request. The data is deleted as soon as it is no longer needed to achieve the purpose for which it was collected. This is the case when the relevant conversation with the user has ended or when the user’s request has finally been processed. The conversation has ended when it is apparent from the circumstances that the issue in question has been finally clarified. The user may at any time withdraw their consent to the processing of personal data vis-à-vis the contact persons listed.
Your personal data will only be transmitted to government organisations and authorities if required by law and/or for the purpose of prosecution in the event of attacks on our network infrastructure. Forwarding to third parties for other purposes does not take place.
C. Rights of the data subject
As the data subject whose personal data is collected within the scope of the above-mentioned services, you have the following rights, unless any legal exceptions apply in individual cases:
- Information (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 (1) GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection to processing (Art. 21 GDPR)
- Withdrawal of consent (Art. 7 (3) GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR). For ELISE, this is the Landesbeauftragte für den Datenschutz und Informationssicherheit (State Data Protection and Freedom of Information Officer), Arndtstrasse 1, 27570 Bremerhaven.
D. Use of external map services
Data protection regulations on the use of Google Maps
Some of our web pages use Google Maps for showing a site layout. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website, you consent to the capture, processing and use of the data that is automatically collected, and of the data that you enter, by Google, its agents and external service providers.
We also use YouTube for the embedding of videos.
E. Use of Google Analytics
If you have given your consent, Google Analytics, a web analysis service of Google Ireland Limited (“Google”) is used on this website. The use includes the “Universal Analytics” operating mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyze a user’s activities across devices.
Purposes of the Processing
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website and Internet use.
The legal basis for the use of Google Analytics is your consent in accordance with Art. 6 para. 1 lit. a GDPR.
Recipients or Categories of Recipients
The recipient of the collected data is Google.
Transfer to Third Countries
Personal data will be transferred to the USA under the EU-US Privacy Shield on the basis of the European Commission’s adequacy decision. You can download the certificate here.
Duration of Data Storage
The data sent by us and linked to cookies, user-identifiers (e.g. User-IDs) or advertising-identifiers are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.
Rights of the Persons affected
You can revoke your consent at any time with effect for the future by blocking the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functionalities of this website to their full extent.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the Browser Add-on. Opt-out cookies will prevent future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt-out on all systems used.