Privacy policy in accordance with Art. 13 General Data Protection Regulation (GDPR)

I. Name and address of the Controller

The Controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection provisions is the:

H2FLY GmbH
Ausgburger Straße 293
70327 Stuttgart
Local Court Stuttgart HRB 751648
Managing Directors Prof. Dr. Josef Kallo, Matthew Allen Field
Phone: +49-711-340300-0
E-mail: info@h2fly.de

You can contact our Data Protection Officer at:
PROLIANCE GmbH
www.datenschutzexperte.de
Leopoldstr. 21
80802 Munich
datenschutzbeauftragter@datenschutzexperte.de

II. General information on data processing

1. Scope of the processing of personal data

In principle, we only process our users‘ personal data insofar as this is necessary to provide a functional website and our content and services.

2. Data deletion and storage duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the Controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

III. Access to and storage of information in user’s device

By using our website, access to information (e.g. IP address) or storage of information (e.g. cookies) in your terminal equipment may occur. This access or storage may involve further processing of personal data pursuant to the GDPR.

In cases where such access to information or such storage of information is strictly necessary for the technically error-free delivery of our services, this is done on the basis of § 25 para. 1 s. 1, para. 2 no. 2 TTDSG.

In cases where such a process serves other purposes (e.g. the needs-based design of our website), this will only be carried out on the basis of § 25 para. 1 TTDSG with your consent pursuant to Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time with effect for the future.

For more information on the processing of your personal data and the relevant legal basis in this context, please refer to the following sections on the specific processing activities on our website.

IV. Provision of the website

1. Description and scope of data processing

Each time you access a website, your web browser transmits usage data. This includes your IP address and a description of the content accessed (URL). Without collecting the IP address of the accessing computer and the name of the retrieved file, it is impossible to establish a connection to the server and use the corresponding website.

In addition, your browser – depending on the configuration – transmits further data (browser type, browser version, operating system used, referrer URL). When you call up our website, your IP address is therefore used by us for the pure page setup, i.e. the technical connection to display our content. This is necessary to establish a connection between your computer and our website. We do not permanently store, read or otherwise use your IP address.

2. Legal basis for data processing

The legal basis for the processing of technically necessary information for the delivery of a website is Art. 6 para. 1 lit. f GDPR.

3. Purpose of data processing

The processing of the above-mentioned system data is necessary to enable the website to be delivered to the user’s computer.

These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.

4. Duration of storage

The data is deleted as soon as it is no longer required for the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

5. Objection and removal options

The collection of data for the provision of the website for the duration of the session is absolutely necessary for the operation of the website. Consequently, the user has no option to object.

 

V. Use of cookies

Our website uses so-called “cookies”. Cookies are small text files that are either temporarily stored on your end device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or an automatic solution is provided by your web browser.

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or language settings). Other cookies are used to evaluate user behaviour or display advertising.

The processing of data using strictly necessary cookies is based on a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the technically error-free delivery of our services. For details on the processing purposes and legitimate interests, please refer to the following explanations on the specific data processing.

The processing of personal data using other cookies is based on consent in accordance with Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time with effect for the future. Insofar as such cookies are used for analysis and optimisation purposes, we will inform you separately about this in this privacy policy and obtain your consent in accordance with Art. 6 para. 1 lit. a GDPR.

You can set your browser to

  • be informed about the setting of cookies,
  • only allow cookies in individual cases,
  • exclude the acceptance of cookies for certain cases or generally,
  • activate the automatic deletion of cookies when the browser is closed.

The cookie settings can be managed under the following links for each browser:

You can also manage cookies of many companies and functions used for advertising individually. To do so, use the appropriate user tools, available at https://www.aboutads.info/choices/ or  http://www.youronlinechoices.com/uk/your-ad-choices.

Most browsers also offer a so-called „do-not-track function“. When this feature is enabled, the browser tells ad networks, websites, and applications that you do not want to be „tracked“ for behavioural advertising and the like.

For information and instructions on how to edit this feature, please refer to the links below, depending on your browser provider:

Additionally, you can prevent the loading of so-called scripts by default. „NoScript“ allows the execution of JavaScripts, Java and other plug-ins only at trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox at: https://addons.mozilla.org/en-US/firefox/addon/noscript/ ).

Please note that if you disable cookies, the functionality of our website may be limited.

VI. Change cookie settings

You can revoke or change your cookie settings at any time. To do so, access the „Cookie Settings“ link in the footer navigation, or click here.

 

VII. E-mail contact

1. Description and scope of data processing

It is possible to contact our company via the e-mail address provided on the website. In this case, the user’s personal data transmitted with the e-mail will be stored.

No data will be passed on to third parties in this context. The data will be used exclusively for correspondence.

2. Legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

3. Purpose of data processing

If you contact us by email, our legitimate interest in processing the data lies in the processing of the contact.

4. Duration of storage

The data is deleted as soon as it is no longer required for the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

5. Objection and removal options

If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

You can send your objection to the following e-mail address: datenschutzbeauftragter@datenschutzexperte.de

All personal data stored in the course of contacting us will be deleted in this case.

VIII. Links to other websites

This website contains links to third party websites. There is no embedding of third-party content by means of plug-ins, i.e. in such a way that personal data of our website visitors automatically flows to the operators of these third-party websites (e.g. social media).

We endeavor to only provide links to websites that meet our high standards and share our respect for your privacy. However, we do not monitor or control any of the information that is collected when you access a link to a third party website. The operators of third party websites may handle personal data differently from us. Accordingly, we are not responsible for the content or privacy practices of other websites.

Any forwarding to operators of social media services, e.g. YouTube or Instagram, takes place exclusively by way of linking, so that personal data of our website visitors is only transmitted to these operators when they actively select the link of the operator of the respective platform.

The following links are used on our website:

For more information about the scope and purposes of data processing on these third party websites, please read the privacy notices provided there.

IX. Web analysis through Matomo

1. Description and scope of data processing

We use the open source software tool Matomo on our website for the anonymized analysis of our users‘ surfing behaviour. The software runs exclusively on the servers of our website. This tool is used by us with the use of a cookie that is stored in the user’s device. Data that allows conclusions to be drawn about individual persons is neither collected nor processed in any other way.

2. Legal basis
 When Matomo is used, information that is stored in the user’s device is accessed and a cookie is stored in the user’s device. This access and storage requires the user’s consent in accordance with § 25 para. 1 s. 1 TTDSG. Matomo is therefore only active on our website if users have given their consent in the cookie banner. If no consent is given in the cookie banner or consent is subsequently withdrawn, Matomo will not access any information stored in the user’s device nor store cookies in the user’s device.3. Purpose of the use of Matomo

The purpose of data processing is to enable us to analyze the usage behavior of visitors to our website without being able to draw personal conclusions about individual website users.

4. Duration of storage

The data collected during the use of Matomo will be retained for 12 months and then deleted.

5. Withdrawal and removal options

Consent that has been given can be withdrawn at any time. Withdrawal is possible by calling up the cookie banner again using the „Cookie Settings“-Link in the footer and changing the consent settings accordingly.

X Rights of the data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the Controller:

1. Right of access (Art. 15 GDPR)

You can request confirmation from the Controller as to whether personal data concerning you is being processed by them. In addition, you have the right to request a copy of your personal data in accordance with Art. 15 (3) GDPR.

2. Right to rectification or erasure (Art. 16 and 17 GDPR)

If the legal requirements are met, you have a right to rectification and/or completion vis-à-vis the Controller if the personal data processed concerning you is incorrect or incomplete. The Controller must make the correction without delay. In addition, if the legal requirements are met, you have the right to demand the erasure of your personal data if further processing is no longer necessary, the processing is unlawful or you have withdrawn your consent.

3. Right to restriction of processing (Art. 18 GDPR)

If the legal requirements are met, you have the right to demand the restriction of processing of the personal data concerning you, i.e. to prevent further processing for the time being.

4. Right to data portability (Art. 20 GDPR)

Within the limits of Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to the Controller, in a structured, commonly used and machine-readable format. If the legal requirements are met, you also have the right to transmit this data to another Controller without hindrance from the Controller to which the personal data was provided.

 

5. Right of objection

If the legal requirements are met, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions. The Controller will then no longer process the personal data concerning you.

If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is associated with such direct marketing. If you object to processing for the purposes of direct marketing, the personal data concerning you will no longer be processed for these purposes.

 

6. Right to withdraw the declaration of consent under data protection law (Art. 7 para. 3 GDPR)

If the processing of your personal data is based on your consent, you have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

7. Automated individual decision-making including profiling (Art. 22 GDPR)

Automated decision-making, including profiling, does not take place and is not intended by us.

  1. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged breach if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart
Tel: 0711/615541-0
Fax: 0711/61 55 41-15
Mail: poststelle@lfdi.bwl.de

Tracking Opt-out