The responsible body in terms of the data protection law, in particular the EU General Data Protection Regulation (DSGVO), is:
DEPRAG SCHULZ GMBH u. CO.
Carl-Schulz-Platz 1 | 92224 Amberg
Tel: +49 9621 371-0
Fax +49 9621 371-120
Dr. Erik Hallmann / Dr.-Ing. Rolf Pfeiffer
Your Affected Rights
You can exercise the following rights at any time by contacting our Data Protection Officer via the specified contact details:
• information about your data which we have stored and its processing,
• amendment of incorrect personal data,
• deletion of your data stored by us,
• restriction of data processing, if we are not yet allowed to delete your data due to legal obligations,
• objection to the processing of your data by us and
• data transference, if you have consented to data processing or have signed a contract with us.
If you have given us your consent, you can revoke it at any time with future effect.
You can contact your relevant regulatory authority at any time with a complaint. The relevant regulatory authority will depend on the federal state in which you are resident, work or where the alleged violation occurred. A list of the German regulatory authorities (for the non-public sector) and their addresses, can be found under the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_node.html
Purposes of data processing by the responsible body or third parties
We only process your personal data for the purposes stated in this privacy statement. We do not transfer your personal data to third parties for purposes other than those stated. We only transfer your personal data to third parties if:
•you have given your express consent,
•processing is required in order to complete a contract with you,
•processing is required to fulfil a legal obligation,
processing is required to protect legitimate interests and there is no reason to believe that you have an overriding legitimate interest in the non-disclosure of your information.
Deletion or blocking of data
We adhere to the basic principles of data avoidance and data economy. Therefore, we only store your personal data for as long as it is necessary to fulfil the purposes stated here, or as stipulated by the various storage periods provided for by the legislator. After the discontinuation of the respective purpose or expiry of these periods, the corresponding data will be routinely blocked or deleted according to the legal regulations.
1. Collection of general information when visiting our website
When you access our website, a cookie automatically collects information of a general nature. This information (server log files) contains, for example, the type of web browser and operating system used, the domain name of your internet service provider, or similar. This is all information which does not allow any conclusions to be drawn about your person.
This information is technically necessary so that the content which you have requested from our website can be provided correctly, and is mandatory when using the internet. It is specifically processed for the following purposes:
• to ensure trouble-free connection to our website,
• to ensure smooth use of our website,
• to evaluate system security and stability, as well as for
• additional administrative purposes.
The processing of your personal data is based on our legitimate interest for the purposes mentioned above for data collection. We do not use your information to draw conclusions about your person. The only recipient of the data is the responsible body and possibly the contract processor.
Anonymous information of this kind may be statistically evaluated by us in order to optimise our web presence and the underlying technology.
Like many other websites, we also use so-called “cookies”. Cookies are small text files which are transferred from a website server to your hard-drive. In this way, we automatically receive certain data such as IP address, browser and operating system used, and your internet connection.
Cookies cannot be used to start programs or transfer viruses to a computer. Using the information gained from the cookies we are able to simplify navigation and allow for the correct display of our website.
Under no circumstances is the data collected by us transferred to third parties or used to create a link with your personal data without your consent.
3. SSL encryption
To protect the security of your data during transference, we use state-of-the-art encryption techniques (e.g. SSL) via HTTPS.
On the basis of your express consent, we regularly send you our newsletter or similar information material via email to your email address provided.
Your email address is all we need for you to receive the newsletter. When registering for our newsletter the data provided by you is only used for this purpose. Subscribers may be informed by email about circumstances which are relevant for this service or the registration (for example, changes to newsletter delivery or technical concerns).
We require a valid email address for effective registration. To check that the registration is being carried out by the owner of the email address, we use the “double opt-in” procedure. We log the newsletter order, the sending of a confirmation email and the receipt of the requested answer. Addition data is not collected. The data is used exclusively for the delivery of the newsletter and is not passed on to third parties.
You can revoke your consent to the storage of your personal data and its use for delivery of the newsletter at any time. Each newsletter contains a corresponding link. Furthermore, you are also able to unsubscribe directly on this website or communicate your request to us via the contact details provided at the bottom of this data protection notice.
5. Contact form
If you have questions of any kind and contact us via email or contact form, you will have provided us with your voluntary consent for these purposes. In this case a valid email address, your name, prename and ZIP is required. This serves to allocate the inquiry and the subsequent answer. The specification of further details is optional. The details provided by you will be used for the processing of the inquiry and for any possible follow-up queries. As soon as your inquiry has been completed, your personal data is automatically deleted.
6. Use of Matomo
This website uses Matomo, an open source software for statistical analysis of user access. Matomo uses so-called cookies, i.e. text files which are stored on your computer and enable analysis of your use of the website.
The information generated by the cookie about your use of this website is stored on a server in Germany.
The IP address is anonymised immediately after processing and before storage. You have the option of preventing installation of cookies by changing your browser software settings. Please be aware that changing these settings, may mean that some features of this website no longer function.
You can decide here whether explicit web analysis cookies may be stored in your browser to allow the collection and analysis of statistical data by the website provider. If you decide against this, please click the following link to store the Matomo deactivation cookie in your browser.
7. Social media online presence
We maintain an online presence within social networks and platforms in order to communicate with customers, users and interested parties active therein and to inform them of our services.
We draw your attention to the fact that in this way, user data may be processed outside the European Union. This may pose a risk to users in such that e.g. the enforcement of user rights may be hampered. We would like to make it known that US providers certified under the Privacy Shield are obligated to meet the data protection standards of the EU.
Furthermore, as a rule, user data is processed for market research and advertising purposes. User profiles are generated on the basis of user behaviour and the inferred interests of users. The user profiles can be used to influence targeted advertisements which may correspond with the user’s interests, both within and outside the platforms. It is generally for these purposes that cookies are stored on computers, in which the user behaviour and interests of the user may be stored. Moreover, in the user profiles, data may be stored separately from the user devices (particularly if the user is a member of the specific platform and is logged in to the platform).
Processing of the user’s personal data is carried out on the basis of our justified interests for providing effective information and communication with users in accordance with Art. 6 Para. 1 lit. f. DSGVO. If a provider requests that the user gives permission for data processing (i.e. their consent by checking a box or confirming by clicking a button) the legal basis of processing is Art. 6 Para. 1 lit. a., Art. 7 DSGVO.
For a detailed statement of each type of processing and the options for objection (Opt-Out), we refer you to the following links with details of the providers.
We also wish to draw your attention to the fact that in the case of requests for information and the enforcement of user rights, these can most effectively be enforced directly with the providers. It is only the providers who have access to the user data and can take any appropriate measures and provide information. However, we will be happy to help if you require any assistance in this.
- Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – Data privacy statement: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
- Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Data privacy statement: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
8. Google Web Fonts
This page uses so called Web Fonts made available by Google for the standardised portrayal of font styles. The Google Fonts are installed locally. No connection is made to Google servers.
9. Using Google Maps
This website uses Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes and uses data about the use of map features by visitors. For more information about Google's data processing, see the Google Privacy Notice. Here you can also change your personal privacy settings in the privacy center.
For detailed instructions on managing your own data related to Google products, click here.
10. Embedded YouTube videos
We embed YouTube videos on some of our websites. The corresponding plug-ins are operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit a page with a YouTube plug-in, a connection to the YouTube servers will be established. YouTube will be informed which pages you visit. If you are logged in to your YouTube account, YouTube can attribute the surfing habits to you personally. You can prevent this by logging out of your YouTube account beforehand.
Anyone who has deactivated the storage of cookies for the Google Ad program can expect that there are no such cookies even when watching YouTube videos. YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in the browser.
11. Microsoft Teams
11.1. Description of processing activities
With this data protection notice, we inform you of the processing of your personal data within the framework of our online meetings, video conferences and webinars (hereinafter: “online meetings”) whilst using the video conferencing solution Microsoft Teams. This is a service provided by the Microsoft Corporation.
11.2. What personal data is processed?
Within the framework of online meetings when using Microsoft Teams, the following personal data is processed:
- Communication data (e.g. user name, email address)
- Log files, protocol data
- Meta data (e.g. IP address, time of participation, etc.)
- Profile data, profile photo (e.g. your user name if provided)
- Text, audio and video data (e.g. chats, video images)
11.3. Purpose and legal basis for processing
Personal data is processed in order to conduct online meetings.
11.4. Microsoft Office 365, Microsoft Teams video conferencing
We use the Team Meeting mode for Microsoft Teams. During team meetings, audio input and video recordings are prevented by our Microsoft Teams settings. The online meeting will not be recorded. Any exceptions to this, meaning a recording will take place, will only occur with your consent.
Microsoft Teams is part of Microsoft Office 365. Microsoft Teams is a productivity, collaboration and exchange platform for individual users, teams, communities and networks which is used across companies. This includes, amongst other things, a video conferencing function.
Microsoft Office 365 is software from the company:
Microsoft Ireland Operations Limited
One Microsoft Place
South County Business Park
Leopardstown | Dublin 18
D18 P521 Ireland
Microsoft Teams is part of the Office 365 cloud application, for which a user account must be created.
Data processing with Office 365 takes place on servers in European data centres. For this purpose, we have concluded an order processing agreement with Microsoft in accordance with Art. 28 GDPR. Accordingly, we have agreed extensive technical and organisational measures with Microsoft for Office 365 which correspond with the current state of technology in IT security e.g. in regard to access permissions and end-to-end encryption concepts for data lines, databases and servers.
For the purpose of remote maintenance, Microsoft can access our data. In this case, such access can also come from companies affiliated with Microsoft and also from outside the European Union.
Microsoft reserves the right to process customer data for its own legitimate business purposes. We have no influence over this data processing by Microsoft. To the extent that Microsoft Teams processes personal data in connection with legitimate businesses purposes, Microsoft is independently responsible for these data processing activities and, as such, is responsible for compliance with all applicable data protection regulations. If you require information about processing by Microsoft, we ask you to view the relevant declaration from Microsoft.
11.5. Disclosure to third parties
We use, as described above, Microsoft for Office 365 as a processor within the meaning of Art. 28 GDPR.
11.6. Data storage
Login data and IP addresses are deleted after 180 days at the latest.
11.7. Your rights
In accordance with the EU General Data Protection Regulation, you have the following rights:
- If your personal data is processed, you have the right to access information about the personal data we store about you (Art. 15 GDPR).
- If the personal data processed is incorrect, you have the right to have this rectified (Art. 16 GDPR).
- If there are legal requirements, you can request the erasure or restriction of the processing of your data, or withdraw consent for processing (Art. 17, 18 und 21 DSGVO).
- If you have given consent to data processing or there is a contract for data processing and the data processing is carried out using automatic procedures, you also have a right to data portability (Art. 20 GDPR).
If you make use of the above mentioned rights, DEPRAG SCHULZ GMBH u. CO. will check whether the legal requirements have been fulfilled.
To exercise your rights, please contact our Data Protection Officer (see below).
For any complaints concerning data protection you can contact the relevant authorities:
Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18 | 91522 Ansbach
Telephone: +49 (0) 981 180093-0
Fax: +49 (0) 981 180093-800
Questions for our Data Protection Officer
If you have any questions about privacy, please send us an email or directly contact the person responsible for data protection in our company:
Carl-Schulz-Platz 1 | 92224 Amberg
Tel: +49 9621 371-208