Privacy policy

We take data protection seriously
 
The protection of your privacy when processing personal data is an important concern for us. When you visit our website, our web servers store the IP of your internet service provider, the website from which you visit us, the web pages you visit on our website and the date and duration of the visit as standard. This information is absolutely necessary for the technical transmission of the web pages and secure server operation. A personalised evaluation of this data does not take place.
 
If you send us data via the contact form, this data will be stored on our servers in the course of data backup. We will only use your data to process your request. Your data will be treated as strictly confidential. It will not be passed on to third parties.
 
Responsible:
 
merl.neiser + Partner mbB Steuerberater
Keferloh 1c
85630 Grasbrunn
T  089 . 461 696-0
F  089 . 461 696-25
Personal data
 
Personal data is data about your person. This includes your name, address and e-mail address. You also do not have to disclose any personal data in order to visit our website. In some cases, we need your name and address as well as other information in order to provide you with the requested service. 
 
The same applies in the event that we supply you with information material on request or when we answer your enquiries. In these cases, we will always point this out to you. Furthermore, we only store the data that you have transmitted to us automatically or voluntarily.
 
When you use one of our services, we generally only collect the information that is necessary to provide you with our service. We may ask you for additional information, but this is voluntary. Whenever we process personal data, we do so in order to provide you with our service or to pursue our commercial objectives.
 
Contact
 
When contacting us (e.g. via contact form, email, telephone or via social media), the information of the inquiring persons is processed insofar as this is necessary to answer the contact requests and any requested measures.
The response to contact requests in the context of contractual or pre-contractual relationships is made in order to fulfil our contractual obligations or to respond to (pre)contractual requests and otherwise on the basis of the legitimate interests in responding to the requests.
  • Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. entries in online forms).
  • Affected persons: Communication partner.
  • Purposes of processing: contact requests and communication.
  • Legal basis: Contract fulfilment and pre-contractual enquiries (Art. 6 para. 1 lit. b. GDPR), Legitimate Interests (Art. 6 para. 1 lit. f. GDPR).
Automatically stored data 
 
Server log files 
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • Web browser and operating system used
  • Complete IP address of the requesting computer
  • data volume transferred
 
This data is not merged with other data sources. The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.   
For reasons of technical security, in particular to defend against attempted attacks on our web server, this data is stored by us for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymised by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. The data is also processed in anonymised form for statistical purposes; it is not compared with other data or passed on to third parties, not even in extracts. 
 
Cookies
 
When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific internet browser can be recognised and identified via the unique cookie ID. 
 
Through the use of session cookies, the controller can provide the users of this website with a user-friendly service that would not be possible without the setting of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest pursuant to Art. 6 (1) lit. f GDPR.
 
Security
 
We have implemented technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and service providers working for us are bound by the applicable data protection laws.
 
Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our data protection statements are constantly being revised. Please ensure that you have the latest version.
 
Data subjects’ rights
 
You have a right to information, correction, deletion or restriction of the processing of your stored data at any time, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.
 
Right to acess:
You can request information from us as to whether and to what extent we process your data.
 
Right of rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.
 
Right to erasure:
You can demand that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations.
Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no legal or statutory obligation to retain data in this respect.
 
Right to restriction of processing:
You can request us to restrict the processing of your data if
  • You dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data.
  • the processing of the data is unlawful, but you refuse erasure and instead request restriction of the use of the data,
  • we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • You have objected to the processing of the data.
 
Right to data portability:
You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that
-we process that data on the basis of consent given by you, which may be revoked, or for the performance of a contract between us; and
-this processing is carried out with the aid of automated procedures.
If technically feasible, you can request us to transfer your data directly to another data controller.
 
Right to object:
If we process your data for legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons. 
 
Right of appeal:
If you are of the opinion that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to exercise any of these rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.
 
Changes to this privacy policy
 
We reserve the right to change our privacy policy should this be necessary due to new technologies. Please ensure that you have the latest version. If fundamental changes are made to this privacy policy, we will announce them on our website.
 
All interested parties and visitors to our website can contact us on data protection issues at:
 
Mr Gerald Lill
Project 29 GmbH & Co KG 
Ostengasse 14 
93047 Regensburg
 
Phone: 0941 2986930 
Fax: 0941 29869316