As of: 25.05.18
1. Basic information on data processing and legal bases
1.2. The terms used, such as "personal data" or their "processing", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
1.3. The personal data of the users processed in the context of this online offer includes stock data (names and addresses), contract data (services used, payment information), usage data (the visited websites of our online offer, interest in our products), and content data (eg, entries in Contact form).
1.4. The term "user" covers all categories of persons affected by data processing. These include our business partners, customers, interested parties and other visitors to our online offer. The terms used, such as "users" are to be understood gender neutral.
1.5. We process personal data of users only in compliance with the relevant data protection regulations. This means that users' data will only be processed if there is a legal permit. That is, especially if the data processing for the provision of our contractual services (eg processing of orders) as well as online services required or required by law, the consent of the user exists, as well as our legitimate interests (ie interest in the analysis, optimization and economic operation and security of our online offer within the meaning of Art. 6 (1) lit. DSGVO, in particular in the range measurement, creation of profiles for advertising and marketing purposes as well as collection of access data and use of third-party services.
1.6. Please note that the legal basis of the consents Art. 6 para. 1 lit. a. and Art. 7 GDPR, the legal basis for the processing for the performance of our services and the performance of contractual measures Art. 6 para. 1 lit. b. DSGVO, the legal basis for processing in order to fulfill our legal obligations Art. 6 para. 1 lit. c. DSGVO, and the legal basis for processing in order to safeguard our legitimate interests Art. 6 para. 1 lit. f. DSGVO is.
2. Security measures
2.1. We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are adhered to and in order to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
2.2. One of the security measures is the encrypted transfer of data between your browser and our server.
3. Disclosure of data to third parties and third party providers
3.1. A transfer of data to third parties is only within the scope of legal requirements . We only pass on the data of the users to third parties if, for example, on the basis of Art. 6 para. 1 lit. b) GDPR is required for contract purposes or based on legitimate interests in accordance with Art. Art. 6 para. 1 lit. f. DSGVO on the economical and effective operation of our business operations.
3.2. If we use subcontractors to provide our services, we will take appropriate legal precautions and appropriate technical and organizational measures to protect personal data in accordance with applicable law.
4. Provision of contractual services
4.1. We process stock data (eg, names and addresses as well as contact data of users), contract data (eg, used services, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Art. Art. 6 para. 1 lit b. DSGVO.
4.2. Users can create a user account, in particular by being able to view their orders. As part of the registration, the necessary mandatory information will be communicated to the users. The user accounts are not public and can not be indexed by search engines. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention is for commercial or tax law reasons according to Art. 6 para. 1 lit. c DSGVO necessary. It is the responsibility of the users to secure their data upon termination before the end of the contract. We are entitled to irretrievably delete all user data stored during the term of the contract.
4.3. As part of the registration and re-registration as well as use of our online services, the IP address and the time of the respective user action will be saved. The storage is based on our legitimate interests, as well as the user's protection against misuse and other unauthorized use. A transfer of these data to third parties does not take place, unless it is necessary for the prosecution of our claims or there is a legal obligation in accordance with. Art. 6 para. 1 lit. c DSGVO.
4.4. We process usage data (eg, the visited web pages of our online offer, interest in our products) and content data (eg, entries in the contact form or user profile) for advertising purposes in a user profile in order to show the user eg product references based on their previously used services.
5.1. When contacting us (via contact form or e-mail), the information provided by the user to process the contact request and its processing acc. Art. 6 para. 1 lit. b) DSGVO processed.
5.2. User information can be stored in our Customer Relationship Management System ("CRM System").
6. Comments and posts
6.1. If users leave comments or other contributions, their IP addresses are based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO stored for 7 days.
6.2. This is for our own safety, if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.
7. Collection of access data and logfiles
7.1. Based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO Data on every access to the server on which this service is located (so-called server log files). The access data includes name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider ,
7.2. Logfile information is stored for security reasons (eg to investigate abusive or fraudulent activities) for a maximum of seven days and then deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the incident.
8.1. Cookies are information transmitted from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
8.2. We use "session cookies", which are only stored for the duration of the current visit to our online presence (eg to enable the storage of your login status or the shopping cart function and thus the use of our online offer at all). In a session cookie, a randomly generated unique identification number is stored, a so-called session ID. In addition, a cookie contains information about its origin and the retention period. These cookies can not save any other data. Session cookies are deleted if you have finished using our online offer and log out or close your browser.
8.4. If users do not want cookies stored on their computer, they will be asked to disable the option in their browser's system settings. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
9. Google Analytics
9.2. Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).
9.3. Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services related to the use of this online offer and the internet usage. In this case, pseudonymous usage profiles of the users can be created from the processed data.
9.4. We use Google Analytics to display advertisements displayed within Google and its affiliate advertising services, only those users who have shown an interest in our online offering or who have certain characteristics (eg interests in specific topics or products visited by them) Web pages) that we submit to Google (so-called "remarketing" or "Google Analytics audiences"). With Remarketing Audiences, we also want to make sure that our ads are in line with the potential interest of users and are not annoying.
9.5. We only use Google Analytics with activated IP anonymization. This means that the IP address of the users will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.
9.6. The IP address submitted by the user's browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly; Users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online offer and the processing of such data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en .
9.7. For more information about data usage by Google, setting and contradictory options, visit the websites of Google: https://www.google.com/intl/de/policies/privacy/partners ("Google uses data when you use websites or apps from our affiliates"), http://www.google.com/policies/technologies/ads ("Use of data for advertising purposes"), http://www.google.de/settings/ads ("Managing information that Google uses to show you advertising").
13.1. With the following information, we will inform you about the contents of our newsletter as well as the registration, shipping and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.
13.2. Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter "newsletter") only with the consent of the recipient or a legal permission. Insofar as the contents of a newsletter are concretely described, they are authoritative for the consent of the users. Incidentally, our newsletters contain information about our products, offers, promotions and our company.
13.3. Double opt-in and logging: Registration for our newsletter is done in a so-called double-opt-in procedure. This means you will receive an e-mail after logging in to ask for confirmation of your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Likewise, changes to your data stored with the shipping service provider will be logged.
13.5. Furthermore, the shipping service provider may, according to its own information, use this data in a pseudonymous form, ie without assignment to a user, to optimize or improve its own services, eg for the technical optimization of shipping and the presentation of newsletters or for statistical purposes in order to determine which countries the recipients come from. However, the shipping service provider does not use the data of our newsletter recipients to write them down or to pass them on to third parties.
13.6. Credentials: To subscribe to the newsletter, it is sufficient to provide your e-mail address. Optionally, we ask you to give a name in the newsletter for personal address.
13.7. Statistical Survey and Analyzes - The newsletters contain a so-called "web beacon", ie a pixel-sized file that is retrieved from the server of the shipping service provider when the newsletter is opened. This call will initially collect technical information, such as information about the browser and your system, as well as your IP address and time of retrieval. This information is used to improve the technical performance of services based on their specifications or audience and their reading habits, based on their locations (which can be determined using the IP address) or access times. Statistical surveys also include determining if the newsletters will be opened, when they will be opened and which links will be clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our endeavor nor that of the shipping service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
13.8. The use of the shipping service provider, the implementation of statistical surveys and analyzes as well as logging of the registration process, are based on our legitimate interests in accordance with. Art. 6 para. 1 lit. f DSGVO. We are interested in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.
13.9. Termination / Revocation - You can cancel the receipt of our newsletter at any time, ie revoke your consent. At the same time, your consent for shipping by the shipping service provider and the statistical analyzes expire. A separate revocation of the shipment by the shipping service provider or the statistical evaluation is unfortunately not possible. A link to cancel the newsletter can be found at the end of each newsletter. If the users have only subscribed to the newsletter and terminated this registration, their personal data will be deleted.
12. Integration of services and content of third parties
Based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) lit. DSGVO), we make use of content or services offered by third-party providers in order to provide their content and services Integrate services such as videos or fonts (collectively referred to as "content"). This always presupposes that the third-party providers of this content perceive the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and operating system, referring web sites, visit time, and other information regarding the use of our online offer.
12.1. Integration if the fitogram PRO Widget
The booking process is handled by the fitogram PRO widget, which is offered by the fitogram GmbH and embedded in our website.
§ 1 Information about the collection of personal data
(1) Below we inform about the collection of personal data when using this widget. Personal data is all data that is personally available to you, eg. Name, address, e-mail addresses, user behavior, data on individual orders / bookings.
(2) Responsible acc. Art. 4 para. 7 EU General Data Protection Regulation (DS-GVO) is [Ronny Girschick, Südostallee 144, 12487 Berlin, email@example.com] (see our imprint under [https://getout-training.de/legal-notice.html]). [You can reach our data protection officer at [firstname.lastname@example.org] or our postal address with the addition "the data protection officer".]
(4) When you contact us by e-mail or via a contact form, the data provided by you (your e-mail address, your name and your telephone number, if applicable) will be stored by us to answer your questions. We delete the data that arises in this context after the storage is no longer required, or limit the processing if there are statutory retention requirements. The legal basis for the above-mentioned processing is Art. 6 para. 1 e) and f) DS-GMO.
(5) If you make an order or booking via this widget, you will need to register once to create a customer account with your e-mail address, password, first and last name and address (Legal basis of the processing is Art. 6 para. 1 b) DS-GVO). After logging in you can delete your user account at any time.
(8) The widget is provided technically as part of our studio management by fitogram GmbH, Im Klapperhof 7-23, 50670 Cologne. We have an agreement with fitogram GmbH for processing orders within the meaning of Art. 28 para. 3 DS-GMO completed. The storage and processing of your data (user and booking data of our studio management) on the data processing systems of fitogram GmbH and of the technical service providers used by the latter takes place exclusively according to our instructions and is limited to the duration of order processing. The technical and organizational measures of fitgram GmbH on data protection can be found at https://www.fitogram.pro/tom/ . The use of this data for purposes other than the provision of our studio management including this widget is expressly prohibited by fitogram GmbH.
§ 2 bookings via the widget
(1) If you wish to book services through the Widget, it is necessary for the conclusion of the contract that you provide personal information that we need to process the booking. Mandatory information necessary for the execution of the contracts is marked separately, further details are voluntary. We process the data provided by you to process the booking.
(2) If you choose the direct debit method as payment method, we can pass on your payment data to our bank upon appropriate issuing of the direct debit mandate. The legal basis for the above data processing is Art. 6 para. 1 p. 1 lit. b DS-GMO. If you select one of the offered external payment services for the payment, the respective data protection regulations of the payment service providers apply to the payment.
(3) We expressly point out that due to commercial and tax regulations, we are obliged to store your address, payment and order data for a period of ten years. However, after two years we are restricting processing, ie. H. Your data will only be used to comply with legal obligations.
§ 3 Your rights
(1) You have the following rights with respect to the personal data concerning you:
- Right to information,
- Right to rectification or erasure,
- Right to restriction of processing,
- Right to object to the processing,
- Right to data portability.
(2) You also have the right to complain to us about the processing of your personal data by us at a data protection supervisory authority.
§ 4 collection of personal data when using the widget for purely informative purposes
In the merely informative use of the widget, so if you do not register or otherwise provide information to us, we collect only the personal data that your browser transmits to our server. If you wish to view the information of the widget, we collect the following data that is technically necessary for us to display the widget and to ensure the stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f DS-GMO):
- IP address
- Date and time of the request
- Time Zone Difference to Greenwich Mean Time (GMT)
- Content of the requirement (concrete page)
- Access Status / HTTP status code
- each transmitted amount of data
- Website from which the request comes
- Operating system and its interface
- Language and version of the browser software.
12.2. Other third parties services and content
The following presentation provides an overview of third-party providers as well as their contents, as well as links to their privacy statements, which contain further notes on the processing of data and, in some cases already mentioned here, possibilities of contradiction (so-called opt-out):
If our customers use the payment services of third parties (eg PayPal or Sofortüberweisung), the terms and conditions and the privacy notices of the respective third party providers apply, which are available within the respective websites or transactional applications.
13. Rights of users
15.1. Users have the right, upon request, to receive information free of charge about the personal data that we have stored about them.
15.2. In addition, Users shall have the right to correct inaccurate data, limit the processing and deletion of their personal data, if applicable, assert their rights to data portability and, in the event of unlawful processing, file a complaint with the appropriate regulatory authority.
15.3. Likewise, users can revoke consent, generally with implications for the future.
14. Deletion of data
16.1. The data stored with us are deleted as soon as they are no longer necessary for their purpose and the deletion does not conflict with any statutory storage requirements. Unless the users' data are deleted because they are required for other and legally permitted purposes, their processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data of users who must be kept for commercial or tax reasons.
16.2. According to legal requirements, storage takes place for 6 years in accordance with § 257 (1) HGB (trading books, inventories, opening balance sheets, annual accounts, trade letters, accounting documents, etc.) and for 10 years pursuant to § 147 (1) AO (books, records, management reports, Accounting documents, commercial and business letters, documents relevant for taxation, etc.).
15. Right to object
Users may object to the processing of their personal data in accordance with legal requirements at any time. The objection may in particular be made against processing for direct marketing purposes.