Impressum

www.kmu-aalen.de
GENERAL DATA PROTECTION REGULATIONS
kmu@kmu-aalen.de

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

The use of our website is generally possible without providing any personal data. Insofar as personal data (such as name, address, or email addresses) is collected on our pages, this is always done, wherever possible, on a voluntary basis. This data will not be passed on to third parties without your explicit consent.

Please note that data transmission over the Internet (e.g., when communicating via email) may have security vulnerabilities. Complete protection of data from access by third parties is not possible.
For information on the collection and storage of personal data, as well as the type and purpose of its use, data sharing, cookies, analytics tools, social media plug-ins, the right to object, data security, and the currency and modification of this privacy policy, please also refer to the following: Erklaerung_KMUaalen

Datenschutzerklärung unserer Website www.kmu-aalen.de

1. Name and contact details of the data controller responsible for processing, as well as the company’s data protection officer.

This privacy information applies to data processing by:

Controller: Aalen University (hereinafter: HS Aalen), Prof. Dr. Ralf-Christian Härting, Beethovenstraße 1, 73430 Aalen, Germany; Email: kmu[at]kmu-aalen.de; Phone: +49 (0) 7361 576-0; Fax: +49 (0) 7361 576-2330.

The data protection officer of Aalen University can be reached at the address of Aalen University or via email at datenschutz[at]hs-aalen.de.

2. Collection and storage of personal data, as well as the type and purpose of its use.

a) When visiting the website

When you visit our website www.kmu-aalen.de , information is automatically sent to the server of our website by the browser used on your device. This information is temporarily stored in a so-called logfile. The following information is collected without your intervention and stored until automated deletion:

· IP address of the requesting computer,

· Date and time of access,

· Name and URL of the retrieved file,

· Website from which the access is made (referrer URL),

· The browser used and, if applicable, the operating system of your device, as well as the name of your access provider.

The aforementioned data is processed by us for the following purposes:

· Ensuring a smooth connection setup of the website,

· Ensuring a comfortable use of our website,

· Evaluation of system security and stability, as well as

· for further administrative purposes.

The legal basis for data processing is Article 6(1) sentence 1 lit. f of the GDPR. Our legitimate interest arises from the purposes listed above for data collection. Under no circumstances do we use the collected data to draw conclusions about your person. Additionally, we use cookies and analytics services when you visit our website. Further explanations can be found under sections 4 and 5 of this privacy policy.

b) When using our contact form

If you have any questions, we offer you the possibility to contact us via a form provided on the website. A valid email address is required so that we know who the inquiry is from and can respond to it. Additional information may be provided voluntarily. The data processing for the purpose of contacting us is carried out in accordance with Article 6(1) sentence 1 lit. a of the GDPR, based on your voluntarily given consent. The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been processed.

3. Disclosure of data

Your personal data will not be transmitted to third parties for purposes other than those listed below. We only share your personal data with third parties when:

· you have given your explicit consent in accordance with Article 6(1) sentence 1 letter a of the GDPR,

· the disclosure is necessary under Article 6(1) sentence 1 letter f of the GDPR for the establishment, exercise, or defense of legal claims, and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,

· in the event that there is a legal obligation for the disclosure under Article 6(1) sentence 1 letter c of the GDPR, as well as

·  it is legally permissible and necessary under Article 6(1) sentence 1 letter b of the GDPR for the performance of contractual relationships with you.

4. Cookies

We use cookies on our site. These are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device, nor do they contain viruses, trojans, or other malicious software. The cookie stores information that is related to the specific device you are using. However, this does not mean that we gain direct knowledge of your identity. The use of cookies serves to make your experience on our site more enjoyable. For instance, we use session cookies to recognize that you have already visited certain pages of our website. These are automatically deleted when you leave our site. Additionally, we use temporary cookies to improve the user-friendliness of our website, which are stored on your device for a specified period. When you revisit our site, it will automatically recognize that you have been here before and remember the entries and settings you made, so you don't have to re-enter them. On the other hand, we use cookies to statistically track the usage of our website and evaluate this data in order to optimize our services for you (see section 5). These cookies allow us to recognize that you have already visited our site during a subsequent visit. These cookies are also automatically deleted after a defined period. The data processed by cookies is necessary for the purposes mentioned above to safeguard our legitimate interests as well as those of third parties in accordance with Article 6(1) sentence 1 letter f of the GDPR. Most browsers accept cookies by default. However, you can configure your browser settings to prevent cookies from being stored on your device or to prompt you each time a new cookie is created. Please note that completely disabling cookies may prevent you from using all features of our website.

5. Analysis Tools

The tracking measures listed below, which we may optionally implement when necessary, are carried out based on Article 6(1) sentence 1 letter f of the GDPR. The tracking measures used are intended to ensure the demand-oriented design and continuous optimization of our website. Additionally, we use tracking measures to statistically record the usage of our website and evaluate this data in order to optimize our offerings for you. These interests are considered legitimate in accordance with the aforementioned regulation. The specific data processing purposes and data categories can be found in the respective tracking tools.

a) Google Analytics

For the purpose of demand-oriented design and continuous optimization of our pages, we optionally use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/de/about/ ) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google"). In this context, pseudonymized user profiles are created, and cookies (see section 4) are used. The information generated by the cookie about your use of this website, such as:

· Browser-type/-version,

· operating system used,

· referrer URL (the previously visited page),

· hostname of the accessing computer (IP address),

· time of the server request,

The information is transmitted to a Google server in the USA and stored there. This information is used to evaluate the use of the website, compile reports on website activities, and provide further services related to website usage and internet use for market research and demand-oriented design of these web pages. Additionally, this information may be transferred to third parties if required by law or if third parties process this data on our behalf. In no case will your IP address be combined with other data from Google. IP addresses are anonymized so that no association is possible (IP masking). You can prevent the installation of cookies by adjusting your browser settings; however, we would like to point out that, in this case, you may not be able to use all features of this website to their full extent. Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de ). Alternatively, especially on mobile browsers, you can prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set, preventing the future collection of your data during visits to this website. The opt-out cookie only applies to this browser and our website, and it will be stored on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again. For more information on data protection related to Google Analytics, please visit the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de ).

b) Google Adwords Conversion Tracking

To statistically record the usage of our website and evaluate this data for the optimization of our site, we also use Google Conversion Tracking. In this process, Google Ads sets a cookie (see section 4) on your device if you arrive at our website through a Google advertisement. These cookies expire after 30 days and are not used for personal identification. If the user visits specific pages of the Google Ads customer's website and the cookie has not yet expired, Google and the customer can determine that the user clicked on the ad and was redirected to that page. Each Google Ads customer receives a different cookie, so cookies cannot be tracked across websites of different Ads customers. The information collected via the conversion cookie is used to generate conversion statistics for Google Ads customers who have opted for conversion tracking. The Google Ads customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive information that would allow for the personal identification of users. If you do not wish to participate in the tracking process, you can refuse the placement of the required cookie – for example, by adjusting your browser settings to generally disable the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com ." You can find Google's privacy policy related to conversion tracking here: https://services.google.com/sitestats/de.html .

6. Social Media Plug-ins

On our website, we use social media plugins based on Article 6(1) sentence 1 letter f of the GDPR to promote our website and make it more widely known. The underlying commercial purpose is considered a legitimate interest in the sense of the GDPR. The responsibility for ensuring the data protection-compliant operation of these plugins lies with their respective providers. We integrate these plugins using the so-called "two-click method" in order to best protect visitors to our website.

a) Facebook

On our website, we use social media plugins from Facebook to make its use more personal. For this purpose, we use the "LIKE" or "SHARE" button. These are services offered by Facebook. When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Facebook's servers. The content of the plugin is transmitted directly from Facebook to your browser and embedded into the webpage. By embedding the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not logged into Facebook at the time. This information (including your IP address) is sent directly from your browser to a server in the USA and stored there. If you are logged into Facebook, Facebook can directly associate your visit to our website with your Facebook account. If you interact with the plugins, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is also sent directly to a Facebook server and stored there. This information is also published on Facebook and shown to your Facebook friends. Facebook may use this information for advertising, market research, and the personalized design of Facebook pages. For this purpose, Facebook creates usage, interest, and relationship profiles, for example to evaluate your use of our website in relation to the ads shown to you on Facebook, inform other Facebook users about your activities on our website, and provide further services related to Facebook's use. If you do not want Facebook to associate the data collected through our website with your Facebook account, you must log out of Facebook before visiting our website. For more information about the purpose and scope of data collection, further processing and use of data by Facebook, as well as your rights and settings options to protect your privacy, please refer to Facebook's privacy policy (https://www.facebook.com/about/privacy/ ).

7. Rights of the Data Subject

As a data subject, you have the following rights under the General Data Protection Regulation (GDPR):

1. Right to Access (Art. 15 GDPR) You have the right to request confirmation as to whether personal data concerning you is being processed. If this is the case, you can request access to the personal data, along with further information such as the purposes of the processing, the categories of data, and the recipients of the data.

2. Right to Rectification (Art. 16 GDPR) You have the right to request the correction of inaccurate personal data or the completion of incomplete data.

3. Right to Erasure (Right to be Forgotten) (Art. 17 GDPR) You have the right to request the deletion of your personal data, particularly when the data is no longer necessary for the purposes for which it was collected or if you withdraw your consent and there are no other legal grounds for the processing.

4. Right to Restriction of Processing (Art. 18 GDPR) You can request the restriction of processing if you believe that the data is inaccurate, the processing is unlawful, or you object to the processing. During the restriction period, your data will not be processed except under specific circumstances.

5. Right to Data Portability (Art. 20 GDPR) You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller.

6. Right to Withdraw Consent (Art. 7(3) GDPR) If you have given consent for the processing of your data, you have the right to withdraw that consent at any time. The withdrawal of consent will not affect the lawfulness of the processing based on consent before its withdrawal.

7. Right to Lodge a Complaint (Art. 77 GDPR) If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the supervisory authority, which is usually the data protection authority in your country.

8. Right to Object (Art. 21 GDPR)

You have the right to object to the processing of your personal data at any time on grounds relating to your particular situation, if the data processing is based on legitimate interests or is carried out for the performance of a task carried out in the public interest or in the exercise of official authority (Article 6(1) sentence 1, letter e or f of the GDPR). If you object to the processing, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims. If your personal data is being processed for direct marketing purposes, you can object at any time to the processing of your personal data for such marketing. In this case, your personal data will no longer be used for this purpose. To exercise your right to object, please contact us using the contact details provided in our privacy policy.

9. Data Security

We take the protection of your personal data seriously and implement appropriate technical and organizational measures to ensure its security. These measures are designed to prevent unauthorized access, disclosure, alteration, or destruction of your personal data. Encryption All sensitive data you provide to us is transmitted over secure connections (e.g., SSL or TLS), which encrypts your information to prevent unauthorized access during transmission. Access Control Only authorized personnel have access to personal data, and this access is restricted based on the necessity to perform specific tasks. We maintain strict internal policies to control access to data. Regular Security Audits We conduct regular security audits and assessments to identify potential risks and ensure that our data protection practices comply with the latest standards and legal requirements. Data Minimization We only collect personal data that is necessary for the specified purposes and ensure that data is not retained longer than required. Backup and Recovery Regular data backups are performed to ensure that in the event of a technical failure or data loss, we can recover your personal data. Third-Party Services If we rely on third-party providers to process your data (e.g., hosting or cloud services), we ensure that they also implement adequate data protection measures. We enter into data processing agreements to guarantee that third parties adhere to our security standards. While we take all reasonable steps to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security, but we are committed to continuously improving our security measures. If you have any questions about the security of your data, feel free to contact us.

10. Currentness and Changes to This Privacy Policy

This privacy policy is regularly reviewed and updated to reflect any changes in our data processing practices or legal requirements. We reserve the right to update or modify this privacy policy at any time. Any changes will be published on this page, with the updated date of the revision indicated at the top of the document. We recommend that you periodically review this privacy policy to stay informed about how we protect your data and your rights. If significant changes are made to this policy that affect how we process your personal data, we will inform you accordingly, where required by law. By continuing to use our website after changes have been made to the privacy policy, you acknowledge and agree to the updated terms.