Thank you for your interest in our consortium and your visit to our website. A use of our website is basically possible without providing personal data. However, special services of our website may require the processing of personal data, e.g. the contact form. If processing of personal data is required, there is either a legal basis for processing or we obtain your consent. In doing so, the regulations of the General Data Protection Regulation and country-specific data protection regulations are observed.
In the course of this data privacy statement, we would like to inform about the type, scope and purpose of the collected, used and processed personal data and comply with the duty of transparency, in particular by clarifying the rights of persons concerned.
1. Contact details of the responsible person
„ESSIC consortium“ hereafter ESSIC
Tel.: +49 6103 90295-0
2. Collecting general information
We automatically save information in our logfiles, which your browser transfers during page access. These are:
- Browser type / and version
- Used operating system
- Referrer URL (the previously visited website)
- IP address of the accessing computer
- Time and date of the server request
These data serve the statistical evaluation of the use of our service as well as the fight against abuse (in particular by automated mass access) and are not assignable for us to particular and / or determinable persons (legitimate interest of the data processing according to Art. 6 para.1 lit. f GDPR). A combination of this data with other data and data sources will not be made.
Only cookies in the form of session IDs are used on our site. These small pieces of information are temporarily stored on your computer and deleted after leaving the browser session. Session IDs are needed to make using our site more comfortable (legitimate interest of the data processing according to Art. 6 para.1 lit. f GDPR). Session IDs allow us to identify you during our visit to our site, for example, to permanently display the language you have selected. Session IDs are usually accepted automatically by the browser. You can deactivate this function, which however can lead to impairments in the usage. Session IDs do not contain any plain text information.
4. Contact via the website
If an affected person contacts ESSIC by e-mail or the contact form, personal data voluntarily communicated will be automatically saved for the purpose of processing or contacting (legitimate interest in the processing of data according to Art. 6 para.1 lit. f GDPR). If contacted by contact form salutation, first name, last name and E-Mail address will be automatically saved for the purpose of processing or contacting (legitimate interest in the processing of data according to Art. 6 para.1 lit. f GDPR).
5. Deletion and blocking of personal data
If the purpose of a processing ends or a legally prescribed storage or archiving period expires, the personal data will be deleted or blocked in accordance with the statutory provisions.
6. Rights of persons concerned
All subsequent rights of persons concerned may be claimed at any time, e.g. by request by mail to firstname.lastname@example.org. By addressing by e-mail or addressing an employee, the request will be processed and executed without delay.
6.1. Right to confirmation
Concerned persons have the right to ask for confirmation of the processing of personal data concerning them.
6.2. Right to information
Affected persons have the right to request information about their personal data free of charge and to receive a copy of them. In addition to the copy, the following information is provided:
- Processing purposes
- Categories of personal data
Recipients or categories of
- recipients in third countries or international organizations
- If possible, the planned duration of the storage of personal data and, if this is not possible, the criteria for determining the duration
- The existence of further rights of concerned persons, the existence of a right of appeal with a supervisory authority
- The existence of automated decision making including profiling
- If the personal data were not collected from the concerned person, all available information about the origin of the data
In addition, should the data be transmitted to a third country or an international organization, appropriate guarantees, such as the use of EU standard contractual clauses, will be communicated.
6.3. Right to correction
Concerned persons have the right to request a correction of incorrect personal data and to demand a completion of incomplete data, taking into account the purposes of the processing.
6.4. Right to be deleted or right to be forgotten
Concerned persons have the right to request the deletion of their personal data, which will be deleted immediately upon request, if one of the following reasons applies and processing is not required:
- The personal data has been collected for purposes or otherwise processed for which they are no longer necessary
- The concerned person revokes their consent to processing and it lacks any other legal basis for processing
- The concerned person objects to the processing and there are no high-level legitimate reasons for processing or the concerned person objects to direct mail
- The personal data were processed unlawfully
- The deletion of the data is required to fulfill a legal obligation
- The personal data were collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR
If ESSIC has made personal data of the concerned person public and is required to delete it in accordance with Art. 17 para. 1 GDPR, ESSIC takes appropriate measures, taking into account the available technology and the implementation costs, to inform other data controllers who are responsible for the data processing published personal data, to inform that the concerned person has requested the deletion of any links to such personal data or copies of such personal data from these other data controllers unless the processing is required.
6.5. Right to restriction of processing
Concerned persons have the right to restrict processing if one of the following conditions is met:
- The accuracy of the personal data is disputed by the concerned person (for a period that allows an examination by the person in charge)
- The processing is unlawful, but the concerned person refuses to delete it and requires a restriction of use
- The person in charge no longer needs the data for the purposes of the processing, but the concerned person requires it for asserting or exercising or defending legal claims
- The concerned person has objected to the processing and it is not yet clear whether the legitimate reasons of the person responsible or the legitimate interests of the person concerned outweigh
6.6. Right to data portability
Concerned persons have the right to data portability. This right entitles concerned persons to receive their personal data in a structured, common and machine-readable format. The concerned person therefore has the right to transfer this data to another person responsible or to request the transfer from the former person responsible to the new person responsible.
6.7. Right to objection
The concerned person may object to data processing based on a “legitimate interest” (Art. 6 para. 1 lit. f GDPR). As a result, further data processing is prohibited unless it can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the concerned person, or the processing is for the purpose of enforcing, pursuing or defending legal claims. If ESSIC processes personal data for direct mail, an objection can be filed at any time.
6.8. Automated decisions in individual cases including profiling
As a responsible company we refrain from automatic decision-making or profiling.
6.9. Right of withdrawal
Concerned persons have the right to withdraw consent to processing at any time.
6.10. Right of appeal to the supervisory authority
If you have the impression that the processing of your data violates data protection law or your data protection claims have been violated in any way, you can complain to the Hessian Data Protection Officer: https://datenschutz.hessen.de/service/beschwerde
7. Duration of storage
The duration of the storage of personal data depends on the corresponding legal retention period and the purpose of the processing. As soon as the statutory retention period expires or the purpose of the processing expires, the personal data will be deleted unless they are necessary for the fulfillment of the contract or the initiation of the contract.
8. Recipient of personal data
The only recipient of personal data from this website, apart from ESSIC, is Hetzner Online GmbH through the web hosting of this website. It is only about personal data collected by the session ID (see point 3), personal data that your browser automatically provides (see point 2) and personal data provided in the contact form (see point 4). In order to guarantee data protection compliant transmission, a corresponding order processing contract was concluded.