+49 (89) 74 120-106 info@infap.de

Privacy Policy

The operator of this website attaches the highest importance to protecting the privacy of its website visitors – hereinafter referred to as users. The processing of all data provided to the operator takes place exclusively in strict compliance with the General Data Protection Regulation (EU GDPR) and all other data protection laws or provisions with data protection character applicable in the EU member states. This applies in particular to the processing of personal data.

Data Controller

The person responsible for data processing within the meaning of data protection regulations is:

Infap GmbH
Fürstenrieder Str. 279 a
D-81377 Munich
Phone +49 (0)89-74 120 106
Fax +49 (0)89-74 120 102

E-Mail: info@infap.de

Definitions

This privacy policy uses legal terms defined in Art. 4 GDPR. Personal data are all information relating to an identified or at least identifiable natural person (Art. 4 No. 1 GDPR). The term processing encompasses every conceivable type of use in connection with personal data (Art. 4 No. 2 GDPR), i.e., from collection to destruction.

Data Processing When Accessing the Website

This website is hosted by a German web hosting provider, gn2 GmbH in Coburg. The web hosting provider also has to comply with the EU GDPR and all other data protection laws or provisions with data protection character applicable in the EU member states. The operator of this website has also concluded a data processing agreement with the web hosting provider. This is a contract in which the web hosting provider undertakes to protect the transmitted data, to process it in accordance with data protection regulations on behalf of the operator of this website, and in particular not to pass it on to third parties. Users can obtain further information about data processing by the web hosting provider at https://www.gn2.de/datenschutzerklaerung.html.

Each time the website is accessed, data is collected and stored in the server log files. The following data is collected: the date and time of access, the amount of data transferred, the message about successful retrieval, the browser type, the browser version, the Internet Protocol address (IP address), the operating system, the referrer URL and the Internet service provider.

Data processing is based on legitimate interests within the meaning of Art. 6 Para. 1 S. 1 f.) GDPR. The data is required to enable the correct display of the website, to permanently maintain the operation of the website and to continuously optimize the website for the benefit of the user. The operator guarantees that the data will not be merged with other data sources. The server log files are stored separately from the user’s personal data collected via the contact form.

Server log files are stored for security reasons (e.g., for tracking criminal activities) for a maximum period of 14 days and then deleted. Data whose further retention is necessary for evidentiary purposes will be deleted immediately after fulfillment of the retention purpose.

Data Processing Through Cookies

This website uses so-called “cookies”. Cookies are small text files that are stored on the operator’s web server or the user’s platform (PC, tablet, smartphone, etc.) and contain data that enables the website to recognize and identify the user’s Internet browser.

This website uses cookies that are stored exclusively on the operator’s web server and only for the duration of use of this website. This website also uses cookies that are stored on the user’s platform. Already stored cookies can be deleted at any time via the Internet browser.

The use of cookies makes it easier for the user to use this website. Data processing is based on legitimate interests within the meaning of Art. 6 Para. 1 S. 1 f.) GDPR. The user can prevent or restrict the storage of cookies at any time via appropriate settings in their Internet browser. Already stored cookies can be deleted at any time via the Internet browser. The operator points out that this option may limit the usability of the website.

Data Processing Through JavaScript Libraries

This website uses JavaScript libraries from external providers. The use of JavaScript libraries enables the usability of individual functionalities of this website in the first place, which in turn makes it easier for the user to use this website. This website uses JavaScript code from the company LLC. NetDNA, 3575, Cahuenga Blvd Suite 630, Los Angeles, CA 90068, USA (BootstrapCDN), as well as jQuery, provided by the third-party provider jQuery Foundation.

It cannot be ruled out that personal data will be transmitted to external providers when the website is accessed. Data processing is based on legitimate interests within the meaning of Art. 6 Para. 1 S. 1 f.) GDPR. Users can prevent transmission by installing a JavaScript blocker such as the browser plugin “NoScript” (https://noscript.net/) or by disabling JavaScript through browser settings. The operator points out that this option may limit the usability of the website. Users can find further information at https://www.bootstrapcdn.com/privacy-policy/ and https://jquery.org.

Data Processing Through Use of the Contact Form

When the user contacts us via the contact form, the following data is mandatory: name, phone number, email and message. Additionally, the following data is collected: the date and time of submission and the Internet Protocol address (IP address). This data, along with the voluntarily provided information, is processed exclusively for the purpose of processing the contact request.

The data processing of mandatory data is based on Art. 6 Para. 1 b.) and Art. 6 Para. 1 f.) GDPR, otherwise additionally on Art. 6 Para. 1 a.) GDPR. The data will be deleted immediately after fulfillment of the retention purpose, unless statutory retention periods prescribe extended retention (cf. §§ 257 Para. 1 HGB: 6 years, 147 Para. 1 AO: 10 years) or retention is necessary for evidentiary purposes.

Google Maps, Google Fonts

This website uses maps from the “Google Maps” service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (USA). To use the map service, it is necessary to store the IP address, which is usually transmitted to a Google server in the USA and stored there. This website also uses external fonts from Google Inc. (“Google Fonts”). The fonts are integrated through a server call to Google. Data processing is based on legitimate interests within the meaning of Art. 6 Para. 1 S. 1 f.) GDPR. The use of the above-mentioned services makes it easier for the user to use this website and optimizes the presentation of the website. Google is certified under Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI), which guarantees compliance with the EU GDPR and all other data protection laws or provisions with data protection character applicable in the EU member states. Users can find further information about data processing at https://www.google.com/policies/.

General Information on Data Deletion

Personal data is generally deleted immediately after fulfillment of the retention purpose, unless statutory retention periods prescribe extended retention (cf. §§ 257 Para. 1 HGB: 6 years, 147 Para. 1 AO: 10 years) or retention is necessary for evidentiary purposes. Proper deletion is reviewed on an annual basis. If data is not deleted because it is required for other legally permissible purposes, its processing will be restricted.

Security Measures of the Operator

In accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the operator continuously implements appropriate organizational, contractual and technical measures to ensure that data protection regulations are complied with and that the data subject to processing is protected against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. The operator has already taken into account the protection of personal data in the technical development and design of the website (Art. 25 GDPR). Security measures include in particular the encrypted transmission of data between the user’s browser and the operator’s server.

User Rights

The user has the right at any time to request information about whether and which personal data of the user is being processed (Art. 15 GDPR). Upon request, the user’s personal data must be provided in a structured, commonly used and machine-readable format (Art. 20 GDPR).

Furthermore, the user has the right to rectification of inaccurate or completion of incomplete personal data (Art. 16 GDPR) and – under the conditions of Art. 18 GDPR – the right to restriction of processing.

Unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims, the user may also request the deletion of their personal data (Art. 17 GDPR).

Consent to data processing within the meaning of Art. 6 Para. 1 S. 1 a.), 7 GDPR can be revoked by the user at any time with effect for the future. If data processing is based on Art. 6 Para. 1 S. 1 f.) GDPR, the user can object to data processing with effect for the future, unless the operator of this website can demonstrate compelling legitimate grounds for processing which override the interests, rights and freedoms of the user, or the processing serves the establishment, exercise or defense of legal claims of the website operator (Art. 21 GDPR).

If the user believes that the processing of their personal data violates data protection regulations, they can lodge a complaint with the competent supervisory authority (Art. 77 GDPR). The supervisory authority responsible for the operator of this website is the State Commissioner for Data Protection and Freedom of Information NRW, Kavalleriestraße 2-4, 40213 Düsseldorf.

– END OF PRIVACY POLICY –