The protection of your privacy is important to us! We would therefore like to inform you about how we handle your data that is collected when you use our website with the information below.
A. Data controller
I. Name and address of the data controller
The data controller within the meaning of the General Data Protection Regulation [GDPR] for the BEGO company group, comprising:
- BEGO GmbH & Co. KG
- BEGO Bremer Goldschlägerei Wilh. Herbst GmbH & Co. KG
- BEGO Medical GmbH
- BEGO Implant Systems GmbH & Co. KG
is BEGO GmbH & Co. KG, represented by the personally liable partner Weiss Beteiligungs GmbH
- Director: Business graduate [Dipl.-Kfm.] Christoph Weiss
Wilhelm-Herbst-Str. 1, 28359 Bremen, Germany
Telephone: + 49 421 2028-0
Fax: + 49 421 2028-100
II. Name and address of the data protection officer
- Timo Deseniß
28359 Bremen, Germany
Tel.: +49 421 2028-336
B. General information
I. Scope and processing of personal data
We only collect and utilize our users’ personal data if this is necessary to provide a fully functional website as well as our contents and services. Should this not be the case, use of personal data normally only takes place with the user’s consent. An exception to this is made in cases where it is not possible to obtain consent in advance for concrete reasons, and the processing of the data is permitted through legal provisions.
II. Legal principles of the processing
Insofar as we obtain consent from the data subject for the purpose of processing their personal data, Article 6 (1) lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary to perform a contract to which the data subject is party, Art. 6 (1) (b) of the GDPR applies as the legal basis. This also applies to processing activities that are necessary to implement pre-contractual measures.
Insofar as it is necessary to process personal data to fulfill a legal obligation to which our enterprise is subject, Art. 6 (1) (c) of the GDPR applies as the legal basis.
Should it be necessary to process personal data in order to protect the vital interests of the data subject or of another natural person, Art. 6 (1) (d) of the GDPR applies as the legal basis.
Insofar as it is necessary to process personal data to protect a legitimate interest of our enterprise or of a third party, and if said interest is not overridden by the interests, basic rights and basic freedoms of the data subject, Art. 6 (1) (f) of the GDPR applies as the legal basis. Our company’s legitimate interest is to carry out our business activities.
III. Routine deletion and blocking of personal data
We process and store the data subject’s personal data only for the period necessary to achieve the purpose of the processing and storage. Storage may also take place as far as is prescribed by the European or national legislator in EU regulations, laws or other provisions for compliance with the data controller’s legal obligation. Personal data is routinely blocked or deleted as soon as the purpose of storage ceases to apply or a time limit for storage prescribed by the aforementioned laws expires.
IV. Security of your data
We use the common SSL method (Secure Socket Layer) in conjunction with the highest encryption level supported by your browser within the website visit. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You can tell whether a single page of our website is transmitted encrypted by the closed-form display of the key or lock symbols in the lower status bar of your browser. However, we expressly point out that data transmission online (e.g. when communicating by e-mail) may be subject to security gaps and cannot be seamlessly protected from access by third parties.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures will be continuously improved and correspond to the state of the art in line with technological developments.
C. Usage data
I. Log files
1. Description and scope of the data collection
Every time the website is accessed, we or the website provider record data and information by means of an automated system. This is stored in the server’s log files.
Server log files are anonymized data which cannot be used to identify you, but are indispensable for technical reasons to supply and display our contents.
The following data may be collected:
- Information about the browser type and the version used
- The user’s operating system
- The user’s Internet service provider
- The user’s IP address
- Date and time of access
- Websites from which the user’s system accesses our website (referrer)
2. Legal basis for the data processing
The legal basis for the temporary storage of log files is Art. 6 (1) (f) GDPR.
3. Purpose of the data processing
It is necessary for the system to temporarily store the IP address in order to allow the website contents to be delivered to the user’s computer. For this reason, the user’s IP address must be stored for the duration of the session.
Storage in log files takes place in order to ensure the correct functioning of the website. We also need the data in order to optimize the website and to ensure the security of our IT systems. The data is not evaluated for marketing purposes in this connection.
These purposes also include our legitimate interest in the processing of the data in accordance with Art. 6 (1) (f) of the GDPR.
4. Deletion and duration of the storage
The data will be deleted as soon as it is no longer necessary for the purpose of their collection.
In the data is collected for providing the website, this is the case when the respective session is terminated.
If data is stored in log files, this is done seven days afterwards at the latest. Extended storage is possible. In this case, users’ IP addresses are deleted or modified so that they can no longer be allocated to the viewing client.
5. Opportunity to object and remove
Recording data for providing the website and storing the data in log files is essential for the purpose of operating the website. As a result, the user has no opportunity to object.
Cookies are used on our web pages. These cookies are small text files that are stored in the cache of your Internet browser for the duration of your browser session (session cookies) or on your hard drive for a fixed period (permanent cookies). Cookies enable the recognition of the Internet browser so that you can be provided with faster and more targeted content when you visit our website in the future that is tailored to your needs and wishes. Therefore, we use technically necessary cookies to satisfy our legitimate interest of being able to provide a website that is tailored to users’ wishes.
If you give us your consent, the legal basis for the processing of personal data is Art. 6 (1) (a) GDPR.
You can use the following link to change your cookie settings or revoke the consent you have given without stating reasons at any time: Change your consent
How can I prevent the storage of cookies?
The storage of cookies that are not technically necessary requires your prior express consent.
You can also set up your browser to only allow the storage of cookies if you consent to them. You can delete any remaining cookies. By deactivating cookies, the usability of our web pages may however be restricted. Information on how cookies can be deactivated can be found at the following LINK (wikihow.com).
We want to give you the opportunity to make an informed decision as to whether or not you want to use the cookies, which are not absolutely necessary for the technical functions of the website. Please note that if you reject advertising cookies, you will receive less tailored advertising adapted to your interests. The website will, however, remain fully usable.
We differentiate between cookies that are essential for the technical functions of the website and optional cookies.
In order for you to be able to customize your desired data protection settings for visiting our website as much as possible, we give you the opportunity below to set your preferences with regard to the categories "Technically necessary", "Statistics", "Comfort and personalization".
“Technically necessary” category
These cookies are necessary for the technical operation of the website. Some functions on our website cannot be offered without using these cookies.
We use technically necessary cookies on the basis of legitimate interests (Art. 6 (1) (f) GDPR). Our legitimate interest is to ensure the functioning of our website and their optimal usability. Logging is used, among other things, for complying with § 13 paragraph 2 TMG (German Telemedia Act) and cannot be revoked.
In order to further improve our offer and our website, we collect anonymized data for statistics and analysis. With the help of these cookies we can, for example, determine the number of visitors and the effect of certain pages on our website and optimize our content.
Analysis cookies and tags enable us to generate overall statistics, e.g. about the number of views, which areas of the website are viewed most often and information about locations and the duration of the average stay on the website. This allows us to improve the quality and content of our website.
We use marketing cookies to follow visitors on website. The intention is to show you relevant and appealing advertisements or to have them shown by third parties.
Legal basis/revocation of the consent:
We use technically necessary cookies based on legitimate interests (Art. 6 (1) (f) GDPR). Our legitimate interest lies in ensuring the functioning of our website and its optimal usability. Logging serves, among other things, to fulfill Section 13 (2) German Telemedia Act [TMG] and cannot be revoked.
You can revoke your consent at any time and without giving reasons: Change your consent
III. Social Plugins of social networks
Within the context of our website, we use a link from BEGO to social networks “Facebook”, “LinkedIn”, “Xing”, “YouTube” and “Instagram” and in the case of BEGO Implant Systems to “Facebook”, “LinkedIn” and “YouTube”. You can recognize the link by the corresponding logo. When you click on this, you are forwarded to our presence on Facebook.
To optimally protect your data, the buttons are integrated in our website in such a way that they can only be activated by clicking on the button with the respective network logo. A connection to the servers of the relevant social network is established when you activate and click on the logo button. Therefore, no data is transferred simply as a result of viewing and visiting the site.
By activating a button your browser makes a direct link to the respective network operator’s server. This operator transfers the content of the link directly to your browser and integrates it into the website. Through this integration, the network operator receives the information that you viewed the corresponding page of our website. If you were logged into the relevant network at the time, your visit to our website may be allocated to your account. If you do not wish this to happen, then you should log out of the network before clicking on the logo share button.
You can obtain more information about the purpose and extent of data collection and its processing by the plugin provider in these providers’ privacy policies detailed below. You will also obtain more information about your rights in this respect and the settings you can change to protect your privacy there.
Addresses of the respective plugin providers and URL with their data protection notices:
- Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
- Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=en. Google has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
- Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.
- LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn has committed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
IV. Use of Facebook Insights / Instagram Insights
Facebook Ireland uses its “Facebook Insights” or “Instagram Insights” service on our Facebook and Instagram pages. If you give your consent to tracking on our website by opting in, your data will be recorded for our Facebook and Instagram fan pages. Facebook Ireland and BEGO GmbH & Co. KG are jointly responsible for the collection of personal data when visiting the fan pages and the provision of statistical data for the fan page operator. Details of this are regulated in the Joint Controller Addendum, which you can find here:
https://www.facebook.com/legal/terms/page_controller_addendum. You can assert your rights as a data subject to Facebook Ireland and the BEGO Group.
The legal basis for the processing of personal data for statistical purposes is Art. 6 (1) (f) GDPR. The processing takes place in order to enable a more effective advertising appearance of the BEGO Group on the Internet.
Facebook Ireland fulfills all obligations under the GDPR with regard to the processing of Insights Data and provides data subjects with the essential Pages Insights Addendum. The BEGO group does not take any decisions relating to the processing of Insights Data that go beyond the provision of statistical data and the other information resulting from Art. 13 GDPR, including legal basis, identity of the data controller and storage duration of cookies on the user’s terminals.
Further information on the Insights addendums regarding Facebook’s data controller is available at this Link https://www.facebook.com/legal/terms/page_controller_addendum
V. Use of YouTube
We have integrated YouTube videos into our website, which are stored on www.YouTube.com and can be played back directly from our website. These are all integrated in the "extended data protection mode", which means that no data about you as a user will be transmitted to YouTube if you do not play back the videos. The data mentioned in paragraph 2 will only will be transmitted when you play back the videos. We have no influence on this data transfer.
VI. Use of Google Maps
We use Google Maps on this website. This allows us to display interactive maps directly on our website and makes it easy for you to use the map function.
By visiting the website, Google is notified that you have accessed the specific page in question of our website. The data specified in paragraph 3 of this Policy is also transmitted. This takes place regardless of whether you have an account with Google and are logged in, or whether you do not have any Google account. If you are logged into your Google account, your data is directly assigned to your account. If you do not want your data to be assigned to your Google profile, you must log out before activating the button. Google saves your data as a usage profile and uses it for the purposes of marketing, market research and/or as needed in the setup of its website. This type of analysis takes place (even for users who are not logged in) particularly to provide personalized marketing and inform other users of social networks about your activities on our website. You have the right to object to the creation of this usage profile, in which case you need to direct your objection to Google.
Google also processes some of the data in the USA. There is no adequacy decision by the EU Commission for data transfer to the USA; The legal basis for the transfer to the USA is your consent in accordance with Art. 49 (1) (1) GDPR. Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the privacy policies of the provider. You will also obtain further information about your rights in this respect and the settings you can change to protect your privacy there: https://policies.google.com/privacy?hl=en
VII. Use of script libraries (Google Web Fonts)
In order to present our contents correctly and in a graphically appealing way across all browsers, we use script libraries and font libraries from Google Web Fonts (https://www.google.com/webfonts/) on this website. Google Web Fonts are transferred to your browser’s cache to avoid multiple loading. If your browser does not support Google Web Fonts or does not allow access, content will be displayed in a standard font.
The integration of Google Web Fonts is carried out in our legitimate interest to ensure the reliable, appealing and uniform use of our website independent of the browser.
You can find the data protection directive of the library operator Google here: https://www.google.com/policies/privacy/
VIII. Transfers of personal data to third countries
If applications are used in which data is processed in third countries, in particular in the USA, the data processing takes place on the basis of your consent in accordance with Art. 6 (1) (a) GDPR.
The basis of a transfer of personal data to a third country and the processing there can also be agreements with the processor in the third country, in particular the agreement of EU standard contractual clauses and the conclusion of data processing agreements.
We have agreed on the applicability of the EU standard contractual clauses with the following companies:
BEGO USA Inc., 24 Albion Road, Suite 103, Lincoln, RI 02865, USA
D. Your personal data (data given by you)
I. What is “personal data”?
Personal data is information about you personally, which that enables conclusions to be drawn about your identity or relate directly or indirectly to you personally, e.g., your name, address or telephone number. It does not include information that does not enable conclusions to be drawn about an identified or identifiable individual.
II. Ways of contacting us
On our website https://www.bego.com/contact/ there is an overview of the ways in which you can contact us. It is in our legitimate interests to provide contact details, since this provides us with more possibilities for getting in contact with you. If a data subject gets in contact with the data controller via one of the contact channels, the personal data transmitted by the data subject is saved automatically. Storage is purely for the purposes of processing or getting in contact with the data subject. There is no forwarding of data to third parties. The data you transmit is only stored for as long as it is required for establishing contact.
III. Application form
We provide an application form on our website https://www.bego.com/career/ that offers you the possibility of applying online for the currently advertised vacancies at BEGO Bremer Goldschlägerei Wilh. Herbst GmbH & Co. KG. To use this form, you are obliged to enter your name, address and e-mail address and attach your application documents. You have the option of specifying other voluntary information about yourself (e.g., telephone number, date of birth, driving license number). This serves the purpose of enabling us to obtain a better picture of you and your qualifications, in order to assess whether you meet the necessary requirements. By submitting the voluntary data, you consent to us saving it in the context of the application process.
This application form is provided based on Section 26 German Data Protection Act [BDSG] in order to establish employment relationships and serves as a further means of transmitting applications and an appeal to a broader range of potential applicants. Alternatively, you can send your application to us in writing by post.
Storage of the collected data is used solely to implement the application process. The storage duration is a maximum of 6 months from the time when the application process ends. Unsolicited applications received electronically are generally deleted immediately after receipt and perusal of the documents. However, we reserve the right to save application documents for up to 12 months for possibly getting in contact with you if, according to our legitimate interests, a potential vacancy arises for the specific application within this period. You also agree to this storage by sending your unsolicited application. You are entitled to revoke your consent to the storage at any time by sending an email to email@example.com. Applications sent by post to BEGO Bremer Goldschlägerei Wilh. Herbst GmbH & Co. KG will be returned to the applicants at the end of the application process.
IV. BEGO eShop
Take the opportunity to register on the website at https://login.bego.com/de/dental stating your personal details for our eShops and online portal
- BEGO eShop for conventional solutions and 3D printing (https://login.bego.com/de/dental)
- BEGO eShop for implantology solutions (https://login.bego.com/de/implants)
- BEGO Guide Order Portal (http://guide.bego-implantology.com/)
- BEGO Medical Scan and Design Center – for Laboratories (https://www.bego-medical.com/scancenter/)
- BEGO CAD/CAM Order Portal – for Laboratories (https://orderportal.bego-medical.com)
- The data is transmitted to BEGO in the respective input mask. The data will be stored solely for the purposes of internal use by BEGO. When registering, the user’s IP address and the data and time of registration will be saved in addition to the data listed below. This serves to prevent misuse of the services. There is no forwarding of data to third parties. One exception is if there is a legal obligation to forward the data.
- Registered persons have the possibility of having the stored data deleted or modified at any time. The data subject shall have the right to obtain information about the personal data saved about them at any time.
Registration shall take place for the implementation of pre-contractual measures, for the fulfillment of the contract and based on our legitimate interests. With the option of registering, we can offer our contractual partners the possibility of ordering products in our eShops.
What data do we collect and for what reason?
In the context of registration, we initially need a valid e-mail address from you. In the further registration process we collect other data that we require from you for orders in the e-shop, e.g., name, address and e-mail address. The fields for data which are required for registration and have to be specified are marked as mandatory fields in the registration menu. The data specified by you is stored by us and is used solely to render the services you require and therefore to fulfill our contracts with you, e.g., to supply products that you order from us or to issue invoices.
Can I also use the eShop without registering?
Only registered users have access to BEGO’s eShop.
Your data is saved insofar and as long as this is necessary to fulfill the contract and is required in accordance with the statutory retention periods. Following the expiry of the respective period, the corresponding data will be routinely deleted if it is no longer required for the fulfillment or initiation of the contract and/or we have no legitimate interest in further storage.
For the use of our customer portal my. BEGO.com or the associated software, your registration is required. The requested data will be processed exclusively for the purpose of the fulfillment of the contract. The registration records the user’s name, first name, address, contact details, e-mail address, practice name and IP address as well as the date and time of registration. This is intended to prevent misuse of the services and identify you as a contractual partner as well as to fulfill the contract. The data will not be passed on to third parties. An exception exists if you have given your consent, if there is a legal obligation to pass on or if the transfer is necessary for the performance of the contractual relationship.
The data provided by you in the context of the registration and data that is necessary for the use of the printer and for the manufacture of 3-D products will be saved for the purpose of traceability and the customer service. Even when using the portal, no data will be transmitted to BEGO. The legal basis of the data processing is Art. 6 (1) (b) GDPR.
If subscription to the BEGO newsletter takes place, the data is sent to the data controller in the respective input mask. When registering for the newsletter, the user’s IP address and data and the time of registration are saved. This serves to prevent misuse of the services or the data subject’s e-mail address. There is no forwarding of data to third parties. One exception is if there is a legal obligation to forward the data. The data is used solely for distributing the newsletter. Dispatch of the newsletter takes place based on your consent (Art. 6 (1) (a) GDPR).
When registering for the newsletter, you consent to us sending newsletters from the areas requested by you to your e-mail address. When registering you agree to the following wording of the text giving your consent:
You can revoke this consent for the future at any time by unsubscribing from the newsletter. For this purpose, enter your e-mail address under the following link. Through submission of your e-mail address and confirmation, you are automatically removed from the mailing list. You will also find the corresponding link in every newsletter.
Registration for our newsletter is carried out in a so-called double opt-in procedure. This means you receive an e-mail after registration, in which you are asked to confirm your registration. As proof of registration to the newsletter, the time or registration and confirmation and the IP address are stored.
The statistical collection, analysis and recording of the registration procedure take place on the basis of the legitimate interests (Art. 6 (1) (f) GDPR). The legitimate interests lie in the proper and technically flawless execution of the email dispatch.
We save your e-mail address which you specified in the course of ordering the newsletter for as long as you subscribe to the newsletter. As soon as you have unsubscribed from the newsletter, we erase your email address.
The dispatch of the newsletter is carried out by the carrier CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. We have concluded a data processing agreement with the carrier, through which it is ensured that personal data will be processed in accordance with the provisions of data protection law. You can view the data security provisions at https://www.cleverreach.com/de/datensicherheit/.
The carrier may use the recipient’s data in a pseudonymized form, i.e., without allocation to a user, in order to optimize or improve its own services, e.g., for technical optimization of the distribution and the presentation of the newsletter or for statistical purposes. The carrier will not, however, use the data of our newsletter recipients to write to them itself, nor will it pass on the data to third parties.
3. Performance measurement
The newsletters contain a so-called “web beacon”, i.e., a pixel-sized file that is accessed by the server of CleverReach GmbH & Co. KG when the newsletter is opened. During this access, initially technical information, such as information about the browser and your system, as well as your IP address and the time of access, are recorded.
This information will be used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on the locations of access (which can be determined with the aid of the IP address) or the access times. The statistical records will also include the determination of whether the newsletters are opened and what links are clicked on. For technical reasons, it is possible to allocate this information to the individual newsletter recipients. However, it is not our aim, or that of CleverReach GmbH & Co. KG, to monitor individual users. Rather, the analysis serves the purpose of recognizing our users’ reading habits and adjusting our content to suit them or send different information in line with our users’ interests.
VII. Forwarding to other websites
To increase the range of services offered by us you will find links to other websites on our websites for which other providers are responsible. For information on the extent to which our advertising partners collect personal data, please refer to their privacy policies. You will see that data is being forwarded because a new browser window will open and a new address will be displayed in the browser line.
VIII. Forwarding of data to third parties
Except for the cases already described, we only forward your personal data to third parties if:
- you have expressly given your consent in accordance with Art. 6 (1) (a) GDPR,
- there is a legal obligation to forward the data in accordance with Art. 6 (1) (c) GDPR,
- this is necessary for the settlement of the terms and conditions of a contract or to carry out pre-contractual measures in accordance with Art. 6 (1) (b) GDPR,
- processing is necessary for the purposes of the legitimate interests pursued by us in accordance with Art. 6 (1) (f) GDPR;
- forwarding according to Art. 6 (1) (f) GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest warranting protection in the non-forwarding of your data,
There is no forwarding of your data to third parties.
E. Data subjects’ rights
You have the right:
- in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged retention period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of the right to complain, the source of your data, if not collected by us, and the existence of automated decision-making, including profiling according to Art. 22 (1) and (4) GDPR and, where applicable, meaningful information about their details. You have the right to request information about whether the personal data relating to you will be sent to a third country or an international organization; in this connection you can request to be informed about the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transfer;
- in accordance with Art. 16 GDPR, to request the prompt correction of inaccurate data or completion of incomplete personal data stored with us;
- in accordance with Art. 17 GDPR, to request the deletion of your personal data held by us, unless the processing is required for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims or for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Art. 89 (1) GDPR, insofar as the said right is likely to make impossible or seriously affect the realization of the aims of this processing;
- in accordance with Art. 18 GDPR, to request restriction of the processing of your personal data, insofar as the accuracy of the information about you is contested, the processing is unlawful, but you oppose deletion and we no longer require the data, however, you require this for the assertion, exercise or defense of legal claims, or in accordance with Art 21 GDPR, you have lodged an objection against the processing; if the processing of data relating to you has been restricted, these data may only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of other natural or legal person or for reasons of an important public interest of the European Union or of a Member State and you are informed by the data controller before the restriction is lifted;
- in accordance with Art. 20 GDPR, to receive your personal data provided to us in a structured, commonly used and machine-readable format or to request transmission to another data controller, insofar as the freedoms and rights of others are not thereby affected. This right to data transferability does not apply to the processing of personal data which is in the public interest or takes place in the exercise of official authority that has been transferred to the data controller;
- in accordance with Art. 7 (3) GDPR, at any time to revoke the consent you have given us. As a consequence, we would, in the future, no longer be allowed to continue data processing based on this consent;
- in accordance with Art. 22 GDPR, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless the decision is necessary for entering into, or performance of, a contract between you and us, is admissible based on Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or takes place with your explicit consent. These decisions may not be based on special categories of personal data referred to in Art 9 (1) GDPR, unless point (a) or (g) of Art. 9 (2) applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place;
- in accordance with Art. 77 GDPR, to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your habitual residence or your place of work or our organizational headquarters. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
F. Right of revocation
Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR if there are grounds relating to your particular situation or the objection is directed at direct marketing. In the latter case, you have a general right to object, which is implemented by us without specifying a particular situation.
If you would like to exercise your right of revocation or objection, an e-mail to firstname.lastname@example.org (Data Protection Officer) will suffice.