Privacy Policy

Data protection notice

In the following notice, we, SRC Special Risk Consortium GmbH ("SRC"), would like to inform you about our processing of your personal data, and about your data protection rights. SRC is an independent insurance agent holding powers-of-attorney from various insurance companies. SRC is entitled, within the meaning of Section 71 of the German Insurance Contract Act (VVG), to perform all actions for the insurance companies on their behalf.

SRC intends to take out film producers' indemnity insurance, with a production company as policyholder. The policyholder intends to insure against the risk of certain parties involved in the production (e.g. director, actors) failing to appear. In order for SRC to assess the risk of your not appearing, you need to disclose information such as your name, birthdate, body height and weight, and particularly information about your health. We will then process this data. You yourself will not be a party to the contract.

The exact type of data that will be processed, and how it will be used, depends mainly on the type of service the policyholder applies for and is agreed upon.

Who is responsible for processing the data, and whom can I contact?

The resoonsible party is SRC, Belfortstraße 15, 50668 Cologne, tel.: +49 221 9140940, email: info@srcmail.de

You may contact our external data protection officer at:
Niels Kill, Althammer & Kill GmbH & Co. KG
Mörsenbroicher Weg 200
40470 Düsseldorf
Telefon: +49 211 9367480
E-Mail: datenschutz@srcmail.de

What are our data sources?

We process the data that we get directly from you in the health information form that you fill out. We also process – if necessary to provide the service or fulfil the contract for the policyholder – data that we obtain legally from publicly accessible sources (e.g. news, internet) or that is communicated to us legally/legitimately by doctors or third parties.

What data do we process?

Personal data (e.g. name, date and place of birth, body height and weight);
your role in the production (e.g. director, actor);
various types of health data;
information about the reason for your not appearing, if applicable

What do we process your data for (purpose of the processing), and on what legal grounds?

We will process your personal data in compliance with the GDPR, the German Federal Data Protection Act (BDSG), and the data protection provisions of the VVG.

The purpose of the processing is to assess the risk of your not appearing in the context of the production.

It is thus necessary for you to provide your data to SRC, in order for the film producers' indemnity insurance to be concluded and executed with the production company. Without such data, SRC will be required to refuse the film producers' indemnity insurance, or will be no longer able to fulfil an already existing contract and/or required to terminate it.

The legal grounds for processing your health data are the declarations of consent you signed on pages 4-5, under Art. 9(2) a) combined with Arts. 6(1)(1) a) and 7 of the GDPR.
We will also process your data (such as your personal data, for example) for the purposes of our legitimate interests, or those of third parties (Art. 6(1) f) of the GDPR). This is permissible as long as the processing is necessary for the purposes of our legitimate interests or those of third parties, and your interests or fundamental rights and freedoms do not override them. Such legitimate interests are constituted by, for example:

• the conclusion and execution of the film producers' indemnity insurance,

• the guaranteeing of IT security and IT operations,

• the prevention and investigation of criminal offences; in particular, we use data analysis to identify situations that may signal insurance fraud,

• the assertion of legal claims and defence against litigation,

• business measures to manage and develop services and products.

We will also process your personal data to fulfil statutory requirements. These include, for example, supervisory regulations and data retention requirements under tax or commercial law. In these cases, the processing is permitted by the respective statutory provision in conjunction with Article 6(1) c) of the GDPR.

Who receives my data?

Within SRC, we disclose your data to those who need it to fulfil our contractual and statutory obligations.

External recipients may include those for whom you have issued a consent to data disclosure on pages 4-5, or to whom, on a balance of interests, we are entitled to disclose personal data to. This includes, for example:

reinsurers, insurers represented by us ("Insurers"), insurance intermediaries, insurance brokers working for the policyholder, policyholders, joint policyholders, medical experts, doctors, adjusters and Insurers in cases of loss, lawyers, auditors, banks, guarantors.

We also work with carefully selected processors (Art. 28 GDPR) who may receive your data for the purposes of fulfilling our contractual obligations. They include the following companies: IT service providers.

How do we transmit your data to countries outside the EU?

In order to execute the film producers' indemnity insurance, we may need to transmit your data to Switzerland. The European Commission has determined that the level of data protection in Switzerland is adequate.

How long will we store your data?

If necessary, SRC will process and store your personal data for the term of the contract with the policyholder. This also includes the initial negotiation and final settlement of the contract.

The personal data necessary to maintain guarantee and warranty claims will be retained for the duration thereof.

Personal data will be retained for evidence purposes for the duration of the statutory periods of limitation, which normally last three years but can be as long as 30 years in some cases.

SRC will also store personal data to the extent that it is required to do so by law. The corresponding documentation and record-retention requirements are set out in the German Commercial Code (HGB) and the German Tax Code (AO). The retention and/or documentation periods set out therein amount to six years under the commercial law provisions of Section 257 of the HGB and up to ten years under the tax law provisions of Section 147 of the AO. Where the data in question is subject to multiple retention provisions, the longest retention provision respectively applies.

Should you provide us with the corresponding declaration of consent under point 4 on page 5, SRC becomes entitled, for a period of three years from the end of the calendar year of the production company's application, to retain and use the health data collected in the context of the risk assessment, in the event that a production company seeks insurance coverage for you as a person at risk for another, future film production.

What are your rights?

You have the right, as per Art. 15 of the GDPR, to obtain information on the personal data stored about you. Should incorrect personal data have been processed, you have the right under Art. 16 of the GDPR to have it rectified. Should the statutory conditions be fulfilled, you may request the erasure or restriction of processing, and may object to the processing (Arts. 17, 18 and 21 of the GDPR). Under Art. 20 of the GDPR, you have a right to data portability.

We point out that you may withdraw your consent at any time, with future effect. Withdrawing consent does not affect the lawfulness of any processing done based on the consent before it was withdrawn.

All such rights may be asserted against SRC.

If you are of the opinion that certain data processing violates data protection law, you have the right to complain to the data protection authorities of your choice (Art. 77 of the GDPR in combination with Section 19 of the BDSG). These include the data protection authorities responsible for us, whom you may contact at the following address:

North Rhine-Westphalian State Officer for Data Protection and Freedom of Information, (Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen), PO Box 20 04 44, 40102 Düsseldorf, Tel.: +49 211 3842400, email: poststelle@ldi.nrw.de

Information on your right to object under Art. 21 of the GDPR

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6(1) f) of the GDPR (data processing on the basis of a balance of interests).

Should you object, SRC will no longer process your personal data unless SRC can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing serves the assertion, exercise or defence of legal claims.

The objection needs not be in a particular format and should be sent to:

SRC Special Risk Consortium GmbH, Belfortstraße 15, 50668 Cologne, Tel.: +49 221 9140940, email: info@srcmail.de

Privacy Policy

With the following information, we, SRC Special Risk Consortium GmbH (hereinafter „SRC"), would like to provide you with an overview of our processing of your personal data and your rights derived from data privacy laws. Which data in particular will be processed and used in what way, largely depends on the services that were applied for or agreed upon. Hence, not all parts of this information will apply to you.

Who is responsible for processing the data and whom may I contact?

The responsible party is SRC with the following locations:

Belfortstraße 15
D-50668 Cologne
Phone: +49 221 9140943
E-Mail: info@srcmail.de

Bajuwarenring 4
D-82041 Oberhaching
Phone: +49 89 62833895
E-Mail: muenchen@srcmail.de

You may reach our external data protection officer at:

Niels Kill
Althammer & Kill GmbH & Co. KG
Mörsenbroicher Weg 200
40470 Düsseldorf
Phone: +49 211 9367480
E-Mail: datenschutz@srcmail.de

What are our data sources?

We process personal data which we obtain directly from you in the context of our business relationship. In addition, as far as necessary to provide our service or to fulfill our contract for you, we process personal data which we permissibly gain from public sources (e.g., lists of debtors, land registers, commercial registers, registers of associations, press, Internet) or which are permissibly provided to us by the following other third parties:

Reinsurance companies, empowering insurance companies, previous insurers, insurance agents, competent insurance brokers for the policyholder, co-policyholders, doctors, loss adjusters and insurers in case of a claim, lawyers, auditors, banks, protection providers, film subsidizing bodies, agencies, e.g. marketing and sales promotion agencies, as well as handling houses.

What data do we process?

Application data (as for example ...)
Personal data (including name, date of birth, place of birth), address/contact details,
Bank data, Credit history data

Contract data (as for example ...)
Insurance policy number, customer number, start and expiry dates, contract status, sum insured, premium, payment method, role of the person concerned (e.g., policyholder, insured person, premium payer, claimant), documentation data (data from consultations and service conversations)

Indemnification data (as for example ...)
Health data (before we request health data, we will always obtain your consent first), bank data, receipts (e.g., purchase invoices, offers)

Data regarding your use of our available tele media (e.g., time of request of our web pages)

What do we process your data for (processing purposes) and on what legal grounds?

We process your personal data in compliance with the German General Data Protection Regulation GDPR (hereinafter "DS-GVO"), the German Federal Data Protection Act (hereinafter "BDSG") and the data protection provisions of the German Insurance Contract Act (hereinafter "VVG").

If you want to get insured by us, we need your data for the conclusion of contract and the assessment of the risk to be covered by us. Once the insurance contract is concluded, we process this data in order to issue the policy or send an invoice. We need the data in case of a claim in order to assess your coverage in detail and what indemnifications you will receive from us.

It is therefore necessary that you provide your data (see above: application, contract and indemnification data) to SRC for the conclusion and execution of the insurance contract. without this data, SRC will decline the conclusion of the insurance contract or stop and possibly terminate the execution of an already existing contract.

Moreover, we need your personal data for the compilation of insurance specific statistics, e.g., for the development of new plans or the compliance with supervisory regulations. In addition, we utilize selected data of existing contracts in order to assess the customer relationship as a whole, in order to, for example, consult you regarding a targeted contract adaptation or contract amendment. This is also the basis of our comprehensive customer service.

The legal basis for this processing of personal data for pre-contractual and contractual purposes is Art. 6, para. 1, sentence 1, lit. b) of the DS-GVO. For that matter, the purposes of the data processing primarily depend on the concrete insurance product. As far as special categories of personal data are necessary to this end, e.g. your health data, we will obtain your consent according to Art. 9, para.2, lit. a) in conjunction with Art. 7 DS-GVO (also for the purpose of transmission of your data to other third parties).

If we compile statistics with these data categories, this is carried out on the basis of Art. 9 para. 2 lit. j) DS-GVO in conjunction with Section 27 BDSG.

We also process your data in order to protect our legitimate interests or those of third parties (Art. 6 para. 1 sentence 1 lit. f) DS-GVO). This is permissible as long as the processing is necessary to protect our legitimate interests or those of third parties unless your interests or fundamental rights and freedoms prevail. Such legitimate interests include

• Securing IT safety and IT operations,

• Preventing and resolving criminal actions; in particular, we use data analysis for the Detection of clues which may suggest insurance fraud,

• Assertion of legal claims and defense in the case of legal disputes,

• Measures for business management and further development of products and services.

Moreover, we will process your personal data to fulfill statutory requirements. These include supervisory regulations or data retention requirements under commercial and tax law. Legal grounds for the processing in these cases are the respective statutory rules in conjunction with Art. 6 para.1 lit. c) DS-GVO.

Who will receive my data?

The persons within SRC who need your data to fulfill our contractual and statutory duties will obtain access to your data.

External recipients of your data may be (i.e., a permissible data transmission may take place to the following recipients):

Reinsurance companies, empowering insurance companies, insurance agents, competent insurance brokers for the policyholder, co-policyholders, doctors, loss adjusters and insurers in case of a claim, lawyers, auditors, banks, protection providers.

In addition, we work with carefully selected data processors (Art. 28 DS-GVO) which may receive your data in order to fulfil our contractual obligations. These processors include IT service providers and collection/dunning providers.

Further data recipients may be those places that you gave us your date transfer consent for or that we are entitled to transmit personal data to based on weighing of interests.

How do we transmit data to non-EU countries?

In the case of insuring SRC customers from Switzerland, personal data will be transmitted to Switzerland for the purpose of concluding and implementing the insurance contract. An Adequacy Decision by the European Commission for the data protection standards of Switzerland is available. This is why no further guarantees need to be implemented for this kind of data processing, in addition to the general admissibility requirements.

How long will we store your data?

As far as necessary, SRC will process and store your personal data for the duration of our contractual relationship. This also includes the initiation and settlement of the contract.
The necessary personal data will be stored for the duration of any guarantee and warranty claims.

Personal data will be stored for the preservation of evidence for the duration of statutory periods of limitation, which is generally a period of three years but may be up to 30 years in special cases.

Moreover, SRC will store personal data to the extent it is required to do so by law. The corresponding burden of proof and data retention requirements result from the German Commercial Code (hereinafter "HGB") and the General Tax Code (hereinafter "AO"). The retention and/or documentation periods stipulated therein are six years pursuant to commercial law according to Section 257 HGB and up to ten years based on tax provisions according to Section 147 AO. If the data in question is subject to multiple retention periods, the longest retention provision shall apply in each case.

What are your rights?

According to Art. 15 DS-GVO, you have the right to obtain disclosure of the personal data stored about you. Should incorrect personal data have been processed, you have the right under Art. 16 DS-GVO to have it corrected. If the statutory requirements are met, you are entitled to demand deletion of the data or a restriction of the processing as well as to object to the data processing (Arts. 17, 18 and 21 DS-GVO). According to Art. 20 DS-GVO, you may assert the right to data portability.

Please note that you may revoke a consent given regarding data protection rules at any time with effect for the future. Revoking the consent does not affect the lawfulness of any data processing that was done based on your previous consent until its revocation.
All these rights may be asserted against SRC.

If you think that certain data processing activities violate data protection laws, you are entitled to complain at a data protection supervisory authority of your choice (Art. 77 DS-GVO in conjunction with Section 19 BDSG). You may also contact the data protection supervisory authorities which are responsible for us:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
(Regional Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia)
Postfach 20 04 44
D-40102 Düsseldorf
Phone: +49 211 3842400
E-Mail: poststelle@ldi.nrw.de

or

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
(Bavarian State Office for Data Protection Supervision)
Promenade 27
D-91522 Ansbach
Phone: +49 981 53 1300
E-Mail: poststelle@lda.bayern.de

Information on your right of objection acc. to Art. 21 DS-GVO

You have the right to object to the processing of your personal data based on Art. 6 para. 1 sentence 1 lit. f) DS-GVO (data processing on the basis of a weighing of interests) at any time, for reasons that result from your particular situation.

If you object, SRC will no longer process your personal data unless SRC is able to demonstrate compelling reasons, worthy of protection, for the processing which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defense of legal claims.

The objection may be informal and should be addressed to:

SRC Special Risk Consortium GmbH
Belfortstraße 15
D-50668 Köln
Phone: +49 221 9140943
E-Mail: info@srcmail.de

We are happy that you are visiting our website and thank you for your interest in our company.

For us, data protection is not only a statutory requirement but an important tool to increase transparency of our daily handling of your personal data. The protection of your personal data (hereinafter "data") is a very important concern for us. Therefore, in the following, we would like to inform you in detail which data are gathered when you visit our website and use the online offers you find there, how they are subsequently processed or used and which accompanying protective measures we have taken from technical and organizational perspectives.

Responsible party for data processing

Responsible party, in terms of the applicable data protection provisions, is Special Risk Consortium GmbH (please refer to our imprint for details).

Data Protection Officer

Responsible for the monitoring of and compliance with date protection rules is our external Data Protection Officer. He will be happy to give you further information regarding the subject of data protection. Following please find his contact details:

Niels Kill
c/o Althammer & Kill GmbH & Co. KG
Neuer Zollhof 3
D-40221 Düsseldorf
Phone: +49 211 936748-0
Fax +49 211 936748-48
E-Mail: datenschutz@srcmail.de
www.althammer-kill.de

Gathering and use of your data

The use of our website generally does not require the entry of any personal data. However, personal data are processed in part. The circumstances in which this is the case are outlined below:

Informational use

For the sole informational use of our website, the entry of personal data is generally not necessary.

In this case, we rather gather and use only the part of your data which your Internet browser is transmitting automatically, like, for example:

• Date and time of your access to one of our web pages

• Your type of browser

• The browser settings

• The operating system used

• The last page you visited

• The transmitted data volume and the access status (file transmitted, file not found etc.)

• As well as your IP address

In the case of an informational visit, we gather and use this data in a non-personal form only. This happens in order to facilitate the general use of the web pages you accessed, for statistical purposes as well as for the improvement of our Internet offer. The IP address is stored for the duration of your visit only, a personal evaluation does not take place.

Contact forms

You may contact us via contact forms on different sub pages. We will use the information gathered in the contact form (name, company/institution, address, phone number, e-mail address, subject) as well as your message for the purpose of responding to your request only. Upon completion of the response, this data is deleted. Solely within the scope of the archiving of e-mail correspondence stipulated by law (e-mails are business and commercial letters), the data will be stored for a maximum of 10 years.

Your data will be transmitted to third parties only if legally required.

Contacting our employees by e-mail

You may contact us by sending an e-mail to us. You can send this e-mail either to info@srcmail.de or to personalized e-mail addresses of our employees. We will use the data which we receive by way of your e-mail to us (for example: your name, your e-mail address as well as your message itself) for the purpose of responding to your request only. Upon completion of the response, this data is deleted. Solely within the scope of the archiving of e-mail correspondence stipulated by law (e-mails are business and commercial letters), the data will be stored for a maximum of 10 years.

Your data will be transmitted to third parties only if legally required.

We are unable to guarantee complete data security in the case of e-mail communication. Therefore, we recommend sending information with a high degree of privacy by mail.

Request for proposal

On various sub pages we provide forms (often called "questionnaire") which you may use to send us a request for a proposal, if needed. In order for us to be able to make first assessments and risk evaluations regarding the requested insurance for you, various types of data are gathered by means of the forms and questionnaires. In part these are business data, in part personal data. We will use the data gathered in the forms (including contact details of the person requesting the proposal, name of the policyholder, address of the policyholder, name of the persons to be insured, data regarding bodily, physical or other health problems, medical or other treatments of of the persons to be insured, phone numbers, e-mail addresses) as well as your message itself for the purpose of responding to your request only.

Upon completion of the response, this data is deleted. Solely within the scope of the archiving of e-mail correspondence stipulated by law (e-mails are business and commercial letters), the data will be stored for a maximum of 10 years.

Your data will not be deleted, however, if the processing of your data is necessary for the fulfillment of a contract, which you are a contractual party of, or for the implementation of pre-contractual measures. In this case, the processing is legitimate according to Art. 6 para. 1 lit. b) DS-GVO.

Your data are deleted when their storage is no longer necessary for the achievement of the purpose and if there is no obligation for audit-proof storage.

Notification of claims

As our contractual partner, you have various options to notify us of a claim. On the one hand, you can do this via the contact sheet "Claims Management". On the other hand, we provide forms on various sub pages (often called "Claim Notification Sheet") which you can send to us. By means of the contact sheet "Claims Management" and the forms we gather different types of data. In part these are business data, in part personal data. We will process and store the data gathered in the forms (including contract number, name of the policyholder, address of the policyholder, contact details of the contact person, account holder, bank data such as IBAN and BIC, name of the insured person, name of the claimant, name of the witnesses of the incident, damage to persons, names of injured persons, information about the type of injury, hospital treatments and permanent consequences, phone numbers, e-mail addresses) as well as your message itself only as far as it is necessary for the fulfillment of a contract which you are a party of. In this case, the processing is legitimate according to Art. 6 para. 1 lit. b) DS-GVO.

Your data are deleted when their storage is no longer necessary for the achievement of the purpose and if there is no obligation for audit-proof storage.

Applications / job offers

You find job offers on various sub pages. It is important to Special Risk Consortium GmbH to grant the highest possible protection of your data during an application process. All personal data which we gather and process in the course of an application process are protected against unauthorized access and manipulation by way of technical and organizational measures. Nonetheless, we are unable to guarantee full data security in case of an application by e-mail. This is particularly the case because you are transmitting your application to us by unencrypted e-mail. We therefore recommend sending information with a high degree of privacy by mail. As soon as the application process with regard to a particular job is completed, we will delete all data of any applicants.

Use of cookies

We use the technology of cookies for our web pages. Cookies are small text files which are sent to your browser by our web server during your visit of our web pages and stored on your computer for a later retrieval.

This website is using cookies within the following scope:

• Transient cookies (temporary use)

• Persistent cookies (time wise limited use)

• Third-party cookies (by third parties)

Transient cookies are automatically deleted when you close your browser. These are the session cookies, in particular. These cookies save a so-called session ID which facilitates the attribution of various requests of your browser to the common session. This is how your computer may be recognized when you return to the website. The session cookies are deleted when you log out or close your browser.

Persistent cookies are automatically deleted after a given time period has elapsed which may vary depending on the cookie. You may delete the cookies in the security settings of your browser at any time.

You may configure your browser settings to your liking and, for example, refuse any storage of third-party cookies or any cookie at all. However, please note that if you do so, you may not be able to use the full functionality of this website.

There is no gathering or storage of any personal data in cookies on our part. Neither do we use any technology linking information generated by cookies to user data.

You may find more information regarding the subject of "cookies" on the portal of the Technische Universität Berlin: www.verbraucher-sicher-online.de/thema/cookies

Web analysis

It is important to us to design our web pages as optimally as possible in order to make them attractive to our visitors. To this end, we need to know what part of them resonate in what way among our visitors. For this purpose, we use the following, recognized technologies:

Google Analytics

Within our web pages and with the consent of the visitor ("opt-in"), we are using Google Analytics, a web analysis service provided by Google. Google Analytics uses cookies, which are saved on your computer and which allow us to perform an analysis of the use of our web pages. Generally, the information about your use of our web pages generated by the cookie will be transmitted to and stored on a server in the US. We have activated the IP anonymization on our web pages. Thus, your IP address will be truncated by Google prior to its transmission within the member states of the EU or other countries of the Agreement on the European Economic Area. Google will use this information on behalf of us for the purpose of evaluating your use of the web pages, compiling reports on website activity and providing other services relating to website activity and Internet usage.

The IP address that your browser conveys within the scope of Google Analytics will not be merged with any other data held by Google. You may refuse the use of cookies by selecting the relevant setting in your browser software. In addition, you may prevent the capturing and processing of the data generated by the cookie by downloading and installing the browser plug-in available under the following link:

https://tools.google.com/dlpage/gaoptout?hl=en

The use of alternative plug-ins or the deactivation of all cookies in the setting of your browser also prevents your usage patterns from being analyzed.

Google Analytics is provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

You will find further information about data privacy within Google Inc. here:

https://policies.google.com/privacy

Embedded Services

We are embedding the following external services in the design of our website and for the provision of supplementary functions.

All services described below may be deactivated for your browser by way of special plug-ins, i.e., more precisely, the necessary connection to the relevant server may be disabled. Please note, however, that such tools may lead to some loss of the familiar everyday comfort – because many things will not function anymore the way you would usually expect it.

Google Maps

We are embedding content of Google Maps in our web pages in order to be able to show you the exact location of our company in a simplified way. In doing so, a connection between your browser and the Google Maps server is automatically established and thereby your IP address is also transmitted. Should you be logged into Google with an existing user account at the same time as you are visiting our web pages, Google may possibly allocate your visit to our web pages to your user behavior. Moreover, additional cookies may be sent by Google to your browser. We have no influence on this practice and we also do not receive any information by Google about the transmitted content.

Google Maps is provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

You will find further information about data privacy within Google Inc. here:

https://policies.google.com/privacy

YouTube

This website contains so-called embedding of YouTube videos. We only enable the connection to YouTube. We use YouTube with the "Privacy Enhanced Mode" function to be able to show you videos. According to YouTube, the "Privacy Enhanced Mode" function means that data is only transmitted to the YouTube server when you actually open a video.

YouTube is a service provided by Google Inc. You can find the purpose and scope of data collection and use by Google, as well as your rights and settings options for protection as a YouTube customer, in Google's privacy policy.

Processing of your personal data in countries outside the EU and the European Economic Area

Processing of your personal data in countries outside the EUE and the European Economic Area will not take place.

Your rights: information, correction, deletion, limitation

At any given time, you have the right to free information about your personal data stored and a right to correction, deletion, limitation of the processing or objection against the processing as well as a right to data portability, as long as the respective data protection requirements are met. If you have any questions regarding your rights, please do not hesitate to contact us or our external Data Protection Officer by e-mail (for contact details see above).

At the same time, you have the right to lodge a complaint with the supervisory authority in charge of us. This would be the Regional Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia: www.ldi.nrw.de/metanavi_Kontakt/

If you give us your consent for a certain data processing purpose, you may revoke this consent at any time.

Data security

Furthermore, we are using technical and organizational security measures in order to protect personal data incurred or gathered, particularly against accidental or deliberate manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are being continuously improved according to the latest technological developments.

To this effect, the transmission of your personal data by means of the contact forms is encrypted via SSL technology (https) in order to avoid access by unauthorized third parties.