Data Privacy:
Preamble
With the following data protection declaration, we would like to inform you what types of data (from now on referred to as "data") we process for which purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both As part of the provision of our services and, in particular, on our websites, in mobile applications, and within external online presences, such as our social media profiles (from now on collectively referred to as "online offer").
The terms used are not gender specific.
As of July 13, 2023
​
Table of Contents
Preamble
Responsible person
Overview of the processing
Relevant legal bases
Security measures
Deletion of data
Rights of the persons concerned
Use of cookies
Provision of the online offer and web hosting
Registration, registration, and user account
Contact and inquiry management
Change and update the data protection
declaration Definitions of terms
Responsible
Ferdinand Toma / FTI Media
Alte Strasse, 6
34266, Hesse, Germany
Authorized representatives:
Ferdinand Toma
E-Mail-Address:
info@fti-media.com
Imprint:
www.fti-media.com/imprint
Relevant legal bases
Relevant legal bases according to the GDPR: Below, you will find an overview of the legal bases of the GDPR, based on which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. If more specific legal bases are relevant in individual cases, we will inform you of them in the data protection declaration.
Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR) - The person concerned has consented to process their data for a specific purpose or several specific purposes.
Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR) - The processing is necessary for the fulfillment of a contract to which the data subject is party or for the implementation of pre-contractual measures required at the data subject's request.
Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR) - Processing is necessary to safeguard the legitimate interests of the person responsible or a third party unless the interests or fundamental rights and freedoms of the data subject, which protect personal Data, prevail.
National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. This includes, in particular, the law protecting against misuse of personal data in data processing (Federal Data Protection Act - BDSG). In particular, the BDSG contains special regulations on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission, and automated decision-making in individual cases, including profiling. Furthermore, state data protection laws of the individual federal states may apply.
Overview of processing
The following overview summarizes the types of data processed and the purposes of their processing and refers to the persons concerned.
Types of Data Processed
Inventory Data.
Contact details.
Content data.
Usage data.
Meta, communication, and procedural data.
Categories of data subjects
Communication partners.
User.
Purposes of processing
Provision of contractual services and customer service.
Contact Requests and Communication.
Safety measures.
Management and response to inquiries.
Feedback.
Provision of our online offer and user-friendliness.
Information technology infrastructure.
Safety measures
We take appropriate technical and organizational measures by the legal requirements, taking into account state of the art, the implementation costs, and the type, scope, circumstances, and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons to ensure a level of protection appropriate to the risk.
The measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, securing availability and their separation. Furthermore, we have set up procedures that ensure data subject rights, data deletion, and reactions to data threats. Furthermore, we already consider protecting personal data during the development or selection of hardware, software, and processes by the principle of data protection through technology design and data protection-friendly default settings.
TLS encryption (HTTPS): To protect your data transmitted via our online offer, we use TLS encryption. You can recognize such encrypted connections by the prefix https:// in the address line of your browser.
deletion of data
The data processed by us will be deleted in accordance with the legal requirements as soon as your consent to processing is revoked or other permissions are no longer applicable (e.g. if the purpose of processing this data no longer applies or it is not required for the purpose). If the data is not deleted because it is required for other, legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.
Our data protection information can also contain further information on data storage and deletion, which apply primarily to the respective processing.
Rights of the data subjects
Rights of the data subjects from the GDPR: As a data subject, you have various rights under the GDPR, which result in particular from Art. 15 to 21 GDPR:
Right of objection: You have the right, for reasons arising from your particular situation, to object at any time to the processing of your data, which is based on Article 6 Paragraph 1 lit. e or f GDPR; this also applies to profiling based on these provisions. If the personal data concerning you is processed to operate direct advertising, you have the right to object at any time to processing your data for such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
Right of withdrawal for consent: You can withdraw your consent anytime.
Right to information: You have the right to request confirmation as to whether the data in question is being processed and to request information about this data, further information, and a copy of the data by legal requirements.
Right to rectification: By legal requirements, you have the right to request the completion of the data concerning you or correct incorrect data concerning you.
Right to deletion and restriction of processing: You have the right, by the legal requirements, to request that data concerning you be deleted immediately or to request a limitation of the processing of the data by the legal requirements.
Right to data portability: You have the right to receive the data you provided to us per the legal requirements in a structured, standard, and machine-readable format or to request that it be transmitted to another person responsible.
Complaint to a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to complain with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the home of the alleged infringement, if you believe that the processing of data concerning you personal data violates the provisions of the GDPR.
Use of cookies
Cookies are small text files or other memory notes that store information on end devices and read data from the end devices. For example, to save the login status in a user account, the content of a shopping cart in an e-shop, the content accessed or the functions used in an online offer. Cookies can also be used for various purposes, e.g., for functionality, security, and comfort of online offers and to create analyzes of visitor flows.
Notes on consent: We use cookies by legal regulations. Therefore, we obtain prior permission from users, except where not required by law. In particular, support is unnecsupportif the storage and reading of the information, including cookies, is necessary to provide the users with a telemedia service (i.e., our online offer) they have expressly requested. The essential cookies usually include cookies with functions that enable the display and operability of the online offer, load balancing, and security, serve to store the preferences and selection options of the users, or similar purposes related to the provision of the primary and ancillary functions of the online offer requested by the users. The revocable consent is clearly communicated to the users and contains the information on the respective cookie use.
Notes on the legal basis for data protection: The legal basis under data protection law on which we process users' personal data with the help of cookies depends on whether we ask users for their consent. If the users consent, the legal basis for processing your data is the declared consent. Otherwise, the data processed with the help of cookies will be processed based on our legitimate interests (e.g., in the commercial operation of our online offer and improving its usability) or, if this is done in the context of fulfilling our contractual obligations if the use of cookies is necessary to enable our to fulfill contractual obligations. For what purposes do we process the cookies,
Storage period: Regarding the storage period, the following types of cookies are distinguished:
Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his end device (e.g., browser or mobile application).
Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved, or preferred content can be displayed directly when the user revisits a website. Likewise, the user data collected with the help of cookies can be used to measure reach. Unless we provide users with explicit information on the type and storage period of cookies (e.g., when obtaining consent), users should assume that cookies are permanent and the storage period can be up to two years.
General information on revocation and objection (so-called "opt-out"): Users can revoke their consent at any time and object to the processing by the legal requirements. For this purpose, users can, among other things, restrict the use of cookies in their browser settings (which can also limit the functionality of our online offer). An objection to using cookies for online marketing can also be declared via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/.
Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR); Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR).
Further information on processing processes, procedures, and services:
Processing of cookie data based on consent: We use a cookie consent management procedure in the context of which the user consents to the use of cookies or the processing mentioned in the context of the cookie consent management procedure, and providers can be obtained and managed, and revoked by the users. The declaration of consent is stored here so that the query does not have to be repeated and to be able to prove the consent by the legal obligation. The storage can take place on the server side and in a cookie (so-called opt-in cookie or with the help of comparable technologies) to be able to assign consent to a user or his device. Subject to individual information about the providers of cookie management services, the following information applies: The duration of the storage of the consent can be up to two years. A pseudonymous user identifier is created and stored with the time of the support, information on the scope of the license (e.g., which categories of cookies and service providers), and the browser, system, and end device used; Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). which categories of cookies and service providers) as well as the browser, system, and end device used; Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR). which categories of cookies and service providers) as well as the browser, system, and end device used; Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR).
Provision of the online offer and web hosting
We process the data of the users to be able to make our online services available to them. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or end device.
Types of data processed: usage data (e.g., websites visited, interest in content, access times); Meta, communication, and procedural data (e.g., IP addresses, times, identification numbers, consent status).
Affected persons: users (e.g., website visitors, users of online services).
Purposes of processing: Provision of our online offer and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)); Safety measures.
Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).
Further information on processing processes, procedures, and services:
Provision of online offer on rented storage space: For the condition of our online offer, we use storage space, computing capacity, and software that we rent from a corresponding server provider (also called "web hoster") or obtain from another source; Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).
Collection of access data and log files: Access to our online offer is logged as so-called "server log files." The address and name of the retrieved websites and files, date and time of retrieval, amounts of data transferred, notification of successful return, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP Addresses and the requesting provider belong. The server log files can be used on the one hand for security purposes, e.g., to avoid overloading the server (especially in the case of abusive attacks, so-called DDoS attacks) and on the other hand, to ensure server utilization and stability, Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR); Deletion of data: Log file information is stored for 30 days and then deleted or made anonymous. Data whose further storage is required for evidence purposes are excluded from deletion until the respective incident has been finally clarified.
Registration, login, and user account
Users can create a user account. As part of the registration, the users are informed of the required mandatory information and processed to provide the user account based on contractual fulfillment of obligations. The processed data includes the login information (user name, password, and email address).
​
When using our registration and login functions and the user account, we store the IP address and the time of the respective user action. The storage takes place based on our legitimate interests and those of the users in protection against misuse and other unauthorized use. In principle, this data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation.
Users can be informed by email about processes that are relevant to their user account, such as technical changes.
​
Types of data processed: Inventory data (e.g., names, addresses); Contact information (e.g., email, phone numbers); Content data (e.g., entries in online forms); Meta, communication, and procedural data (e.g., IP addresses, times, identification numbers, consent status).
Affected persons: users (e.g., website visitors, users of online services).
Purposes of processing: provision of contractual services and customer service; Safety measures; managing and responding to inquiries; Provision of our online offer and user-friendliness.
Legal basis: Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) DSGVO); Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).
Further information on processing processes, procedures and services:
Registration with real names: Due to the nature of our community, we ask users only to use our offer using real names. I.e., the use of pseudonyms is not permitted; Legal basis: Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) DSGVO).
Deletion of data after termination: If users have terminated their user account, their data with regard to the user account will be deleted, subject to a legal permission, obligation or consent of the user; Legal basis: Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) DSGVO).
No storage obligation for data: The user's responsible for backing up their data before the end of the contract in the event of termination. We are entitled to irretrievably delete all of the user's data stored during the contract period; Legal basis: Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) DSGVO).
Contact and inquiry management
When contacting us (e.g., by post, contact form, email, telephone, or via social media) as well as in the context of existing user and business relationships, the details of the inquiring person are processed insofar as this is necessary to answer the contact inquiries and any inquiries action is required.
​
Types of data processed: contact details (e.g., email, telephone numbers); Content data (e.g., entries in online forms); Usage data (e.g., websites visited, interest in content, access times); Meta, communication, and procedural data (e.g., IP addresses, times, identification numbers, consent status).
Affected persons: communication partners.
Purposes of processing: contact requests and communication; managing and responding to inquiries; Feedback (e.g. collecting feedback via online form); Provision of our online offer and user-friendliness.
Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR); Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) DSGVO).
Further information on processing processes, procedures and service,s:
Contact form: If users contact us via our contact form, email, or other communication channels, we process the data communicated to us in this context to process the communicated request; Legal basis: Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b) GDPR), legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).
Changes and updates to the data protection declaration
We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes in the data processing process make this necessary. We will inform you when the changes require cooperation (e.g., consent) or other individual notification.
If we provide addresses and contact information of companies and organizations in this data protection declaration, please note that the lessons can change over time, and we ask you to check the information before contacting us.
​
Definitions of terms
This section provides an overview of the terms used in this data protection declaration. As far as the words are legally defined, their legal definitions apply. The following explanations, on the other hand, are intended primarily for understanding.
​
Personal data: "Personal data" means any information relating to an identified or identifiable natural person (from now on, "data subject"); an identifiable natural person can be placed directly or indirectly, in particular using assignment to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie) or one or more special features, are an expression of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Responsible: The "responsible person" is the natural or legal person, authority, institution, or other body that, alone or jointly with others, decides on the purposes and means of processing personal data.
Processing: "Processing" is any process or series of operations carried out with or without automated procedures concerning personal data. The term covers practically every data handling: collection, evaluation, storage, transmission, or deletion.