Controller who provides CeleraOne
Usedomer Straße 4
tel.: 030 208 480 480
Moritz Hilger, Samir Fadlallah
2. Name and address of the data protection officer
The data protection officer of the controller is:
Dr. Christoph Höger
Usedomer Str. 4
tel.: + 49 (0)30 208 480 480
3. Purposes, legal basis and duration of the data processing
a. Visit to the website
When you visit CeleraOne, the browser used on your terminal device automatically sends information to the server of our website. This information is stored temporarily in a so-called log file. The following information is acquired without your assistance and stored until its automated deletion:
- IP address of the inquiring computer,
- Date and time of the access,
- Name and URL of the requested file,
- Website from which the access is made (referrer URL),
- Browser used and, if applicable, the operating system of your computer and the name of your access provider.
The named data is processed by us for the following purposes:
- To enable a smooth connection to the website to be set up,
- To enable convenient usage of our website,
- To evaluate the system security and stability and
- For further administrative purposes.
The legal basis for the data processing is Art. 6 (1) lit. f GDPR. Our legitimate interest derives from the above-named purposes of data acquisition. Under no circumstances do we use the processed data for the purposes of making assumptions about your person.
b. Presence on third-party portals
We are also present on other portals (“third-party portals”) such as social networks (e.g. Twitter). Our objective is to be available to you outside our website and provide another point of contact to you.
Depending on which data processing you have agreed to towards the portal provider, the intent and purpose of the third-party portal for us is to receive certain information about you (e.g. followers on Twitter) during your interaction with us on the portal. Note that all communication with us via these third-party portals is processed by these portal providers and, if applicable, is accessible to them.
The legal basis for this is your contract with the portal provider, Art. 6 (1) lit. b) GDPR. Your interaction with us via and in the portals is voluntary. If you provide us with additional information (e.g. in a short message in the third-party portal), this is either to get in pre-contractual contact with us (Art. 6 (1) lit. b) GDPR) or to voluntarily grant us your consent (Art. 6 (1) lit. a) GDPR).
If you have given us your consent, according to Art. 7 Sect. 3 GDPR you have the right to withdraw your consent at any time for the future. To do so you can either adjust the settings for your respective account in the third-party portal accordingly (e.g. no longer follow us). Or if you want us to refrain from using your data received up to this point in the future and to delete it, please contact us.
c. Contact via email
If you contact us by email or phone, we process your data to the extent that is necessary in order to be able to answer your questions. Thus the legal basis for this is also the contract with you, Art. 6 (1) lit. b) GDPR. The data for this is stored until the request or question is completely answered. If a business relationship results from the contact, the conditions of the corresponding contract apply.
d. Usage of our contact form
For questions of all types, we offer you the option to contact us via a form provided on the website. Here you must provide a valid email address so that we know where the query comes from and are able to answer it. Further information can be provided voluntarily.
The data processing for the purposes of making contact with us is based on Art. 6 (1) lit. a) GDPR, i.e. your voluntarily given consent.
The personal data collected by us for the use of the contact form are deleted automatically after the query submitted by you has been processed completely.
Ultimately the host of the website and the email provider commissioned by us processes data in your and our interest in order to guarantee the integrity, confidentiality and availability of the data processing systems, i.e. in particular the security and availability of your personal data. It is not possible to use CeleraOne without the processing of data for this purpose. The legal basis for this data processing is Art. 6 (1) lit. f) GDPR; our legitimate interest is in the maintenance and reliable provision of our services.
4. Forwarding of data
There is no transfer of your personal data to third parties for purposes other than those listed hereafter.
We forward your personal data to third parties only if:
- You have granted your express consent to this as per Art. 6 (1) lit. a) GDPR,
- The data transfer is necessary under Art. 6 (1) lit. f) GDPR to pursue our legitimate interest or the legitimate interest of third parties, except where such interests are overridden by your interests or fundamental rights and freedoms,
- There is a legal obligation for the forwarding under Art. 6 (1) lit. c) GDPR, and this is legal and necessary under Art. 6 (1) lit. b) GDPR for the processing of contractual relationships with you.
For the operation of our website and the online communication we have commissioned the following categories of service providers and entered into data processing agreements under Art. 23 GDPR so that they act on our behalf and only under our instructions:
- email Provider
- Providers for the operation of servers (host)
5. Right to withdraw and object
If you have given us your consent to process your personal data, according to Art. 7 Sect. 3 GDPR you have the right to withdraw your consent at any time for the future. In the case of a withdrawal of the consent, your data will no longer be processed for the purpose to which you agreed. If this data will be deleted if there is no other legal basis for the further processing of this data (e.g. contract fulfilment, legal retention obligations).
If the processing of your personal data is based on a legitimate interest, Art. 6 Sect. 1 lit. f) GDPR, you can submit an objection to this processing at any time. The personal data will no longer be processed unless we can provide compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the purpose of the establishment, exercise or defence of legal claims.
If you want to exercise your right to withdraw or object, an email to our data protection officer is sufficient.
6. Transfer to third countries
If we transfer personal data to service providers outside the EU or the European Economic Area (EEA), the transfer is performed only if an appropriate level of data protection for the third country has been confirmed by the EU Commission, or the transfer is based on the principles of the so-called Privacy Shield (https://www.privacyshield.gov/welcome) and on the basis of so-called standard contract clauses of the EU Commission http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF.
7. Your rights as per GDPR
Along with the above-named rights to withdraw consent and object to the data processing, you have the following rights relating to your personal data vis-à-vis us as the responsible party as per the specifications of the GDPR:
- Right to information,
- Right to rectification,
- Right to restriction of the processing,
- Right to erasure,
- Right to notifications,
- Right to data portability.
Irrespective of another administrative or judicial legal remedy, you have the right to appeal to a supervisory authority, in particular in the member state of your place of residence, your workplace or the location of the supposed infringement, if you are of the opinion that the processing of the personal data relating to you infringes the GDPR.
8. Currency and changes to this data protection declaration