Privacy Policy
We thank you for your visit to our website https://germanys.saarland/ and the personal interest associated therewith. For the purposes of providing you with the highest level of transparency, hereafter, we would like to inform you about the type, scope and purpose of the collection, processing and use of personal data that arise in the context of the use of our website. The General Data Protection Regulation (hereinafter referred to as “GDPR”) can be accessed here as a complete document.
1. Definition of terms
The following terms that we use within our privacy policy are defined within Art. 4 GDPR. This is only an excerpt from Art. 4 GDPR. You can view all definitions in the GDPR (available here).
- Personal data (Art. 4 No. 1 GDPR)
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. - Processing (Art. 4 No. 2 GDPR)
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as their collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. - Pseudonymisation (Art. 4 No. 5 GDPR)
Pseudonymisation means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not assigned to an identified or an identifiable natural person. - Controller (Article 4 No. 7 GDPR)
The controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of personal data processing; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for their nomination may be provided for by Union or Member State law. - Processor (Art. 4 No. 8 GDPR)
A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. - Third party (Art. 4 No. 10 GDPR)
A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data. - Consent (Art. 4 No. 11 GDPR)
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. - Company (Art. 4 No. 18 GDPR)
A company is a natural or legal person that carries out an economic activity, regardless of its legal form, including associations or partnerships that regularly carry out an economic activity (Art. 4 No. 18 GDPR).
2. Controller according to Art. 4 No. 7 GDPR
SHS Strukturholding Saar GmbH
Balthasar-Goldstein-Straße 31
66131 Saarbrücken
Tel.: +49 6893 / 9899 600
Email: info@strukturholding.de
You can access our full legal notice here: https://germanys.saarland/impressum/
3. Data Protection Officer
LEG Service GmbH
Balthasar-Goldstein-Straße 31
66131 Saarbrücken
Tel: 06893-9899-600
E-Mail: datenschutz@strukturholding.de
oder postalisch (SHS Strukturholding Saar GmbH, Balthasar-Goldstein-Straße 20, 66131 Saarbrücken) mit dem Zusatz „z.Hd. Datenschutzbeauftragter“.
4. Legal basis of processing
For each processing operation described within our privacy policy, we will inform you of the relevant legal basis on which the processing is carried out. A distinction is made here between the following case groups for which processing is lawful:
- You have given us your consent to process your personal data for one or more specific purposes (Art. 6 para. 1 sentence 1 lit. a GDPR).
- There is a contract between you and us for the performance of which the processing takes place, or the processing is necessary for the implementation of pre-contractual measures, which take place at your request (Art. 6 para. 1 sentence 1 lit. b GDPR).
- The fulfilment of a legal obligation to which we are subject requires the processing (Art. 6 para. 1 sentence 1 lit. c GDPR).
- The protection of your vital interests or those of another natural person requires the processing (Art. 6 para. 1 sentence 1 lit. d GDPR).
- The performance of a task entrusted to us that is in the public interest or the exercise of official authority requires the processing (Art. 6 para. 1 sentence 1 lit. e GDPR).
- The necessity of the processing to protect our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms that require the protection of personal data (Art. 6 para. 1 sentence 1 lit. f GDPR).
5. Storage and deletion of personal data
Within the processing described in our privacy policy, we will inform you of the relevant storage period or the times of deletion or blocking of data. If no explicit storage period is defined, the data will be deleted or blocked as soon as the purpose or legal basis for storage no longer exists.
Data may be stored beyond the defined times if statutory provisions to which we are subject, e.g. Section 147 German Fiscal Code [AO], Section 257 German Commercial Code [HGB], provide for a different storage period.
Following the storage period, the personal data will be deleted or blocked unless further storage is required by us to fulfil a legal obligation. In addition, storage beyond the specified time is possible in the event of a (possible) legal dispute with you or due to other legal proceedings.
6. Sharing personal data
If your personal data is transferred, you will be informed accordingly at the relevant point in our privacy policy. If your personal data is transferred outside the European Economic Area and thus to so-called third countries, you will be informed accordingly at the relevant point of our privacy policy. In principle, we only transfer personal data to third countries where an adequate level of protection has been confirmed by the EU Commission or where we can ensure the careful handling of the personal data on the basis of contractual agreements or other suitable guarantees.
7. Collection of personal data
In the following, we will inform you about the collection of personal data, such as your name, email address, address or user behaviour. The provision of the data is neither required by law nor contractually prescribed. You are not obliged either by law or on a contractual basis to provide the data. Please note, however, that it is not possible to use our website without providing the data listed in Section 7.1. Automated decision-making, including profiling in accordance with Art. 22 paras. 1 and 4 GDPR, does not take place on our website.
7.1. Exclusively informational use of our website
If you do not register on our website, for example in the form of a newsletter, or otherwise submit data to us, for example by using a contact form, only the personal data transmitted by your browser to our server will be collected. This is data that is technically necessary for us to make the website available for you to view while ensuring a secure and stable display. This is the following information that results from a log file line:
- Internet protocol (IP) address
- Time and date of the respective access
- Time zone difference to Greenwich Mean Time (GMT)
- Specific loaded web page
- Access status/hypertext transfer protocol (HTTP)
- Amount of data transferred in each case
- Website from which our website is accessed (referrer URL)
- Internet browser used, incl. language and version
- Operating system used
The legal basis for the collection of the listed data results from Art. 6 para. 1 sentence 1 lit. f GDPR. We have a legitimate interest in ensuring an error-free connection and comfortable use of our website as well as to analyse the system stability and security and to use the data for further administrative purposes.
7.2 Contact via email
If you contact us via the email address provided in Section 2 or other email addresses of our company that are published on our website, we will store your email address and other contact details provided in your email, e.g. your name or telephone number, in order to process your request. This data will be deleted immediately as soon as further storage is no longer necessary. If statutory retention periods apply with regard to the data, the processing of the data will be restricted accordingly instead of the data being deleted. Depending on the reason for sending the email, the legal basis for the processing of the data results from Art. 6 para. 1 Sentence 1 lit. b GDPR or from Art. 6 para. 1 Sentence 1 lit. f GDPR, i.e. either for the execution of the contract concluded with you and for the fulfilment of our (pre-)contractual obligations or it is based on our legitimate interest in contacting parties interested in our services.
8. Hosting
Our website is hosted by one4vision GmbH, Residenz am Schloßgarten, Talstraße 34 – 42, 66119 Saarbrücken, Imprint: www.one4vision.saarland/impressum.html (hereinafter referred to as “one4vision”). When you visit our website, the personal data specified in this privacy policy is transmitted to one4vision when using the website for purely informational reasons. For this purpose, we have concluded a corresponding order processing contract with the one4vision company. You can access one4vision’s privacy policy information here: https://www.one4vision.saarland/datenschutzerklaerung.html
9. Cookies
We use cookies on our website. Cookies are small, browser-specific text files that are stored on your hard drive. In this way, the entity that sets each cookie receives certain information, but a cookie does not run programs or transmit viruses. Cookies are divided into the following categories:
- The first distinction is who placed the cookie (the website operator in the case of first-party cookies, or a third party in the case of third-party cookies).
- There is also a difference in the length of storage.
- There are temporary cookies that are automatically deleted when the browser is closed, mainly session cookies that store a session ID. These session cookies allow your computer to be recognised when you return to our website within the same session using the same browser. When you close your browser or log out, these temporary cookies are deleted.
- There are also persistent cookies, which are stored for a longer period of time (up to two years). However, the length of time before deletion varies from cookie to cookie. You can manually delete these cookies at any time through your browser settings.
- Another group is known as flash cookies. This is a flash player-bound cookie that stores the technical data needed to play video or audio content (such as image quality or network speed), typically without an automatic expiration date, and stores the necessary data regardless of the browser used. Some browsers (e.g., Firefox) offer the option to delete flash cookies along with other cookies.
- In addition, cookies are differentiated by their function, which is most relevant from a data protection perspective.
- Technical (essential) cookies are cookies that are required to perform basic website functions (e.g., to store a product added to a shopping cart).
- Performance cookies collect information about the use of the website and any errors that occur. This is anonymous information that is used to improve the website.
- Advertising cookies or targeting cookies allow us to display tailored advertising (including from third parties) to the user of the website and to measure the effectiveness of such advertising.
- Sharing cookies link the website to other services (e.g., social media sites).
We only automatically use technical cookies, i.e., cookies that are necessary for the operation of our website based on our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR in order to design our website effectively and to continuously improve it.
Please note that you may refuse the storage of cookies at any time by selecting the appropriate settings on your browser. Further information in regard to this for the most popular browsers is provided below, but please note that this may limit the functionality of our website.
- Mozilla Firefox: https://support.mozilla.org/de/kb/verbesserter-schutz-aktivitatenverfolgung-desktop
- Microsoft Edge: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
- Google Chrome: https://support.google.com/chrome/answer/95647
- Opera: https://help.opera.com/de/latest/web-preferences/#cookies
- Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
10. ReadSpeaker
We use the ReadSpeaker tool from ReadSpeaker B.V., Princenhof Park 13, 3972 NG Driebergen-Rijsenburg, The Netherlands (https://www.readspeaker.com/contact/). The tool does not save cookies nor is the local or session storage described. When you access our website, it is possible that the personal data mentioned in this privacy policy is transmitted while you are using the website for purely informational purposes. All data is stored within the EU. The legal basis for processing the data results from Art. 6 para. 1 sentence 1 lit. f GDPR based on our legitimate interest in providing a website that is as accessible as possible.
11. Matomo
We use the “Matomo” web analysis tool (https://matomo.org/). Matomo is an open source tool maintained by the company InnoCraft Ltd”, 150 Willis St, 6011 Wellington, New Zealand, https://matomo.org/faq/new-to-piwik/who-is-innocraft/ (hereinafter referred to as “InnoCraft”) (InnoCraft Ltd was founded by the developers of Matomo). Matomo’s privacy policy can be accessed here: https://matomo.org/privacy-policy/. No cookies are used for this purpose, only a so-called digital fingerprint (a hash value, i.e. a combination of characters from which the original data cannot be derived, is created by various technical data such as the browser used), which is changed every 24 hours. We use Matomo on the basis of our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit f GDPR to optimise our website and operate it economically. You can object to the data processing at any time here:
12. Your rights
Below, we inform you about your rights under the GDPR. You can view the GDPR as a complete document here.
- Right to information in accordance with Art. 15 para. 1 GDPR You have the right to request confirmation from us as to whether personal data relating to you is being processed. If this is the case, in addition to the right to information about these personal data, you have a right to information about the processing purposes, the categories of personal data being processed, the recipients or categories of recipients to whom your personal data have been disclosed or will be disclosed in the future (in particular to recipients in third countries or international organisations), the storage period or criteria used to determine the storage period, the existence of a right to rectification or erasure of the personal data concerning you or the right to restriction of processing on our part as well as the existence of a right to object to this processing, the existence of a right of appeal to a supervisory authority, all available information about the origin of the data (in the event that it has not been collected by us), the existence of automated decision-making processes including profiling and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing.
- Right to rectification in accordance with Art. 16 GDPR
You have the right to obtain from us, without undue delay, the rectification of inaccurate personal data concerning you and to have incomplete personal data concerning you completed. - Right to erasure = “Right to be forgotten” in accordance with Art. 17 GDPR 1 DSGVO You have the right to demand that we immediately erase the personal data concerning you without undue delay. However, in accordance with Art. 17 para. 3 GDPR, this right shall not exist, if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest in the area of public health, for archiving purposes in the public interest or for the assertion, exercise or defence of legal claims.
- Right to restriction of processing in accordance with Art. 18 para. 1 GDPR 1 DSGVO You have the right to obtain from us the restriction of processing of your personal data if the accuracy of your personal data is contested by you (the restriction applies for the period of time that allows us to verify the data’s accuracy), the processing of your personal data is unlawful and you refuse their erasure, we no longer need your personal data for the processing purposes but they are required by you to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 para. 1 GDPR (here, the restriction applies for as long as it is not yet clear whether our legitimate reasons outweigh yours).
- Right to data portability according to Art. 20 GDPR
You have the right to receive the personal data concerning you from us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us (or to demand a direct transfer from us to another controller, if this is technically feasible), if the processing by us was based on your consent or a contract or was achieved using automated procedures. - Right to withdraw consent in accordance with Art. 7 para. 3 GDPR You have the right to withdraw your previous consent at any time with effect for the future, so that the data processing that took place on the basis of the consent can no longer be continued in the future. However, the legality of the processing that took place until your withdrawal is not affected by this.
- Right to lodge a complaint in accordance with Art. 77 GDPR
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint to a supervisory authority, if you believe that the processing of the personal data concerning you infringes the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or the place of the alleged infringement. Further information on this can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information.
13. Right of objection
In addition to the aforementioned rights, you also have the right to object at any time to the processing of your personal data, which is based on the performance of a task carried out in the public interest or in the exercise of official authority (Art. 6 para. 1 sentence 1 lit. e GDPR) or to safeguard legitimate interests on our part (Art. 6 para. 1 sentence 1 lit. f GDPR) with effect for the future, provided that there are reasons for this that arise from your particular situation. If you object, your personal data will no longer be processed unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the assertion, exercise or defence of legal claims. If your personal data is processed for the purpose of direct marketing or profiling, insofar as there is a connection to direct marketing, you have a general right to object without the need for reasons arising from your particular situation. In the event of an objection, we will immediately stop processing the personal data for these purposes. To exercise your right of withdrawal or objection, simply send an email to: info@strukturholding.de
14. Data security
Our website uses the encryption and communication protocol TLS 1.3 (Transport Layer Security). By means of the TLS certificate used by us, which is issued by a certification authority, we enable encrypted data exchanges between the web browser and web server, whereby sensitive data cannot be read by third parties. We use the procedure with the highest encryption level that your browser supports, which is usually 256-bit encryption. The higher the bit number, the longer the key and the better the protection against third parties.
This privacy policy was custom-created for this website by Frame for Business GmbH in cooperation with the Rechtsanwaltskanzlei Dr. Schultheiß law firm.