Third Floor Company GmbH
72280 Hallwangen, Germany
T: +49 7443 92 998 80
F: +49 7443 92 998 81
Registererd at: Amtsgericht Stuttgart
VAT-ID No.: DE264942016
Tax No.: 42070/07209
General Data Protection Regulation
1. Collection and storage of personal data as well as the nature and purpose of their use
a) When visiting the website:
When you visit our website www.steffenschraegle.com, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:
• IP address of the requesting computer
• date and time of access
• name and URL of the retrieved file
• website from which access is made (referrer URL)
• the browser used and, if applicable, the operating system of your computer as well as the name of your access provider
The data mentioned are processed by us for the following purposes:
• ensuring a smooth connection of the website
• ensuring comfortable use of our website
• evaluation of system security and stability
• for further administrative purposes
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the data collection purposes listed above. In no case will we use the collected data for the purpose of drawing conclusions about you.
b) When registering for our Newsletter:
If, in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO have expressly consented, we use your e-mail address to regularly send you our newsletter. For the receipt of the newsletter the indication of an e-mail address is sufficient. The deregistration is possible at any time, for example via a link at the end of each newsletter. Alternatively, you can send your unsubscribe request at any time to firstname.lastname@example.org by e-mail.
c) By using our contact form
For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. It is necessary to provide a valid e-mail address so that we know who the request came from and to answer it. Further information can be provided voluntarily. The data processing for the purpose of contacting us is in accordance with Art. 6 para. 1 p. 1 lit. a GDPR based on your voluntarily granted consent. The personal data collected by us for the use of the contact form will be automatically deleted after completion of the request made by you.
You have the opportunity to post questions, answers, opinions or ratings (contributions) on our website. In this case, we process your contribution and publish it on our website. A substantive examination does not take place. The legal basis here is that you, according to Art. 6 para. 1 lit. a) GDPR, grant consent. The consent can be withdrawn at any time in accordance with Art. 7 para. 3 GDPR. Furthermore, the date and time of submission, a possibly used pseudonym, IP and e-mail address are processed. The legal basis results from Art. 6 para. 1 lit. f. GDPR. Our predominant legitimate interest is to initiate or support further action if your contribution is unlawful. The data given in the context of the contributions will be stored by us until the objection by the user.
2. Disclosure of data
A transfer of your personal data to third parties for purposes other than those listed below does not take place.
We only share your personal information with third parties if:
• You, according to Art. 6 para. 1 sentence 1 lit. a DSGVO, have given express consent to this
• Disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data
• In the event that disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO is a legal obligation
This is legally permissible and according to Art. 6 para. 1 sentence 1 lit. b DSGVO, is required for the settlement of contractual relationships with you
4. Analysis tools
a) Tracking tools
The tracking measures listed below and used by us are based on Art. 6 para. 1 sentence 1 lit. f DSGVO. With the tracking measures to be used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offer for you.
These interests are to be considered as justified within the meaning of the above provision. The respective data processing purposes and data categories are to be taken from the corresponding tracking tools.
b) Google Analytics1
For the purpose of the needs-oriented design and continuous optimization of our pages, we use Google Analytics, a web analysis service of Google Inc https://www.google.de/intl/de/about/ (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereafter "Google"). In this context, pseudonymised usage profiles are created and cookies (see point 4) are used. The information generated by the cookie about your use of this website, such as
• Browser type / version
• Operating system used
• Referrer URL (the previously visited page)
• Host name of the accessing computer (IP address)
• Time of server request,
are transmitted to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third parties if required by law or if third parties process this data in the order. Under no circumstances will your IP address be merged with any other data provided by Google. The IP addresses are anonymized, so that an assignment is not possible (IP masking).
You can prevent the installation of cookies by a corresponding setting of the browser software; however, we point out that in this case not all features of this website may be fully utilized. You may also record the data generated by the cookie and related to your use of the website (including your IP address) and prevent Google from processing this data by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).
Alternative to the browser add-on, especially for browsers Mobile devices, you can also prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set that will prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
For more information about data protection in connection with Google Analytics, see the Google Analytics Help Center (https://support.google.com/analytics/ answer / 6004245? hl = DE).
c) Google Adwords Conversion Tracking
To statistically record the use of our website and to evaluate it for the purpose of optimizing our website, we also use Google Conversion Tracking. In this case, Google Adwords sets a cookie (see section 4) on your computer, provided that you have reached our website via a Google ad.
These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not yet expired, Google and the customer may recognize that the user clicked on the ad and was redirected to that page.
Each Adwords customer will receive a different cookie. Cookies can not be tracked via the websites of Adwords customers. The auxiliary Conversion-Cookie information is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers hear the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, you do not receive any information that personally identifies users.
d) WordPress Stats
5. Social Media Plug-ins
On our website we rely on the basis of Art. 6 para. 1 sentence 1 lit. f DSGVO social plug-ins from the social networks Facebook, Twitter and Instagram to make our company better known. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for the operation compliant with data protection is to be guaranteed by their respective providers. The integration of these plug-ins by us takes place in the way of the so-called two-click method to best protect visitors to our website.
On our website social media plugins from Facebook are used to make their use more personal. For this we use the "LIKE" or "SHARE" button. This is an offer from Facebook.
If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and incorporated by the latter into the website.
By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or just not logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the US and stored there.
If you are logged in to Facebook, Facebook can directly link your visit to our website to your Facebook account. If you interact with the plugins, for example by pressing the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on Facebook and displayed to your Facebook friends.
Facebook can use this information for the purpose of advertising, market research and tailor-made Facebook pages. For this purpose, Facebook uses user, interest and relationship profiles, etc. For example, to evaluate your use of our website in relation to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.
On our website are plugins of the short message network of Twitter Inc. (Twitter) integrated. The Twitter plugins (tweet button) can be recognized by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons).
When you visit a page of our website that contains such a plugin, a direct connection between your browser and the Twitter Server is made. Twitter receives the information that you have visited our site with your IP address. If you click on the Twitter "tweet button" while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We point out that we as the provider of the pages do not receive knowledge of the content of the transmitted data as well as their use by Twitter.
If you do not want Twitter to be able to allocate the visit to our pages, please log out of your Twitter user account.
Further information can be found in the Privacy Statement of Twitter (https://twitter.com/privacy).
Our website also uses so-called social plugins ("plugins") from Instagram, published by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram").
The plugins are marked with an Instagram logo, for example in the form of an "Instagram camera".
When you visit a page of our website that contains such a plugin, your browser connects directly to Instagram's servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in to Instagram.
This information (including your IP address) is sent from your browser directly to an Instagram server in the US and stored there. If you're logged in to Instagram, Instagram can instantly associate your visit to our website with your Instagram account. If you interact with the plugins, for example, press the "Instagram" button, this information is also transmitted directly to an Instagram server and stored there.
The information will also be published on your Instagram account and displayed there to your contacts. If you do not want Instagram to directly associate the data collected through our website with your Instagram account, you must log out of Instagram before visiting our website.
(1) Our online offer includes YouTube videos stored on http://www.YouTube.com. These can be played directly from our website. The videos are all integrated in the "extended privacy mode". This will not transfer data to YouTube if you are not playing the videos. Only when you play the videos, the following data will be transmitted. However, we have no influence on this data transfer.
(2) When you visit the website, YouTube receives the information that you have accessed the corresponding sub-page. In addition, the data mentioned under (Google module) will be transmitted. This is done regardless of whether a user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to associate with your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and/or custom design of its website. Such an evaluation is done in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right to object to the creation of these User Profiles, and you must be directed to YouTube to use them.
e) Use of Vimeo plugins
We use for example, the integration of videos through the provider Vimeo. Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, NY, New York 10011. On some of our websites we use plugins of the provider Vimeo. If you pull up the Internet pages of our Internet presence provided with such a plugin - for example our media library - a connection to the Vimeo servers will be established and the plugin will be displayed. This will be transmitted to the Vimeo server--which of our websites you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. When using the plugin for example to click on the start button of a video, it also assigns this information to your user account. You can prevent this association by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo. For more information about data processing and privacy by Vimeo, see https://vimeo.com/privacy.
6. Affected rights
You have the right:
• to request information about your personal data processed by us pursuant to Art. 15 DSGVO. In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a Complaint right, the origin of their data, if they were not collected from us, as well as the existence of an automated decision-making including profiling and possibly informative information about their details
• in accordance with Art. 16 DSGVO, to immediately demand the correction of incorrect or completed personal data stored by us
• in accordance with Art. 17 DSGVO, to demand the deletion of your personal data stored by us, unless the processing for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of Legal claims is required;
• to demand the restriction of the processing of your personal data according to Art. 18 GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you assert this exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
• in accordance with Art. 20 DSGVO, to receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another person responsible;
• according to Art. 7 para. 3 DSGVO, to revoke your once given consent to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future and
• to complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
7. Right to objection
If your personal data based on legitimate interests in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO are processed, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 DSGVO, provided that there are reasons for this arising from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which is implemented by us without specifying a special situation. If you would like to exercise your right of revocation or objection, please send an e-mail to ISO@thirdfloorcompany.com.
8. Data Security
We use the popular SSL (Secure Socket Layer) method within the site visit, in conjunction with the highest level of encryption supported by your browser. In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we'll use 128-bit v3 technology instead. Whether a single page of our website is encrypted is shown by the closed representation of the key or lock icon in the lower status bar of your browser.
We also take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
9. Up-to-dateness and change of this data protection explanation
1 Data protection authorities require the use of Google Analytics for the completion of a contract data processing agreement. A template will be available at http://www.google.com/analytics/terms/en.pdf from Google.
1. Collection and storage of personal data as well as nature and purpose and their use
When you hire us, we collect the following information:
• Salutation, first name, last name
• Valid e-mail address
• Telephone number (landline and/or mobile)
• Photos with EXIF data,
• Tax ID / VAT ID
The collection of these data takes place:
• to identify you as our customer
• to provide you with appropriate advice and to process your orders
• for correspondence with you
• for invoicing
• to fulfill the contract concluded with you
The data processing, in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO, is based on your request and is required for the specified purposes for the appropriate processing and customer service and for the mutual fulfillment of obligations from the customer relationship. The personal data collected by us for the fulfillment of the contract shall be stored until the expiry of the limitation period (3 years after the end of the calendar year in which the order was terminated) and thereafter deleted, unless we, under Article 6 para. 1 lit. c DSGVO, are obliged to store for a longer period of time due to tax and commercial requirements for storage and documentation (HGB, StGB or AO) or you are obliged to make further storage in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO and have consented.
2. Disclosure of data to third parties
A transfer of your personal data to third parties for purposes other than those listed below does not take place. In so far as this is required by Art. 6 para. 1 sentence 1 lit. b DSGVO is required for the execution of orders with you, your personal data will be passed on to third parties. This includes, in particular, the transfer to our partner companies for the purpose of correspondence and to fulfill the request. The transferred data may be used by the third party exclusively for the stated purposes.
3. Affected rights
You have the right:
- pursuant to Art. 7 para. 3 DSGVO, to revoke your once given consent to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future;
- to demand information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a right to complain, the source of their data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
- in accordance with Art. 16 DSGVO, immediately demand the correction of incorrect or completed personal data stored by us;
- to demand, in accordance with Art. 17 DSGVO, the cancellation of your personal data held by us, unless the processing is for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of the public interest or for the assertion, exercise or defense of Legal claims is required;
- to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you assert this, Exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- in accordance with Art. 20 GDPR to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible and
- to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our office.
4. Right of objection
If your personal data are based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO are processed, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 DSGVO, provided there are reasons for this arising from your particular situation.
If you would like to exercise your right to object, an email to ISO@thirdfloorcompany.com is sufficient.