Constares GmbH pays great importance to data protection. Your personal data is collected and processed in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR). We collect and process your personal data in order to be able to offer you this website. This statement describes how and for what purpose your personal data is collected and used and what options you have in connection with your data.
1 Responsible body and person
Responsible for the collection, processing and use of your personal data in terms of General Data Protection Regulation GDPR is
Constares GmbH and Constares Financial GmbH & Co. KG
Phone: 49 89 125 039 830
Fax: 49 89 125 039 839
Managing Director: Christian Limmer
Contact to data protection controller: firstname.lastname@example.org
1.2 General information
Types of data processed:
Categories of persons concerned
Visitors and users of the online offer. In the following, we will also summarize the persons concerned as "users".
Purpose of processing
"Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more special factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
"Processing" means any operation carried out with or without the aid of automated procedures or any such series of operations in connection with personal data. The term goes a long way and covers practically every handling of data.
“Responsible person" means the natural or legal person, authority, institution or other body that alone or together with others decides on the purposes and means of processing personal data.
Additionally we process
of our customers, prospective customers, business partners, applicants and candidates for the purpose of providing contractual services, general services and customer care.
The hosting services we use are providing the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online offering.
Here we or our hosting provider process master data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 lit. f GDPR in conjunction with. Art. 28 GDPR (contractual data processing agreement).
2 General use of this website
2.1 Access data
Constares collects information about you when you use this website. We automatically collect information about your usage behavior and interaction with us and record data about your computer or mobile device. We collect, store and use data about every access to our online offer (so-called server log files). The access data includes name and URL of the accessed file, date and time of access, transferred data volume, notification of successful access (HTTP response code), browser type and browser version, operating system, referrer URL (i.e. the previously visited page), IP address and the requesting provider.
We use this log data without allocation to your person or other profiling for statistical evaluations for the purpose of operation, security and optimization of our online offer, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services. We reserve the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or for the provision or billing of a service, e.g. if you use one of our offers. We also store IP addresses if we have a concrete suspicion of a criminal offence in connection with the use of our website. In addition, we store the date of your last visit as part of your account (e.g. when registering, logging in, clicking on links, etc.).
2.2 Contact via e-mail and web form
If you contact us (e.g. via contact form or e-mail), we store your data given for processing the enquiry and in the event that follow-up questions arise. We only store and use further personal data if you give your consent or if this is legally permissible without special consent.
2.3 Online presence in social media
We maintain online presences within social networks and platforms in order to communicate with active customers, interested parties, users and applicants and to inform them there about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.
Integration of third-party services and content
Within our online offer, based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO), we use third-party content or service offerings to incorporate their content and services, such as videos or fonts (hereinafter uniformly referred to as "Content").
This always implies that the third party providers of this content use the IP address of the users, since without the IP address they could not send the content to their browser. The IP address is therefore required for the display of this content. We make every effort to use only those contents whose respective providers use the IP address only for the delivery of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offer, as well as may be linked to such information from other sources.
Typekit fonts from Adobe
On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) we use external typekit fonts from Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland. Adobe is certified under the Privacy Shield Agreement, which thereby provides a guarantee of compliance with European data protection laws.
https://www.linkedin.com/legal/privacy-policy . LinkedIn is certified under the Privacy Shield Agreement, which thereby provides a guarantee of compliance with European data protection laws. (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active ).
Newsletter dispatch service providers
The newsletter is sent out by the dispatch service "Belsignum (belmail)" (Belsignum UG, Carl-von-Linde-Str. 40, 85716 Unterschleißheim www.belsignum.com/). If you register for our free newsletter, the data requested from you for this purpose, i.e. your e-mail address and - optionally - your first and last name, will be transmitted to Belsignum. At the same time, the IP address of the Internet connection from which you access our website and the date and time of your registration are stored. As part of the registration process, we will obtain your consent to the sending of the newsletter, describe the content in detail and refer to this data protection declaration. The data collected is used exclusively for sending the newsletter - it will therefore not be passed on to third parties. The legal basis for this is Art. 6 para. 1 lit. a) GDPR.
You may revoke your consent to receive the newsletter at any time with effect for the future pursuant to Art. 7 para. 3 GDPR. All you have to do is inform us of your revocation or click the unsubscribe link contained in each newsletter.
The dispatch service provider can use the recipient's data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes. However, the dispatch service does not use the data of our newsletter recipients to contact them directly or to pass on the data to third parties.
Measurement of success
The newsletters contain a so-called "web beacon", i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a dispatch service provider, from whose server. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected.
This information is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. The statistical collections also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our endeavor, nor, if used, that of the dispatching service provider, to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.
2.5 Legal bases and storage period
The legal basis for data processing in accordance with the above paragraphs is Art 6 para. 1 letter f) GDPR. Our interests in data processing are in particular to ensure the operation and security of the website, to investigate the manner in which visitors use the website, and to simplify the use of the website.
Unless specifically stated, we only store personal data for as long as is necessary to fulfil the purposes pursued.
3 Your rights as a data subject
According to the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please direct your request to the website operator by e-mail or by postal mail, clearly identifying yourself (see section 1). As the person concerned, you have the following rights:
3.1 Right to information
You have the right to receive confirmation from us at any time as to whether we are processing personal data relating to you. If this is the case, you have the right to receive from us free of charge information about the personal data stored about you together with a copy of this data. Furthermore, you have the following rights:
When personal data are transferred to a third country or an international organization, you have the right to be informed of the appropriate guarantees under Article 46 GDPR in relation to the transfer.
3.2 Right to correction
You have the right to request us to correct any inaccurate personal data concerning you without delay. Taking into account the purposes, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.
3.3 Right to cancellation ("Right to be forgotten")
You have the right to request us to delete personal data concerning you immediately and we are obliged to delete personal data immediately if one of the following reasons applies:
If we have made personal data public and we are obliged to delete it, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that they have requested the deletion of all links to this personal data or of copies or replications of this personal data.
3.4 Right to limitation of processing
You have the right to request us to restrict processing if one of the following conditions is met:
3.5 Right to Data Transfer
You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another person in charge without our interference, provided that
When exercising your right to data transferability pursuant to para. 1, you have the right to obtain that the personal data be transferred directly by us to another person responsible, so far as this is technically feasible.
3.6 Right of objection
You have the right to object at any time to the processing of personal data concerning you on the basis of Article 6(1)(e) or (f) GDPR for reasons arising from your particular situation; this also applies to profiling based on these provisions. We no longer process personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If we process personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, so far as it is associated with such direct marketing.
You have the right to object to the processing of personal data concerning you, for scientific or historical research purposes or for statistical purposes pursuant to Art. 9 para. 1 GDPR, for reasons arising from your particular situation, unless the processing is necessary for the performance of a task in the public interest.
3.7 Automated decisions including profiling
You have the right not to be subject to a decision based exclusively on automated processing - including profiling - that has legal effect against you or significantly impairs you in a similar manner.´
3.8 Right to revoke consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time.
3.9 Right of appeal to a supervisory authority
You have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or suspected of having infringed the law, if you believe that the processing of personal data concerning you is unlawful.
4 Data Security
We make every effort to ensure the security of your personal data in accordance with the applicable data protection laws and technical possibilities.
Your personal data will be transmitted encrypted. We use the SSL (Secure Socket Layer) coding system, but point out that data transfer over the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
To secure your data, we maintain technical and organizational security measures which we constantly adapt to the state of the art.
Furthermore, we do not guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use receive careful and regular back-ups.
5 Automated decision making
An automated decision making based on the collected personal data does not take place.
6 Disclosure of data to third parties, no data transfer to non-EU/EEA countries
In principle, we only use your personal data within our company.
If and to the extent that we involve third parties within the scope of the fulfilment of contracts, these personal data are only provided to the extent to which the transfer is necessary for the corresponding service.
In the event that we outsource certain parts of data processing ("contractual data processing agreement "), we contractually bind our contractors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.
Data transfer to places or persons outside the EU and outside the cases mentioned in this declaration does not take place and is not planned.
7 Changes to the data protection declaration
Constares GmbH and Constares Financial GmbH & Co. KG reserves the right to change the data protection declaration in order to adapt it to changed legal situations or to changes in the service and data processing. However, this only applies with regard to declarations on data processing. If user consents are required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the users' consent.
Users are asked to inform themselves regularly about the contents of the data protection declaration. You can save and print out this data protection declaration at any time.
Munich, June 2018