Thank you for your interest in our website. In the following, we would like to inform you in full about the collection and use of personal data on our websites and ask you to take note of the data protection information
I. Name and address of the person responsible and information about the collection of personal data
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the
Hotspot Workhub SRL
The person responsible for the processing of personal data is the natural or legal person who, alone or in concert with others, decides on the purposes and means of processing personal data. Personal data is all data that allows you to be personally identified. For security reasons and to protect the transmission of personal data and other confidential contents (for example, orders or inquiries to the person responsible), our website uses an SSL or Internet connection. TLS encryption. You can recognize an encrypted connection by the string “https: //” and the lock icon in your browser bar.
II. General information on data processing
Extent of processing of personal data
In principle, we process personal data of our users only insofar as this is necessary to provide a functioning website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies to cases in which prior consent can not be obtained for reasons of fact and the processing of the data is permitted by law.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (DSGVO) as legal basis.
In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b DSGVO as legal basis. This also applies to processing operations required to carry out pre-contractual actions.
Insofar as processing of personal data is required to fulfill a legal obligation that is subject to our company, Art. 6 para. 1 lit. c DSGVO as legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO as legal basis.
If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not prevail over the first interest, Art. 6 para. 1 lit. f DSGVO as legal basis for processing.
Data erasure and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage is deleted. In addition, such storage may be provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. Blocking or deletion of the data also takes place when a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for conclusion of a contract or fulfillment of the contract.
III. Collection and storage of personal data and the nature and purpose of their use when visiting our website
1. Description and scope of data processing
Each time our website is accessed, our system records our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO Data on every access to the server on which this service is located (so-called server log files). The access data includes name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
2. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. Logfile information is stored for security purposes (for example, to investigate abusive or fraudulent activities) for a maximum of 7 days and then deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the incident.
3. Opposition and removal possibility
The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no contradiction on the part of the user.
IV. Integration of third-party services and content
We also use third-party service offerings for our website to integrate services and content.
For this, it is imperative that the third-party providers get the IP address of the users forwarded, otherwise the content and services can not be sent to the requesting browser.
Below is a list of third party providers and their content. Use the links to access the third-party privacy policies. This will give you more information about the data processing and your possibilities of contradiction.
1. Cookies & Range Measurement
Cookies are information transmitted from our web server or third-party web servers to users’ web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
We use “session cookies” that are only stored for the duration of the current visit to our online presence (for example, to enable the storage of your login status or the shopping cart function and thus the use of our online offer at all). In a session cookie, a randomly generated unique identification number is stored, a so-called session ID. In addition, a cookie contains information about its origin and the retention period. These cookies can not save any other data. Session cookies will be deleted if you have finished using our online offer and you have e.g. log out or close the browser.
2. Maps of “Google Maps”
“Google Maps” is an offer from Google Inc. Service, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, for map visualization. This service integrates the content on our website. The content is integrated by a server call at Google Inc .:
3. Bot Recognition “ReCaptcha” Google LLC
We also include the service of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, for the detection of bots. The content is integrated by a server call at Google Inc .:
4. Online presence in social media
We maintain online presence within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services. When calling the respective networks and platforms, the terms and conditions and the data processing guidelines apply to their respective operators.
Use of Facebook Social Plugins
We use based on our legitimate interests (ie, interest in the analysis, optimization and cost-effective operation of our reserves within the meaning of Art. 6 para. 1 lit. f. DSGVO) social plugins ( “Plugins”) the social network facebook.com, is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland ( “Facebook”). The plugins can interaction elements or content (eg videos, graphics or text posts) represent and are identifiable by a Facebook logo (white “f” on a blue tile, the terms “Like”, “Like” or a “thumbs up” sign ) or are identified by the suffix “Facebook Social plugin”. The list and the look of Facebook Social Plugins can be viewed here:https://developers.facebook.com/docs/plugins/ .
Facebook is certified under the Privacy Shield agreements and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).
When a user calls a function of this website that contains a social plugin, his device will connect directly to the servers of Facebook. The content of the plugin is from Facebook directly to the device of the user and integrates it into the online offer. Here, the user can be created from the processed data, user profiles. We therefore have no impact on the amount of data collected by Facebook with the help of this plugin does and informs the user according to our knowledge.
By integrating the plugin Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged into Facebook, Facebook can assign to visit his Facebook account. When users interact with the plugins, for example, press or the Like Button to add a comment, the corresponding information from your device is transmitted directly to Facebook and stored there. If a user is not a member of Facebook, there is possibility that Facebook brings its IP address in experience and stores. According to Facebook is stored in Germany only an anonymous IP address.
Purpose and scope of data collection and further processing and use of data by Facebook as well as the relevant rights and ways to protect the privacy of users, they can refer to the privacy policies of Facebook: https://www.facebook.com/about/privacy/ ,
If a user has a Facebook member and do not want Facebook to collect about this online offer information about him and linked to its stored on Facebook member data, he must log out and delete their cookies before using our online presence on Facebook. Other settings and contradictions to the use of data for advertising purposes, are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or the American side http://www.aboutads.info / choices / or the EU side http://www.youronlinechoices.com/ . The settings are platform-independent, meaning they are applied to all devices, such as desktop computers or mobile devices.
5. Google Analytics
Google has been certified under the Privacy Shield agreements and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).
Google will use this information on our behalf, to evaluate the use of our reserves by users, to compile reports on the activities within this online offer and to provide other, related to the use of this website and internet services to us. Here pseudonymous user profiles of users can be created from the processed data.
We use Google Analytics only with activated IP anonymization. This means the IP address of the user is shortened by Google within the member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address is transmitted to a Google server in the USA and shortened there.
For more information about Google uses data, settings and opposition opportunities can be found on the websites of Google: https://www.google.com/intl/de/policies/privacy/partners ( “How Google uses data when you use websites or apps our partners “), http://www.google.com/policies/technologies/ads (” use of data for advertising purposes “), http://www.google.de/settings/ads manage (” information that Google uses to give you display advertising “).
V. Rights of the person concerned
If you process personal data, you are a person concerned within the meaning of the DSGVO and you have the following rights to the person responsible.
1. Right to information
You may ask the person in charge to confirm if personal data concerning you is processed by us. If such processing is available, you can request information from the person responsible about the following information:
- the purposes for which the personal data are processed;
- the categories of personal data that are processed;
- the recipients or the categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
- the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
- the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
- the existence of a right of appeal to a supervisory authority; all available information on the source of the data if the personal data are not collected from the data subject;
- the existence of automated decision-making including profiling according to Art. 22 (1) and (4) DSGVO and – at least in these cases – meaningful information about the logic involved as well as the scope and the intended effects of such processing on the data subject.
You have the right to request information about whether your personal information relates to a third country or an international organization. In this connection, you can request the appropriate guarantees in accordance with. Art. 46 DSGVO in connection with the transfer.
2. Right to rectification
You have a right to rectification and / or completion to the person responsible, if your personal data processed by us is incorrect or incomplete. The responsible person must make the correction without delay.
3. Right to cancellation
You may require the controller to delete the personal data concerning you immediately (deletion obligation) and the controller is obliged to delete this data immediately if one of the following reasons applies:
- The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
- You revoke your consent, to which the processing acc. Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. DSGVO and there is no other legal basis for processing.
- You place acc. Art. 21 para. 1 DSGVO objection to the processing and there are no prior justifiable reasons for the processing, or you lay gem. Art. 21 para. 2 DSGVO Opposition to processing.
- Your personal data have been processed unlawfully.
- The deletion of personal data concerning you is required to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
- The personal data concerning you were collected in relation to information society services offered pursuant to Art. 8 (1) DSGVO.
4. Information to third parties
If the person in charge has made the personal data concerning you public and is acc. Article 17 (1) of the DSGVO, it shall take appropriate measures, including technical means, to inform data controllers who process the personal data that you have been identified as being affected, taking into account available technology and implementation costs Persons requesting deletion of all links to such personal data or of copies or replications of such personal data.
The right to erasure does not exist if the processing is necessary
- to exercise the right to freedom of expression and information;
- to fulfill a legal obligation required by the law of the Union or of the Member States to which the controller is subject, or to carry out a task which is in the public interest or in the exercise of official authority delegated to the controller ;
- for reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) DSGVO;
- for archival purposes of public interest, scientific or historical research purposes or for statistical purposes acc. Article 89 (1) DSGVO, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of that processing, or
- to assert, exercise or defend legal claims.
6. Right to information
If you have the right of rectification, erasure or restriction of processing to the controller, he / she is obliged to notify all recipients to whom your personal data have been disclosed of this correction or deletion of the data or restriction of processing, unless: this proves to be impossible or involves a disproportionate effort.
You have a right to the person responsible to be informed about these recipients.
7. Right to Data Portability
You have the right to receive personally identifiable information you provide to the controller in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another person without hindrance by the person responsible for providing the personal data, provided that
- the processing on a consent acc. Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract acc. Art. 6 para. 1 lit. b DSGVO is based and
- the processing is done using automated procedures.
In exercising this right, you also have the right to obtain that your personal data relating to you are transmitted directly from one person to another, insofar as this is technically feasible. Freedoms and rights of other persons may not be affected. This shall not apply if the personal data are necessary for the performance of a task which is in the public interest or is carried out in the exercise of official authority over the person responsible.
VI. Right to contradict
You have the right at any time, for reasons that arise from your particular situation, against the processing of your personal data, which, pursuant to Art. 6 (1) lit. e or f DSGVO takes an objection; this also applies to profiling based on these provisions.
The controller will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, exercising or defending legal claims.
If the personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
Regardless of Directive 2002/58/EC, you have the option, in the context of the use of information society services, of exercising your right to object through automated procedures that use technical specifications.
VII. Right of revocation of the data protection consent declaration and complaint to the supervisory authority
You have the right to revoke your data protection declaration at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of its residence, place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you is against the DSGVO violates.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the DSGVO.