Data protection

Legal notices

Spectral Service AG (address: Emil-Hoffmann-Str. 33, 50996 Köln; Tel. +492236-96947-0, Email: info@spectralservice.de, website: https://www.spectralservice.de) is aware that the security of your private information from the use of our websites is an important concern. We take the protection of your personal data very seriously. Therefore we would like you to know what data we maintain, what data we discard, and how we use the data. With this privacy statement we would like to meet the legal requirements according to Art. 4 Par. 7 of the European General Data Protection Regulation (in the following GDPR) and inform you about purpose, extent and type of data collection and our security measures.

If you have any questions concerning this Data Protection Statement or according the handling of personal data at our company, you may contact our External Data Privacy Manager:

Klaus Pampuch
Unterbörsch 40c
51515 Kürten
www.five.consulting
datenschutz@five.consulting

Please be aware that data transfer in the internet (e.g. communication of unencrypted data by email) may contain security gaps. Hence, a gapless protection of all data against the access of third parties is impossible.

If you have any problems, questions or ideas, please contact one of the following persons:

Elina Zailer (Editor in Chief Website)
Spectral Service AG
elina.zailer@spectralservice.de

Lukas Diehl (Technical Manager Website)
Spectral Service AG
lukas.diehl@spectralservice.de

 

1      Collection of Data

Personal data are particulars of personal and impersonal relations of a determined or determinable natural person, meaning all data which are relatable to you.

You can use our online presentation without disclosing your personal data. For technical reasons, data may be stored (in so-called logfiles) for security purposes when you use our website https://www.spectralservice.de. These data may include the name of your internet service provider, the website that you used to link to our site, the websites that you visit from our site and your IP address.

The formerly described information will be processed according the following purposes:

  • to assure the correct estabilshment of the connection to our website
  • to guarantee a comfortable use of our website
  • to ensure the system security and stability

The pre-mentioned data collection is based on Art. 6 Par. 1 S. 1 lit. f GDPR. According to Art. 6 Par. 1 S. 1 lit. f GDPR the processing of data for preservation of legitimate interests is admissable, except where such considerations are overridden by the need to protect the interests or fundamental rights or fundamental freedom of the data subject and the protection of personal data is required.

The data could possibly lead to your identification, but we do not use such identification to analyze personal data. We do use the data from time to time for statistical purposes, but maintain the anonymity of each individual user.

In cases where personal data are passed on to external service-providers, we rely on technical and organizational means to assure that applicable data security regulations are followed.

All data are deleted as soon as they become irrelevant.

 

2      Collection and Processing of Personal Data

We collect personal data only when you provide it to us, for example through registration, completion of forms or emails, as part of an order for products or services, inquiries or requests about materials being provided.

The database and its contents remain with our company and the provider acting on our behalf. Your personal data will not be passed on by us or by our agents for use by third parties in any form whatsoever, unless we have obtained your consent or are legally required to do so.

We retain control of and responsibility for the use of any personal data you disclose to us. Your personal data are made accessible to internal speciality departments and personnel.

Therefore we save the following obligatory data:

  • salutation
  • pre- and surname
  • email address
  • your message

Additional information is voluntary. The declaration of the above mentioned data is necessary to know who sent it and to be able to answer.  Alternatively you may send us an email. In this case we will save the personal data transferred by email for contacting purposes.

It is possible that these data may be stored or processed partly or fully in other countries (e.g. the United States). These countries could have different data protection laws to the country you live in. Should this be the case, we will ensure that the company responsible for the data processing has established suitable measures so that your data are protected according to the standard of your country of residence.

 

3      Purposes of Use

The personal data we collect from you will only be used for the purpose of supplying you with the requested products or services or for other purposes for which you have given your consent, except where otherwise provided by law.

If you use our contact form for information purposes, your declarations and contact data in the contact form will be transferred to us („personal data“) for the purpose of processing your request and afterwards those data are saved, processed and used by our company.

Data processing for the purpose of contacting Spectra Service is based on Art. 6 Par. 1 S. 1 lit. a GDPR according to your voluntarily submitted acceptance according to Art. 6 Par. 1 S. 1 lit. b GDPR for the purpose of pre-contractual measures in consequence of your request as far as according to Art. 6 Par. 1 S. 1 lit. f GDPR. Our legitimate interest is implied in the response to your question.

The collection of data for deployment of the website and data retention on logfiles is stringently required. Therefore, there is no legitimate possibility for contradiction by the user.

Furthermore, by respective measures and regular controls we ensure the protection against access by third parties.

 

4      Right of Access and Correction

You have the right to review and amend any personal data stored in our system if you believe they may be out of date or incorrect. Just send an email to info@spectralservice.de or contact the Technical Manager or External Data Security Manager (see above for address and email address).

 

 

5      Right of Cancellation

You have the right at any time to withdraw your consent to the use of your personal data by Spectral Service in the future.

If your personal data are processed based on legitimate interests according to Art. 6 Par. 1 S. 1 lit. f GDPR, you have the right to contradict the processing of your personal data according to Sect. 21 GDPR,  in case there are compelling reasons arising from your stated exceptional situation or if the opposition is against direct advertising. In the latter you have a general right of cancellation of your data which is performed without the need to declare any exceptional situation.

If you would like to withdraw your consent, just send an email to info@spectralservice.de or contact the Technical Manager or External Data Security Manager (see above for address and email address). In this case the conversation cannot be continued.

 

6     Data Retention

We only retain personal data for as long as is necessary for us to render a service you requested or to which you have given your consent, except where otherwise provided by law (e.g. in connection with pending litigation).

 

7     Disclosure of Personal Data

A disclosure of your personal data to third parties for other purposes than listed is omitted.

We only transfer your personal data to third parties if:

  • you have given your explicit consent to the processing of your personal data for one or more specific purposes according to Art. 6 Par. 1 S. 1 lit. a GDPR,
  • the disclosure according to Art. 6 Par. 1 S. 1 lit. f GDPR where the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child,
  • in the case accordingt to Art. 6 Par. 1 S. 1 lit. c GDPR where it is necessary for compliance with a legal obligation to which the controller is subject,
  • it is legally admissive according to Art. 6 Par. 1 S. 1 lit. b GDPR where processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a
    contract.

If personal data are transferred to external service providers, by technical and organizational means we ensure that all requirements of data protection are followed.

 

8     Use of Cookies on this Website

Cookies are small text files that are stored locally in the browser cache of visitors to the site. Cookies do no harm to your device and self-evidently do not contain any viruses, trojans or other damaging software. These cookies make it possible to recognize the internet browser, in order to optimize the website and simplify its use. The data are not used to personally identify visitors to the website.

The PHP session cookie “PHPSESSID” is valid until the end of the session and is deleted automatically afterwards.

Most browsers are configured to accept these cookies automatically. However, you can deactivate the storing of cookies or adjust your browser to inform you before the cookie is stored on your computer.

Data provided by cookies are necessary according to all above mentioned purposes for preservation of the legitimate interests pursued by the controller or by a third party  with respect to Art. 6 Par. 1 S. 1 lit. f GDPR . If you have given approval the legal basis relies on Art. 6 Abs. 1 S. 1 lit. a GDPR.

By loading the website the user is informed about the usage of cookies for analytical purposes and his or her written consent for processing these personal data in this context is requested. At the same time a reference to the Data Protection Statement is given.

 

9     Social Media and YouTube

We do not integrate plug-ins from Social Media Platforms.

 

10     Analysis Tools

Google Analytics

This website uses Google Analytics, a web analytics service. It is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in Europe and stored there. Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

IP anonymization

We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plugin

You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Objecting to the collection of data

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site:

 

✖ Deactivate Google Analytics tracking / Google Analytics Tracking deaktivieren

 

For more information about how Google Analytics handles user data, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

 

11     Plugins and Tools

Google Web Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. If your browser does not support web fonts, a standard font is used by your computer.

Further information about handling user data, can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy at https://www.google.com/policies/privacy/.

Google Maps

This site uses the Google Maps map service via an API. It is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the EU and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.

 

12     Data Security

During the website visit we use the common SSL method (Secure Socket Layer) in combination with the highest encryption technology provided by your browser to ensure the security of the processed data.Normally this includes a 256 Bit encryption which is curently the most secure solution. If yur browser does not support a 256 BIT encryption (e.g. Google Chrome v1.0.154.43 and older versions or older versions <10 of Internet Explorer),we will have to downgrade to a 128 Bit v3 technology.

Whether the transferred session data is encrypted or not by a particular webpage of our website to your browser can be derived from the closed key or lock symbol visibile either in the bottom status bar or left to the website adress (inside adress bar).For further information according the encryption status and about the certificate is visible by clicking on the key or lock symbol.

Further, Spectral Service uses technical and organizational security precautions to protect your data from deliberate or accidental manipulation, loss, destruction or access by unauthorized persons. All personal data collected and processed are encrypted in transit to prevent possible misuse by third parties. Our security procedures are continuously revised based on new technological developments.

 

13     Protection of Children

In view of the importance of protecting children’s privacy, we do not collect, process or use on our website any information relating to an individual whom we know to be under 13 years old without the prior, verifiable consent of his or her legal representative. Such legal representative has the right, upon request, to view the information provided by the child and/or to require that it will be deleted.

14    Your Rights as Concerned Data Subject

You have the right to:

  • according to Art. 15 GDPR obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and where that is the case, access to the personal data and the following information:
    (a) the purposes of the processing;
    (b) the categories of personal data concerned;
    (c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
    (d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
    (e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
    (f) the right to lodge a complaint with a supervisory authority;
    (g) where the personal data are not collected from the data subject, any available
    information as to their source;
    (h) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such
    processing for the data subject;
  • with regard to Art. 16 GDPR to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her . Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement;
  • according to Art. 17 GDPR to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
    (a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
    (b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing
  • with respect to Art. 18 GDPR obtain from the controller restriction of processing where one of the following applies:

    (a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
    (b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
    (c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims
    (d) the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject;
  • according to Art. 20 GDPR receive the personal data concerning him or her,which he or she has provided to a controller, in a structured, commonly used andmachine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
    (a) the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6 (1); and
    (b) the processing is carried out by automated means;
  • with regard to Art. 7 Par. 3 GDPR withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw consent as to give it. As a consequence, we are not allowed to continue processing the data based on the prior consent.
  • according Art. 77 GDPR to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringment if the data subject considers that the processing of personal data relating to him or her infringes this Regulation.

15     Topicality of and Changes to this Data Protection Statement

This Data Protection Statement is effective since 09 July 2018.

By development of our website and offers placed and provided by Spectral Service or by change of legal requirements  it might be necessary to change this Data Protection Statement. You can open and print the current Data Protection Statement any time at from our website https://www.spectralservice.de/data-protection.