We, F.B.I.S. GmbH, Veranstaltungsmanagement und Personenschutz, Schwachhauser Heerstr. 214, 28213 Bremen, Germany, are service provider within the meaning of the German Telemedia Act (Telemediengesetz) of the homepage under www.fbis.de and controller within the meaning of the General Data Protection Regulation (GDPR). By this notice we instruct you how we handle your personal data when you visit our homepage.
This notice relates only to our homepage. The homepage may contain links to websites of other providers. Clicking on those links will cause you to leave our homepage. Please note that the following information applies exclusively to our homepage.
We process any personal data collected during your use of our homepage exclusively in the framework of our legal authority or on the basis of your consent.
Personal data means all data by which you can be identified or that can be traced to you. In addition to your name and e-mail address, personal data for example also includes your IP address.
Changes in the handling of your data
This instruction provides information about the current use of your personal data. It is effective as of May 24, 2018.
We will update this notice from time to time as our homepage evolves and to keep pace with technical or legal requirements. We shall make you aware of such changes for some time in the form of a clear and prominent notice on our homepage.
Transfer of personal data to third parties
As a rule, your personal data collected by our homepage will not be transferred to third parties unless permitted by law. Therefore we deliberately do not use any social media plugins or web tracking mechanisms by which personal data are transferred to third parties, who may even be outside the EU.
Exceptions to this rule permitted by law are:
• If the transfer is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract (Art. 6 (1), letter b) GDPR);
• If you have given us explicit consent to do so (Art. 6 (1), letter a) GDPR);
• If processing is necessary for the pursuit of our legitimate interests and there is no reason to assume that you have an overriding interest in the non-transfer of the data that require protection (Art. 6 (1), letter f) GDPR); or
• If the transfer is necessary for compliance with a legal obligation to which we are subject (Art. 6 (1), letter c) GDPR).
Transfer to and processing by our IT service providers as our vicarious agents who make this homepage available on the Internet on our behalf is by law no transfer to “third parties”.
Logging of access data
When you visit our homepage, the following personal data is transferred to our web server and retained in a log file:
• IP address of the device you use to visit the homepage
• Time of access to each individual page of the homepage
• Amount of data transferred to your device
• Files retrieved via the homepage
• URL of the page/website from which you reached the selected page
• Browser you are using (type and version)
• Operating system and version you are using
This data is retrieved and processed for the purposes of our legitimate interests (Art. 6(1), letter f GDPR) in presenting the homepage so that it meets the requirements of your device and/or browser, and/or to investigate and trace unauthorized attempts to access our IT.
We shall make additional use of your data only for statistical purposes only after it has been rendered anonymous. Rendering data anonymous makes it impossible to draw conclusions regarding your identity.
Log data will be retained for seven days and then deleted, unless it must be retained for a longer period to trace unauthorized access attempts.
The anonymized data derived from the log file is no longer personal data. We will use this data to prepare statistics to improve our homepage and we may transfer it to agencies we have hired to improve our homepage.
In several locations on our homepage you may find forms you can use to contact us directly. We retain the data you enter in the contact form (such as name, e-mail address, subject and message text) and transfer it to the person in our firm responsible for establishing contact.
The staff member responsible for establishing contact receives this data by e-mail in his or her mailbox. It is retained there only as long as necessary for the handling of the matter that was the reason for the contact request.
Our homepage uses session cookies to speed up your browsing and to prevent you from having to enter data previously entered when you return to a Forms page. Cookies are small text files that are temporarily retained in your browser’s cookie memory and cannot be retrieved by third parties.
As a service provider we cannot read these cookies directly. The cookies can only be assessed and read by your browser when you return to a page on our homepage.
As soon as you close your browser the cookie data – depending on the cookies setting in your browser – is automatically deleted.
Your rights as a data subject
As a user of our homepage you have the right, on request, to be informed free of charge about which of your personal data we have retained. You can file repeated requests at reasonable intervals. You may also demand the rectification of incorrect data and the blocking or restriction of processing of your personal data.
If personal data provided by you has been retained, you may also demand access to that data (right to data portability).
If you suspect that your personal data is being processed illegally, you may lodge a complaint with the competent supervisory authorities.
If you request information on the personal data collected during use of our homepage, we can generally respond to your request only if you inform us of the IP address you used while accessing the homepage. An exception from this requirement is data that you have transferred to us indicating your name or your e-mail address (e.g. in the Contact form).
Erasure of data
You can ask us to erase your personal data provided that your request does not conflict with a legal obligation to retain it. If the data cannot be deleted because it is required for purposes permitted by law, processing of the data will be restricted. In that case the data will be made unavailable and not processed for any purposes other than those permitted.
Right to object
As a user of our homepage, the law gives you the option at any time to object to the processing of your personal data. You must clearly understand though that you must then stop using our homepage. A homepage cannot be operated on the World Wide Web without processing personal data (see the section on Log Files above).
If you have questions about this instruction or concerning our use of your personal data, please contact our Data Protection Officer directly at: firstname.lastname@example.org