Legal
Privacy Policy
Information on the processing of personal data pursuant to Articles 13 and 14 GDPR on this website.
1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection provisions is:
- GRAEF Innovation GmbH
- Kochhannstraße 17
- 10249 Berlin
- Germany
- Phone: +49 1578 0504880
- Email: johann.loewen@graef-gruppe.de
2. General information on data processing
Protecting your personal data is important to us. Personal data means any information relating to an identified or identifiable natural person.
We process personal data only where this is necessary to provide this website, respond to enquiries or comply with legal obligations. Where we obtain your consent, processing is based on Art. 6 (1) (a) GDPR.
3. Hosting and server log files
This website is operated on servers that automatically collect technical information when accessed (server log files). This may include in particular IP address, date and time of the request, URL accessed, referrer URL, browser type and version, operating system and the name of the internet service provider.
Processing takes place to ensure uninterrupted operation of the website, system security and technical administration. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in a secure and stable web offering).
Log data is deleted as soon as it is no longer required for these purposes, but no later than after 30 days, unless security-related retention is necessary.
4. Cookies and consent management
Our website uses cookies and similar technologies. Cookies are small text files stored on your device.
Technically necessary cookies are required for the operation of the website, in particular to store your cookie settings. We use these cookies on the basis of Art. 6 (1) (f) GDPR and Section 25 (2) No. 2 TTDSG.
Optional cookies for statistics and reach measurement are only used if you expressly consent via our cookie banner (Art. 6 (1) (a) GDPR, Section 25 (1) TTDSG). You can withdraw your consent at any time with effect for the future via the “Cookie settings” link in the footer.
You can also disable or delete cookies in your browser. Please note that individual website functions may then be limited.
5. Contact enquiries
If you contact us by email, phone or via the contact form on the “Contact” page, we process the data you provide (e.g. name, email address, company, message) to handle your enquiry.
The contact form opens your email application with a pre-filled message. Form data is not stored on our servers.
The legal basis is Art. 6 (1) (b) GDPR where your enquiry relates to pre-contractual measures or a contract, otherwise Art. 6 (1) (f) GDPR (legitimate interest in handling enquiries).
We retain enquiries only for as long as necessary to process them or where statutory retention obligations apply.
6. No automated decision-making
We do not use automated decision-making or profiling within the meaning of Art. 22 GDPR.
7. Recipients and disclosure of data
Personal data is disclosed to third parties only where this is necessary for contract performance, we are legally obliged to do so, you have consented or a legitimate interest exists that is not overridden.
Where we use service providers (e.g. hosting providers), this is done on the basis of data processing agreements pursuant to Art. 28 GDPR.
8. Transfers to third countries
Personal data is transferred to countries outside the European Union or the European Economic Area only where an adequate level of data protection is ensured, for example through an adequacy decision of the EU Commission or appropriate safeguards pursuant to Art. 46 GDPR.
9. SSL/TLS encryption
10. Your rights as a data subject
You have the following rights with regard to your personal data:
- Right of access pursuant to Art. 15 GDPR
- Right to rectification pursuant to Art. 16 GDPR
- Right to erasure pursuant to Art. 17 GDPR
- Right to restriction of processing pursuant to Art. 18 GDPR
- Right to data portability pursuant to Art. 20 GDPR
- Right to object to processing pursuant to Art. 21 GDPR
11. Withdrawal of consent
Where processing is based on your consent, you may withdraw it at any time with effect for the future. The lawfulness of processing carried out until withdrawal remains unaffected.
12. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data. For Berlin, the competent authority is in particular:
Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 59-61, 10555 Berlin, https://www.datenschutz-berlin.de/.
13. Updates to this privacy policy
We reserve the right to amend this privacy policy if our website, our processes or the legal situation changes. The version published on this page applies.
