Last Update: May 2018
The responsible handling of personal data is of particular importance and a matter of course for us. If we receive personal data from you, we use and process this data in compliance with the applicable national and European regulations governing data protection. Personal data within the meaning of this information is all information that may contain a reference to you personally.
In the following data protection statements, we give you an overview of how and why we process your personal data and of your rights arising from data protection law.
1. Who is the data controller, and whom can I contact?
(1) The controller pursuant to Article 4(7) of the General Data Protection Regulation (GDPR) and the service provider pursuant to Section 13 of the Telemediengesetz (German Telecommunications Act) is the following:
FraCareServices GmbH
FAC1 HBK41
Hugo-Eckener-Ring
60549 Frankfurt am Main
(2) You can reach our data protection officer at:
FraCareServices GmbH
Data Protection Officer
FAC1 HBK41
Hugo-Eckener-Ring
60549 Frankfurt am Main – Airport
E-mail: datenschutz@fracares.de
2. What sources of personal data do we use?
We process personal data that we receive during your visit to our website and when you contact us by e-mail or fill out a contact form.
3. What categories of personal data are processed?
(1) If you visit or use our website solely for informational purposes, that is, if you do not register or send us information by any other means, we collect only the personal data transmitted to our server by your browser. If you wish to visit our website, we will collect the following data, required by our systems in order to display our website to you and to guarantee the stability and security (legal basis is Article 6(1f) of the GDPR):
– Your IP address (host)
– Date, time, and duration of your visit (date:time)
– Scope of your request
– Http status code
– Amount of data transferred in each case (bytes)
- Referring Web page (referrer)
– Your browser and operating system (user_agent)
This information is used exclusively for internal statistical purposes.
(2) In addition to the data mentioned above, cookies are stored on your computer when you visit our website. Cookies are small text files saved to your hard drive and associated with the browser you use and that provide the entity storing the cookies with certain information. Cookies cannot run any programs or infect your computer with viruses.
(3) We use cookies to identify you during later visits, provided you have an account with us. Otherwise, you would be required to log on for each visit.
(4) Most browsers are set up so they accept cookies. However, you can deactivate cookie storage at any time in your browser or adjust your browser settings so that you receive a message as soon as you receive a cookie. However, please note that you may not be able to use all the features of this website if you do so.
(5) This information is stored separately from any other data with which you provide us. In particular, the cookie data is not linked to other information about you.
(6) If you contact us via e-mail or using a contact form, we store the information you share (name, e-mail address, and phone number, if applicable) in order to respond to your questions.
4. For what purpose is Google reCAPTCHA used?
(1) We use Google’s reCAPTCHA service on our website to protect the inquiries you send us via online form. The request serves to distinguish between entries made by a human being or, unlawfully, by means of automated software (e.g., by so-called bots). The request involves the sending of your IP address and any other data required by Google for the service to Google. For this purpose, your entry is transmitted to Google and further used there.
(2) By using reCAPTCHA, you declare that you agree to have your entry included in the digitalization of previous works. In the event that IP anonymization is activated on this website, however, your IP address will be abbreviated in advance by Google within the member states of the European Union or in other countries that are members of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the U.S. and abbreviated there. At the request of the operator of this website, Google will use the information to evaluate your use of the website. The IP address sent by your browser through your use of reCAPTCHA will not be combined with other data owned by Google. That information is subject to different data protection provisions of Google Inc. Additional information on Google’s privacy policy is found at https://www.google.com/intl/de/policies/privacy/.
5. For what purpose are YouTube videos embedded?
(1) On our website, we offer embedded YouTube videos, which are stored on http://www.youtube.com and played directly from our website. They have all been embedded in “expanded data protection mode.” That means no information about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos is the data specified in section 2 transmitted. We have no influence on this transmission of data.
(2) By visiting our website, YouTube is notified that you have accessed the corresponding subpage on our website. In addition, we transfer the data specified under section 3 of these data protection statements. This occurs regardless of whether YouTube makes available a user account through which you are logged on or there is no user account. If you are logged on to Google, your data will be directly associated with your account. If you do not wish the data to be associated with your profile on YouTube, you must log off before clicking the button. YouTube stores your information as a user profile and uses it for advertising, market research, and/or to design its website to be user friendly. In particular, this type of analysis is performed (even for users who are not logged on) to conduct user-based advertising and to inform other users of the social network about your activities on our website. You have the right to withdraw your consent to the creation of a user profile, but you must contact YouTube to assert that right.
(3) Additional information on the purpose and scope of data collection and data processing by YouTube is contained in their privacy policy. There, you will find further information concerning your rights and the options for setting preferences to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the U.S. and is certified under the EU-U.S. Privacy Shield Framework: https://www.privacyshield.gov/EU-US-Framework.
6. What is the purpose of embedding Google Maps?
(1) On this website, we offer the features of Google Maps. This enables us to show you interactive maps directly on our website, providing you with a convenient way to use the map feature.
(2) By visiting our website, Google is notified that you have accessed the corresponding subpage on our website. In addition, we transfer the data specified under section 3 of these data protection statements. This occurs regardless of whether Google makes available a user account through which you are logged on or there is no user account. If you are logged on to Google, your data will be directly associated with your account. If you do not wish the data to be associated with your profile on Google, you must log off before clicking the button. Google stores your information as a user profile and uses it for advertising, market research, and/or to design its website to be user friendly. In particular, this type of analysis is performed (even for users who are not logged on) to conduct user-based advertising and to inform other users of the social network about your activities on our website. You have the right to withdraw your consent to creation of a user profile, but you must contact Google to assert that right.
(3) Additional information on the purpose and scope of data collection and data processing by the provider of the plug-in is contained in their privacy policy. There, you will find further information concerning your associated rights and options for setting preferences to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the U.S. and is certified under the EU-U.S. Privacy Shield Framework: https://www.privacyshield.gov/EU-US-Framework.
7. What happens when you use other features and offerings on our website?
Besides providing you the opportunity to use our website solely for informational purposes, we also offer various services for you to use if you are interested. To do so, you will generally be required to provide additional personal data, which we will use to perform the respective service and to which the principles of data processing stated above apply.
8. Who receives my data?
(1) We also arrange for some of the previously mentioned procedures and services performed by service providers who have been carefully selected and commissioned in compliance with data protection standards. Those external service providers are bound by our instructions and are monitored regularly. They will not share your information with third parties.
(2) With regard to the disclosure of data to other recipients, we disclose information about you only if doing so is required under statutory regulations, you have given your consent, or we are authorized to make such disclosures.
9. For what purposes and on what legal basis do we process your data?
We process your personal data in compliance with the applicable statutory data protection regulations. Processing is lawful here if the following conditions are fulfilled:
– Consent (Article 6(1a)) of the GDPR:
The lawfulness of the processing of personal data is established when consent has been given to processing for defined purposes (e.g., process your request). Consent that has been given can be withdrawn at any time with effect for the future. This also applies for the withdrawal of declarations of consent that have been issued to us before the General Data Protection Regulation came into effect, i.e., before May 25, 2018.
– Based on statutory requirements (Article 6(1c)) of the GDPR:
FraCareS is subject to a variety of legal obligations. They include, among others:
– Retention regulations under commercial and fiscal law in accordance with the Handelsgesetzbuch (German Commercial Code) and the Abgabenordnung (German Fiscal Code)
– Fulfillment of monitoring and reporting obligations under fiscal law
– As part of the consideration of interests (Art. 6(1f) of the GDPR).
If necessary, we process your data outside of the actual fulfillment of the contract in order to protect legitimate interests pursued by us or third parties. Examples:
– To assert legal claims and support our defense during litigation
– To safeguard IT security and IT operations
– To analyze and improve use of our website.
10. Is there any intention to transfer personal data to a third country or an international organization?
Active transfer of personal data to a third country takes place only when you have been expressly notified while using the services named above.
11. How long will my personal data be stored for and what are the criteria for defining this time period?
(1) Your information is stored in accordance with statutory regulations on data processing and observing statutory retention periods. We process and use your information exclusively for the purposes to which you have given your consent and only as long as the information is needed for those purposes.
(2) If the data is no longer required for the purpose(s) or to fulfill statutory obligations, it is generally erased, unless its (temporary and, where appropriate, limited) further processing is necessary for the following purposes:
– To fulfill retention requirements under commercial and fiscal, in particular the Handelsgesetzbuch (HGB – German Commercial Code) and the Abgabenordnung (AO – German Fiscal Code). Those laws stipulate retention and documentation requirements of up to 10 years.
– To preserve evidence within the framework of the legal statutes of limitation. In accordance with sections 195 et seq. of the Bürgerliches Gesetzbuch (BGB – German Civil Code), the standard statute of limitation is 3 years, although it can be as long as 30 years under particular circumstances.
12. What data protection rights do you have?
(1) Every data subject has the right of access pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR, the right to object pursuant to Article 21 GDPR, and the right to data portability pursuant to Article 20 GDPR. In the case of the right of access and the right to erasure, the restrictions pursuant to sections 34 and 35 of the Bundesdatenschutzgesetz (BDSG – German Federal Data Protection Act) apply. Furthermore, data subjects have the right to lodge a complaint with a competent supervisory authority (Article 77 GDPR in conjunction with section 19 BDSG).
(2) You can withdraw any consent that you have granted for the processing of personal data from us at any time with effect for the future. This also applies for the withdrawal of declarations of consent that have been issued to us before the General Data Protection Regulation came into effect, i.e., before May 25, 2018.
(3) You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you that is based on Article 6(1e) of the GDPR (data processing in the public interest) and Article 6(1f) of the GDPR (data processing based on consideration of interests).
If you object to processing, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms or processing serves to establish, exercise, or defend legal claims.
You may file your objection without observing specific formalities. Objections should be directed to the address below:
FraCareServices GmbH
Data Protection Officer
FAC1 HBK41
Hugo-Eckener-Ring
60549 Frankfurt am Main – Airport
E-mail: datenschutz@fracares.de
13. Am I obligated to provide my personal data, and what consequences will not providing my data have?
When taking advantage of these offerings, you are required to provide the personal data necessary to fulfill the purpose or that we are legally obligated to collect. Without this data, we will generally not be able to enter into or execute the contract with you.
14. How is my personal data protected?
FraCareServices GmbH takes technical and organizational security measures to protect the personal information provided by you and managed by us from being accidentally or deliberately tampered with, lost, destroyed, or accessed by unauthorized individuals. Our security measures are continuously improved to keep pace with advancements in technology.
15. Can these data protection statements change?
We are continually optimizing our website and, if need be, making changes in technology. For that reason, we expressly point out that our data protection statements are valid only in the version applicable at the time of your visit.