1. Definitions of terms
Our data protection declaration is based on the terms used by the European legislator in the Basic Data Protection Regulation (DSGVO). In order to ensure good legibility and comprehensibility, we would like to explain the terms used in advance.
We use the following terms, among others, in this data protection declaration:
a. Data subject
Data subject is any identified or identifiable natural person whose personal data are processed by the controller.
Processing” means any operation or set of operations which is carried out with or without the aid of automated processes and which relates to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, application, disclosure by transmission, dissemination or otherwise making available, alignment or association, qualification, erasure or destruction.
c. Limitation of processing
Limitation of processing is the marking of stored personal data with the aim of limiting their future processing.
Profiling is any automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behaviour, whereabouts or movements of that natural person.
Pseudonymisation means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the provision of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data are not attributed to an identified or identifiable natural person.
f. Controller or data controller
The controller shall be the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or the specific criteria for his designation may be laid down by Union law or by the law of the Member States.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
The recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not that person is a third party. However, authorities which may receive personal data in the course of a specific investigation task under Union law or the law of the Member States shall not be considered as recipients.
i. Third parties
Third party means any natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct responsibility of the controller or processor, are empowered to process the personal data.
Consent” means any voluntary, informed and unambiguous expression by the data subject of his or her will in a particular case, in the form of a statement or other unequivocal confirmatory act, indicating that he or she consents to the processing of his or her personal data