© AK OZON TECHNOLOGIES 2020

Privacy policy

Privacy policy of AK OZON TECHNOLOGIES

We are very pleased about your interest in our company. Data protection has a particularly high priority at AK OZON TECHNOLOGIES.

In principle, our websites can be used without any personal data. However, if a data subject wishes to use our company's special services via our website, personal data processing may be required. If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, shall always be carried out in accordance with the Basic Data Protection Regulation and in accordance with the national data protection rules applicable to AK OZON TECHNOLOGIES. Through this privacy policy, our company seeks to inform the public about the nature, scope and purpose of the personal information we collect, use and process. Furthermore, this privacy statement will inform the data subject of their rights.


AK OZON TECHNOLOGIES, as the processing owner, has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed via our website. Nevertheless, Internet-based data transfers can in principle have vulnerabilities, so absolute protection may not be guaranteed. For this reason, data subject concerned are free to transmit personal data to us by alternative means, e.g. by telephone.


1. Definitions

The Privacy Policy of AK OZON TECHNOLOGIES is based on the concepts used by the European Regulatory Authority in the adoption of the General Data Protection Regulation (GDPR). Our Privacy Policy is designed to be easy to read and understand for the public and for our customers, and our business partners. In order to ensure this, we would like to clarify in advance the concepts used.


Some of the terms used in this privacy policy statement include:

a) Personal Data


Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person shall be a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific features that reflect the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


b) betroffene Person

The data subject is any identified or identifiable natural person whose personal data are processed by the controller.


c) Processing

Processing is any operation or set of operations carried out with or without the help of automated processes relating to personal data such as collection, recording, organization, ordering, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, limitation, deletion or destruction.


d) Restriction of Processing

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.


e) Profiling
 

Profiling is any type of automated processing of personal data that consists of the use of such personal data to assess or predict certain personal aspects relating to a natural person, in particular, as regards the performance, economic situation, health, personal preferences, interests, reliability, behavior, place of residence or change of location of that individual.


f) Pseudonymisation

Pseudonymisation is the processing of personal data in a way in which the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures ensuring that the personal data are not assigned to an identified or identifiable natural person.


g) Controller or controller responsible for the processing

The controller or controller is the natural or legal person, authority, body or other entity which alone or jointly with others decides on the purposes and means of the processing of personal data; where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or persons responsible may be designated in accordance with Union or national law.


h) Processor

Processor is a natural or legal person, public authority, body or other entity that process personal data on behalf of the controller.


i) Recipient


The recipient is a natural or legal person, authority, body or other entity to whom personal data are disclosed, whether or not it is a third party. However, public authorities which may receive personal data under a specific investigation mandate under Union or Member State law shall not be regarded as recipients.


j) Third party

A third party is a natural or legal person, authority, body or other entity other than the data subject, the controller, the processor and the persons who, under the direct responsibility of the controller or the processor, are authorized to process the personal data.


k) Consent

Consent is any expression of will, expressed voluntarily and unambiguously, by the data subject, in the form of a declaration or any other clear confirmatory act, for the specific case, by which the data subject indicates that he or she agrees to the processing of the personal data concerning them.


2. Name and Address of the controller

Responsible for the purposes of the General Data Protection Regulation (GDPR), other data protection laws in force in the Member States of the European Union and other provisions of data protection law is:

AK OZON TECHNOLOGIES
Weinbergweg 61
89075 Ulm, Germany
www.ak-ozontec.de
info@ak-ozontec.de

Mobile: +49 (0) 171 5250685
Tel.:     +49 (0) 731 9217100

Fax.:    +49 (0) 731 9217100


3. Cookies

AK OZON TECHNOLOGIES' Internet pages use cookies. Cookies are text files that are stored on a computer system via an Internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string by which Internet pages and servers can be mapped to the specific Internet browser in which the cookie was stored. This allows visited websites and servers to distinguish the individual browser of the data subject from other Internet browsers containing other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

By using cookies, AK OZON TECHNOLOGIES can provide users of its website with more user-friendly services that would not be possible without setting a cookie.


Through the use of a cookie, the information and offers on our website can be optimized in the sense of the user. Cookies enable us to recognize the users of our website, as mentioned above. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter his access data every time he visits the website, because this is done by the website and the cookie stored on the user's computer system. Another example is the cookie from a shopping cart in the online shop. The online shop will remember the items placed in the virtual shopping cart by a customer via a cookie.

The data subject may at any time prevent the setting of cookies by our website using an appropriate setting of the internet browser used and thus permanently deny the setting of cookies. Furthermore, cookies already set can be deleted at any time via an internet browser or other software. This is possible in all common internet browsers. If the data subject disables the setting of cookies in the internet browser used, not all functions of our website may be fully usable.


4. Collection of general data and information

AK OZON TECHNOLOGIES' website collects a range of general data and information every time a data subject or an automated system calls up the website. These general data and information are stored in the logfiles of the server. It covers the (1) types and versions of the browser used, (2) the operating system used by the accessing system, (3) the website from which an access system enters our website (so-called referrers), (4) the sub-webpages accessed via an access system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information used to protect against attacks on our information technology systems.

When using these general data and information, AK OZON TECHNOLOGIES does not draw any conclusions from the data subject. Rather, this information is required to (1) properly deliver the content of our website correctly, (2) optimize the content of our website and promote it, (3) ensure the continous operation of our information technology systems and our website technology, and (4) to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. AK OZON TECHNOLOGIES therefore assesses these anonymously collected data and information statistically, with the aim of increasing data protection and security in our company, and to ultimately ensure an optimal level of protection for the personal data we process.The anonymous data of the server log files are stored separately from all personal data provided by a data subject.


5. Contact possibility via the website

AK OZON TECHNOLOGIES' website contains, by virtue of legal provisions, information that anables a quick electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail address (e-mail address). If a data subject contacts the controller via e-mail or via a contact form, the personal data submitted by the data subject are stored automatically. Such personal data provided on a voluntary basis by a data subject to the controller are stored for the purposes of processing or contacting the data subject. No such personal information will be disclosed to any third party.


6. Routine deletion and blocking of personal data

The controller shall process and store the personal information of the data subject only for the period of time necessary to achieve the storage purpose, or otherwise stated by the European Policy and Regulations or other legislator in the laws or regulations governing the controller.

If the purpose of the storage is not fulfilled or if a retention period imposed by the European regulatory authority or any other competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the legal requirements.


7. Rights of the data subject

a) Right of confirmation

Each data subject has the right granted by the European directive and regulatory authoritiy to request confirmation from the controller whether or not personal data relating to them are being processed. If a data subject wishes to exercise this right of confirmation, they may contact a representative of the controller at any time.


b) Right of access

Each data subject has the right, as granted by the European directive and regulatory authority provider to obtain, at any time, free of charge, from the controller, access to personal data stored as well as a copy of that information. In addition, the European guidelines and Regulation provider has granted the data subject access to the following information:

 

  • the purpose of processing;

  • the categories of personal data being processes;

  • the recipients or categories of recipients to whom the personal data have been disclosed or are to be disclosed, in particular recipients in third countries or international organizations;

  • where possible, the planned duration for which the personal data will be stored, or, if not possible, the criteria for determining this duration;

  • the existence of a right to rectification or erasure of personal data related or to restriction of the processing by the controller or a right of objection to such processing;

  • the existence of a right of appeal to a supervisory authority;

  • where the personal data are not collected from the data subject, all available information as to their sources;

  • the existence of automated decision-making including profiling in accordance with Article 22 (1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, the scope and intended impact of such processing on the data subject.


Furthermore, the data subject has a right of access as to whether personal data has been transmitted to a third country or to an international organisation. If this is the case, then the data subject has the right to obtain information about the appropriate guarantees in connection with the transfer.

If a data subject wishes to exercise this right of access, they may at any time, contact a representative of the controller.


c) Right to rectification

Each data subject has the right granted by the European directive and regulatory authority to require the immediate correction of inaccurate personal data concerning him or her. Furthermore, the data subject is also entitled to request the completion of inaccurate personal data, also by means of a supplementary declaration, taking into account the purposes of the processing.

If a data subject wishes to exercise this right of rectification, they may at any time contact a representative of the controller.


d) Right to deletion (Right to be forgotten)

Each data subject has the right granted by the European directive and regulatory authority to require the controller to delete the personal data relating to him without delay, provided that any of the following reasons apply and that the processing is not necessary:

 

  • The personal data have been collected for such purposes or otherwise processed for which they are no longer necessary.

  • The data subject revokes the consent on which the processing was based in accordance with Article 6 (1) (a) of the GDPR or Article 9 (2) (a) of the GDPR and lacks any other legal basis for the processing.

  • The data subject object to the processing in accordance with Article 21 (1) of the GDPR, and there are no legitimate reasons for the processing or the data subject object to the processing in accordance with Article 21 (2) of the GDPR.

  • The personal data have been processed unlawfully.

  • The deletion of personal data is necessary to fulfill a legal obligation under Union or national law, to which the controller is subject.

  • The personal data have been collected in relation to the information society services offered in accordance with Article 8 (1) of the GDPR.


If any of the above reasons applies and a data subject wishes to have personal data stored at AK OZON TECHNOLOGIES deleted, they may at any time contact a representative of the controller. AK OZON TECHNOLOGIES representative will arrange that the request for deletion be fulfiled without delay.

If the personal data of AK OZON TECHNOLOGIES have been made public and our undertaking, as controller, is obliged to delete the personal data in accordance with Article 17 (1) of the GDPR, the AK OZON TECHNOLOGIES shall take appropriate measures, including technical measures, taking into consideration the technology available and the implementation costs, to inform other data controllers handling the published personal data that the data subject has requested the deletion of all links to such personal data or copies or replicas of such personal data, where processing is not necessary. AK OZON TECHNOLOGIES representative will take the necessary action in individual cases.


e) Right to restriction of procesing

Each data subject has the right granted by the European directive and regulatory authority to require the controller to restrict the processing if one of the following conditions applies:

 

  • The accuracy of the personal data is disputed by the data subject for a period which allows the controller to verify the accuracy of the personal data.

  • The processing is unlawful, the data subject refuses to delete the personal data, and instead requires the restriction of thier use.

  • The controller no longer needs the personal data for the purposes of the processing, but the data subject needs them to assert, exercise or defend legal claims.

  • The data subject has objection to the processing according to Article 21 (1) of the GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.

  • If one of the above conditions is met and a data subject wishes to request the limitation of personal data stored at AK OZON TECHNOLOGIES, they may at any time contact an employee of the controller. AK OZON TECHNOLOGIES representatives will cause the processing to be restricted.


f) Right to data portability

Each data subject have the right granted by the European directive and regulatory authority to obtain the personal data relating to them which have been made available by the data subject to a controller in a structured, standard and machine-readable format. The data subject also has the right to transfer this data to another controller without hindrance by the previous controller to whom the personal data was provided, given that the processing is based on the consent according to Article 6 (1) (a) of the GDPR or Article 9 (1) (b) 2 (a) of the GDPR or on a contract according to Article 6 (1) (b) of the GDPR and that processing is carried out by means of automated procedures, unless the processing is necessary for the performance of a task, is in the public interest or in the exercise of official authority which has been assigned to the controller.

Furthermore, in exercising their right to data portability according to Article 20 (1) of the GDPR, the data subject has the right to request that the the personal data be transmitted directly from one controller to another, provided that this is technically feasible and does not affect the rights and freedom of others.

In order to exercise this right to data portability, the data subject may at any time contact a representative of AK OZON TECHNOLOGIES.


g) Right to objection

Each data subject have the right granted by the European directive and regulatory authority to object at any time against the processing of personal data relating to them or on grounds relating to thier particular situation, in accordance with the Article 6 (1) (e) or (f) of the GDPR. This however, also applies to profiling based on these provisions.

The AK OZON TECHNOLOGIES shall no longer process the personal data in the event of opposition unless we can demonstrate compelling, legitimate reasons for the processing which outweigh the interests, rights and freedoms of the data subject or is intended to establish, exercise or defend legal claims.

If AK OZON TECHNOLOGIES processes personal data for direct marketing, the data subject have the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling, as far as it is assocoiated with such direct marketing. If the data subject opposes processing for direct marketing purposes to AK OZON TECHNOLOGIES, AK OZON TECHNOLOGIES will no longer process the personal data for such purposes.


In addition, the data subject has the right to object, for reasons arising from their particular situation, against the processing of personal data related to them carried out by AK OZON TECHNOLOGIES for scientific or historical research purposes or for statistical purposes in aordance with Article 89 (1) of the GDPR, unless such processing is necessary to fulfil a public interest task.

In order to exercise this right of objection, the data subject may directly contact any AK OZON TECHNOLOGIES representative or any other employee. The data subject is also free to exercise their right of objection in connection with the use of information society services, notwithstanding Directive 2002/58/EG, by means of automated procedures using technical specifications.


h) Automated individual decision-making including profiling

Any person involved in the processing of personal data shall have the right granted by the European directives and regulatory authorities, and not any right granted solely on automated processing, including profiling, which has legal effect on it or in a similar manner, is significantly affected by it; provided that the decision is (1) not necessary for the conclusion or fulfillment of a contract between the data subject and the controller, or (2) is permitted by Union or Member State legislator to which the controller is subject and that such legislation contains appropriate measures to safeguard the rights, freedom and legitimate interests of the data subject, or (3) with the explicit consent of the data subject.

If the decision (1) is necessary for the conclusion or fulfilment of a contract between the data subject and the controller or (2) it takes place with the explicit consent of the data subject, AK OZON TECHNOLOGIES will take appropriate measures to safeguard the rights, freedom and the rights of the individual legitimate interests of the data subject, including, at a minimum, the right to obtain the intervention of a person by the controller, to present their own position and to challenge the decision.

If the data subject wishes to rely on automated decision-making rights, they may, at any time, contact a representative of the controller.


i) Right to revoke data protection consent

Each data subject have the right granted by the European directives and regulatory authorities to revoke consent to the processing of personal data at any time.

If the data subject wishes to exercise their right of withdrawal of consent, they may at any time contact a representative of the controller.


8. Date protection for applications and application procedures

The controller collects and processes the personal data of candidates for the purpose of handling an application procedure. Processing may also be carried out electronically. This is the case when an applicant submits appropriate application documents to the controller by electronic means, e.g. by e-mail or via a web form on the website. If the controller enters into an employment contract with an applicant, the data transmitted shall be stored for the purpose of processing the employment in accordance with the legal provisions. If no employment contract with the applicant is concluded by the controller, the application documents shall be automatically deleted two months after the notice of the refusal, unless there are other legitimate interests of the controller in preventing such deletion. Any other legitimate interest in this sense is, for example, an obligation to provide evidence in a procedure under the General Equal Treatment Act (GETA).


9. Privacy policy on the use of Facebook

The controller has integrated components of the company Facebook on this website. Facebook is a social network.

A social network is an Internet-based social meeting place, an online community that usually allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for sharing views and experiences, or allows the Internet community to provide personal or business-related information. Facebook allows users of the social network to create private profiles, upload photos and socialize via friend requests.

Facebook is operated by Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller for the processing of personal data when a data subject is living outside the USA or Canada is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.

Each time one of the individual pages of this website, operated by the controller, has been accessed and a Facebook component (Facebook plug-in) has been integrated, the Facebook component automatically causes the internet browser on the data subject's information technology system to download a presentation of the Facebook component. A complete overview of all Facebook plug-ins is available at https://developers.facebook.com/docs/plugins/?locale=en_US. As part of this technical process, Facebook will be informed of the specific website of the data subject.

If the data subject is logged in to Facebook at the same time, Facebook recognizes, every time the data subject calls our website and throughout the period of the stay, the specific page of our website that the data subject visits. This information is collected through the Facebook component and is assigned by Facebook to the person's Facebook account. If the data subject accepts one of the Facebook buttons on our website, such as the "Like" button, or if the data subject submits a comment, Facebook assigns that information to the personal Facebook account of the data subject and stores that personal data.

Facebook receives information from the Facebook component that the data subject has visited our website whenever the data subject is logged on to Facebook at the same time when our website is being accessed; this is done regardless of whether the data subject clicks the Facebook component or not. If the data subject does not wish to submit such information to Facebook, the data subject may prevent the transmission by logging out of their Facebook account before launching our website.

The Data Policy published by Facebook, available at https://de-de.facebook.com/about/privacy/, provides information on Facebook's collection, processing and use of personal data. It also explains how Facebook can be used to protect the privacy of the person concerned. In addition, different applications are available that can suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.


10. Privacy Policy on the use of Google Analytics (with anonymization function)

The controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the collection and analysis of data on the behavior of visitors to websites. A web analysis service collects, among other things, data on which website a data subject came to a website (so-called referrers), which sub-pages of the website were accessed or how often and for what duration a subpage was viewed. A web analysis is mainly used to optimize a website and to analyze the costs-benefit of Internet advertising.

Google Analytics is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

The controller uses the addition "_gat._anonymizeIp" for web analysis of Google Analytics. This addendum shortens and anonymizes Google's IP address of the data subject's Internet connection when access to our Internet sites is from a Member State of the European Union or from another State party to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze visitor flows on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us which show the activities on our website and to provide other services related to the use of our website.

Google Analytics places a cookie on the information technology system of the data subject. What cookies are, has already been explained above. By setting the cookie, Google will be able to analyze the use of our website. Each call to one of the individual pages of our website, operated by the controller, on which a Google Analytics component has been integrated, automatically induces the internet browser on the data subject's information technology system by the relevant Google Analytics component to submit data to Google for online analysis. As part of this technical process, Google will gain knowledge of personal data, such as the IP address of the data subject, which is used, among other things, by Google to track the origin of visitors and clicks and subsequently make commission settlements possible.

The cookie is used to store personal information, such as access time, the location from which access was made and the frequency of site visits to our website by the data subject. Each time you visit our website, this personal data, including the IP address of the internet connection used by the data subject, will be transferred to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties.

The data subject may at any time prevent the setting of cookies by our website, as shown above, by means of an appropriate setting of the internet browser used, and thus permanently contradict the setting of cookies. Such a setting of the internet browser used would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software.

Furthermore, the data subject has the possibility to object to and prevent the collection of data generated by Google Analytics for the use of this website and the processing of such data by Google. To do this, the data subject must download and install a browser add-on at https://tools.google.com/dlpage/gaoptout . This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites may be sent to Google Analytics. The installation of the browser add-on is considered by Google to be a contradiction. If the information technology system of the data subject is subsequently deleted, formatted or reinstalled, the data subject must re-install the browser add-on to disable Google Analytics. If the browser add-on is uninstalled or disabled by the data subject or any other person within their area of control, it is possible to reinstall or re-activate the browser add-on.

Additional information and the applicable Google Privacy Policy can be found at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html . Google Analytics is explained in more detail at https://www.google.com/intl/de_de/analytics/ .


11. Legal basis for processing

Article 6 (1) lit. (a) DS-GVO serves as a legal basis for our company for processing operations where we obtain consent for a specific processing purpose. If the processing of personal data is necessary to fulfill a contract of which the data subject is a party, such as processing operations necessary for the supply of goods or for the provision of any other service or consideration, the processing shall be based on Article 6 (1) Lit. (b) DS-GVO. The same applies to processing operations required for the implementation of pre-contractual measures, for example in case of inquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfillment of tax obligations, the processing shall be based on Art. 6 (1) lit. (c) DS-GVO. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company is injured and their name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 (1) lit. (d) DS-GVO. Ultimately, processing operations could be carried out in the form of 6 (1) lit. (f) DS-GVO. This legal basis shall be used for processing operations which are not covered by any of the above legal bases, where processing is necessary to safeguard the legitimate interests of our undertaking or of a third party, provided that the interests, fundamental rights and freedoms of the person concerned do not outweigh those of that person. We are allowed to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In that regard, it considered that a legitimate interest could be assumed if the data subject is a client of the controller (recital 47, second sentence of the DS-GVO).


12. Legitimate interests pursued by the controller or by a third party

Based on the processing of personal data in accordance with Article 6 (1) lit. (f) DS-GVO, is our legitimate interest in carrying out our business for the benefit of all our employees and our shareholders.


13. Duration for which peronal data are stored


The criterion for the duration of the storage of personal data is the relevant legal retention period. At the end of the period, the corresponding data will be routinely deleted, provided that they are no longer required for the fulfillment or the initiation of the contract.


14. Provision of personal data as legal or contractual requirements; Need for conclusion of the contract; Obligation of the data subject to provide the personal data; and possible consequences of non-availability of the required data.

We hereby clarify that the provision of personal data is partly required by law (e.g. tax regulations) or may result from contractual regulations (e.g. information about the contractual partner). In some cases, it may be necessary for a contract to be concluded that a data subject provides us with personal data which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal information when our company enters into a contract agreement with them. Failure to provide the personal data would mean that the contract could not be processed or initiated. The data subject must contact one of our employees before any personal data is provided by them. Our staff will explain to the data subject whether the provision of personal data is required by law or by contract or necessary for the conclusion of a contract, whether there is an obligation to provide the personal data and what consequences the non-provision of personal data would have.


15. Existence of automated decision-making

As a responsible company, we do not use automatic decision-making or profiling.


This Privacy Policy Statement was created by the Data Protection Declaration Generator of the DGD Deutsche Gesellschaft for Data Protection GmbH, which conducts Data Protection-Audit , in cooperation with the Media Law Firm WILDE BEUGER SOLMECKE .