Privacy Policy

engineering and biomechanics in cycling

Bernhard Schnürch, Dipl.-Ing.(FH) (hereinafter ergocycle)

As at: Mai 2018

With the following information we give you an overview of the processing of your personal data by ergocycle and your rights in relation to data protection. Personal data is all data that can be personally related to natural persons, such as name, address, e-mail address, etc. With regard to the terms used, such as 'processing' or 'responsible person', we refer to the legal definitions in Art. 4 of the General Data Protection Regulation (GDPR). ergocycle's Privacy Policy must be read in conjunction with any other legal notices and terms of use that may be made available on other pages of our website or when initiating a contract. Which data is otherwise processed and used in detail depends largely on the services requested or agreed in each case. Please note the respective data protection declarations, which we may send you separately as part of the contract initiation.

1. Name and contact details of the person responsible for processing and the contact person for data protection

a) Responsible:

ergocycle

Bernhard Schnürch, Dipl.-Ing. (FH)

Paul-Löbe-Straße 39
D – 40595 Düsseldorf
Mail: mail@ergocycle.de

b) Contact person for data protection:

a) Responsible:

Bernhard Schnürch, Dipl.-Ing. (FH)

Paul-Löbe-Straße 39
D – 40595 Düsseldorf
Mail: mail@ergocycle.de

2. Information about the categories and sources of personal data that we process

If you use our website www.ergocycle.de purely for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server (server log files). If you would like to view our website, we collect the following data that is technically necessary for us to display our website to you, to ensure its stability and security and to carry out other administrative tasks (legal basis is Art. 6 Para. 1 S. 1 lit . f GDPR). The following information is recorded without any action on your part and temporarily stored in a so-called log file: IP address, date and time of the request, content of the request (name and URL of the file accessed), access status/HTTP status code, website from which the Request comes (referrer URL), browser used and, if applicable, the operating system of your computer, the name of your access provider and the amount of data transferred in each case. In addition, we use cookies and, if necessary, analysis services when you visit our website. You can find more detailed information on this under Section 10 of this data protection declaration.

When you contact us by e-mail, fax, post or telephone, the data you provide will be stored by us in order to answer your questions. A valid e-mail address, fax or telephone number must be provided. or address is required so that we know who sent the request and to be able to answer it. Data processing for the purpose of contacting us and initiating business transactions is generally based on your voluntarily given consent (Article 6 (1) (a) GDPR). We delete the data arising in this context after the storage is no longer necessary, or restrict the processing if there are statutory storage obligations.

We also process personal data that we receive from our customers as part of our business relationship. In addition, we process - to the extent necessary for the provision of our service - personal data that we have received from other third parties in a permissible manner (e.g. for the execution of orders, for the fulfillment of contracts or on the basis of your consent). Furthermore, we process personal data that we have legitimately obtained and are allowed to process from publicly accessible sources (e.g. commercial and association registers, press, media, internet).

Relevant personal data in the process of interested parties in the course of opening master data can be: name, address/other contact details (telephone, e-mail address), gender.

As part of the business initiation phase and during the business relationship, in particular through personal, telephone, electronic or written contacts initiated by you or by us, further personal data is generated, e.g. B. Information about contact channel, date, reason and result; (Electronic) copies of correspondence and information about participation in direct marketing measures.

3. Purpose of data processing and indication of the legal basis

We process the aforementioned personal data in accordance with the GDPR and the Federal Data Protection Act (BDSG):

a. For the fulfillment of contractual obligations (Article 6 Paragraph 1 b DS-GVO) The processing of personal data takes place in order to provide services within the scope of the implementation of our contracts with our customers or to implement pre-contractual measures that take place at your request. Further details on the purpose of data processing can be found in the respective contract documents.

b. As part of the balancing of interests (Article 6 Paragraph 1 f GDPR), where necessary, we process your data beyond the actual fulfillment of the contract to protect our legitimate interests or those of third parties, unless the interests or fundamental rights and fundamental freedoms of the person concerned, which the require protection of personal data prevail. Examples:

Consultation and exchange of data with credit agencies to determine creditworthiness and default risks, checking and optimizing processes for needs analysis and direct customer contact, advertising or market and opinion research, unless you have objected to the use of your data, assertion of legal claims and defense in legal disputes, guarantee of IT security and the IT operation of ergocyclePrevention of criminal offensesMeasures for building and plant security (e.g. access controls)Measures to ensure domiciliary rightsMeasures for business management and further development of services and productsRisk management

c. Based on your consent (Article 6 Paragraph 1 a GDPR) if you have given us consent to the processing of personal data for specific purposes, the legality of this processing is given on the basis of your consent. A given consent can be revoked at any time. This also applies to the revocation of declarations of consent that were given to us before the EU General Data Protection Regulation came into force, i.e. before May 25, 2018. Please note that the revocation only applies to the future. Processing that took place before the revocation is not affected.

d.Due to legal requirements (Article 6 Paragraph 1 c GDPR) or in the public interest (Article 6 Paragraph 1 e GDPR), we as a company are also subject to various legal obligations, i.e. legal requirements (e.g. Commercial Code, GmbH Act, tax laws ). The purposes of processing include, among other things, the fulfillment of tax regulations, as well as the assessment and management of risks for our company.

4. Recipient of the data

Within ergocycle, those departments that need your data to fulfill our contractual and legal obligations will have access to it. Service providers and vicarious agents used by us can also receive data for these purposes if they comply with our written data protection instructions. These are essentially companies from the categories listed below.

With regard to the transfer of data to third parties, it should always be noted that we may only pass on information about you if (i) legal provisions allow this (e.g. if the data is transferred to third parties in accordance with Art. 6 Para. 1 lit. b. DSGVO is required to fulfill the contract or to protect our legitimate interests in accordance with Article 6 Paragraph 1 Letter f, such as when using agents, web hosts, etc.), (ii) there is a legal obligation, (iii) you have consented, ( iv) and/or processors commissioned by us guarantee compliance with the requirements of the GDPR and the Federal Data Protection Act (Art. 28 GDPR, § 62 BDSG)).

Under these conditions, recipients of personal data e.g. be:

— Public bodies and institutions if there is a legal or official obligation.

— Other entities and processors to which we transfer personal data in order to carry out the business relationship with you. Specifically: support/maintenance of EDP/IT applications, archiving, call center services, controlling, data destruction, purchasing/procurement, customer management, letter shops, marketing, media technology, expense reports, telephony, website management, tax consulting services, payment transactions. Other data recipients may be those bodies for which you have given your consent to data transmission.

5. Data transfer to a third country or to an international organization

Data will only be transferred to countries outside the EU/EEA (so-called third countries) or to international organizations if this is necessary for the execution of your orders, is required by law (e.g. tax reporting obligations), you have given us your consent or as part of order data processing. If service providers are used in a third country, they are - in addition to written instructions - obliged to comply with the data protection level in Europe through the agreement of the EU standard contractual clauses. The current EU standard contractual clauses are available at www.eur-lex.europa.eu.

6. Duration of data storage

We process and store your personal data as long and as far as it is necessary for the fulfillment of our contractual and legal obligations. It should be noted that our business relationship is fundamentally based on long-term cooperation. If the data is no longer required for the fulfillment of contractual or legal obligations, they are regularly deleted, unless their - temporary - further processing is necessary for the following purposes:

Fulfillment of retention periods under commercial and tax law: The German Commercial Code and the Tax Code should be mentioned in particular. The deadlines for storage and documentation specified there are two to ten years. Preservation of evidence within the framework of the statute of limitations. According to §§ 195 ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years, whereby the regular limitation period is three years.

7. Data protection rights of concerned persons

Every data subject has the right to information under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR. The restrictions under §§ 34 and 35 BDSG apply to the right to information and the right to erasure. In addition, there is a right of appeal to a data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 BDSG).

You can revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent that were given to us before the EU General Data Protection Regulation came into force, i.e. before May 25, 2018. Please note that the revocation only applies to the future. Processing that took place before the revocation is not affected. If you would like to make use of your right of withdrawal, this is possible in any form; an e-mail to mail
ergocycle.de is sufficient, for example

8. Obligation to provide data

As part of our business relationship, you must provide the personal data that is necessary for the establishment and implementation of a business relationship and the fulfillment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will generally have to refuse to conclude the contract or execute the order, or we will no longer be able to carry out an existing contract and may have to terminate it.

9. Existence of automated decision-making (including profiling)

In principle, we do not use fully automated decision-making in accordance with Article 22 GDPR to establish and implement the business relationship. If we use these procedures in individual cases, we will inform you separately if this is required by law.

We process your data partially automatically with the aim of evaluating certain personal aspects (profiling). We use evaluation tools to provide you with targeted information and advice about products. This enables us to communicate and advertise as needed, including market and opinion research.

10. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not damage your end device and do not contain viruses, Trojans or other malware. Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed of your identity. On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specific period of time. If you visit our site again to make use of our services, it will automatically be recognized that you have already been with us and what inputs and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These cookies enable us to automatically recognize when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined period of time. The data processed by cookies are required for the stated purposes to protect our legitimate interests and those of third parties in accordance with Article 6 Paragraph 1 Sentence 1 lit. f GDPR.

You can configure your browser settings according to your wishes and e.g. B. refuse to accept third-party cookies or all cookies. We would like to point out that in these cases you may not be able to use all the functions of this website.

11. YouTube

Our website uses the provider YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA for the integration of videos. When you access a page with embedded videos, your IP address is sent to YouTube and cookies are stored on your computer. However, we have integrated our YouTube videos with the extended data protection mode (in this case, YouTube still contacts Google's DoubleClick service, but according to Google's data protection declaration, personal data is not evaluated). As a result, YouTube no longer stores any information about the visitors unless they watch the video. If you click on the video, your IP address will be transmitted to YouTube and YouTube will know that you have viewed the video. If you are logged into YouTube, this information will also be assigned to your user account (you can prevent this by logging out of YouTube before viewing the video). We have no knowledge of the possible collection and use of your data by YouTube and have no influence over it. For more detailed information on the type, purpose and scope as well as the further processing and use of your data by YouTube, please refer to the data protection information on YouTube at https://policies.google.com/privacy?hl=de&gl=de. There you will also find out more about your rights in this regard and the setting options for protecting your privacy.

Possibility of objection: In order to prevent YouTube from collecting information about you during your visit to our website, you can log out of YouTube at the beginning of a visit to our website and delete any existing YouTube cookies from the browser you are using.

11.1 Vimeo

Our website may use plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. If you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers will be established. The Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account. For more information on how to handle user data, see Vimeo's privacy policy at: https://vimeo.com/privacy.

12. Updating and changing the data protection declaration

This data protection declaration is dated May 2018. Due to the further development of our website, our offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. The current data protection declaration can be requested from us at any time.

Information about your right of objection according to Art. 21 GDPR

1. Individual right of objection

You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data relating to you, which is based on Art. 6 Para. 1 lit. e) GDPR (data processing in the public interest) and Art. 6 Para 1 lit. f) GDPR (data processing on the basis of a balance of interests) to file an objection; this also applies to profiling based on this provision within the meaning of Article 4 (4) GDPR. If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

2. Right to object to the processing of data for advertising purposes

In individual cases, we may process your personal data in order to carry out direct advertising. You have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.

3. The objection can be made in any form and should be sent to: ergocycle, Paul-Löbe-Straße 39, D - 40595 Düsseldorf,
Mail: mail@ergocyle.de