top of page

Data Protection

Who we are

Our website address is: solutionfinderspace.com

Find our Contact details at  „Impressum“.

 

Data Protection
We inform you below in accordance with the legal requirements of data protection law (in particular in accordance with the new Federal Data Protection Act (BDSG n.F.) and the European General Data Protection Regulation 'GDPR') about the type, scope, and purpose of the processing of personal data by our company. This privacy policy also applies to our websites and social media profiles. For the definition of terms such as "personal data" or "processing," we refer to Art. 4 GDPR.

Name and Contact Information of the Person Responsible

See "Contact"

Types of Data, Purposes of Processing, and Categories of Data Subjects

Below we inform you about the type, scope, and purpose of the collection, processing, and use of personal data.

1. Types of Data We Process

You can also visit this website without providing information about yourself. 

However, in order to improve our online offering, we store your access data to this website (without personal reference). This access data includes, for example, the file you requested or the name of your Internet service provider. The anonymization of the data means that it is not possible to draw any conclusions about your person.  

 

The following data is collected as the basis for our website analytics:

  • Information about your browser, network, and device

  • Websites you visited before visiting this website

  • Your IP address

​

This information may also include details about your use of this website, including:

  • Clicks

  • Internal links

  • Pages visited 

  • Scrolling

  • Searches

  • Timestamps

 

 

We may share this information with various website analytics providers to learn more about the traffic and activity on this website.

Insofar as contact or inventory data (e.g., name, address, or email addresses) is explicitly collected on our pages, this is always done on a voluntary basis as far as possible. If you contact us as the website operator using the contact options provided, your details will be stored so that they can be used to process and respond to your request.

​​​

2. Purposes of processing pursuant to Art. 13 (1) c) GDPR  

  • Technical and economic optimization of the website 

  • Enabling easy access to the website 

  • Improving the user experience 

  • User-friendly design of the website 

  • Economic operation of advertising and the website 

  • Marketing/sales/advertising 

  • Compilation of statistics 

  • Customer service and customer care 

  • Processing of contact requests 

  • Provision of functions and content 

  • Security measures 

  • Uninterrupted, secure operation of our website 

 

3. Categories of data subjects pursuant to Art. 13 (1) (e) GDPR

 

Visitors/users of the website, customers, interested parties.

The data subjects are collectively referred to as “users.”

 

Legal basis for the processing of personal data

Below, we provide information about the legal basis for the processing of personal data:

 

  1. If we have obtained your consent for the processing of personal data, Art. 6 (1) (a) GDPR is the legal basis.

  2. If the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures taken at your request, Art. 6 (1) (b) GDPR is the legal basis.

  3. If processing is necessary for compliance with a legal obligation to which we are subject (e.g., statutory retention obligations), the legal basis is Art. 6 (1) (c) GDPR.

  4. If processing is necessary to protect the vital interests of the data subject or another natural person, the legal basis is Art. 6 (1) (d) GDPR.

  5. If processing is necessary to safeguard our legitimate interests or those of a third party and your interests or fundamental rights and freedoms do not override these interests, the legal basis is Art. 6 (1) (f) GDPR.

 

Disclosure of personal data to third parties and processors

We do not disclose any data to third parties without your consent. Should this be the case, however, the transfer will be based on the aforementioned legal grounds, e.g., when transferring data to online payment providers for the purpose of fulfilling a contract, or due to a court order or a legal obligation to disclose the data for the purposes of criminal prosecution, averting danger, or enforcing intellectual property rights.

 

​We also use processors (external service providers, e.g., for web hosting of our websites and databases) to process your data. If data is passed on to processors within the framework of a data processing agreement, this is always done in accordance with Art. 28 GDPR. We select our processors carefully, monitor them regularly, and have been granted the right to issue instructions regarding the data. In addition, the processors must have taken appropriate technical and organizational measures and comply with the data protection regulations in accordance with the BDSG (German Federal Data Protection Act) as amended and the GDPR.

​

Data transfer to third countries

The adoption of the European General Data Protection Regulation (GDPR) has created a uniform basis for data protection in Europe. Your data will therefore mainly be processed by companies to which the GDPR applies. If, however, processing is carried out by third-party services outside the European Union or the European Economic Area, these must comply with the special requirements of Art. This means that processing is carried out on the basis of special guarantees, such as the EU Commission's official recognition of a level of data protection equivalent to that of the EU or compliance with officially recognized special contractual obligations, known as “standard contractual clauses.”

​

When using service providers outside the EEA, we primarily base transfers to the USA on the adequacy decision on the EU-US Data Privacy Framework (DPF) for certified recipients. If a recipient is not certified under the DPF, transfers are made on the basis of the EU Standard Contractual Clauses (SCC) and, if necessary, additional protective measures. We avoid regular reliance on Art. 49 GDPR (exceptions).

 

Deletion of data and storage period

Unless expressly stated in this privacy policy, your personal data will be deleted or blocked as soon as you revoke your consent to its processing, or the purpose for its storage no longer applies, or the data is no longer required for that purpose, unless its further storage is necessary for evidentiary purposes or is required by law. This includes, for example, commercial law retention obligations for business letters in accordance with Section 257 (1) of the German Commercial Code (HGB) (6 years) and tax law retention obligations for receipts in accordance with Section 147 (1) of the German Fiscal Code (AO) (10 years). When the prescribed retention period expires, your data will be blocked or deleted, unless storage is still necessary for the conclusion or fulfillment of a contract.

 

Provision of our website and creation of log files

If you use our website for informational purposes only (i.e., without registering or otherwise transmitting information), we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data:

 

  • Information about your browser, your network, and your device

  • Websites you visited before visiting this website

  • Your IP address

 

This information may also include details about your use of this website, including:

​

  • Clicks

  • Internal links

  • Pages visited

  • Scrolling

  • Searches

  • Timestamps

 

This data is not stored together with other personal data relating to you.

  1. This data is used for the purpose of providing you with a user-friendly, functional, and secure website with functions and content, as well as for optimization and statistical evaluation.

  2. The legal basis for this is our legitimate interest in data processing in accordance with Art. 6 (1) (f) GDPR, which also lies in the above purposes.

  3. For security reasons, we store this data in server log files for a storage period of 30 days. After this period, it is automatically deleted unless we need to retain it for evidence purposes in the event of attacks on the server infrastructure or other legal violations.

Web analysis that is not technically necessary (e.g., Squarespace Analytics) only takes place after consent has been given via the cookie banner; details can be found below in the “Web analysis” section.

 

Web analysis (Squarespace Analytics)

We can use Squarespace Analytics to measure reach. This only happens with your consent via the cookie banner (§ 25 (1) TDDDG in conjunction with Art. 6 (1) lit. a GDPR). Without consent, no analysis that is not technically necessary will take place. Usage data may be processed as part of the analysis (e.g., pages viewed, clicks, internal links, referrers, timestamps, device/browser information, IP address). You can change your selection in the banner at any time. Possible transfers to third countries are governed by the section “International Data Transfers (USA)” of this statement.

​

Cookies

According to § 25 TDDDG (formerly TTDSG), prior consent is required for storing information on your device or accessing it (e.g., cookies, local storage), unless it is technically necessary. Consent is required regardless of whether personal data is subsequently processed.

​

The following types of cookies are distinguished:

• Necessary, essential cookies: Essential cookies are cookies that are absolutely necessary for the operation of the website in order to store certain functions of the website such as logins, shopping cart, or user entries, e.g., regarding the language of the website.

• Session cookies: Session cookies are required to recognize multiple uses of an offer by the same user (e.g., when you have logged in to determine your login status). When you visit our site again, these cookies provide information to automatically recognize you. The information obtained in this way is used to optimize our offers and to make it easier for you to access our site. When you close your browser or log out, the session cookies are deleted.

• Persistent cookies: These cookies remain stored even after you close your browser. They are used to store your login, measure reach, and for marketing purposes. They are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in your browser's security settings.

• Third-party cookies (especially from advertisers): You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. However, we would like to point out that you may not be able to use all the functions of this website. For more information about these cookies, please refer to the respective privacy policies of the third-party providers.

Data categories: User data, cookies, user ID (including pages visited, device information, access times, and IP addresses).

 

  1. Purposes of processing: The information obtained in this way is used to optimize our web offerings technically and economically and to provide you with easier and more secure access to our website.

  2. Legal basis: End device access: Section 25 (1) TDDDG (consent) or Section 25 (2) TDDDG (exceptions for absolutely necessary processes). Downstream processing of personal data: Art. 6 (1) GDPR (in particular a – consent; b – contract; f – legitimate interest).

  3. Storage period/deletion: The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended.

  4. Otherwise, cookies are stored on your computer and transmitted from there to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

Here you will find information on how to delete cookies in common browsers:

 

 

Objection and opt-out

You can generally prevent cookies from being stored on your hard drive, regardless of consent or legal permission, by selecting “do not accept cookies” in your browser settings. However, this may result in a restriction of the functionality of our offers. You can object to the use of third-party cookies for advertising purposes via a so-called “opt-out” on this American website (https://optout.aboutads.info) or this European website (http://www.youronlinechoices.com/de/praferenzmanagement/). 

 

Contact via contact form / email / post 

 

  1. When you contact us via contact form, post, or email, your details will be processed for the purpose of handling your contact request.  

  2. The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. a) GDPR if you have given your consent. The legal basis for the processing of the data transmitted in the course of a contact request or e-mail, letter or fax is Art. 6 para. 1 sentence 1 lit. f) GDPR. The controller has a legitimate interest in processing and storing the data in order to be able to respond to user inquiries, to preserve evidence for liability reasons, and to be able to comply with its legal retention obligations for business letters, if applicable. If the purpose of the contact is to conclude a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.

  3. We may store your details and contact request in our customer relationship management system (“CRM system”) or a comparable system. 

  4. The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data from the input mask of the contact form and data sent by email, this is the case when the respective conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. We store inquiries from users who have an account or contract with us for up to two years after the end of the contract. In the case of legal archiving obligations, deletion takes place after their expiry: end of commercial law (6 years) and tax law (10 years) retention obligations.

  5. You have the option of revoking your consent to the processing of personal data at any time in accordance with Art. 6 (1) (a) GDPR. If you contact us by email, you can object to the storage of personal data at any time. 

 

Contact by telephone

  1. When you contact us by telephone, your telephone number will be processed for the purpose of handling your contact request and will be temporarily stored or displayed in the RAM/cache of the telephone device/display. This storage is carried out for liability and security reasons, in order to be able to provide proof of the call, and for economic reasons, to enable us to call you back. In the case of unauthorized advertising calls, we block the phone numbers.

  2. The legal basis for the processing of the phone number is Art. 6 (1) (f) GDPR. If the purpose of the contact is to conclude a contract, the additional legal basis for the processing is Art. 6 (1) (b) GDPR.

  3. The device cache stores the calls for 30 days and successively overwrites or deletes old data. When the device is disposed of, all data is deleted and the memory is destroyed if necessary. Blocked telephone numbers are checked annually to determine whether the block is still necessary.

  4. You can prevent the telephone number from being displayed by calling with a suppressed telephone number.

​

Presence on social media

 

  1. We maintain profiles on social media. When you use and access our profile on the respective network, the respective privacy policy and terms of use of the respective network apply.  

  2. Data categories and description of data processing: Usage data, contact data, content data, inventory data. Furthermore, user data within social networks is generally processed for market research and advertising purposes. For example, usage profiles can be created based on the usage behavior and resulting interests of users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that are presumed to correspond to the interests of the users. For these purposes, cookies are usually stored on users' computers, in which the usage behavior and interests of users are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by users (especially if users are members of the respective platforms and are logged in to them). For a detailed description of the respective forms of processing and the options for objection (opt-out), we refer you to the privacy policies and information provided by the operators of the respective networks. In the case of requests for information and the assertion of data subject rights, we would also like to point out that these can be most effectively asserted with the providers. Only the providers have access to the user data and can take appropriate measures and provide information directly. However, if you still require assistance, please contact us. 

  3. Purpose of processing: Communication with users connected to and registered on social networks; information and advertising for our products, offers, and services; external representation and image cultivation; evaluation and analysis of users and content of our social media presence.

  4. Legal basis: The legal basis for the processing of personal data is our legitimate interest in the above purposes pursuant to Art. 6 (1) (f) GDPR. If you have given us or the social network controller your consent to the processing of your personal data, the legal basis is Art. 6 (1) (a) in conjunction with Art. 7 GDPR.

  5. Data transfer/recipient category: Social network.

  6.  The data protection information, information options, and opt-out options for the respective networks/service providers can be found here:  

 

Social media plug-ins

  1. Data category and description of data processing: Usage data, content data, inventory data. When you visit our website, Shariff does not transmit any personal data to the third-party providers of the social plug-ins. Next to the logo or brand of the social network, you will find a slider that you can click to activate the plug-in. This activation constitutes your consent in the form that the respective provider of the social network receives the information that you have accessed our website and that your personal data is transmitted to the provider of the plug-in and stored there. These are so-called third-party cookies. According to some providers, such as Facebook and XING, your IP address is anonymized immediately after collection. The plug-in provider stores the data collected about the user as usage profiles. You can revoke your consent at any time by deactivating the slider.

  2. Purpose of data processing: Improvement and optimization of our website; increasing our visibility through social networks; enabling interaction with you and other users via social networks; advertising, analysis, and/or needs-based design of the website.

  3. Legal basis: The legal basis for the processing of personal data is our legitimate interest in the above purposes pursuant to Art. 6 (1) (f) GDPR. If you have given us or the social network operator your consent to the processing of your personal data, the legal basis is Art. 6 (1) (a) in conjunction with Art. 7 GDPR. In the case of pre-contractual inquiries or the use of your personal data for the performance of a contract, the legal basis is Art. 6 (1) (b) GDPR.

  4. Data transfer/recipient category: Social network.

  5. Social networks used and objection: With regard to the purpose and scope of data collection and processing, we refer you to the respective privacy policies of the social networks. There you will also find information about your rights and settings options for protecting your personal data. You have the right to object to the creation of these user profiles, whereby you can exercise these rights directly with the respective plug-in provider.

  

Facebook

  1. We have integrated plug-ins from the social network Facebook.com (EU headquarters: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) into our website as part of the so-called “two-click solution” from Shariff. You can recognize these by the Facebook logo ‘f’ or the addition “Like,” “Gefällt mir” or “Share.”

  2. As soon as you deliberately activate the Facebook plug-in, a connection is established between your browser and the Facebook servers. Facebook receives the information, including your IP address, that you have accessed our website and transmits this information to Facebook servers in the USA, where it is stored. If you are logged into your Facebook account, Facebook can assign this information to your account. When you use the plug-in's functions, e.g., by clicking the “Like” button, this information is also transmitted from your browser to Facebook's servers in the USA, where it is stored and displayed on your Facebook profile and, if applicable, to your friends.

  3. The purpose and scope of data collection and its further processing and use by Facebook, as well as your rights in this regard and settings options for protecting your privacy, can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/. Data collection via the “Like” button: https://www.facebook.com/help/186325668085084. You can manage and object to your settings regarding the use of your profile data for advertising purposes on Facebook here: https://www.facebook.com/ads/preferences/.

  4. If you log out of Facebook before visiting our website and delete your cookies, no data about your visit to our website will be assigned to your Facebook profile when you activate the plug-in.

  5. Agreement on joint processing of personal data on Facebook pages (Art. 26 GDPR): https://www.facebook.com/legal/terms/page_controller_addendum, data protection information for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.

 

Instagram

 

  1. We have integrated plug-ins from the social network Instagram (service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) into our website as part of the so-called “two-click solution” from Shariff. You can recognize these by the Instagram logo in the form of a square camera.

  2. If you deliberately activate the plug-in, a connection is established between your browser and Instagram's servers. Instagram receives information, including your IP address, that you have visited our site and transfers the information to Instagram's servers in the USA, where it is stored. If you are logged into your Instagram account, Instagram can assign this information to your account and you can click on the Instagram button to share and save the content of our pages on your Instagram account and, if applicable, show it to your friends there. We have no knowledge of the exact content of the data transmitted, its use, or its storage duration by Instagram.

  3. If you log out of Instagram before visiting our website and delete your cookies, no data about your visit to our website will be associated with your Instagram profile when you activate the plug-in.

  4. You can find further information in Instagram's privacy policy/opt-out at/opt-out: https://help.instagram.com/519522125107875, objection: https://help.instagram.com/contact/186020218683230.

 

Embedding fonts

Google Web Fonts – We have integrated the “Google Fonts” service for displaying fonts. This service is provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). For the integration, processing of your IP address is technically necessary so that the content can be sent to your browser. Your IP address is therefore transmitted to Google. This data processing is carried out to safeguard our legitimate interest in the optimization and economic operation of our website and is based on the legal basis of Art. 6 (1) (f) GDPR. Google has submitted to the EU-US Privacy Shield and thus offers a guarantee to comply with European data protection law, see www.privacyshield.gov/EU-US-Framework.

 

Driver test (browser tool on this website)

Purpose: Self-test with immediate evaluation to reflect on work/stress patterns.

Processing: Responses and evaluation take place exclusively locally in your browser. No data is transmitted to us or stored. Regardless of this, the usual server logs are generated by the hosting provider when the page is accessed (see above). No transfer to third parties.

Legal basis: No processing by us (no legal basis required).

Voluntary nature: The test can be used or canceled at any time.

 

Rights of the data subject

  1. Objection or revocation of the processing of your data: If the processing is based on your consent pursuant to Art. 6 (1) (a) and Art. 7 GDPR, you have the right to revoke your consent at any time. This does not affect the lawfulness of the processing carried out on the basis of your consent until revocation. If we base the processing of your personal data on the balancing of interests pursuant to Art. 6 (1) (f) GDPR, you may object to the processing. This is the case if the processing is not necessary in particular for the performance of a contract with you, which is described by us in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust the data processing or point out to you our compelling legitimate grounds on the basis of which we will continue the processing. You can object to the processing of your personal data for advertising and data analysis purposes at any time. You can exercise your right to object free of charge.

  2. Right to information: You have the right to request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to obtain information about your personal data stored by us in accordance with Art. 15 GDPR. This includes, in particular, information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, and the origin of your data, if it was not collected directly from you.

  3. Right to rectification : You have the right to rectify inaccurate data or to complete accurate data in accordance with Art. 16 GDPR.

  4. Right to erasure: You have the right to have your data stored by us erased in accordance with Art. 17 GDPR, unless this conflicts with statutory or contractual retention periods or other legal obligations or rights to further storage.

  5. Right to restriction: You have the right to request a restriction on the processing of your personal data if one of the conditions in Art. 18 (1) (a) to (d) GDPR is met:

• If you dispute the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;

• the processing is unlawful and you oppose the erasure of the personal data.

​

​

bottom of page