Data Protection Declaration
TAWNY appreciates your interest in our company and our services/products.
We would like to use the following data protection declaration to inform you which personal data is collected, processed and, if necessary, transmitted when you visit our website and the services and offers accessible via it, to what extent and for what purpose.
As far as the website refers to external pages of other providers (links), you leave our internet offer through these links. The operators of these linked sites and not TAWNY are solely responsible for compliance with data protection regulations.
TAWNY GmbH Data Protection Principles
The protection of your privacy and the security of all business data is a very important concern to us, which we take into in our business processes. Data protection and information security are part of our corporate policy.
We attach great importance to the protection of your personal data and process them exclusively in accordance with the laws and regulations of the Federal Republic of Germany and superordinate European legal regulations, including the EU Basic Data Protection Ordinance (DSGVO). Your personal data will be processed to the extent described below for the purposes described. This means that we only use your personal data if this is expressly permitted by data protection laws or if you have given us your express prior consent.
In the EU basic data protection regulation certain terms are used which are defined in Art. 4, e.g., personal data, processing, pseudonymization, persons responsible, contractors, recipients, third parties, consent.
Name and contact details of the person responsible
This website is operated by the company TAWNY GmbH (“TAWNY”). TAWNY assumes all obligations of the DSGVO and other national data protection laws of the member states as well as other data protection regulations. This applies in particular to the exercise of the data subject’s rights and the obligation to provide information in accordance with Articles 13 and 14, without prejudice to which you may assert your rights as data subject against any of the data controllers.
Haus der Innovation
Phone: +49 89 189081-100
Fax: +49 89 189 081-400
Geschäftsführer: Dr. Michael Bartl
Amtsgericht München, HRB 232947
Name and address of the data protection officer
The data protection officer of the person responsible is:
Dr. Eddie Kohfeldt
Phone: +49 89 189081-100
General information on the processing of personal data
Scope of processing
We only process personal data of our users if this is necessary to provide a functional website as well as our offered contents and services. The processing of personal data takes place only on the basis of the currently valid legal basis.
Purpose of the processing
The purposes of the processing of personal data are based on the conduct of TAWNY’s business operations and all related ancillary business.
Legal basis for processing
For the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 letter b DSGVO serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f DSGVO serves as the legal basis for processing.
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a DSGVO serves as the legal basis.
If the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.
In the event that the vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.
Legal or contractual regulations for the provision of personal data
The provision of personal data by you may be required by law or contract or may be necessary for the conclusion of a contract.
In particular, you may be obliged to provide us with personal data for concluding contracts. Failure to provide personal data would mean that the contract with you could not be concluded.
Disclosure of personal data
We will only pass on your personal data to third parties if
- this is necessary for the execution of an existing contractual relationship with you.
- it is necessary to protect our legitimate interests or those of a third party, unless the interests or fundamental rights and freedoms of you (the data subject), which require the protection of personal data, prevail.
- we are legally obliged to do so.
- this is necessary for the enforcement of our claims and rights.
- we receive inquiries from official bodies (e.g. supervisory authorities or law enforcement authorities if disclosure is necessary to avert threats to public safety and order and to prosecute criminal offences).
In the context of such a transfer, however, the personal data may only be used for the respective purpose.
Integration of external service providers
Like most other companies we are not specialists for everything. That is why we use service providers who support us in some areas of our business activities, e.g.
- IT service provider for the maintenance of our infrastructure
- IT developers in the further development of our applications
- Data centers for secure operation of our services
- Agencies and printers for sending e-mail information or printed information
We have concluded the legally required contracts for order processing, which specifically specify what the service provider may do with which data. In particular, a passing on to third parties is also excluded here. Service providers are obliged in these contracts to comply with the applicable data protection regulations.
Data erasure and storage time
Personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data.
Provision of the website and creation of log files
You can visit our website without registration or login. When you visit our website, data is collected by the web server for the transmission of data (information from the computer system of the calling computer) and partly stored in log files on the web server. This data is referred to as “usage data”.
Cookies are not fundamentally malicious, but allow user interaction and other meaningful things when using websites. Cookies do not cause any damage to your computer and do not contain any viruses.
Contact form and e-mail contact
There is a contact form on our website which can be used for electronic contact. If you take advantage of this option, the data entered in the input mask will be transmitted to us and saved.
use of third party extensions
Like many other companies, we use third-party extensions (social media, analysis tools, marketing tools, etc.). Personal data (e.g. IP numbers, information from pseudonymised cookies, geodata, etc.) can be forwarded or automatically transferred to third party providers. The type, scope, purpose and duration of such processing of personal data may vary from case to case.
Your rights as a person concerned
If personal data are processed by you, you are affected within the meaning of the DSGVO and you have the following rights vis-à-vis the person responsible:
- Right to information: You can find out whether and which of your personal data we process.
- Right to correction: If any personal information we process from you is inaccurate, we must correct it.
- Right of Deletion (“Right to Forgetting”): If certain reasons apply, we must delete your personal data.
- Right to restrict processing: Under certain conditions, you can have the processing of your personal data restricted (e.g. blocked).
- Right to information: Any correction, deletion or limitation of processing must be communicated to all recipients of your personal data.
- Right to data transfer: Personal data that you have provided to us can be obtained in a machine-readable format.
- Right of objection: You can object at any time to the processing of personal data concerning you, which is based on Art. 6 para. 1 lit. e or f DSGVO.
This includes in particular the objection against direct advertising.
- Right to revoke the data protection declaration of consent: You can revoke your consent given to us at any time.
- Automated decision in individual cases including profiling: In certain cases scoring and profiling may not be carried out without the involvement of an examining person.
- Right of appeal to a supervisory authority: You can complain to a data protection supervisory authority. However, we ask you to contact us first to exercise your rights.
Changes to the data protection declaration
We reserve the right to adapt this data protection declaration when new services are introduced or changed so that it always complies with current legal requirements. When you return to our website, the current version will apply.
Questions and complaints
If you require any further information on the collection and storage of your data through us, please contact our data protection officer via firstname.lastname@example.org or by telephone and mail.