Data protection declaration

The protection of your personal data is taken very seriously when you use this website. Below you will be informed about the collection, processing and use of your personal data when you visit this website and use the services offered on it.

1. Information on personal data
(1) Personal data consists of any individual details relating to a person or which are likely to establish a reference to a person, such as name, postal address, telephone number, email address, bank details, etc. Personal data may thus be used to infer the identity of a person under certain circumstances.

(2) The controller under the General Data Protection Regulation (GDPR) is:

INTERWEGA international
Gesellschaft für Debitorenmanagement m.b.H.
Friesenweg 4 - Haus 14
22763 Hamburg
Germany

2. Rights of data subjects
In connection with our processing of your data you have the following rights:
(1) Right of access under Art. 15 GDPR on the processing of your personal data by us for the processing purpose, categories of processed data, recipients or recipient categories, duration of storage or criteria for determining the duration, right to rectification, erasure, restriction of processing or objection to processing, right to lodge a complaint to the supervisory authority, if applicable information on the origin of the data and the existence of automated decision-making and if applicable information on safeguards under Art. 46 GDPR in the event of transfer to a third country or international organisations;

(2) Right to immediate rectification of inaccurate or incomplete personal data under Art. 16 GDPR;

(3) Right to erasure of stored personal data under Art. 17 GDPR, if the data is no longer necessary for the purposes for which it was collected or otherwise processed, if consent given has been withdrawn and there is no other legal basis, if an objection has been lodged against the processing and the data may no longer be processed under Art. 21(1) or (2) GDPR, if the data has been unlawfully processed, if the erasure is necessary to fulfil a legal obligation or if the data has been collected in relation to services offered by an information society under Art. 8(1) GDPR.
This does not apply if the processing is necessary for the exercise of the right to freedom of expression and information, fulfilment of a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;

(4) Right to restrict the processing under Art. 18 GDPR, if you contest the accuracy of the data (for a period enabling the accuracy to be verified), if the processing is unlawful, but you oppose the erasure of the data and instead request restriction of use, if we no longer need the data for the purpose of processing, but you need the data for the establishment, exercise or defence of legal claims, or if you object to the processing under Art. 21(1) GDPR as long as it is not yet certain whether our legitimate interests override your legitimate interests;

(5) Right to object to the processing of your personal data under Art. 21(2) GDPR (if the data is processed for the purpose of direct marketing) or under Art. 21(1) GDPR (if the processing was carried out under Art. 6(1) 1st sentence (e) or (f) GDPR for reasons arising from your particular situation, unless we have compelling legitimate grounds for the processing which override your interests, or the processing is for the establishment, exercise or defence of legal claims).

(6) Right to data portability under Art. 20 GDPR, i.e. to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format or to transmit it to another controller;

(7) The right to withdraw consent given under Art. 7(3) GDPR at any time. The withdrawal of consent means that we may no longer carry out data processing for the future from the time of the withdrawal. See also point 13. below;

(8) Right to lodge a complaint with a supervisory authority under Art. 77 GDPR. The supervisory authority responsible for us can be found in section 3 below. The right to lodge a complaint shall be without prejudice to other administrative or judicial remedies.

(9) Any requirements for information, requests for details or objections to data processing should be sent by email to datenschutz(at)interwega.de or to the address given under section 1(2).

3. Supervisory authority
The address of the supervisory authority responsible for us is:
The Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str. 22
20459 Hamburg
Germany
Tel.: +49 40 42854-4040
Fax: +49 40 42854-4000
email: mailbox(at)datenschutz.hamburg.de

4. Storage of access data
(1) Each time you access our website, access data is stored in a log file on our provider’s server.

(2) This data record consists, for example, of your IP address, the date and time of the request, the name of the requested file, the transferred file volume and the access status, a description of the web browser and operating system used and the name of your Internet service provider.

(3) This data is collected for technical reasons. The data will be automatically deleted after no more than 14 days.

5. Collection of personal data when you use the website for information purposes only
(1) If you only use the website for information purposes, i.e. if you do not log in to use the website, register or otherwise provide us with information, we do not collect any personal data, with the exception of the data mentioned under 5.2, which your browser transmits to technically enable you to visit the website.

(2) When you use website, “cookies” are cached on your computer. Cookies are small text files that are cached on your hard drive assigned to the browser you are using, and which send certain information to the party that sets the cookie (in this case us). Cookies cannot run programs or transmit viruses to your computer. For example, we use cookies to identify you for subsequent visits if you have an account with us. Otherwise, you would have to log in again for each visit.

This website uses cookies to the following extent:
- Session Cookies (temporary)
- Persistent cookies
- Third-party cookies (from third-party providers)

Session cookies are deleted automatically when you close the browser. The legal basis for the use of session cookies is Art. 6(1) 1st sentence (f) GDPR. Our legitimate interest lies in being able to optimise our Internet content for the user by means of the cookies.
Persistent cookies are automatically deleted after a pre-determined duration, which can differ from cookie to cookie.

You can delete the cookies at any time in the security settings of your browser.
You can configure your browser settings according to your wishes and, for example, refuse the acceptance of cookies. We wish to point out that, in this case, you may not be able to fully use all of the functions of this website.

The legal basis for the use of persistent cookies and third-party cookies is Art. 6(1) 1st sentence (a) GDPR. You provide us with your consent through confirmation of your agreement on the cookie notice banner.

Most browsers give users the option of limiting or completely preventing the saving of cookies. 

6. Use of our website’s functions
(1) In addition to the purely informational use of our website, we offer services for you to use such as customer login access. To do this, you will usually need to provide additional data that we need in order to provide the service in question. If it is possible to give additional voluntary information, this is marked accordingly.

(2) When you contact us by email or via the contact form, your email address and, if you give them, your name and telephone number will be stored by us in order to answer your questions.

7. Further services of this website

Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). The legal basis for this data processing is Art. 6(1)(a) GDPR. You provide us with your consent through confirmation of your agreement on the cookie notice banner. Google Analytics uses “cookies”, text files which are cached on your computer and which enable use of the website to be analysed. This serves the optimal marketing of our content. We have activated IP anonymisation for Google Analytics on this website; this means that your IP address will be truncated and cannot be used to identify you.

Google has agreed to comply with the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework with regard to any personal data that is transferred to the USA.

Google Web Fonts
This website uses the external fonts Google Fonts. Google Fonts is a service of Google Inc. ("Google"). Google Fonts is integrated by accessing a Google server in the USA. This will tell the server which of our web pages you have visited. The legal basis for this data processing is Art. 6(1)(a) GDPR. You provide us with your consent through confirmation of your agreement on the cookie notice banner. The IP address of the browser of the terminal device of the visitor to these web pages is stored by Google. For more information, please refer to Google's privacy policy, which can be found here:
www.google.com/fonts#AboutPlace:about
www.google.com/policies/privacy/

Google Maps
This page uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the features of Google Maps, it is necessary to store your IP address. This information is generally sent to a server of Google in the USA and stored there. The legal basis for this data processing is Art. 6(1)(a) GDPR. You provide us with your consent through confirmation of your agreement on the cookie notice banner. For more information, please refer to Google's privacy policy:
www.google.com/intl/en/policies/privacy/index.html
www.google.com/intl/de_de/help/terms_maps.html

Google APIs
A web service of the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (“Google APIs”) is downloaded on our website. We use this information to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google APIs. The legal basis for this data processing is Art. 6(1)(a) GDPR. Google APIs has self-certified under the EU-US Privacy Shield Agreement (cf. https://www.privacyshield.gov/list). The data will be deleted as soon as the purpose for which it is being collected has been fulfilled. For more information, please refer to Google's privacy policy:
www.google.com/intl/en/policies/privacy/index.html

8. Data security
We secure our website and other systems using appropriate technical and organisational measures against loss, destruction, access, alteration or distribution of your data by unauthorised persons. However, despite regular checks, complete protection against all risks is not possible.
Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This guarantees the confidentiality of your personal data on the web. You can tell whether an encrypted transmission is taking place by looking at the lock or padlock symbol in the display of your browser.

9. Disclosure of data
Your personal data will only be disclosed to third parties
- if you have given your express consent under Art. 6(1) 1st sentence (a) GDPR;
- if the disclosure is necessary to fulfil contractual obligations under Art. 6(1) 1st sentence (b) GDPR;
- if we are required by law to disclose the data within the meaning of Art. 6(1) 1st sentence (c) GDPR;
- if the disclosure of the data is in the public interest, as defined by Art. 6(1)(e) GDPR or;
- if the disclosure of the data under Art. 6(1) 1st sentence (f) GDPR is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests in the protection of your data override them.

10. Data categories
We process the following categories of data: master data (e.g. company, contact person if applicable, address), communication data, contract data, receivables data, payment and default information, if applicable. See the above information.

11. Storage period for personal data
Your data will only be stored by us for as long as it is required for the purposes for which it is processed. Over and above that, we store data only to the extent that we are legally obliged to do so, e.g. due to legal storage obligations.

12. Information on the right to object
Under Art. 21 GDPR, objecting to the processing of personal data concerning you on the basis of Art. 6(1)(e) (data processing in the public interest) or (f) (data processing to safeguard legitimate interests on the basis of a balance of interests) is possible at any time. In the event of an objection, the personal data will no longer be processed, unless compelling legitimate grounds for processing are shown which override the interests, rights and freedoms of the data subject or the processing serves to establish, exercise or defend legal claims.
Please send your objection to the e-mail address datenschutz(at)interwega.de

13. Information on the right of withdrawal
If you have given us consent to process personal data, you can withdraw this consent at any time. Of course, this also applies to declarations of consent issued to us before 25 May 2018 (before the GDPR came into force). Withdrawing consent can always only be valid for the future. The lawfulness of the processing is not retroactively removed by withdrawal.
Please send your withdrawal by email to datenschutz(at)interwega.de

14. Keeping up to date
This data protection declaration is dated 16 December 2019. It is the latest and currently valid version of our data privacy policy.
However, we would like to point out that from time to time it may be necessary to revise this data privacy policy due to factual or legal changes.

15. Data protection officer
If you have any questions regarding data protection, please feel free to contact our data protection officer at:

Mr Alexander Herold,
INTERWEGA international
Gesellschaft für Debitorenmanagement m.b.H.
Friesenweg 4 - Haus 14
22763 Hamburg
Germany
or by email to datenschutz(at)interwega.de