PRIVACY POLICY
1. Privacy at a Glance
General Notes
This overview explains what happens with your personal data when visiting our website. Personal data is all data that can personally identify you. Detailed privacy information can be found in our privacy policy below.
Data Collection on this Website
Who is responsible for data collection?
Data processing is carried out by the website operator. Contact details can be found below.
How do we collect data?
Your data is collected when you provide it to us (e.g., via contact forms).
Other data is automatically collected by our IT systems when visiting the website (e.g., browser type, operating system, time of access).
Purpose of data use?
Some data ensures error-free website provision. Other data may be used to analyze user behavior. This is limited to technical server logs.
Your rights regarding your data?
You have the right to receive free information about your stored personal data, its origin, recipients, and purpose. You have the right to correction or deletion of this data. You can contact us anytime for this or other privacy questions.
2. Hosting
We host our website with:
External Hosting
This website is externally hosted. Personal data collected here is stored on the host's servers, including IP addresses, contact requests, meta/communication data, contract data, contact details, names, website access, and other data generated through website use.
External hosting serves our legitimate interests in efficient and secure online presence delivery (Art. 6(1)(f) GDPR). If consent was requested, processing is based on Art. 6(1)(a) GDPR and § 25(1) TTDSG, regarding cookie storage or device information access. Consent is revocable.
Our host(s) process your data only as needed to fulfill obligations and follow our instructions.
We use:
Mittwald CM Service GmbH & Co.KG
Königsberger Str. 4 - 6
32339 Espelkamp
Data Processing Agreement
We have a Data Processing Agreement (DPA) with our host, ensuring GDPR-compliant data processing.
3. General Information and Required Disclosures
Privacy
We take personal data protection seriously. Your data is handled confidentially according to data protection laws and this privacy policy.
Using this website involves personal data collection. This policy explains what we collect and why.
Note: Internet data transmission (e.g., email) may have security gaps. Complete protection against third-party access isn't guaranteed.
Controller Information
Controller for data processing:
pitchnext GmbH
Prof. Dr. Nicolai Krüger
Friedrich-Ebert-Straße 33, 45468 Mülheim an der Ruhr
Storage Duration
Unless specified otherwise, we retain personal data until processing purpose ends. If you request deletion or withdraw consent, data is deleted unless we have other legal grounds for retention (e.g., tax requirements).
Legal Bases
Processing occurs under:
- Consent (Art. 6(1)(a) GDPR)
- Contract fulfillment (Art. 6(1)(b) GDPR)
- Legal obligations (Art. 6(1)(c) GDPR)
- Legitimate interests (Art. 6(1)(f) GDPR)
Recipients
We share data with external parties when:
- Required for contracts
- Legally obligated
- Have legitimate interest
- Have other legal basis
- Have valid DPA for processors
Consent Withdrawal
You can withdraw processing consent anytime. Prior processing remains legal.
Objection Rights (Art. 21 GDPR)
YOU CAN OBJECT TO PROCESSING UNDER ART. 6(1)(e/f) GDPR FOR YOUR SITUATION. WE'LL STOP UNLESS WE HAVE COMPELLING LEGITIMATE GROUNDS OR NEED IT FOR LEGAL CLAIMS.
YOU CAN ALWAYS OBJECT TO DIRECT MARKETING.
Rights and Complaints
Supervisory Authority Complaints
GDPR violations can be reported to supervisory authorities, particularly in your residence/workplace state.
Data Portability
You can request your automated-processed data in machine-readable format for yourself or third parties.
Information, Correction, Deletion
You have rights to free information about stored personal data, its origin, recipients, purpose, and correction/deletion rights.
Processing Restriction Rights
You can request processing restrictions when:
- Contesting data accuracy
- Processing is unlawful but you oppose deletion
- We no longer need data but you need it for legal claims
- You've objected under Art. 21(1) GDPR
With restrictions, processing requires your consent except for storage, legal claims, others' rights protection, or important EU/member state public interest.
SSL/TLS Encryption
This site uses SSL/TLS encryption for security. Encrypted connections show "https://" and a lock icon in your browser. Encrypted data can't be read by third parties.
Source: https://www.e-recht24.de