1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
Which rights do you have regarding your data?
You have the right:
- to request information about your personal data processed by us in accordance with Article 15 GDPR. Notably you may request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to complain, the origin of your data if it have not been collected by us and the existence of automated decision-making, including profiling and, if applicable, meaningful information on their details;
- to immediately request the correction of incorrect or complete personal data stored by us in accordance with Article 16 GDPR;
- to request the deletion of your personal data stored by us in accordance with Article 17 GDPR unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- to restrict the processing of your personal data in accordance with Article 18 GDPR if you dispute the accuracy of the data, if the processing is unlawful but you refuse the deletion of the data and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing in accordance with Article 21 GDPR;
- to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another controller in accordance with Article 20 GDPR. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible;
- to revoke the consent given to us at any time in accordance with Article 7 Para. 3 GDPR. As a result, this means that we will no longer be allowed to continue processing data based on this consent in the future and
- to complain to a regulatory authority in accordance with Article 77 GDPR. You can usually contact the regulatory authority at your usual place of residence or workplace. You will find a list of data protection officers and their contact details using the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to objection
If your personal data is processed on the basis of legitimate interests in accordance with Article 6 Para. 1 Sentence 1 Lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR provided that there are reasons for this that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.
If you would like to make use of your right to revocation or objection, simply send an email to firstname.lastname@example.org.
2. General information and mandatory information
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
NAsP III/V GmbH
Struktur- & Technologieforschungslabor (STRL)
Phone: +49 (0) 64 21 282 56 96
Fax: +49 (0) 64 21 282 89 35
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Revoking your consent to data processing
Many data processing procedures are only possible with your explicit consent. You can revoke your consent at any time. All you need to do is send an informal message by email to email@example.com. The legality of data processing until revocation remains unaffected by the revocation.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data collection on our website
Server log files
When visiting our website at https://www.nasp.de/company.html, the browser used on your device automatically sends information to the server on our website. The following data is collected without your intervention and stored until it is automatically deleted:
- IP address of the enquiring computer
- data and time of access
- browser used and your computer’s operating system
- referrer URL
- amount of data transferred
- successful retrieval message
- status code
The data is also stored in the log files of our system. Storage of this data together with other personal data of the user does not take place.
The temporary storage of the aforementioned data by the system is necessary to enable the website to be delivered to the user’s computer as well as to ensure the functionality and optimisation of our website and to ensure the security of the information technology systems.
The aforementioned data processing is based on Article 6 Para. 1 Sentence 1 Lit. f GDPR. In accordance with Article 6 Para. 1 Sentence 1 Lit. f GDPR, processing data for the protection of legitimate interests is permitted unless the interests, fundamental rights or freedoms of data subjects requiring the protection of personal data prevail. Our legitimate interest can be seen in the secure provision and functionality of our website.
The data is deleted as soon as it is no longer necessary for achieving the purpose of its collection. This is the case after 28 calendar days at the latest if the data is stored in the log files. Exception: we detect irregularities, e.g. in the form of attacks or other illegal actions. In these cases, we reserve the right to suspend the retention period until the facts of the case have been clarified.
The collection of the data for website provision and data storage in log files is necessary for operating the website. There is therefore no possibility for the user to object.
The same applies to our mail server log files. The following data is collected:
- sender -> recipient (including Cc and Bcc recipients)
- date and time that the email was sent/received
- message status (e.g. successfully delivered, identified as spam, etc.)
- IP addresses of the mail clients and mail servers that communicate with our mail server
- size of the message
- spam and virus check
Also here: no statistics and/or analysis of user behaviour; only for error analysis and, if necessary, preservation of evidence. The retention period here is also 28 calendar days.
We do not pass your data on to third parties with the exception of our technical website operators and hosting providers. Furthermore, we take appropriate measures and carry out regular checks to ensure that the data we collect cannot be viewed or accessed by third parties from outside.
Using our contact form
If you send us an enquiry using the contact form, your information from the contact form, including the contact details given by you for the purpose of processing your request, shall be transmitted to us and then processed by us.
Your personal data can then be made available to the relevant internal departments by our employees.
We collect the following compulsory data for this:
- first name and surname
- email address
- your message
Further information is optional. The aforementioned data is required so that we know who sent the request and can respond to it. Alternatively, you can send us an email. In this case, the user’s personal data transmitted by email will be stored for the purpose of making contact.
The data will be processed for the purpose of contacting us in accordance with Article 6 Para. 1 Sentence 1 Lit. a) based on your voluntary consent.
The user’s consent to the processing of this data is obtained as part of the registration process.
In addition, the following data is stored at the time of registration for the purpose of proving consent:
- date/ time of registration
- IP address
The personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
The personal data collected by us for the use of the contact form will be deleted after your request has been processed. Statutory or contractual retention periods remain unaffected by this.
Nothing is passed on to third parties in connection with this. The data serves exclusively to communicate with you.
You can object to the processing of your data at any time by contacting us by email firstname.lastname@example.org or by post using the address given in the imprint. In a case such as this, the conversation cannot be continued.
Cookies – using “session cookies” (technically necessary cookies)
Information is stored in the cookie resulting from the specifically used device in each case.
Some functions on our website cannot be offered without using cookies. For this it is necessary that the browser is recognised even after a page change.
These are automatically deleted after leaving our site and are not used to create user profiles.
The legal basis for processing personal data using session cookies is Article 6 Para. 1 Lit f. GDPR on the basis of our legitimate interest. Our legitimate interest is in the provision of the website and a user-friendly Internet presence.
Personal data is not contained in the cookies and the cookies are not linked to other personal data stored by us. Cookies can only identify the workstation computer used, but not the user’s personal identity.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, the complete deactivation of cookies can lead to you not being able to use all of our website’s functions.
In addition, we also use temporary cookies that are stored on your device for a specified period of time to optimise user-friendliness. If you visit our site again to use our services, it will automatically recognise that you have already visited us and which entries and settings you have made so that you do not have to enter them again.
The legal basis for processing personal data by using cookies of analytical purposes is Article 6 Para. 1 Lit. a GDPR if the user has given consent.
The use of Google Analytics is carried out on the basis of your voluntary consent, Article 6 Para. 1 Sentence 1 Lit. a GDPR. By using these analysis measures, we want to ensure that our website is designed to meet requirements and is continually optimised.
We use Google Analytics for the purpose of the demand-orientated design and continuous optimisation of our sites, a web analysis service provided by Google In (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). In this context, pseudonymised user profiles are created and cookies are used. The information generated by the cookie about your use of this website, such as
- browser type/version,
- operating system used,
- referrer URL (the previously visited site),
- time of the server request,
is transmitted to a Google server in the USA and stored there. The information is used to analyse the use of the website, to compile reports on website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and the demand-orientated design of these Internet pages. This information will also be transferred to third parties if this is required by law or if the third party process the data on someone else’s behalf. Under no circumstances will your IP address be associated with other Google data. The IP address is anonymised so that allocation is not possible (IP masking).
You can also prevent Google’s collection and use of data generated by the cookie and related to your use of the website (including IP address) and processing of this data by Google by downloading and installing a browser add-on https://tools.google.com/dlpage/gaoptout?hl=en.
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking the following link to deactivate Google Analytics. An opt-out cookie is set which prevents any future collection of your data when visiting our website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.
We have entered into a processing contract with Google and implement the strict requirements of the German data protection authorities for using Google Analytics.
Demographic features on Google Analytics:
This website uses the “demographic features” function provided by Google Analytics. This allows reports to be created that contain information on the age, gender and interests of site visitors. This data comes from interest-related advertising by Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time using the ad settings in your Google account by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).
You fill find more information on data privacy in connection with Google Analytics on the Google Analytics help page (https://support.google.com/analytics/answer/6004245?hl=en).
On our website, we use Fonts on the basis of Article 6 Para. 1 Sentence 1 Lit. f GDPR for the uniform presentation of fonts. When you visit a site, your browser loads the required fonts into your browser cache to display texts and fonts correctly.
As we use the embedded fonts locally, your data will not be passed on to third parties in this context.
The purpose behind this is the uniform and appealing presentation of our online services, which can be regarded as a legitimate interest within the meaning of the GDPR.
A standard font will be used by your computer if your browser does not support Fonts.
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.
No liability for partner sites
Please note that our partners and other Internet sites and services that are accessible through our websites have their own data privacy guidelines that are independent of us. We therefore assume no responsibility or liability for the guidelines and procedures unrelated to us.