Phoenix Logo

Privacy About Phoenix – Privacy policy

The protection of your personal data is a high priority for Dataport. The EU General Data Protection Regulation (GDPR) and the Schleswig-Holstein State Data Protection Act (LDSG SH) both apply to Dataport.

It is important to us to inform you about what personal data we collect during your visit and, each time you retrieve a file, how it is used and what rights you have.

1) Who is responsible and which supervisory authority can I contact?

a) Responsible for data processing

Dataport
Anstalt des öffentlichen Rechts
Altenholzer Straße 10-14
24161 Altenholz

b) Data privacy officer

Dr. Reinhard Schmid
Altenholzer Str. 10 – 14
24161 Altenholz
dataportdatenschutzbeauftragter[at]dataport.de

c) Supervisory authority

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
Holstenstraße 98
24103 Kiel
mail[at]datenschutzzentrum.de

2) What data is collected and how is it used?

a) Server Log Files
aa) Scope of the processing

In our server log files, we store information that your browser automatically transmits to us for technical reasons. These are:

  • Username of the Apache process (internal use)
  • Date and time of the request
  • Request Type
  • Invoked URL
  • Response code from the webserver
  • Amount of data transferred
  • Referer URL
  • Browser identifier
  • Host identifier of the request (internal use)
  • X-Forwarded-For Header
  • Request Cookies
bb) Legal basis for the processing

The legal basis for the temporary storage of the data and the log files is Art. 6 (1) lit. e GDPR in combination with Section 3 (1) LDSG SH.

cc) Purpose of processing

We use this logged data for the following purposes:

  • For technical administration and to provide our website,
  • Exclusively within the scope provided by law
    to defend against attempted attacks on our web server,
    to detect misuse and to eliminate malfunctions,
    to pass on or provide information to government agencies,
    to pass on or provide information to owners of copyrights and ancillary copyrights.
dd) Storage duration

History data is automatically deleted after 6 months, log data (log files) is automatically deleted after 30 days.

ee) Possibility of objection and removal

The collection of data for technical administration and the provision of the website is mandatory. You can mail directly dataportdatenschutzbeauftragter[at]dataport.de to declare your objection.

b) Cookies
aa) Scope of the processing

A cookie is a small text file that can be stored in the browser of your end device for a visited website. A cookie is either sent to your browser by the web server or generated in your browser by a small programme (JavaScript). With the help of a cookie, a web server can read out various information about the previous visit when you visit this page again later. This can be, for example, the recognition of the user (via a session ID), the storage of login information for web applications, or the storage of shopping basket data at an online retailer. Another use of cookies is to measure user behaviour on a website, e.g. which pages of a website were called up in which order, how long a user stayed on a page. The term cookie is used synonymously in data protection for all techniques that serve these purposes.

We only use cookies to collect anonymised information. It is not possible to draw conclusions on real individuals. When you call up the website, you will be shown a banner with which you can agree or object to cookies and thus to the collection of statistical data (see also point cc)). We will only collect data if you agree to the use of cookies. We use the open source analysis software Matomo to collect, evaluate, and visualise this data.

bb) Legal basis for the processing

The legal basis for the data processing of personal data using cookies is Art. 6 (1) lit. e GDPR.

cc) Purpose of the processing

We use cookies to measure various aspects of our website (see section 7). We do this in order to continuously improve and optimise the information offered to you as well as its presentation and to ensure the economic operation of the website.

We set the functional cookie "Cookiehint" to store whether you have agreed to or rejected cookies. The cookie is set via Javascript after you have clicked on "Agree and continue" or "Decline" in the cookie banner.

dd) Storage period, objection, management of cookies

If rejected, the cookie "Cookiehint" has a validity of 2 days. If accepted, the cookie has a validity of 365 days.

After acceptance, Matomo also stores cookies (compare our notes on the evaluation of user behaviour under 7). The tracking and the associated cookies are only loaded after your consent.

If you generally do not want websites to place cookies on your computer or mobile device, you can set your web browser to notify you before a cookie is placed. You can also set your web browser to reject all cookies or only cookies from third parties. You can also delete cookies that have already been set at any time via your web browser settings.

In addition, you can manage your preferences in connection with usage-based or interest-based advertising for many third-party providers that manage usage data on behalf of website operators for the display and analysis of interest-based advertising under the following platform, either deactivating or activating all or individual providers:

https://www.youronlinechoices.com/de/praferenzmanagement/

c) Personal data in the contact form
aa) Scope and purpose of the processing

Would you like to know more? Then you can request further information or express a contact request via the contact form on our website. Please note that when doing so, we need some personal data from you so that we can contact you and provide you with the requested information.

We require the mandatory fields marked as such to process your respective request. You are free to enter data in the fields not marked as mandatory.

Required fields

First and last name, e-mail address: We need your first and last name as well as your e-mail address to be able to address you correctly. The e-mail address is used as your primary contact address to get in touch with you.

Authority/institution/company: We need the name of your authority/institution/company as a public service provider in order to be able to check to what extent there is a justified, legitimate interest for you and your authority/institution/company in further product information.

Optional fields

Telephone number: You can give us your telephone number as a secondary contact address.

Your message: In this field, you can add specific questions and/or requests to your enquiry.

After accepting this data protection declaration, you can send your data by clicking on "Send". Your form data will then be made available to our product area by internal e-mail.

bb) Legal basis of the processing

The transmission of personal data is based on Art. 6 (1) a GDPR.

The further processing of personal data transmitted to us by filling out and sending contact forms is based on Art. 6 (1) lit. a to e GDPR, depending on its content.

cc) Storage duration

However, as a matter of principle, we only store your personal data after you have given your consent, which is the legal basis for processing your data on the occasion of your request, to the extent that and as long as the data is necessary to achieve the purpose for which it was collected. This is the case if the communication with you has not yet ended or the matter has not yet been conclusively clarified.

dd) Possibility of objection and removal

You can object to the storage and transfer of your personal data at any time or revoke your consent. To do so, please use our contact form.

d) Youtube-Videos
aa) Scope of the integration/processing 

This website contains at least one plugin from YouTube, part of Google Inc. based in San Bruno/California, USA. Among other things, we make our product videos available on YouTube servers.

We use the YouTube no-cookies function, i.e. we have activated "Extended data protection". This means that videos are not accessed via youtube.com, but via youtube-nocookie.com. YouTube itself provides this and thus ensures that YouTube does not initially save any cookies on your device. However, when the relevant pages are called up, the IP address and the other data mentioned in section 7 are transmitted and thus, in particular, information is provided as to which of our Internet pages you have visited. However, this information cannot be assigned to you if you are permanently logged in to YouTube or another Google service when you access the page.

As soon as you start the playback of an embedded video by clicking on it, YouTube only saves cookies on your device through the extended data protection mode, which do not contain any personally identifiable data, unless you are currently logged in to a Google service. These cookies can be prevented by appropriate browser settings and extensions.

Google/YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland:
Privacy policy:  https://policies.google.com/privacy,
Opt-Out: https://adssettings.google.com/authenticated,
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

bb) Legal basis for the integration

The legal basis for the data processing of personal data using cookies is Art. 6 (1) lit. e GDPR.

cc) Purpose of the integration

As people have different strengths and weaknesses in perception, some people are limited in their cognitive possibilities. Multimedia content is important in order to reach these people as well. For the purpose of comprehensive product information, we have included a product video on our website, which explains the product in more detail audio-visually.

e) Links to pages of other providers

Our website contains links to providers of other websites. This privacy policy only applies to Dataport's server. The servers to which the external links lead may have a different privacy policy. In order to check this, you should visit the homepage of the respective offer and contact the respective provider directly if necessary. Dataport assumes no responsibility for the contents or the privacy policies of the external providers.

3) Contract processing

For the processing of personal data, we use external service providers within the framework of the legal regulations on commissioned data processing according to the GDPR. In this context, Dataport AöR is the controller within the meaning of Art. 4 (7) GDPR and decides on the purposes and means of the processing of personal data.

4) Where is my data processed?

Your data will always be processed in Germany and exclusively in our own datacentre.

5) How secure is my data?

To protect your data from unauthorised access and misuse, we have taken extensive technical and operational security precautions in accordance with the European General Data Protection Regulation and the Schleswig-Holstein State Data Protection Act. The datacentre we operate is certified by the Federal Office for Information Security (BSI) according to the BSI-Grundschutz standard.

6) Will my data be passed on to third parties, for example to authorities?

In certain cases, we are legally obliged to transmit data to a requesting government agency. Beyond this, we do not pass on any data to third parties unless you have expressly consented to this. We process your personal data or pass it on to third parties in the following cases:

    You have given us your consent to process or disclose the personal data relating to you for one or more specific purposes, Art. 6(1)(a) GDPR.
    The processing or disclosure is necessary for the performance of a contract to which you are a party or for the performance of pre-contractual measures, which is done at your request, Art. 6(1)(b) GDPR.
    The processing or disclosure is necessary for compliance with a legal obligation to which Dataport is subject, Art. 6(1)(c) GDPR.
    The processing or disclosure of your personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Dataport, Art. 6(1)(e) GDPR.
    The processing or disclosure of your personal data is necessary to protect the legitimate interests of Dataport or a third party, unless you have an overriding legitimate interest in not having your personal data disclosed, Art. 6(1)(f) GDPR.

7) Will my usage behaviour be analysed?

aa) Scope and purpose of the processing, possibility of objection

We analyse log data in the event of errors and to eliminate faults.

Otherwise, we use the open source software Matomo on our website to analyse visits to our website in anonymised form and to adapt our website to your needs.

If you do not agree to the storage and analysis of data from your visit, you can refuse the use of Matomo in a cookie banner when you first access the page. A deactivation cookie is then stored in your browser, which means that Matomo does not collect any session data.

If you have consented to the use of cookies, Matomo will evaluate your usage behaviour pseudonymously. Matomo uses cookies for this purpose. These text files are stored on your computer and allow us to analyse the use of our website. Your IP address is anonymised immediately. The information obtained through the cookie is stored in the Dataport computer centre. It is not passed on to third parties.

Only if you have consented to the use of Matomo, the following data will be stored when you call up one of our Internet pages:

    IP address (anonymised)

  •     User ID (pseudonymised)
  •     Date and time of the request
  •     Page title of the opened website
  •     URL of the opened web page
  •     Previous URL (referrer URL)
  •     Screen resolution
  •     Local time of the user
  •     Clicks on download links
  •     Clicks on external links
  •     Duration of request (time from server to user)
  •     Geo-data:

    Country
    Region
    City

  •     Longitude and latitude (estimated)
  •     Browser language (Accept-Language header)
  •     Browser identifier (User-Agent header)
    bb) Legal basis for the processing

The legal basis for the processing of users' personal data is Art. 6 (1) lit. e GDPR.

cc) Storage duration

The data is stored for a period of 180 days.

8) Is my online usage behaviour evaluated by third-party advertising providers?

No. We do not place any third-party advertising on our website.

9) What rights do I have in regard to my data?

As a data subject, you have the following rights vis-à-vis Dataport as the person responsible:

  • Right to withdraw consent pursuant to Art. 7(3) GDPR
  • Right to information according to Art. 15 GDPR
  • Right to rectification according to Art. 16 GDPR
  • Right to erasure pursuant to Art. 17 GDPR
  • Right to restriction of processing according to Art. 18 GDPR
  • Right to data portability according to Art. 20 GDPR
  • Right to object according to Art. 21 GDPR

Please use our contact form.

  • Right to complain to the supervisory authority pursuant to Art. 77 GDPR

10) Validity of the privacy policy

We reserve the right to adapt this data protection declaration at any time to changed circumstances or due to changes in the legal framework. The respective published version shall apply.

Version Status: November 2022