The operator of this website is:
brigk – Digital Start-up Center of the Ingolstadt Region GmbH
Schloßlände 26
85049 Ingolstadt
E-Mail: info@brigk.digital
Tel.: 0841-149081-90
Fax: 0841-149081-97
(hereinafter referred to as “we”)
We take the protection of your personal data very seriously in accordance with the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations.
A data protection officer has NOT been appointed by the controller, as this is not required under Art. 37 (1) GDPR in conjunction with § Section 38 (1) BDSG-new is not required.
Irrespective of this, the protection of personal data is a top priority for the controller. If you have any questions or suggestions, please contact the controller at any time. Please contact:
Maria Horvat (no data protection officer)
brigk – Digitales Gründerzentrum der Region Ingolstadt GmbH
Schloßlände 26
85049 Ingolstadt
E-Mail: maria.horvat@brigk.digital
Tel.: 0841-149081-90
Fax: 0841-149081-97
Scope of the processing of personal data
We collect, process and use your personal data only in compliance with the relevant data protection regulations and only to the extent necessary.
It is generally possible to use our website without providing personal data. Furthermore, we do not engage in profiling activities. If personal data (e.g. name, address or e-mail addresses) is collected on our website, this is always done on a voluntary basis as far as possible. This data will not be passed on to third parties without your express consent.
Insofar as we use service providers to carry out and handle processing operations, the same strict regulations on compliance with data protection laws apply to them.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
Deletion and blocking of personal data
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as provided for by the various storage periods stipulated by law. Once the respective purpose no longer applies or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.
Disclosure of personal data
Under no circumstances will we transfer your personal data to third parties for advertising or marketing purposes or for other unauthorized purposes. Your data will only be forwarded to third parties if this is permitted by law or if you have consented to the forwarding.
We would like to point out that operators of sites linked to from www.brigk.digital may store and evaluate the data of visitors to the site. This also applies to pages operated by brigk – Digitales Gründerzentrum der Region Ingolstadt GmbH on external servers such as Facebook or YouTube. Please note the data protection information on the respective pages.
If you contact us by e-mail, we will store your relevant details (name, e-mail address, telephone number, subject, free text field) to process the request and for possible follow-up questions.
Description and scope of data processing
The brigk web servers temporarily store every visit to our website in a log file. We record and store the following data until it is automatically deleted
This data is stored by us for reasons of technical security, in particular to defend against attempted attacks on our web server; it is also used to monitor misuse in the event of suspicion and to clarify any suspicion of criminally relevant use. The IP address is only analyzed in the event of attacks on our network infrastructure. The usage data stored by the servers is not assigned to any natural person.
Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
Purpose of data processing
Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. The data is not analyzed for marketing purposes in this context. These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.
Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible to identify the accessing client.
Possibility of objection and removal
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.
Description and scope of data processing
The brigk website uses cookies in several places to make the website more user-friendly, effective and secure. Cookies are small text files. These are stored in the temporary memory of the web browser or on the hard disk of the visitor to the website for technical session control.
Legal basis for data processing
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.
Duration of storage, objection and removal options
Cookies are stored on the user’s computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
Description and scope of data processing
When you register to receive the brigk newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be informed by e-mail about circumstances relevant to the service or registration (for example, changes to the newsletter offer or technical circumstances).
We require a valid e-mail address for effective registration via the contact form. We use the “double opt-in” procedure to check that a registration is actually made by the owner of an e-mail address. For this purpose, we log the subscription to the newsletter and e-mail confirmation of the subscription by receipt of the reply requested. No further data is collected. The data is used exclusively for sending the newsletter and is not passed on to third parties.
Legal basis for data processing
The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given consent.
The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG.
Purpose of data processing
The purpose of collecting the user’s e-mail address is to deliver the newsletter.
The collection of other personal data as part of the registration process serves to prevent misuse of the services or the e-mail address used.
Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user’s e-mail address is therefore stored for as long as the subscription to the newsletter is active.
The other personal data collected during the registration process is generally deleted after a period of seven days.
Possibility of objection and removal
The subscription to the newsletter can be canceled by the user concerned at any time. For this purpose, there is a corresponding link in every newsletter.
This also makes it possible to withdraw consent to the storage of personal data collected during the registration process.
The integration of social plugins means that by simply accessing the integrating page – without a social plugin already being clicked on – you are simultaneously recorded by these services with your IP address. Accordingly, these services can also log your further activities on the internet.
To prevent this and better protect your privacy, our website uses the 2-click method. Our website only embeds deactivated buttons that do not establish any contact with the services belonging to the social plugins and therefore do not pass on any data when you visit our website.
Only when you click on one of the buttons do you activate it and consent to communication with Facebook, Twitter or Instagram.
Plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA and Instagram LLC Represented by Kevin Systrom and Mike Krieger, 1601 Willow Rd, Menlo Park CA 94025,USA are integrated on our pages. You can recognize the Facebook and Instagram plugins by the Facebook or Instagram logo on our site. You can find an overview of the Facebook plugins here: http://developers.facebook.com/docs/plugins/ When you visit our pages, a direct connection is established between your browser and the Facebook or Instagram server via the plugin. Facebook or Instagram then receives the information that you have visited our site with your IP address. If you click on the Facebook or Instagram button while you are logged into your Facebook or Instagram account, you can link the content of our pages to your Facebook profile or Instagram account. This allows Facebook or Instagram to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook or Instagram. Further information on this can be found in Facebook’s privacy policy at https://de-de.facebook.com/policy.php and Instagram’s privacy policy at https://help.instagram.com/519522125107875?helpref=page_content
If you do not want Facebook or Instragram to be able to associate your visit to our pages with your Facebook or Instragram user account, please log out of your respective user account.
Functions of the Twitter service are integrated on our pages. These functions are offered by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transmitted to Twitter in the process. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter. Further information on this can be found in Twitter’s privacy policy at http://twitter.com/privacy. You can change your data protection settings on Twitter in the account settings at http://twitter.com/account/settings.
Functions of the Live Chat service are integrated on our pages. These functions are offered by LiveChat, Inc, One International Place, Suite 1400, Boston, MA 02110-2619. By using the chat function, data is transmitted to LiveChat. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LiveChat. Further information on this can be found in Live Chat’s privacy policy at https://www.livechatinc.com/legal/privacy-policy/#main.
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
Right to information
You can request confirmation from the controller as to whether personal data concerning you is being processed by us.
If such processing is taking place, you can request the following information from the controller:
(1) the purposes for which the personal data are being processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be the categories of recipients to whom the personal data concerning you have been or will be disclosed;
(4) the envisaged period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period;
(5) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing;
(6) the existence of the right to lodge a complaint with a supervisory authority;
(7) all available information about the origin of the data if the personal data are not collected from the data subject;
You have the right to request information about whether the personal data concerning you are transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
Right to rectification
You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must make the correction without delay.
Right to restriction of processing
You may request the restriction of the processing of personal data concerning you under the following conditions:
(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(3) the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or
(4) if you have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh your reasons.
If the processing of personal data concerning you has been restricted, such data – with the exception of storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been restricted according to the above conditions, you will be informed by the controller before the restriction is lifted.
a) Obligation to delete
You may request the controller to delete your personal data without undue delay and the controller is obliged to delete such data without undue delay if one of the following grounds applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for the processing.
(3) You object to the processing in accordance with Art. 21 (1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing according to Art. 21 (2) GDPR.
(4) The personal data concerning you have been unlawfully processed.
(5) The erasure of your personal data is necessary for compliance with a legal obligation in Union or Member State law to which the controller is subject.
(6) The personal data concerning you have been collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged to delete them in accordance with Article 17(1) GDPR, he shall take appropriate measures, including technical measures, taking into account available technology and implementation costs, to inform controllers who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
c) Exceptions
The right to erasure does not exist if the processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) for compliance with a legal obligation required by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority conferred on the controller;
(3) for reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Article 89(1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of such processing, or
(5) to assert, exercise or defend legal claims.
If you have exercised your right to rectification, erasure or restriction of processing vis-à-vis the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right vis-à-vis the controller to be informed about these recipients.
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data have been provided, provided that
(1) the processing is based on a consent according to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, or on a contract according to Art.
(2) the processing is carried out by automated means.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
The controller shall no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
If the personal data concerning you is processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This applies to profiling to the extent that it is related to such direct marketing.
If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
In the context of the use of information society services, notwithstanding Directive 2002/58/EC, you have the possibility to exercise your right to object by automated means using technical specifications.
You have the right to withdraw your consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Contact:
E-Mail: info@brigk.digital, Tel.: 0841-14908190
Postanschrift: brigk – Digitales Gründerzentrum der Region Ingolstadt GmbH, Schloßlände 26, 85049 Ingolstadt
We reserve the right to amend this Privacy Policy from time to time to ensure that it always complies with current legal requirements or to reflect changes to our services in the Privacy Policy, e.g. when introducing new services. The new Privacy Policy will apply to your next visit.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of alleged infringement, if you consider that the processing of your personal data infringes the GDPR.
The supervisory authority to which the complaint was lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
Sources
https://www.ihk-muenchen.de/de/Service/Recht-und-Steuern/Datenschutz/Die-EU-Datenschutz-Grundverordnung/#st_text_picture_6
