Christian Werner, frontmark GmbH
Tel.: +49 611 16751151
Types of processed data:
– Inventory data
– Contact information
– Content data
– Usage data
– Meta / communication data (e.g., device information, IP addresses).
Processing of special categories of data (Art. 9 (1) GDPR):
No special data categories are processed, unless these are commissioned to processing by the user, e.g. by email.
Categories of affected persons:
– Visitors and users of the online presence
Hereinafter we refer to the affected persons as "users".
Purpose of processing:
– Providing the online services, its contents and functions
– Marketing / advertising
– Answering contact form / email requests.
Date of publication: 9/2/2021
1. Relevant legal basis
3. Security measures
We take appropriate technical measures in accordance with Art. 32 GDPR, taking into account the latest technology, implementation costs and the nature, scope, circumstances and purposes of the processing as well as the probability of occurrence and severity of the risk to the rights and freedoms of natural persons and organisational measures to ensure a level of protection appropriate to the risk; measures include, in particular, ensuring the confidentiality, integrity and availability of data by monitoring physical access to the data, as well as their access, input, disclosure, availability and separation. In addition, we have established procedures that ensure the management of the rights of affected persons, data erasure and data vulnerability. Furthermore, we consider the protection of personal data already in the developmental phase, or selection of hardware, software and procedures, according to the principle of data protection by technology design, taken into account privacy aware default settings (Art. 25 GDPR).
One of the security measures is the encrypted transfer of data between your browser and our server.
4. Cooperation with processors and third parties
4.1. If, in the context of our processing, we disclose data to other persons and companies (processors or third parties) or otherwise grant access to the data, this will only be done on the basis of legal permission (e.g. if a transmission of the data to third parties, as required by payment service providers, pursuant to Art. 6 (1) (b) GDPR for the performance of the contract) you have consented to, a legal obligation or based on our legitimate interests (e.g. the use of agents, web hosting, etc.).
4.2. If we commission third parties to process data on the basis of a so-called ”processing contract”, this is done on the basis of Art. 28 GDPR.
5. Transmission to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure or transmission of data to third parties, this will only be done if it is to fulfil our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special conditions of Art. 44 et seq. GDPR. That is, processing is, for example, on the basis of specific guarantees, such as the officially recognized level of data protection (e.g. through the “Privacy Shield” for the USA) or compliance with officially recognized special contractual obligations (the so-called “standard contractual clauses”).
6. Rights of affected persons
6.1. You have the right to ask for confirmation as to whether the data in question is processed and for information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.
6.2. According to Art. 16 GDPR, you have the right to demand the completeness of the data concerning you or the correction of the incorrect data concerning you.
6.3. In accordance with Art. 17 GDPR, you have the right to demand that the relevant data be deleted immediately or, alternatively, to demand a restriction of the processing of data in accordance with Art. 18 GDPR.
6.4. You have the right to demand that the data relating to you, which you have provided to us, be obtained in accordance with Art. 20 GDPR and request the transmission thereof to other responsible persons.
6.5. Pursuant to Art. 77 GDPR, you also have the right to file a complaint with the responsible supervisory authority.
7. Right of cancellation
You have the right to revoke consent in accordance with. Art. 7 (3) GDPR with future effect.
8. Right of objection
You can object to the future processing of your data at any time, in accordance with Art. 21 GDPR. The objection may in particular be made against processing for direct marketing purposes.
By using our website, a session cookie will be stored on your device.
– “cookie_notice_accepted” stores your setting for the cookie notification banner / duration: until the end of the session
By using our Application Platform https://apps.frontmark.de, a session cookie will be stored on your device.
– “__Host-auth_token” stores a session identifier at login / duration: until the end of the session
Third-party services (see below) may store additional cookies on your device.
10. Deletion of data
11. Establishing contact
11.1. When contacting us (via contact form or email), the information provided by the user is used to process the contact request, pursuant to Art. 6 (1) (b) GDPR.
11.2. User information can be stored in our Customer Relationship Management System (“CRM System”) or similar organisation.
12. Collection of access data and log files
12.1. Based on our legitimate interests, within the meaning of Art. 6 (1) (f) GDPR, we collect data concerning all access to our websites and servers (so-called server log files). The access data includes the name of the accessed web page, file, date and time of access, transferred data and amount of data, message about successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the enquiring provider.
12.2. Log file information is stored for security purposes (for example, to investigate abusive or fraudulent activities) for a maximum of six months, after which time the information is deleted. Where further data retention is required for evidential purposes, it shall be exempted from the aforementioned cancellation period until the final clarification of the incident.
13. Web analysis / reach measurement
13.1. In the context of a pseudonymous reach measurement no cookies will be stored. All statistical data will be locally stored and evaluated on our web servers in Germany.
13.2. IP addresses will be stored anonymized only and cannot be re-identified. Further personal data will not be gathered for the for web analysis.
14. Integration of third-party services and content
14.1. Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online presence within the meaning of Art. 6 (1) (f) GDPR), we make use of content or services offered by third-party providers in order to provide their content and services, e. g. as map-embeddings, (collectively referred to as “content”). This always presupposes that the third-party providers of this content are aware of the IP address of the users, since they could not send the content to the users’ browser without the IP address. The IP address is therefore required for the presentation of this content. We attempt to only use content from respective providers that use the IP address solely for the purposes of delivering said content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include, but is not limited to, technical information about the browser and operating system, referring websites, time of access, and other information regarding the use of our online presence.
14.2. The following provides an overview of third-party providers and their content, as well as links to their privacy policies, which contain further information on the processing of data and, as already mentioned in part, possibilities for objection (so-called opt-out):
– “Google Web Fonts”
– “Google reCAPTCHA”
– “Google Analytics”
Our website https://share.frontmark.de (“frontmark Storage Share”) is powered by Nextcloud (“open source private cloud software”) and hosted by Hetzner in german data centers. Further information about Storage Share can be found at Hetzner and Nextcloud.