General information
This privacy policy contains detailed information about what happens to your personal data when you visit our website open23.de. Personal data is any data with which you can personally identify yourself. We strictly adhere to the legal provisions when processing your data, in particular the General Data Protection Regulation (“DSGVO”), and attach great importance to ensuring that your visit to our website is absolutely secure.
Responsible parties
Responsible under data protection law for the collection and processing of personal data on this website are jointly:
First names, surnames: Rafael, Sadowski
- Street, house number: Hintere Ledergasse 36
- Postcode, City: 90403 Nuremberg
- State: Germany
- E-Mail: contact@open23.de
- Tel.: +49 1525 7488272
First names, surnames: Sabina, Hofmann
- Street, house number: Hintere Ledergasse 36
- Postcode, City: 90403 Nuremberg
- State: Germany
- E-Mail: contact@open23.de
- Tel.: +49 1765 7928516
Collectively, we will be referred to as “we,” “us,” or “our” in this privacy policy.
Contact form
If you contact us by e-mail or via a contact form, transmitted data including your contact information will be stored in order to process your request or to be available for follow-up questions. This data will not be passed on without your consent.
The processing of the data entered in the contact form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). A revocation of your already given consent is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you request us to delete it, revoke your consent to store it or there is no longer any need to store it. Mandatory legal provisions - in particular retention periods - remain unaffected.
Data use and disclosure
We will neither sell to third parties nor otherwise market the personal data that you provide to us, e.g. by e-mail (e.g. your name and address or e-mail address). Your personal data will only be processed for correspondence with you and only for the purpose for which you have provided us with the data.
The use of data that is automatically collected when you visit our website is only for the purposes stated above. The data will not be used for any other purpose.
We assure you that we will not pass on your personal data to third parties unless we are legally obliged to do so or you have given us your prior consent.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator, our website uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
§1 Storage period
Personal data that has been communicated to us via our website will only be stored until the purpose for which it was entrusted to us has been fulfilled. Insofar as retention periods under commercial and tax law must be observed, the storage period for certain data may be up to 10 years.
§2 Data subject rights
With regard to the personal data concerning you, as a data subject, you have the following rights vis-à-vis the data controller in accordance with the statutory provisions:
2.1 Right of revocation
Many data processing operations are only possible with your express consent. If the processing of your data is based on your consent, you have the right to revoke your consent to the processing of data, once given, at any time with effect for the future in accordance with Article 7 (3) DSGVO. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. Storage of data for billing and accounting purposes remains unaffected by a revocation.
2.2 Right to information
In accordance with Article 15 of the DSGVO, you have the right to request confirmation from us as to whether we are processing personal data relating to you. If such processing exists, you have the right to obtain information about your personal data processed by us, the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it has not been collected from you by us, the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the logic involved and the implications for you and the intended effects of such processing, as well as your right to be informed about the safeguards pursuant to Article 46 of the DSGVO in case of onward transfer of your data to third countries.
Right to rectification
You have the right, in accordance with Art. 16 DSGVO, to request at any time the immediate rectification of any inaccurate personal data concerning you and/or the completion of your incomplete data.
2.4 Right to deletion
You have the right to request the deletion of your personal data in accordance with Art. 17 DSGVO, provided that one of the following reasons applies:
a) Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
b) You withdraw your consent on which the processing was based pursuant to Art. 6(1)(a) or Art. 9(2)(a) DSGVO and there is no other legal basis for the processing;
c) You object to the processing pursuant to Art. 21(1) DSGVO and there are no overriding legitimate grounds for the processing; or You object to the processing pursuant to Art. 21(2) DSGVO;
d) The personal data have been processed unlawfully;
e) The erasure of the personal data is necessary for compliance with a legal obligation under Union law or the law of the Member State to which we are subject;
f) The personal data was collected in relation to information society services offered pursuant to Article 8(1) of the DSGVO;
However, this right does not exist insofar as the processing is necessary:
a) for the exercise of the right to freedom of expression and information;
b) for compliance with a legal obligation which requires processing under Union or Member State law to which we are subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
c) for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) DSGVO;
d) for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Article 89(1) of the DSGVO, insofar as the data subject’s right is likely to render impossible or seriously prejudice the achievement of the purposes of such processing, or for the assertion, exercise or defense of legal claims.
If we have made your personal data public and we are obliged to erase it in accordance with the above, we shall take reasonable steps, including technical measures, to inform data controllers processing the personal data that you, as the data subject, have requested that they erase all links to your personal data or copies or replications of such personal data, taking into account the available technology and the cost of implementation.
2.5 Right to restriction of processing
You have the right to request the restriction of processing (blocking) of your personal data in accordance with Art. 18 DSGVO. To do so, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:
a) If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
b) If the processing of your personal data has happened / is happening unlawfully, you may request the restriction of data processing instead of erasure.
c) If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.
d) If you have lodged an objection pursuant to Art. 21(1) DSGVO, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.
2.6 Right to information
If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to inform all recipients to whom your personal data have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. In accordance with Art. 19 DSGVO, you have the right to be informed about these recipients upon request.
2.7 Right not to be subject to a decision based exclusively on automated processing, including profiling.
In accordance with Article 22 of the DSGVO, you have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning you or similarly significantly affects you.
This does not apply if the decision
- a) is necessary for the conclusion or performance of a contract between you and us,
- b) is permissible on the basis of legal provisions of the Union or the Member States to which the controller is subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests or
- c) is done with your explicit consent.
However, in the cases mentioned in (a) to (c), the decisions may not be based on special categories of personal data pursuant to Article 9(1) of the DSGVO, unless Article 9(2)(a) or (g) applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.
In the cases referred to in (a) and (c), we take reasonable steps to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.
2.8 Right to data portability
If the processing is based on your consent pursuant to Art. 6(1)(a) DSGVO or Art. 9(2)(a) DSGVO or on a contract pursuant to Art. 6(1)(b) DSGVO and is carried out with the help of automated processes, you have the right, pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format and to transfer it to another controller or to request that it be transferred to another controller, insofar as this is technically realizable.
2.9 Right of objection
Insofar as we base the processing of your personal data on the balance of interests pursuant to Article 6 (1) f DSGVO, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on this provision. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection pursuant to Article 21 (1) DSGVO).
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) DSGVO).
You have the possibility, in connection with the use of information society services - notwithstanding Directive 2002/58/EC - to exercise your right to object by means of automated procedures using technical specifications.
2.10 Right of appeal to the competent supervisory authority pursuant to Art. 77 DSGVO
In the event of breaches of the DSGVO, data subjects shall have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged breach. The right of appeal is without prejudice to other administrative or judicial remedies.
The supervisory authority responsible for us is:
Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18 91522 Ansbach
Postal address: Postfach 1349, 91504 Ansbach
Telephone: 0981/180093-0 E-Mail: poststelle@lda.bayern.de Internet: https://www.lda.bayern.de
Validity and amendment of this privacy policy
This Privacy Policy is effective as of September 25, 2023. We reserve the right to amend this Privacy Policy at any time in compliance with applicable data protection regulations. This may be necessary, for example, to comply with new legislation or to reflect changes to our website or new services on our website. The version available at the time of your visit shall apply.
If this privacy policy is changed, we intend to post changes to our privacy policy on this page so that you are fully informed about what personal data we collect, how we process it, and under what circumstances it may be disclosed.