Data protection

Introduction

Thank you very much for your interest in our company. Protecting your data is very important to Delphin Technology AG. With this in mind, Delphin Technology AG, as the controller responsible for processing your data, has put in place a range of technical and organisational measures to ensure that personal data processed via this website is as well protected as possible. Despite these measures, Internet-based data transfers are always subject to data security vulnerabilities, meaning that it is impossible to guarantee absolute protection. Every data subject therefore has the right to send us personal data via other means, for example by phone.
 
Processing of personal data, for instance the name, address, e-mail address and phone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and with the country-specific data protection provisions to which Delphin Technology AG is subject. The purpose of this privacy statement is to allow Delphin Technology AG to inform the public of the nature, scope and purpose of the data collected, used and processed by us and, in addition, to clarify the rights of data subjects.


Responsibilities

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation, of other general data protection legislation in the Member States of the European Union and of other provisions related to data protection is:
 
Delphin Technology AG
Lustheide 81
51427 Bergisch Gladbach
Germany
 
Tel.: +49 2204 97685-0
Fax: +49 2204 97685-85
 
E-mail info@delphin.de
Website www.delphin.com
 

Name and address of the Data Protection Officer

The responsible controller’s Data Protection Officer is:
 
Delphin Technology AG
Björn Kassner
Lustheide 81
51427 Bergisch Gladbach
Germany

 
Tel.: +49 2204 97685-0
Fax: +49 2204 97685-85

 
E-mail bjoern.kassner@delphin.de
Website www.delphin.com

 
Any data subject may contact our Data Protection Officer directly with any questions or issues concerning data protection.


General points on data processing

Scope of personal data processing

We collect and use the personal data of our users only where this is necessary for the provision of a functional website and of our content and services. The collection and use of our users’ personal data generally requires the prior consent of the user in question. An exception applies where it is impossible for us to obtain consent in advance for factual reasons and the processing of the data is permitted by statutory regulations. 

Legal basis for the processing of personal data

Where we are required to obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) of the General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data. This is the case for newsletter subscriptions, for example.
 
Where the processing of personal data is a requirement for the execution of a contract to which the data subject is a party, Article 6 (1) (b) GDPR serves as the legal basis. This applies also to processing activities which are required for the execution of pre-contractual measures, for example in the case of enquiries concerning our products or services.
 
Should the processing of personal data be required for the fulfilment of a legal obligation, such as, for example, the fulfilment of obligations under tax laws to which our company is subject, Article 6 (1) (c) GDPR serves as the legal basis.
 
Should it be in the vital interests of the data subject or another natural person to process personal data, Article 6 (1) (d) GDPR would serve as the legal basis. This would be the case, for instance, if a visitor to our company were to be injured and it were to be necessary to disclose his or her name, age, health insurance details or other vital information to a doctor, hospital or some other third party.
 
Should the processing of personal data be required in the legitimate interest of our company or of a third party, and should the aforementioned legitimate interest outweigh the interests, basic rights and basic freedoms of the data subject, Article 6 (1) (f) GDPR would serve as the legal basis for the processing. Should the legal basis for the processing of personal data be Article 6 (1) (f) GDPR, we would have a legitimate interest in the execution of our business activities for the well-being of all our employees and shareholders. 

Deletion of data and duration of storage

The personal data of the data subject will be deleted or locked as soon as the purpose of their storage no longer applies. They can however continue to be stored if such storage is provided for by the European or national legislature in the form of EU directives, laws or other provisions to which the data controller is subject. The data will also be locked or deleted as soon as a period of storage set out in the designated standards expires, unless further storage of the data is required for the conclusion or execution of a contract.


Provision of the website and generation of log files

Description and scope of data processing

Every time our website is accessed, our system automatically records general data and information from the accessing computer system. These general data are stored in the log files of the server. The data collected includes the following:
 

  • Information concerning the browser type and version used
  • The operating system of the user
  • The website from which an accessing system accesses our website (referrer)
  • The sub-pages via which an accessing system is directed to our website
  • The date and time of access
  • The user’s Internet Protocol (IP) address
  • The user’s Internet Service Provider (ISP)
  • Other similar data and information which serve to avert risk in the event of attacks on our information technology systems.

These data are stored in the log files of our system. These data are never stored together with other personal data belonging to the user.

Legal basis for processing

The legal basis for the temporary storage of the data and log files is Article 6 (1) (f) GDPR.

Purpose of data processing

The temporary storage of the IP address by the system is required for the website to be loaded onto the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.
 
Storage in log files is required to guarantee the functionality of the website. We also use the data to optimise the website and guarantee the security of our IT systems.
 
These data are never evaluated for marketing purposes in this connection. The data are never disclosed unless disclosure is required by law or serves the purpose of criminal prosecution.
 
These purposes also include our legitimate interest in data processing pursuant to Article 6 (1) (f) GDPR.

Duration of storage

The data will be deleted as soon as they are no longer required for the achievement of the purpose for which they were collected. Where the data is recorded as part of provision of the website, the data will no longer be required for this purpose once the session in question has come to an end. 
 
In the case of the storage of the data in log files, the data will no longer be required for this purpose after a maximum of seven days. Storage for longer periods is possible. In this case, the IP addresses of the user will be deleted or disconnected from the identity of the user in such a manner as to make it impossible to assign them to the accessing client.

Objection and disposal options

The recording of the data for the provision of the website and the storage of the data in log files are essential for the operation of the website. The user does not therefore have an option to object. 


Use of cookies

Description and scope of data processing

Our website uses cookies Cookies are text files stored in or by the Internet browser on the user’s computer system. The use of cookies allows Delphin Technology AG to provide the users of this website with more user-friendly services than would otherwise be possible without the cookie session. If a user visits a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string which makes it possible to definitively identify the browser if it is used again to visit the website.
 
We use cookies to make our website more user-friendly. Some of the elements of our website require the visiting browser to be identifiable even after it has left the page.
 
The following data are stored in the cookies and transmitted:
 

  • Session ID
  • Login information

 
We also use cookies on our website which make it possible to analyse users’ browsing behaviour. For this purpose, we make use of the Google Analytics web analysis service provided by Google Inc. (“Google”). You will find more information on this subject in the section entitled Use of Google Analytics. 
 
Technical measures are used to pseudonymise the user data collected in this way. This means that it is no longer possible to match the data with the visiting user. The data are not stored with other personal user data.
 
When he or she visits our website, the user is informed of the use of cookies for analytical purposes and his or her consent is obtained for the processing of the personal data used in this context. The user is also referred to this data protection statement. In this context, the user is also informed about how to prevent the storage of cookies by making changes to the browser settings.

Legal basis for data processing

The legal basis for the processing of personal data with the use of technically necessary cookies is Article 6 (1) (f) GPDR.
 
In the event of user consent to such use, the legal basis for the processing of personal data using cookies for analytical purposes is Article 6 (1) (a) GDPR.

Purpose of data processing

The purpose of the use of technically necessary cookies to facilitate the use of websites by users. We are unable to offer some of the functions of our website without the use of cookies. For these functions it is necessary for the browser to be recognisable even after it has left the page.
 
We need cookies for the following applications:
 

  • User logins on the website, for example, login details for the Sales Partner area

 
User data collected by means of technically necessary cookies are not used for the creation of user profiles.
 
Analytical cookies are used for the purpose of improving the quality of our website and its content. We use the analytical cookies to find out how the website is being used, allowing us to make constant improvements to the site. You will find more information on the use of cookies, especially for the Google Analytics website analysis service, in the section entitled Use of Google Analytics. 
 
These purposes also include our legitimate interest in the processing of personal data pursuant to Article 6 (1) (f) GDPR.

Duration of storage; objection and disposal options

The data subject can prevent the placement of cookies by our website on their system at any time by making changes to that effect in the settings of the Internet browser used, thereby permanently prohibiting the placement of cookies on their system. Moreover, cookies previously placed on the system cookies can be deleted at any time using an Internet browser or other software programs. This can also be done automatically, and in all standard Internet browsers.


If the data subject deactivates the placement of cookies in the Internet browser used, he or she may not be able to use all the functions of our website to their full extent. You will find more information on objection and disposal options for the analytical cookies in the section entitled Use of Google Analytics. 


Use of Google Analytics

Description and scope of data processing

We have integrated Google Analytics components (along with the anonymizeIP anonymisation function) into this website.

 

Google Analytics is a web analysis service Web analysis is the collection, compilation and evaluation of data concerning the behaviour of visitors to websites. A web analysis service collects data concerning the website via which a data subject has been referred to a particular website (referrer), which sub-pages of the website have been accessed and how often, and for how long a particular sub-page has been viewed. Web analysis is used primarily to optimise a website and to carry out a cost/benefit analysis of Internet advertising.

 

Google Analytics components are operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Legal basis for data processing

In the event of user consent to such use, the legal basis for the processing of personal data using cookies for analytical purposes is Article 6 (1) (a) GDPR.

Purpose of data processing

Google Analytics uses so-called cookies. What cookies are and how they work has already been explained. The information gathered by the cookie about your use of this website, such as
 

  • Browser type/version,
  • Operating system used,
  • Referring URL (the previously visited page),
  • Hostname of the accessing computer (IP address),
  • Time of the server request

is generally transmitted to and stored on a Google server in the USA. Google will not link the IP address transferred by your browser in the context of Google Analytics with any other data held by Google. We have also extended the Google Analytics service used on this website by adding the anonymizeIP code. This guarantees the masking of your IP address, ensuring that all data are collected anonymously. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and abbreviated there.
 
Google will use this information on behalf of the operator of this website to evaluate your use of the website, compile reports on website activity, and provide the website operator with other services related to website usage and Internet activity.
 
In some circumstances, Google will pass on the personal data collected via this technical procedure to third parties.

Duration of storage; objection and disposal options

You can prevent the storage of these cookies by selecting the appropriate settings in your browser software. However, please be advised that, by doing so, you may be unable to use some features of this website to their full extent.
 
You can also prevent the disclosure to and processing by Google of the data generated by cookies about your use of the website (incl. your IP address), by downloading and installing the browser plug-in available via the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
 
As an alternative to the browser add-on, particularly for browsers on mobile devices, you can also prevent the recording of personal data by Google Analytics by clicking on this link. An opt-out cookie will be placed on your system, and will prevent your data from being recorded during future visits to this website. The opt-out cookie applies only to this browser and to our website and will be stored on your device. If you delete the cookies in this browser, you will have place the opt-out cookie on your system again. 
 
You can find more information on the applicable Google data protection provisions at https://policies.google.com/privacy?hl=en and https://www.google.com/analytics/terms/us.html Google Analytics is explained in greater detail at https://www.google.com/intl/en_uk/analytics/#?modal_active=non.


Newsletter

Description and scope of data processing

Our website offers you the option of subscribing to a free newsletter. Data from the input mask are transferred to us during the registration process.
 
The precise personal data transmitted to the data controller for processing are determined by the input mask used for this purposes. Specifically, these data include: 
 

  • Title,
  • Given name(s),
  • Surname,
  • E-mail address.

 
In addition, the following data are also collected:
 

  • The IP address of the visiting computer and
  • The date and time of registration

 
Your consent to the processing of this data will be sought as part of the registration procedure, and you will be referred to this data protection statement. No disclosure of the data to third parties takes place in the context of the data processing required for the sending of newsletters. The data are used exclusively for sending the newsletter.

Legal basis for data processing

Should consent be given, the legal basis for the processing of data following user registration for the newsletter is Article 6 (1) (a) GDPR.

Purpose of data processing

Delphin Technology AG regularly informs its customers, potential customers and business partners of the company’s offers by e-mail. The data subject can in principle receive the newsletter from our company only if the data subject has a valid e-mail address and registers for the newsletter. For legal reasons, a confirmation e-mail using the double opt-in procedure will initially be sent to the e-mail address entered by the user upon registering for the newsletter. This confirmation e-mail is used to verify whether the owner of the e-mail address, as the data subject, has authorised receipt of the newsletter.
 
The collection of other personal data in the context of the registration procedure serves the purpose of preventing misuse of the services or the e-mail address used.

Duration of storage; objection and disposal options

The data will be deleted as soon as they are no longer required for the achievement of the purpose for which they were collected. Accordingly, the user’s e-mail address, surname, given name and title will be stored for as long as the subscription to the newsletter remains active. 
 
The other personal data collected in the context of the registration procedure will usually be deleted after seven days. 
 
The subscription to the newsletter can be cancelled by the data subject in question at any time. Each newsletter contains a link which can be used for this purpose. 
 
This also allows the user to withdraw his or her consent to the storage of the personal data collected during the registration procedure. The user also has the option of opting out of receiving the newsletter at any time, directly on the data controller’s website or by communicating this request to the data controller by some other means.


Registration

Description and scope of data processing

On our website, we offer users the option of registering by entering personal data. The data are entered into an input mask and transmitted to and stored by us. Exactly which data are recorded is determined by the input mask in question. No disclosure of the data to third parties takes place. The following data are collected in the context of the registration process:
 

  • User name,
  • Password,
  • Given name(s),
  • Surname,
  • Company,
  • E-mail address,
  • Town or city

The following data are stored in addition at the time of registration:

  • The user’s IP address and
  • The date and time of registration

Your consent to the processing of this data will be sought as part of the registration procedure, and you will be referred to this data protection statement.  

Legal basis for data processing

In the event the user gives consent, the legal basis for the processing of personal data is Article 6 (1) (a) GDPR.

Purpose of data processing

The registration of the data subject through voluntary submission of personal data makes it possible for Delphin Technology AG to offer the data subject content or services which by their nature can be offered only to registered users.

Duration of storage; objection and disposal options

The data will be deleted as soon as they are no longer required for the achievement of the purpose for which they were collected.
Registered persons are free to change the personal data submitted at the time of registration or to request the complete deletion of the data from the data controller’s database at any time. 
 
The data controller at Delphin Technology AG will provide to any data subject, at any time and upon request, details of the personal data stored regarding the data subject in question. Furthermore, it will, at the request of, or if instructed to do so by, the data subject, correct or delete personal data, provided that to do so would not be in contravention of a statutory data retention obligation.
 
In this context, a Data Protection Officer mentioned by name in this data protection statement and the entire workforce of the data controller are available to the data subject as points of contact.


Contact form and e-mail contact

Description and scope of data processing

Due to statutory regulations, Delphin Technology AG’s website contains information which allows users quickly to make contact with our company by electronic means and to communicate directly with us; this information also includes a general address used for so-called electronic mail (e-mail address). Should a data subject use e-mail or a contact form to make contact with the data controller, the personal data transmitted by the data subject will automatically be stored. Such personal data which are submitted voluntarily by a data subject to the data controller will be stored for further processing or for the purpose of making contact with the data subject. These personal data will not be disclosed to third parties.
 
Our website features a contact form which can be used to make contact electronically. If a user makes use of this option, the data entered into the input mask will be transmitted to, and stored by, us. These data include:
 

  • Title,
  • Given name(s),
  • Surname,
  • Company,
  • Sector,
  • Street address,
  • Postcode,
  • Town or city,
  • Country,
  • Telephone (optional),
  • Fax (optional),
  • E-mail,
  • How they found us,
  • Requests for information material,
  • Call-back requests,
  • Quotation requests,
  • Personal messages,
  • Outcomes of security prompts

The exact data is determined by the input form.
 
At the time the message is sent, the following data will also be stored:
 

  • The user’s IP address,
  • The date and time of sending

 
Your consent to the processing of this data will be sought as part of the registration procedure, and you will be referred to this data protection statement. 
 
Alternatively, you can establish contact using the e-mail address provided. In this case, the user personal data transmitted with the e-mail will be stored. 
 
No disclosure of the data to third parties will take place in this connection. The data will be used exclusively for processing the conversation.
 
Every data subject has the right to send us personal data via other means, for example by phone.

Legal basis for data processing

In the event the user gives consent, the legal basis for the processing of personal data is Article 6 (1) (a) GDPR.
 
The legal basis for the processing of data transmitted by e-mail is Article 6 (1) (f) GDPR. If the intention of the e-mail contact is the conclusion of a contract, Article 6 (1) (b) GDPR is an additional basis for processing.

Purpose of data processing

We process personal data from the input mask solely for the purpose of establishing contact. Where contact is made by e-mail, this purpose also includes our necessary legitimate interest in the processing of the data.
 
The other personal data processed during the dispatch procedure serve to prevent misuse of the contact form and to guarantee the security of our IT systems.

Duration of storage; objection and disposal options

The data will be deleted as soon as they are no longer required for the achievement of the purpose for which they were collected. For personal data taken from the input mask of the contact form, and data sent by e-mail, this will be once the conversation with the user in question has come to an end. The conversation will be deemed to have ended when it becomes apparent from the circumstances that the matter at issue has been definitively clarified. 
 
The personal data additionally collected during the dispatch procedure will be deleted after no more than seven days if they cannot be stored for further lawful processing pursuant to Article 6 (1), e.g. for the purpose of generating a quotation.
 
The user has the option to withdraw his or her consent to the processing of personal data at any time. If the user establishes contact with us by e-mail, he or she can object to the storage of his or her personal data at any time. It will be impossible to continue the conversation in such circumstances.
 
The objection must be submitted in writing by e-mail to the aforementioned Data Protection Officer.
 
In such a case, all personal data stored in the course of establishing contact will be deleted, provided that there is no statutory basis preventing their deletion.   


Data protection for applications and in the application procedure

Delphin Technology AG collects and processes the personal data of applicants for the purpose of managing the application procedure. This processing can also be carried out electronically. This is particularly the case if an applicant submits the relevant application documents electronically, for example by e-mail, to the data controller. 
 
If Delphin Technology AG concludes an employment contract with an applicant, the data transmitted for the purpose of managing the employment relationship will be stored in compliance with statutory regulations.
 
If no employment contract is concluded between Delphin Technology AG and the applicant, the application documents will be deleted three months after the applicant is informed of the rejection, provided that such deletion does not run contrary to other legitimate interests (Article 6 (1) (f) GDPR) of the data controller. Other legitimate interests within the meaning of the foregoing would for example include the duty to provide evidence in proceedings pursuant to the German General Equality of Treatment Act (Allgemeines Gleichbehandlungsgesetz - AGG).


Rights of data subjects

If personal data relating to your person are processed, you are a data subject within the meaning of GDPR and have the following rights vis-a-vis the data controller: 

Right of confirmation

Every data subject has the right as granted by European regulators to demand confirmation from the data controller as to whether relevant personal data are being processed. 
If a data subject wishes to make use of this right of confirmation, they may contact a member of the data controller’s staff at any time.

Right to information

You can demand confirmation from the data controller as to whether personal data concerning your person are being processed by us. If such processing is indeed taking place, you can demand the following information from the data controller:
 

  • The purposes for which the personal data are being processed
  • The categories of personal data being processed
  • The recipient and/or categories of recipients to whom the personal data concerning your person have been or will be disclosed, and in particular recipients in third countries or in international organisations
  • The planned duration of the storage of the personal data concerning your person or, should it be impossible to give specific information on this point, criteria for setting the storage period
  • The existence of a right to the correction or deletion of the personal data concerning your person, the right to restrict processing by the data controller, or the right to object to this processing
  • The existence of a right of appeal to a supervisory authority
  • All available information concerning the origin of the data, if the personal data are not collected directly from the data subject
  • The existence of an automatic decision-making process, including profiling, pursuant to Articles 22 (1) and (4) GDPR and – at least in these cases – meaningful information concerning the logic involved and the implications and desired effects of such processing for the data subject.

 
You have the right to demand information as to whether the personal data concerning your person are to be transmitted to a third country or an international organisation. In this context, you can demand information concerning the existence of suitable guarantees pursuant to Article 46 GDPR in connection with such transmission.
 
If a data subject wishes to make use of this right of information, he or she can contact a member of the data controller’s staff at any time.

Right of correction

You have a right of correction and/or completion vis-a-vis the data controller if the personal data concerning your person which are being processed are inaccurate or incomplete. The data controller must undertake corrections without delay. 
 
If a data subject wishes to make use of this right of correction, he or she can contact a member of the data controller’s staff at any time.

Right to restrict processing

You can demand the restriction of the processing of the personal data concerning your person under the following conditions:

  • If you contest the accuracy of the personal data concerning your person over a period of time which makes it possible for the data controller to verify the accuracy of the personal data
  • If the processing is unlawful and you decline to have the personal data deleted and instead demand that the use of the personal data be restricted
  • If the data controller no longer needs the personal data for processing purposes, but you require them for the assertion, exercise or defence of legal rights
  • If you have filed an objection to processing pursuant to Article 21 (1) GDPR, and it has not yet been established whether the legitimate interests of the data controller outweigh your grounds

If the processing of personal data concerning your person has been restricted, these data may, with the exception of their storage, be processed only with your consent or for the assertion, exercise or defence of legal rights, or for the protection of the rights of another natural or legal person, or for reasons of important public interest on the part of the European Union or of a European Union Member State.
If the restriction of processing has been restricted in accordance with the aforementioned conditions, you will be informed by the data controller before the restriction is lifted. 

Right of deletion

Obligation to delete

You can demand the immediate deletion by the data controller of the personal data concerning your person, and the data controller will be under obligation to delete these data without delay provided that one of the following grounds pertains:

  • The personal data concerning your person are no longer required for the purposes for which they were collected or otherwise processed.
  • You withdraw your consent upon which the processing pursuant to Article 6 (1) (a) or Article 9 (2) (a) GDPR was based, and there is no other legal basis for the processing
  • You file an objection to the processing pursuant to Article 21 (1) GDPR, and there are no legitimate reasons for the processing which take precedence, or you file an objection to the processing pursuant to Article 21 (2) GDPR.
  • The personal data concerning your person were unlawfully processed.
  • The deletion of the personal data concerning your person is required for the fulfilment of a legal obligation according to EU law or the law of the Member States to which the data controller is subject.
  • The personal data concerning your person were collected in relation to services offered by the information society pursuant to Article 8 (1) GDPR.

Information passed to third parties

If the data controller has published the personal data concerning your person and is subject to an obligation to delete them pursuant to Article 17 (1) GDPR, it must, taking into account the available technology and the implementation costs, adopt appropriate measures, including technical ones, to inform parties responsible for the data processing which are processing the personal data that you as data subject have required the deletion by them of all links to these personal data or of copies or replicas of these personal data. 

Exceptions

The right of deletion does not apply where processing is required

  • For the exercise of the right to freedom of expression and information
  • For the fulfilment of a statutory obligation requiring processing pursuant to the law of the European Union or the Member States to which the data controller is subject, or has been transferred to the data controller for the purpose of fulfilment of a task which is in the public interest or is carried out in the exercise of official authority
  • For reasons of public interest in the area of public health pursuant to Article 9 (2) (h) and (i) and Article 9 (3) GDPR
  • For archiving, scientific or historical research purposes which are in the public interest or for statistical purposes pursuant to Article 89 (1) GDPR, to the extent that it is anticipated that the right mentioned in section a) will make it impossible to realise the aims of this processing or seriously impair any attempt to do so
  • For the assertion, exercise or defence of legal rights

Should one of the aforementioned reasons apply and a data subject wish to arrange for the deletion of personal data stored by Delphin Technology, they can contact a member of the data controller’s staff at any time. The member of Delphin Technology AG staff will arrange for the immediate deletion of the data as requested. 

Right to be informed

If you have asserted your right to the correction, deletion or restriction of the processing vis-a-vis the data controller, the latter must communicate this correction, deletion or restriction of the processing to all recipients to which the personal data concerning your person have been disclosed, unless doing so proves impossible or would require a disproportionate effort. 
 
You have the right to require that the data controller inform you of these recipients.

Right of data transferability

You have the right to receive the personal data concerning your person which you have previously provided to the data controller in a structured, widely available and machine-readable format. You also have the right to transfer these data to another data controller without being hindered by the data controller to whom the personal data were provided, if
 

  • The processing is based on a consent pursuant to Article 6 (1) (a) or Article 9 (2) (a), or a contract pursuant to Article 6 (1) (b) GDPR
  • The processing takes place with the aid of automatic procedures.

 
In the exercise of this right, you also have the right to require that the personal data concerning your person be directly transmitted from one data controller to another data controller, to the extent it is technically feasible to do so. This must not result in the impairment of the freedoms and rights of other persons.
 
The right of data transferability does not apply to any processing of personal data which is required for the purpose of fulfilment of a task which is in the public interest or is carried out in the exercise of official authority vested in the data controller.
 
To assert his or her right to data transferability, the data subject can contact a member Delphin Technology AG staff at any time. 

Right of objection

You have the right, for reasons derived from your particular situation, to lodge an objection at any time to the processing of personal data concerning your person which is to be carried out on the basis of Article 6 (1) (e) or (f) GDPR; the same also applies to any profiling based on these provisions. 
 
The data controller will no longer process the personal data concerning your person unless it can provide evidence of compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves the purpose of the assertion, exercise or defence of legal rights.
 
If the personal data concerning your person are processed for direct advertising purposes, you have the right at any time to lodge an objection to the processing of the personal data concerning your person for the purpose of such advertising; the same also applies to profiling connected with such direct advertising.
 
If you should object to processing for purposes of direct advertising, the personal data concerning your person will no longer be processed for these purposes.
 
You have the option in connection with the use of services of the information company – notwithstanding directive 2002/58/EC – to exercise your right of objection by automatic means which make use of technical specifications.

Right of revocation of consent under the terms of data protection law

You have the right at any time to revoke your consent under the terms of data protection law. This revocation of consent will not affect the lawfulness of the processing which has been carried out on the basis of the consent until such time as it is revoked.
 
If the data subject wishes to make use of his or her right of revocation of consent, it can to this end contact our Data Protection Officer or another member of staff of Delphin Technology AG at any time.

Automatic decisions in individual cases including profiling

You have the right not to be subjected to a decision based exclusively on automatic processing, including profiling, that has legal implications for you or would significantly impair you in some other way. This will not apply if the decision 
 

  • Is required for the conclusion or fulfilment of a contract between you and the data controller,
  • Is made with your express consent,
  • Is permissible on the basis of statutory regulations of the European Union or the Member States to which the data controller is subject, and said statutory regulations contain appropriate measures for the safeguarding of your rights and freedoms and your legitimate interests.

 
However, these decisions may not be based on special categories of personal data pursuant to Article 9 (1) GDPR, where Article 9 (2) (a) or (g) do not apply and appropriate measures for the safeguarding of your rights and freedoms and your legitimate interests have been adopted.
 
In respect of the first two cases mentioned above, the data controller must adopt appropriate measures to safeguard your rights and freedoms and your legitimate interests, which include at least the right to force the intervention of a person on the part of the data controller, to present your own perspective and to contest the decision.

Right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial legal redress, you have the right to appeal to a supervisory authority, in particular in the Member State of your place of residence, your workplace, or the place in which the breach is alleged to have taken place, if you are of the view that the processing of the personal data concerning your person is in breach of the GDPR. 
The supervisory authority to which the appeal is submitted will then inform the appellant of the status and results of the appeal, including the possibility of judicial redress pursuant to Article 78 GDPR.