Data protection
Thank you for visiting our website https://infinitesea.net and for your interest in our company. With the aim of offering you the highest possible degree of transparency, we inform you in the following about the type, scope and purpose of the collection, processing and use of personal data, which arise in the context of the use of our website. You can download the complete version of the General Data Protection Regulation (hereinafter referred to as "DSGVO") here.
Content
1. Definitions of terms
2. Responsible party pursuant to Article 4 No. 7 DSGVO
3. Legal basis of processing
4. Storage of data / deletion of data
5. Disclosure of personal data
6. Collection of personal data
6.1. Exclusively informative use of our website
6.2. Contact by e-mail
7. Hosting (Hostpoint AG)8. your rights
9. Right to object
10. Data security
1. Definitions of terms
The following terms that we use within our data protection declaration are defined within Art. 4 DSGVO. This is only an excerpt from Art. 4 DSGVO. All definitions can be found in the GDPR (available here).
Personal data (Art. 4 No. 1 GDPR)
Personal data means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing (Art. 4 No. 2 GDPR):
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Pseudonymisation (Art. 4 No. 5 GDPR):
Pseudonymisation comprises the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.
Controller (Article 4(7) GDPR):
The controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law. A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Third Party (Art. 4 No. 10 GDPR):
A third party is a natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons who are authorised to process the personal data under the direct responsibility of the controller or the processor.
Consent (Art. 4 No. 11 GDPR):
Consent of the data subject shall mean any freely given specific, informed and unambiguous indication of his or her wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
Undertaking (Art. 4 No. 18 GDPR):
An undertaking means a natural or legal person engaged in an economic activity, regardless of its legal form, including associations or partnerships regularly engaged in an economic activity.
2. Controller according to Art. 4 No. 7 DSGVO
InfiniteSea GmbH, August-Clüsserath-Weg 2, D-66333 Völklingen, Phone: +49 68 98 / 97 25 60, E-mail: info@infinitesea.net
You can download our complete imprint here: To the imprint
3. Legal basis of the processing
For each processing operation described in our privacy policy, we will inform you of the relevant legal basis on which the processing is carried out. A distinction is made between the following groups of cases where processing is lawful: You have given us consent to process the personal data relating to you for one or more specific purposes (Art. 6 para. 1 sentence 1 lit. a DSGVO). There is a contract between you and us for the performance of which the processing is carried out or the processing is necessary for the performance of pre-contractual measures which are carried out at your request (Art. 6 para. 1 p. 1 lit. b DSGVO). The fulfilment of a legal obligation to which we are subject requires the processing (Art. 6 para. 1 p. 1 lit. c DSGVO). The protection of vital interests of you or another natural person requires processing (Art. 6 para. 1 p. 1 lit. d DSGVO). The performance of a task assigned to us in the public interest or the exercise of official authority require processing (Art. 6 (1) sentence 1 lit. e DSGVO). The necessity of processing to protect our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms, which require the protection of personal data, override (Art. 6 para. 1 p. 1 lit. f DSGVO).
4. Storage of data / deletion of data
Within the processing described in our data protection declaration, we will inform you of the corresponding storage period or the times of deletion or blocking of data. If no explicit storage period is defined, the data will be deleted or blocked as soon as the purpose or legal basis for the storage no longer exists. Data may be stored beyond the defined periods if legal regulations to which we are subject (e.g. § 147 AO, § 247 HGB) stipulate a different storage period. Following the storage period, the personal data will be deleted or blocked unless further storage is required by us on a legal basis. Furthermore, storage beyond the specified period is possible in the event of a (possible) legal dispute with you or other legal proceedings.
5. Passing on personal data
If your personal data is passed on, you will be informed accordingly at the relevant point in our data protection declaration. If your personal data is transferred outside the European Economic Area and thus to so-called third countries, you will be informed accordingly at the relevant point in our data protection declaration. As a matter of principle, we will only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can guarantee the careful handling of personal data on the basis of contractual agreements or other suitable guarantees.
6. collection of personal data
In the following, we will inform you about the collection of personal data (such as name, e-mail address, address or user behaviour).
6.1 Exclusive informational use of our website
If you do not register on our website (for example in the form of a newsletter) or transmit data to us in any other way (for example by using a contact form), only that personal data is collected which is transmitted to our server by your browser. This is data that is technically necessary for us to provide you with the website for viewing while ensuring a secure and stable display. This is the following information, which is derived from a log file line:
Internet protocol address (IP address)Time and date of the respective accessTime zone difference to Greenwich Mean Time (GMT)The specific page accessedStatus of the access / Hypertext Transfer Protocol (http)Amount of data transferred in each caseWebsite from which our website is accessed (referrer URL)Internet browser used (incl. language and version)Operating system used.
The legal basis for the collection of the listed data results from Art. 6 para. 1 p. 1 lit. f DSGVO. We have a legitimate interest in ensuring an error-free connection and comfortable use of our website, as well as analysing system stability and security and using the data for further administrative purposes.
6.2 Contact via e-mail
When contacting us via the e-mail address provided in section 2 or other e-mail addresses of our company published on our website, your e-mail address as well as other contact data available within your e-mail (e.g. your name or your telephone number) will be stored by us in order to process your enquiry. This data is deleted immediately as soon as further storage is no longer necessary. If there are legal retention periods with regard to the data, the deletion of the data will be replaced by a corresponding restriction of the processing. Depending on the reason for sending the e-mail, the legal basis for processing the data is Article 6 (1) sentence 1 lit. b DSGVO or Article 6 (1) sentence 1 lit. f DSGVO, i.e. it is either used to process the contract concluded with you and to fulfil our (pre-)contractual obligations or it is based on our legitimate interest in contacting people interested in our services.
7. Hosting (Hostpoint AG)
Our website is hosted by the company Hostpoint AG, Neue Jonastrasse 60, 8640 Rapperswil-Jona, Switzerland Imprint: https://www.hostpoint.ch/hostpoint/kontakt-agb.html#infos" (hereinafter referred to as "Hostpoint"). When our website is called up, the data described in more detail in this data protection declaration within the scope of the purely informational use of the website is transmitted to Hostpoint. For this purpose, we have concluded a corresponding contract for order processing with the company Hostpoint. Hostpoint's server locations are exclusively in Switzerland and thus in a country for which an adequacy decision has been issued by the European Commission in accordance with Art. 45 DSGVO. You can find Hostpoint's data protection declaration here: https://www.hostpoint.ch/hostpoint/kontakt-agb.html#datenschutz.
8. Your rights
Below we inform you about your rights under the GDPR. You can call up the DSGVO as a complete document here.
Right to information pursuant to Art. 15 (1) DSGVOYou have the right to request confirmation from us as to whether personal data relating to you is being processed. If this is the case, in addition to the right to information about this personal data, you also have the right to information about the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom your personal data have been disclosed or will be disclosed in the future (in particular in the case of recipients in third countries or international organisations), the storage period or criteria for determining the storage period, and the right to information about the processing purposes. We will also inform you about the existence of a right to object to such processing, the existence of a right to lodge a complaint with a supervisory authority, any available information about the origin of the data (in case it was not collected by us), the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved as well as the scope and the intended effects of such processing.
Right to rectification in accordance with Art. 16 DSGVO. You have the right to request from us the immediate rectification of inaccurate personal data as well as the completion of incomplete personal data concerning you.
Right to erasure ("right to be forgotten") according to Art. 17 (1) DSGVO. You have the right to demand that we delete the personal data concerning you without delay. However, according to Art. 17 (3) DSGVO, this right does not exist if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest in the field of public health, for archiving purposes in the public interest or for the establishment, exercise or defence of legal claims.
You have the right to demand that we restrict the processing of your personal data if you dispute the accuracy of your personal data (the restriction applies for the period of time that allows us to check the accuracy), the processing of your personal data is unlawful and you refuse to delete it, we no longer need your personal data for the processing purposes, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing pursuant to Art. 21 (1) DSGVO. 21 (1) DSGVO (the restriction applies here as long as it has not yet been determined whether our legitimate reasons outweigh yours).
Right to data portability pursuant to Art. 20 DSGVOYou have the right to obtain from us the personal data concerning you in a structured, commonly used and machine-readable format, as well as to have it transferred to another controller without hindrance from us (or to request that it be transferred directly from us to another controller if this is technically feasible), if the processing by us was based on consent or a contract or was carried out with the help of automated processes.
You have the right to revoke your consent at any time with effect for the future, so that the data processing based on your consent can no longer be continued in the future, but the lawfulness of the processing carried out up to the time of your revocation is not affected.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or the place of the alleged infringement. You can find more information here: https://www.bfdi.bund.de/
9. Right of objection
In addition to the aforementioned rights, you also have the right to object at any time with future effect to the processing of your personal data which is carried out on the basis of the performance of a task carried out in the public interest or in the exercise of official authority (Art. 6 (1) sentence 1 lit. e DSGVO) or for the protection of legitimate interests on our part (Art. 6 (1) sentence 1 lit. f DSGVO), provided that there are grounds for doing so which arise from your particular situation. In the event of an objection, no further processing of the personal data will be carried out unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. In the case of processing of your personal data for the purpose of dir ect advertising or profiling, where there is a link to direct marketing, you have a general right to object, without having to provide grounds based on your particular situation. In the event of an objection, we will immediately stop processing the personal data for these purposes. To exercise your right of revocation or objection, simply send an e-mail to: info@infinitesea.net.
10. Data security
Our website uses the encryption and communication protocol TLS 1.3 (Transport Layer Security). The TLS certificate we use, which is issued by a certification authority, enables us to exchange encrypted data between the web browser and the web server, which means that sensitive data cannot be read by third parties. We use the procedure with the highest encryption level that your browser supports, which is usually 256-bit encryption. The higher the number of bits, the longer the key and the better the protection against third parties.
This data protection declaration was created individually for this website by Frame for Business GmbH in cooperation with the law firm Dr. Schultheiß.