1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator’s contact details can be found in the website’s required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
2. General information and mandatory information
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
Dr. Katharina Schmidt
DEIAHL / GPIA Amman
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
We have implemented technical and administrative security measures to protect your personal data against loss, destruction, tampering and unauthorized access. All our employees and service providers are committed to the valid data protection laws.
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser”s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser”s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data collection on our website
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device”s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
4. Embeded YouTube Videos
We have integrated YouTube videos into our online offering, which are stored on the YouTube platform and can be played directly from our website. YouTube is a service of Google LLC, D/B/A YouTube. 901 Cherry Ave., San Bruno, CA 94066, USA (hereinafter as ‘Google’). The videos are all embedded in the so-called ‘2-click-mode’, which means that no data about you as a user is being transferred to Google if you do not activate the video function. Before the video function’s activation, only a preview image loaded from our own web server is being displayed.
Data will only be transferred to Google if you activate such video functions. Once being activated, we have no influence on this data transfer. The data transfer is carried out regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in at Google, your data will be assigned directly to your account.
Purposes and legal basis
We use YouTube videos on our website to present those to you in an easy way.
The legal basis for the processing of your personal data is your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR. You grant this consent by activating the video function. If activated, your personal data will be transferred to Google as described above.
In the course of the data transfer to Google, your personal data will be transferred to servers of Google, which might also be located in the USA. The USA is a country that does not have a level of data protection which is adequate to that of the EU. In particular, this means that personal data can be accessed by US authorities in a simplified manner and that there are only limited rights to such measures. If you activate the YouTube video function, you expressly consent to the transfer of data to Google and to the transfer of your personal data to servers located in the USA.
If you have given your consent, you have the right to revoke it at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.
You can revoke your consent at any time for the future by deactivating “YouTube” in your cookie settings.
Google may also process your personal information in the United States, a third country without an adequate level of data protection.
5. Plugins and tools
Wordfence Plugin – Data Processing Agreement
Defiant provides a data processing agreement to help customers meet their data privacy and protection obligations that are part of the General Data Protection Regulation (GDPR). Defiant has pre-signed the agreement and it is available to all Defiant customers that are processing personal data and operate in the European Economic Area (EEA) or are otherwise subject to the territorial scope of the GDPR. To learn more about privacy and data protection rules of the EEA click here.
To comply with EU General Data Protection Regulation (“GDPR”), our EU customers must sign our Data Processing Agreement (“DPA”) and the Standard Contractual Clauses to establish the respective responsibilities between the Defiant customer (as the data controller) and Defiant itself (as the data processor). If the GDPR applies to you please download, sign, and email both the DPA and the Standard Contractual Clauses to email@example.com. Both the DPA and Standard Contractual Clauses are available in one document below. Note you must sign in two places.
Defiant Data Processing Agreement and Standard Contractual Clauses can be downloaded here: https://www.wordfence.com/gdpr/dpa.pdf
Remember to sign in two places and email it to firstname.lastname@example.org.
Cookies set by the Wordfence plugin
To help you understand which cookies the Wordfence plugin sets, when installed on your WordPress site, we have provided the guide below. Wordfence currently sets three cookies and we explain what each cookie does, who will have the cookie set, and why the cookie helps secure your site.
What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.
Who gets this cookie: This is only set for users that are able to log into WordPress.
How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.
What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location.
Who gets this cookie: This is only set for administrators.
How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.
What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.
Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking.
How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.