Impressum

Legal notice

Kanz­lei SportsLawyer

Schwan­tha­ler­str. 106
D-80339 München

Tel.: +49 89 55 141 98 20
Fax: +49 89 55 141 98 99

info@sportslawyer.de
www.sportslawyer.de

Responsi­bi­lity in accor­dance with sec. 55 (2) RStV: Dr. Tanja Haug und Dr. Anja Martin

VAT iden­ti­fi­ca­tion num­ber: DE291133578

Dr. Tanja Haug und Dr. Anja Mar­tin have been admit­ted to the bar and are mem­bers of the Bar Asso­cia­tion Munich.

The rele­vant gui­de­lines for pro­fes­sio­nal con­duct are:

  • die Bun­des­rechts­an­walts­ord­nung (BRAO),
  • die Berufs­ord­nung für Rechts­an­wälte (BORA),
  • die Fach­an­walts­ord­nung (FAO),
  • das Rechts­an­walts­ver­gü­tungs­ge­setz (RVG) und
  • die Berufs­re­geln der Rechts­an­wälte der Euro­päi­schen Union (CCBE-Berufsregeln).

They can be asses­sed on the web­site of the Federal Cham­ber of Lawy­ers: www.brak.de (sec­tion „Berufsrecht“).

The state­ments on this web­site are made only for gene­ral infor­ma­tion and do not con­sti­tute any legal advice.

Pri­vacy Policy

Data pro­tec­tion is of a par­ti­cu­larly high prio­rity for the manage­ment of the Law Firm SportsLa­wyer. The use of the Inter­net pages of SportsLa­wyer is pos­si­ble wit­hout any indi­ca­tion of per­so­nal data; howe­ver, if a data sub­ject wants to use spe­cial enter­prise ser­vices via our web­site, pro­ces­sing of per­so­nal data could become necessary. If the pro­ces­sing of per­so­nal data is necessary and there is no sta­tutory basis for such pro­ces­sing, we gene­rally obtain consent from the data subject.

The pro­ces­sing of per­so­nal data, such as the name, address, e-mail address, or tele­phone num­ber of a data sub­ject shall always be in line with the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR), and in accor­dance with the country-specific data pro­tec­tion regu­la­ti­ons app­lica­ble to SportsLa­wyer. By means of this data pro­tec­tion decla­ra­tion, our enter­prise would like to inform the gene­ral public of the nature, scope, and pur­pose of the per­so­nal data we collect, use and pro­cess. Fur­ther­more, data sub­jects are infor­med, by means of this data pro­tec­tion decla­ra­tion, of the rights to which they are entitled.

As the con­trol­ler, SportsLa­wyer has imple­men­ted nume­rous tech­ni­cal and orga­niza­tio­nal mea­su­res to ensure the most com­plete pro­tec­tion of per­so­nal data pro­ces­sed through this web­site. Howe­ver, Internet-based data trans­mis­si­ons may in prin­ciple have secu­rity gaps, so abso­lute pro­tec­tion may not be gua­ran­teed. For this rea­son, every data sub­ject is free to trans­fer per­so­nal data to us via alter­na­tive means, e.g. by telephone.

1. Defi­ni­ti­ons

The data pro­tec­tion decla­ra­tion of SportsLa­wyer is based on the terms used by the Euro­pean legis­la­tor for the adop­tion of the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR). Our data pro­tec­tion decla­ra­tion should be legi­ble and under­stan­da­ble for the gene­ral public, as well as our cust­o­mers and busi­ness part­ners. To ensure this, we would like to first explain the ter­mi­no­logy used.

In this data pro­tec­tion decla­ra­tion, we use, inter alia, the fol­lo­wing terms:

a)Per­so­nal data

Per­so­nal data means any infor­ma­tion rela­ting to an iden­ti­fied or iden­ti­fia­ble natu­ral per­son (“data sub­ject”). An iden­ti­fia­ble natu­ral per­son is one who can be iden­ti­fied, directly or indi­rectly, in par­ti­cu­lar by refe­rence to an iden­ti­fier such as a name, an iden­ti­fi­ca­tion num­ber, loca­tion data, an online iden­ti­fier or to one or more fac­tors spe­ci­fic to the phy­si­cal, phy­sio­lo­gi­cal, gene­tic, men­tal, eco­no­mic, cul­tu­ral or social iden­tity of that natu­ral person.

b) Data sub­ject

Data sub­ject is any iden­ti­fied or iden­ti­fia­ble natu­ral per­son, whose per­so­nal data is pro­ces­sed by the con­trol­ler responsi­ble for the processing.

b)Pro­ces­sing

Pro­ces­sing is any ope­ra­tion or set of ope­ra­ti­ons which is per­for­med on per­so­nal data or on sets of per­so­nal data, whe­ther or not by auto­ma­ted means, such as collec­tion, recor­ding, orga­ni­sa­tion, struc­tu­ring, sto­rage, adapta­tion or alte­ra­tion, retrie­val, con­sul­ta­tion, use, dis­clo­sure by trans­mis­sion, dis­se­mi­na­tion or other­wise making avail­able, ali­gn­ment or com­bi­na­tion, restric­tion, era­sure or destruction.

d)    Restric­tion of pro­ces­sing

Restric­tion of pro­ces­sing is the mar­king of stored per­so­nal data with the aim of limit­ing their pro­ces­sing in the future.

e)    Pro­filing

Pro­filing means any form of auto­ma­ted pro­ces­sing of per­so­nal data con­sis­ting of the use of per­so­nal data to eva­luate cer­tain per­so­nal aspects rela­ting to a natu­ral per­son, in par­ti­cu­lar to ana­lyse or pre­dict aspects con­cerning that natu­ral person’s per­for­mance at work, eco­no­mic situa­tion, health, per­so­nal pre­fe­ren­ces, inte­rests, relia­bi­lity, beha­viour, loca­tion or movements.

f)     Pseud­ony­mi­sa­tion

Pseud­ony­mi­sa­tion is the pro­ces­sing of per­so­nal data in such a man­ner that the per­so­nal data can no lon­ger be attri­bu­ted to a spe­ci­fic data sub­ject wit­hout the use of addi­tio­nal infor­ma­tion, pro­vi­ded that such addi­tio­nal infor­ma­tion is kept sepa­ra­tely and is sub­ject to tech­ni­cal and orga­ni­sa­tio­nal mea­su­res to ensure that the per­so­nal data are not attri­bu­ted to an iden­ti­fied or iden­ti­fia­ble natu­ral person.

g)    Con­trol­ler or con­trol­ler responsi­ble for the pro­ces­sing

Con­trol­ler or con­trol­ler responsi­ble for the pro­ces­sing is the natu­ral or legal per­son, public aut­ho­rity, agency or other body which, alone or jointly with others, deter­mi­nes the pur­po­ses and means of the pro­ces­sing of per­so­nal data; where the pur­po­ses and means of such pro­ces­sing are deter­mined by Union or Mem­ber State law, the con­trol­ler or the spe­ci­fic cri­te­ria for its nomi­na­tion may be pro­vi­ded for by Union or Mem­ber State law.

h)    Pro­ces­sor

Pro­ces­sor is a natu­ral or legal per­son, public aut­ho­rity, agency or other body which pro­ces­ses per­so­nal data on behalf of the controller.

i)      Reci­pi­ent

Reci­pi­ent is a natu­ral or legal per­son, public aut­ho­rity, agency or ano­ther body, to which the per­so­nal data are dis­clo­sed, whe­ther a third party or not. Howe­ver, public aut­ho­ri­ties which may receive per­so­nal data in the frame­work of a par­ti­cu­lar inquiry in accor­dance with Union or Mem­ber State law shall not be regar­ded as reci­pi­ents; the pro­ces­sing of those data by those public aut­ho­ri­ties shall be in com­pli­ance with the app­lica­ble data pro­tec­tion rules accor­ding to the pur­po­ses of the processing.

j)      Third party

Third party is a natu­ral or legal per­son, public aut­ho­rity, agency or body other than the data sub­ject, con­trol­ler, pro­ces­sor and per­sons who, under the direct aut­ho­rity of the con­trol­ler or pro­ces­sor, are aut­ho­ri­sed to pro­cess per­so­nal data.

k)    Consent

Consent of the data sub­ject is any fre­ely given, spe­ci­fic, infor­med and unam­bi­guous indi­ca­tion of the data subject’s wis­hes by which he or she, by a state­ment or by a clear affir­ma­tive action, signi­fies agree­ment to the pro­ces­sing of per­so­nal data rela­ting to him or her.

2. Name and Address of the controller

Con­trol­ler for the pur­po­ses of the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR), other data pro­tec­tion laws app­lica­ble in Mem­ber sta­tes of the Euro­pean Union and other pro­vi­si­ons rela­ted to data pro­tec­tion is:

SportsLa­wyer – Law Firm

Schwan­tha­ler­str. 106

80339 Mün­chen

Ger­many

Phone: 0049–89-551419820

Email: info@sportslawyer.de

Web­site: www.sportslawyer.de

3. Collec­tion of gene­ral data and information

The web­site of the Law Firm SportsLa­wyer collects a series of gene­ral data and infor­ma­tion when a data sub­ject or auto­ma­ted sys­tem calls up the web­site. This gene­ral data and infor­ma­tion are stored in the ser­ver log files. Collec­ted may be (1) the brow­ser types and ver­si­ons used, (2) the ope­ra­ting sys­tem used by the acces­sing sys­tem, (3) the web­site from which an acces­sing sys­tem rea­ches our web­site (so-called refer­rers), (4) the sub-websites, (5) the date and time of access to the Inter­net site, (6) an Inter­net pro­to­col address (IP address), (7) the Inter­net ser­vice pro­vi­der of the acces­sing sys­tem, and (8) any other simi­lar data and infor­ma­tion that may be used in the event of attacks on our infor­ma­tion tech­no­logy systems.

When using these gene­ral data and infor­ma­tion, SportsLa­wyer does not draw any con­clu­si­ons about the data sub­ject. Rather, this infor­ma­tion is nee­ded to (1) deli­ver the con­tent of our web­site cor­rectly, (2) opti­mize the con­tent of our web­site as well as its adver­ti­se­ment, (3) ensure the long-term via­bi­lity of our infor­ma­tion tech­no­logy sys­tems and web­site tech­no­logy, and (4) pro­vide law enforce­ment aut­ho­ri­ties with the infor­ma­tion necessary for cri­mi­nal pro­se­cu­tion in case of a cyber-attack. The­re­fore, SportsLa­wyer ana­ly­ses anony­mously collec­ted data and infor­ma­tion sta­tisti­cally, with the aim of incre­a­sing the data pro­tec­tion and data secu­rity of our enter­prise, and to ensure an opti­mal level of pro­tec­tion for the per­so­nal data we pro­cess. The anony­mous data of the ser­ver log files are stored sepa­ra­tely from all per­so­nal data pro­vi­ded by a data subject.

4. Rou­tine era­sure and blo­cking of per­so­nal data

The data con­trol­ler shall pro­cess and store the per­so­nal data of the data sub­ject only for the period necessary to achieve the pur­pose of sto­rage, or as far as this is gran­ted by the Euro­pean legis­la­tor or other legis­la­tors in laws or regu­la­ti­ons to which the con­trol­ler is sub­ject to.

If the sto­rage pur­pose is not app­lica­ble, or if a sto­rage period pre­scri­bed by the Euro­pean legis­la­tor or ano­ther com­pe­tent legis­la­tor expi­res, the per­so­nal data are rou­ti­nely blo­cked or era­sed in accor­dance with legal requirements.

5. Rights of the data subject

a) Right of con­fir­ma­tion

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler the con­fir­ma­tion as to whe­ther or not per­so­nal data con­cerning him or her are being pro­ces­sed. If a data sub­ject wis­hes to avail him­self of this right of con­fir­ma­tion, he or she may, at any time, con­tact any employee of the controller.

b) Right of access

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler free infor­ma­tion about his or her per­so­nal data stored at any time and a copy of this infor­ma­tion. Fur­ther­more, the Euro­pean direc­tives and regu­la­ti­ons grant the data sub­ject access to the fol­lo­wing information:

-       the pur­po­ses of the processing;

-       the cate­go­ries of per­so­nal data concerned;

-       the reci­pi­ents or cate­go­ries of reci­pi­ents to whom the per­so­nal data have been or will be dis­clo­sed, in par­ti­cu­lar reci­pi­ents in third coun­tries or inter­na­tio­nal organisations;

-       where pos­si­ble, the envi­sa­ged period for which the per­so­nal data will be stored, or, if not pos­si­ble, the cri­te­ria used to deter­mine that period;

-       the exis­tence of the right to request from the con­trol­ler rec­tifi­ca­tion or era­sure of per­so­nal data, or restric­tion of pro­ces­sing of per­so­nal data con­cerning the data sub­ject, or to object to such processing;

-       the exis­tence of the right to lodge a com­plaint with a super­vi­sory authority;

-       where the per­so­nal data are not collec­ted from the data sub­ject, any avail­able infor­ma­tion as to their source;

-       the exis­tence of auto­ma­ted decision-making, inclu­ding pro­filing, refer­red to in Arti­cle 22(1) and (4) of the GDPR and, at least in those cases, mea­ningful infor­ma­tion about the logic invol­ved, as well as the signi­fi­cance and envi­sa­ged con­se­quen­ces of such pro­ces­sing for the data subject.

Fur­ther­more, the data sub­ject shall have a right to obtain infor­ma­tion as to whe­ther per­so­nal data are trans­fer­red to a third coun­try or to an inter­na­tio­nal orga­ni­sa­tion. Where this is the case, the data sub­ject shall have the right to be infor­med of the appro­priate safe­guards rela­ting to the transfer.
If a data sub­ject wis­hes to avail him­self of this right of access, he or she may, at any time, con­tact any employee of the controller.

c) Right to rec­tifi­ca­tion

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler wit­hout undue delay the rec­tifi­ca­tion of inac­cu­rate per­so­nal data con­cerning him or her. Taking into account the pur­po­ses of the pro­ces­sing, the data sub­ject shall have the right to have incom­plete per­so­nal data com­ple­ted, inclu­ding by means of pro­vi­ding a supp­le­men­tary statement.
If a data sub­ject wis­hes to exer­cise this right to rec­tifi­ca­tion, he or she may, at any time, con­tact any employee of the controller.

d) Right to era­sure (Right to be for­got­ten)

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler the era­sure of per­so­nal data con­cerning him or her wit­hout undue delay, and the con­trol­ler shall have the obli­ga­tion to erase per­so­nal data wit­hout undue delay where one of the fol­lo­wing grounds applies, as long as the pro­ces­sing is not necessary:

The per­so­nal data are no lon­ger necessary in rela­tion to the pur­po­ses for which they were collec­ted or other­wise processed.

The data sub­ject with­draws consent to which the pro­ces­sing is based accor­ding to point (a) of Arti­cle 6(1) of the GDPR, or point (a) of Arti­cle 9(2) of the GDPR, and where there is no other legal ground for the processing.

The data sub­ject objects to the pro­ces­sing pur­suant to Arti­cle 21(1) of the GDPR and there are no over­ri­ding legi­ti­mate grounds for the pro­ces­sing, or the data sub­ject objects to the pro­ces­sing pur­suant to Arti­cle 21(2) of the GDPR.

The per­so­nal data have been unla­w­fully processed.

The per­so­nal data must be era­sed for com­pli­ance with a legal obli­ga­tion in Union or Mem­ber State law to which the con­trol­ler is subject.

The per­so­nal data have been collec­ted in rela­tion to the offer of infor­ma­tion society ser­vices refer­red to in Arti­cle 8(1) of the GDPR.

If one of the afo­re­men­tio­ned rea­sons applies, and a data sub­ject wis­hes to request the era­sure of per­so­nal data stored by SportsLa­wyer, he or she may, at any time, con­tact any employee of the con­trol­ler. An employee of SportsLa­wyer shall promptly ensure that the era­sure request is com­plied with immediately.
Where the con­trol­ler has made per­so­nal data public and is obli­ged pur­suant to Arti­cle 17(1) to erase the per­so­nal data, the con­trol­ler, taking account of avail­able tech­no­logy and the cost of imple­men­ta­tion, shall take rea­son­able steps, inclu­ding tech­ni­cal mea­su­res, to inform other con­trol­lers pro­ces­sing the per­so­nal data that the data sub­ject has reques­ted era­sure by such con­trol­lers of any links to, or copy or rep­li­ca­tion of, those per­so­nal data, as far as pro­ces­sing is not requi­red. An employee of SportsLa­wyer will arrange the necessary mea­su­res in indi­vi­dual cases.

e) Right of restric­tion of pro­ces­sing

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to obtain from the con­trol­ler restric­tion of pro­ces­sing where one of the fol­lo­wing applies:

The accu­racy of the per­so­nal data is con­tes­ted by the data sub­ject, for a period enab­ling the con­trol­ler to verify the accu­racy of the per­so­nal data.

The pro­ces­sing is unla­w­ful and the data sub­ject oppo­ses the era­sure of the per­so­nal data and requests instead the restric­tion of their use instead.

The con­trol­ler no lon­ger needs the per­so­nal data for the pur­po­ses of the pro­ces­sing, but they are requi­red by the data sub­ject for the esta­blish­ment, exer­cise or defence of legal claims.

The data sub­ject has objec­ted to pro­ces­sing pur­suant to Arti­cle 21(1) of the GDPR pen­ding the veri­fi­ca­tion whe­ther the legi­ti­mate grounds of the con­trol­ler over­ride those of the data subject.

If one of the afo­re­men­tio­ned con­di­ti­ons is met, and a data sub­ject wis­hes to request the restric­tion of the pro­ces­sing of per­so­nal data stored by SportsLa­wyer, he or she may at any time con­tact any employee of the con­trol­ler. The employee of SportsLa­wyer will arrange the restric­tion of the processing.

f) Right to data por­ta­bi­lity

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor, to receive the per­so­nal data con­cerning him or her, which was pro­vi­ded to a con­trol­ler, in a struc­tu­red, com­monly used and machine-readable for­mat. He or she shall have the right to trans­mit those data to ano­ther con­trol­ler wit­hout hin­drance from the con­trol­ler to which the per­so­nal data have been pro­vi­ded, as long as the pro­ces­sing is based on consent pur­suant to point (a) of Arti­cle 6(1) of the GDPR or point (a) of Arti­cle 9(2) of the GDPR, or on a con­tract pur­suant to point (b) of Arti­cle 6(1) of the GDPR, and the pro­ces­sing is car­ried out by auto­ma­ted means, as long as the pro­ces­sing is not necessary for the per­for­mance of a task car­ried out in the public inte­rest or in the exer­cise of offi­cial aut­ho­rity ves­ted in the controller.
Furthermore, in exer­cising his or her right to data por­ta­bi­lity pur­suant to Arti­cle 20(1) of the GDPR, the data sub­ject shall have the right to have per­so­nal data trans­mit­ted directly from one con­trol­ler to ano­ther, where tech­ni­cally fea­si­ble and when doing so does not adver­sely affect the rights and free­doms of others.
In order to assert the right to data por­ta­bi­lity, the data sub­ject may at any time con­tact any employee of SportsLawyer.

g) Right to object

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to object, on grounds rela­ting to his or her par­ti­cu­lar situa­tion, at any time, to pro­ces­sing of per­so­nal data con­cerning him or her, which is based on point (e) or (f) of Arti­cle 6(1) of the GDPR. This also applies to pro­filing based on these pro­vi­si­ons. SportsLa­wyer shall no lon­ger pro­cess the per­so­nal data in the event of the objec­tion, unless we can demons­trate com­pel­ling legi­ti­mate grounds for the pro­ces­sing which over­ride the inte­rests, rights and free­doms of the data sub­ject, or for the esta­blish­ment, exer­cise or defence of legal claims.
If SportsLa­wyer pro­ces­ses per­so­nal data for direct mar­ke­ting pur­po­ses, the data sub­ject shall have the right to object at any time to pro­ces­sing of per­so­nal data con­cerning him or her for such mar­ke­ting. This applies to pro­filing to the extent that it is rela­ted to such direct mar­ke­ting. If the data sub­ject objects to SportsLa­wyer to the pro­ces­sing for direct mar­ke­ting pur­po­ses, SportsLa­wyer will no lon­ger pro­cess the per­so­nal data for these purposes.
In addi­tion, the data sub­ject has the right, on grounds rela­ting to his or her par­ti­cu­lar situa­tion, to object to pro­ces­sing of per­so­nal data con­cerning him or her by SportsLa­wyer for sci­en­ti­fic or his­to­ri­cal rese­arch pur­po­ses, or for sta­tisti­cal pur­po­ses pur­suant to Arti­cle 89(1) of the GDPR, unless the pro­ces­sing is necessary for the per­for­mance of a task car­ried out for rea­sons of public interest.
In order to exer­cise the right to object, the data sub­ject may con­tact any employee of SportsLa­wyer. In addi­tion, the data sub­ject is free in the con­text of the use of infor­ma­tion society ser­vices, and not­with­stan­ding Direc­tive 2002/58/EC, to use his or her right to object by auto­ma­ted means using tech­ni­cal specifications.

h) Auto­ma­ted indi­vi­dual decision-making, inclu­ding pro­filing

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor not to be sub­ject to a deci­sion based solely on auto­ma­ted pro­ces­sing, inclu­ding pro­filing, which pro­du­ces legal effects con­cerning him or her, or simi­larly signi­fi­cantly affects him or her, as long as the deci­sion (1) is not is necessary for ente­ring into, or the per­for­mance of, a con­tract bet­ween the data sub­ject and a data con­trol­ler, or (2) is not aut­ho­ri­sed by Union or Mem­ber State law to which the con­trol­ler is sub­ject and which also lays down sui­ta­ble mea­su­res to safe­guard the data subject’s rights and free­doms and legi­ti­mate inte­rests, or (3) is not based on the data subject’s exp­li­cit consent.
If the deci­sion (1) is necessary for ente­ring into, or the per­for­mance of, a con­tract bet­ween the data sub­ject and a data con­trol­ler, or (2) it is based on the data subject’s exp­li­cit consent, SportsLa­wyer shall imple­ment sui­ta­ble mea­su­res to safe­guard the data subject’s rights and free­doms and legi­ti­mate inte­rests, at least the right to obtain human inter­ven­tion on the part of the con­trol­ler, to express his or her point of view and con­test the decision.
If the data sub­ject wis­hes to exer­cise the rights con­cerning auto­ma­ted indi­vi­dual decision-making, he or she may, at any time, con­tact any employee of SportsLawyer.

i) Right to with­draw data pro­tec­tion consent

Each data sub­ject shall have the right gran­ted by the Euro­pean legis­la­tor to with­draw his or her consent to pro­ces­sing of his or her per­so­nal data at any time.
If the data sub­ject wis­hes to exer­cise the right to with­draw the consent, he or she may, at any time, con­tact any employee of SportsLawyer.

6. Legal basis for the processing

Art. 6(1) lit. a GDPR ser­ves as the legal basis for pro­ces­sing ope­ra­ti­ons for which we obtain consent for a spe­ci­fic pro­ces­sing pur­pose. If the pro­ces­sing of per­so­nal data is necessary for the per­for­mance of a con­tract to which the data sub­ject is party, as is the case, for example, when pro­ces­sing ope­ra­ti­ons are necessary for the supply of goods or to pro­vide any other ser­vice, the pro­ces­sing is based on Arti­cle 6(1) lit. b GDPR. The same applies to such pro­ces­sing ope­ra­ti­ons which are necessary for car­ry­ing out pre-contractual mea­su­res, for example in the case of inqui­ries con­cerning our pro­ducts or ser­vices. Is our com­pany sub­ject to a legal obli­ga­tion by which pro­ces­sing of per­so­nal data is requi­red, such as for the ful­fil­ment of tax obli­ga­ti­ons, the pro­ces­sing is based on Art. 6(1) lit. c GDPR. In rare cases, the pro­ces­sing of per­so­nal data may be necessary to pro­tect the vital inte­rests of the data sub­ject or of ano­ther natu­ral per­son. This would be the case, for example, if a visi­tor were inju­red in our com­pany and his name, age, health insurance data or other vital infor­ma­tion would have to be pas­sed on to a doc­tor, hos­pi­tal or other third party. Then the pro­ces­sing would be based on Art. 6(1) lit. d GDPR. Finally, pro­ces­sing ope­ra­ti­ons could be based on Arti­cle 6(1) lit. f GDPR. This legal basis is used for pro­ces­sing ope­ra­ti­ons which are not covered by any of the above­men­tio­ned legal grounds, if pro­ces­sing is necessary for the pur­po­ses of the legi­ti­mate inte­rests pur­sued by our com­pany or by a third party, except where such inte­rests are over­rid­den by the inte­rests or fun­da­men­tal rights and free­doms of the data sub­ject which require pro­tec­tion of per­so­nal data. Such pro­ces­sing ope­ra­ti­ons are par­ti­cu­larly per­mis­si­ble because they have been spe­ci­fi­cally men­tio­ned by the Euro­pean legis­la­tor. He con­side­red that a legi­ti­mate inte­rest could be assu­med if the data sub­ject is a cli­ent of the con­trol­ler (Reci­tal 47 Sen­tence 2 GDPR).

7. The legi­ti­mate inte­rests pur­sued by the con­trol­ler or by a third party

Where the pro­ces­sing of per­so­nal data is based on Arti­cle 6(1) lit. f GDPR our legi­ti­mate inte­rest is to carry out our busi­ness in favour of the well-being of all our employees and the shareholders.

8. Period for which the per­so­nal data will be stored

The cri­te­ria used to deter­mine the period of sto­rage of per­so­nal data is the respec­tive sta­tutory reten­tion period. After expi­ra­tion of that period, the cor­re­spon­ding data is rou­ti­nely dele­ted, as long as it is no lon­ger necessary for the ful­fil­ment of the con­tract or the initia­tion of a contract.

9. Pro­vi­sion of per­so­nal data as sta­tutory or con­trac­tual requi­re­ment; Requi­re­ment necessary to enter into a con­tract; Obli­ga­tion of the data sub­ject to pro­vide the per­so­nal data; pos­si­ble con­se­quen­ces of failure to pro­vide such data

We cla­rify that the pro­vi­sion of per­so­nal data is partly requi­red by law (e.g. tax regu­la­ti­ons) or can also result from con­trac­tual pro­vi­si­ons (e.g. infor­ma­tion on the con­trac­tual part­ner). Some­ti­mes it may be necessary to con­clude a con­tract that the data sub­ject pro­vi­des us with per­so­nal data, which must sub­se­quently be pro­ces­sed by us. The data sub­ject is, for example, obli­ged to pro­vide us with per­so­nal data when our com­pany signs a con­tract with him or her. The non-provision of the per­so­nal data would have the con­se­quence that the con­tract with the data sub­ject could not be con­clu­ded. Before per­so­nal data is pro­vi­ded by the data sub­ject, the data sub­ject must con­tact any employee. The employee cla­ri­fies to the data sub­ject whe­ther the pro­vi­sion of the per­so­nal data is requi­red by law or con­tract or is necessary for the con­clu­sion of the con­tract, whe­ther there is an obli­ga­tion to pro­vide the per­so­nal data and the con­se­quen­ces of non-provision of the per­so­nal data.

10. Exis­tence of auto­ma­ted decision-making

As a responsi­ble com­pany, we do not use auto­ma­tic decision-making or profiling.

This Pri­vacy Policy has been gene­ra­ted by the Pri­vacy Policy Gene­ra­tor of the Exter­nal Data Pro­tec­tion Offi­cers that was deve­l­o­ped in coope­ra­tion with the Media Law Lawy­ers from WBS-LAW.

Refe­rence (photos)

Joa­chim Hirsch­feld (Team, Con­tact, Legal Notice)
Shutterstock.com: Andrius Rep­sys (Top-Bild), Barnaby Cham­bers (Anti-Doping), Sla­vol­jub Pan­te­lic (Mani­pu­la­tion), hin255 (Good Gover­nance and Com­pli­ance), pcru­ciatti (Sports Events), zwola fasola (Spon­so­ring), worra­di­rek (Sports and Media).