Gabriel Fritsch Seckenheimer Str. 19 D-68165 Mannheim Tel: 0621-15 205 115 service@nvc-plus.net Scope This privacy policy is intended to inform users of this website in accordance with the Federal Privacy Policy Act and the Telemedia Act about the nature, scope, and purpose of the collection and use of personal data by the website operator [Gabriel Fritsch, Seckenheimer Str. 19, 68165 Mannheim, Germany, Tel. +49-621-15205115, email dgsvo@NVC-mediation.de] in accordance with the Federal Data Protection Act and the Telemedia Act. The website operator takes your privacy very seriously and treats your personal data confidentially and in accordance with the statutory provisions. Please note that data transmission over the Internet can be subject to security vulnerabilities. Complete protection against access by third parties is not possible. Access The website operator or page provider [Strato https://www.strato.de/Privacy policy/] collects data about access to the site and stores it as “server log files.” The following data is logged: • Website visited • Time of access • Amount of data sent in bytes • Source/reference from which you accessed the site • Browser used • Operating system used • IP address used The data collected is used solely for statistical analysis and to improve the website. However, the website operator reserves the right to check the server log files retrospectively if there are concrete indications of illegal use. Encryption The website is SSL-encrypted. Cookies This website uses cookies. Cookies are small text files that are stored on your device. Your browser accesses these files. The use of cookies increases the user-friendliness and security of this website. Common browsers offer the option of not allowing cookies. If you want to be completely sure, simply deactivate cookies for this website. You will still be able to access most of the functions of this website if you make the appropriate settings. Otherwise, we offer a standard cookie consent manager that allows you to make the appropriate settings and change them again at any time. Handling of personal data The website operator collects, uses, and discloses your personal data only if this is permitted by law or if you consent to the collection of data. Personal data is any information that can be used to identify you and that can be traced back to you—for example, your name, email address, and telephone number. Handling of contact data If you contact the website operator using the contact options provided, your details will be stored so that they can be used to process and respond to your request. This data will not be passed on to third parties without your consent. Google This website does not currently use the Google Analytics service. Use of social media plugins This website does not use social media plugins. We have links to LinkedIn (https://www.Privacy policy.org/linkedin/) and embedded videos from YouTube (https://www.Privacy policy.org/youtube/ ). Vimeo video platform This website displays videos that are hosted on the Vimeo video platform. Vimeo sends a preview image of the videos and uses cookies and scripts. For more information, please refer to Vimeo's privacy policy. https://vimeo.com/privacy This informs the Vimeo server which of our pages you are currently visiting. If you are logged into your Vimeo account, you enable Vimeo to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account. By integrating Vimeo videos, we want to present our statements and offers in an appealing way. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. You can prevent the transfer of your data by not clicking on the videos. YouTube video platform Videos from the Google-operated YouTube site are integrated into our website. Further information can be found in YouTube's privacy policy: h t t p s : / / w w w . g o o g l e . d e / i n t l / d e / p o l i c i e s / p r i v acy. YouTube is operated by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you click on these videos, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you are currently visiting. If you are logged into your YouTube account, you enable YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. By integrating YouTube videos, we want to present our statements and offers in an appealing way. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. You can prevent the transfer of your data by not clicking on the videos. User rights: information, correction, and deletion As a user, you can request information about which personal data has been stored about you free of charge. Unless your request conflicts with a legal obligation to retain data (e.g., data retention), you have the right to have incorrect data corrected and your personal data blocked or deleted. Existence of automated decision-making We do not use automated decision-making or profiling. Legal In accordance with Art. 13 GDPR, we inform you of the legal basis for our data processing. If the legal basis is not specified in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR, the legal basis for processing for the fulfillment of our services and the implementation of contractual measures as well as for responding to inquiries is Art. 6 (1) lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis. Security In accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, context and purposes of processing as well as the likelihood and severity of the risk to the rights and freedoms of natural persons, we take appropriate technical and organisational measures to ensure a level of security appropriate to the risk. These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as access to, input, transfer, and backup of the data, and ensuring its availability and separation. Furthermore, we have established procedures to ensure that data subjects can exercise their rights, that data is deleted, and that we respond to threats to data. Furthermore, we take the protection of personal data into account during the development or selection of hardware, software, and procedures, in accordance with the principle of privacy policy through technology design and privacy policy- friendly default settings (Art. 25 GDPR). Cooperation with processors and third parties If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transfer it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if the transfer of data to third parties, such as payment service providers, is necessary for the fulfillment of the contract in accordance with Art. 6 para. 1 lit. b GDPR) you have given your consent, a legal obligation provides for this, or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties to process data on the basis of a so-called “order processing contract,” this is done on the basis of Art. 28 GDPR. Transfers to third countries If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or the disclosure or transfer of data to third parties, this will only take place if it is necessary for the fulfillment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or have the data processed in a third country if the special requirements of Art. 44 ff. GDPR are met. This means that processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a privacy policy level that complies with EU standards (e.g., for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”). Rights of data subjects You have the right to request confirmation as to whether data concerning you is being processed and to obtain information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR. In accordance with Art. 16 GDPR, you have the right to request the completion of data concerning you or the correction of inaccurate data concerning you. In accordance with Art. 17 GDPR, you have the right to request that the data concerning you be deleted immediately or, alternatively, in accordance with Art. 18 GDPR, to request a restriction on the processing of the data. You have the right to request that the data concerning you that you have provided to us be transferred to another controller in accordance with Art. 20 GDPR. You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR. Right of withdrawal You have the right to withdraw your consent in accordance with Art. 7 (3) GDPR with effect for the future. You may object to the future processing of your data in accordance with Art. 21 GDPR at any time. The objection may be made in particular against processing for direct marketing purposes. Deletion of data The data we process will be deleted or restricted in accordance with Articles 17 and 18 GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons. In accordance with legal requirements in Germany, data is stored for 10 years in particular in accordance with Sections 147 (1) AO, 257 (1) No. 1 and 4, (4) HGB (books, records, management reports, accounting documents, commercial books, documents relevant for taxation, etc.) and for 6 years in accordance with Section 257 (1) No. 2 and 3, (4) HGB. Business-related processing In connection with personal data, we process the contract and payment data of our prospective customers and business partners for the purpose of providing contractual services, customer service, marketing, advertising, and market research.