Dear reader,
The protection of your data is of particular concern to us and, as a private company, we are subject to the provisions of the European General Data Protection Regulation (GDPR), the supplementary provisions of the Federal Data Protection Act (BDSG-new) and the Telecommunications Digital Services Data Protection Act (TDDDG). It goes without saying that we comply with the requirements and provisions arising from these laws.
In the following, we would like to inform you in detail about which personal data we collect on our website, for what purpose and how long this data is stored. In addition, it is important to us to provide you with comprehensive information about your rights in relation to data processing and how you can assert these rights.
If you have any questions or comments about data protection on our website, please feel free to contact us at any time. You can contact us, for example, by sending an e-mail to hello@arkadia.hn.
Person responsible
The controller pursuant to Art. 4 (7) GDPR and other data protection regulations is the
Arkadia Heilbronn gGmbH
Weipertstr. 8-10
74076 Heilbronn
E-mail: hello@arkadia.hn
Website: www.arkadia.hn
Data Protection Officer
If you have any questions or suggestions regarding data protection and the enforcement of your rights, please do not hesitate to contact our data protection officer:
conreri digital development GmbH
Von-Kurtzrock-Ring 16
22391 Hamburg
Tel: 0151 61728308
E-Mail: support@conreri.de
Website: www.conreri.de
We collect various types of data on our websites. Some data is collected by us automatically when you use our services, for example through the use of so-called cookies. This automatically collected data is mostly of a general nature and primarily contains information about the duration and location of access.
In addition, we collect personal data with your consent and data that you enter voluntarily if you wish to use certain services. It is possible to use our website without providing personal data, but this may be considerably restricted in some cases.
You decide whether to consent to the use of various purposes and service providers the first time you visit our website. With the exception of the processing that is absolutely necessary for the operation of the website, it is up to you to decide which data processing you allow.
Due to many regulatory changes, a comprehensive set of data protection regulations has emerged in recent years, which is intended to ensure data security and strengthen the rights of users on the one hand, but has also produced a flood of relevant terms on the other. In order to make the following more detailed explanations of collected data, legal regulations and rights more accessible, we have briefly summarized the most important of these terms below.
Definitions
In our data protection information, we use terms that are used and defined in the GDPR. We would like to explain the most important terms so that you know what they mean.
Processor
A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller in accordance with instructions.
Consent banner
As a user, you have the option to give your consent to processing that requires consent and to withdraw this consent for the future. You make this decision via the so-called consent banner, which is automatically called up the first time you visit our website and provides you with the most important information on data processing.
Cookies
Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s device. A cookie is primarily used to store information about a user during or after their visit to an online service. The information stored may include, for example, the language settings on a website, the login status, a shopping cart or video interactions. The term “cookies” also includes other technologies that perform the same functions as cookies (e.g. when user information is stored using pseudonymous online identifiers, also known as “user IDs”). Cookies are used to make websites more user-friendly. As cookies are stored on the user’s computer, you have control over the cookies. You can make changes to the use and storage of cookies in your Internet browser settings. However, deactivating cookies will in most cases limit the usability of our website.
Third
A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent
Consent is an expression of self-determination under data protection law. It is the voluntary, informed and unambiguous expression of will in the form of a statement or other unambiguous affirmative act by which the data subject indicates that they consent to the processing of their personal data. Any consent given can be revoked at any time for the future.
Receiver
The recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. IP address or cookies) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Telecommunications Digital Services Data Protection Act (TDDDG)
The TDDDG is a law designed to protect the integrity of the end device and thus the privacy of the user. The legal basis for the storage and retrieval of information in the end user’s terminal equipment is consent, in accordance with Section 25 (1) sentence 1 TDDDG. This consent is requested when the website is accessed.
According to Section 25 (2) No. 2 TDDDG, consent is not required if the storage of information in the end user’s terminal equipment or access to information already stored in the end user’s terminal equipment is absolutely necessary so that the provider of a telemedia service can provide a telemedia service expressly requested by the user. In the cookie settings, you can see which cookies are classified as absolutely necessary (often also referred to as “technically necessary cookies”) and therefore fall under the exemption rule of Section 25 (2) TDDDG and therefore do not require consent.
Please note that the legal basis for the downstream processing of personal data is then derived from the GDPR. The relevant legal basis for the processing of personal data on this website can be found later in this privacy policy.
Processing
Processing is any operation or set of operations which is performed on personal data, whether or not by automated means. This basically includes any handling of personal data such as the collection, storage, modification, use, transmission, dissemination, erasure or destruction of personal data.
Person responsible
The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. The controller must ensure the permissibility of data processing through the use of technical and organizational measures that are regularly reviewed.
Data transfer outside the EU
The GDPR guarantees the same high level of data protection within the European Union. When selecting our service providers, we therefore rely on European partners wherever possible if your personal data is to be processed. Only in exceptional cases will we have data processed outside the European Union as part of the use of third-party services.
We only allow your data to be processed in a third country if the special requirements of Art. 44 et seq. GDPR are met. This means that your data may only be processed on the basis of special guarantees, such as the EU Commission’s officially recognized determination of a level of data protection corresponding to the EU or compliance with officially recognized special contractual obligations, the so-called “standard data protection clauses”.
If you only use the website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. This data will not be merged with other data sources without your consent.
When you visit our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:
Temporary storage of the IP address by our system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
Temporary storage or processing of this so-called server log data is absolutely necessary for reasons of ensuring functionality or technical security, in particular to defend against and defend against attempts at attack or damage, and is carried out with our corresponding legitimate interest, in accordance with Art. 6 Para. 1 lit. f) GDPR.
Under the EU General Data Protection Regulation, you as the data subject have various rights that you can assert at hello@arkadia.hn. These are set out below:
Right to information
You can request confirmation from us as to whether personal data concerning you is being processed by us. If such processing is taking place, you can request the following information from us:
You also have the right to request information about whether your personal data is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
You also have a right to rectification and completion vis-à-vis us if your personal data is incorrect or incomplete.
Right to lodge a complaint with the supervisory authority
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the supervisory authority responsible for us:
The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Lautenschlagerstrasse 20
70173 Stuttgart
Phone: 0711 / 615541-0
E-Mail: poststelle@lfdi.bwl.de
Website: https://www.baden-wuerttemberg.datenschutz.de
The supervisory authority to which the complaint has been submitted will inform you of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
Right to restriction of processing
You may request the restriction of the processing of your personal data under the following conditions:
If the processing of your personal data has been restricted, this data - apart from its storage - may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.
Right to erasure
You can demand that we delete your personal data immediately and we are obliged to delete this data immediately if one of the following reasons applies:
The right to erasure does not exist if the processing is necessary:
If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to notify all recipients to whom your personal data has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
Right to data portability
You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, provided that
In exercising this right, you also have the right to have your personal data transmitted directly from us to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this. The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
In this section, we have prepared the data protection information that is important for you in the context of using our website.
Contact us
If you contact us, a contact form is available on our platform, which you can use to contact us electronically. The data entered in the input mask will be transmitted to us and stored. These data are
The following data is also stored at the time the message is sent:
It is also possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored. Your data will not be passed on to third parties in this context; the data will be used exclusively for processing the communication.
In this context, the processing of personal data serves solely to process the contact. The legal basis for the processing of the contact request and its handling is regularly Art. 6 Para. 1 S.1 lit. b) GDPR, additionally Art. 6 Para. 1 S.1 lit. f) GDPR.
Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
Registration
We offer you the opportunity to create a free user account on our platform by providing your e-mail address, which provides the basis for some services that require registration (Art. 6 para. 1 lit. b) GDPR). We will delete your data as soon as you delete your user account with us and there are no tax, commercial or other statutory retention obligations to the contrary.
The data collected during registration includes
Other users can see the selected user name.
Among other things, you can post non-profit tenders and become part of projects. If you become part of a project, other users on the platform can view your e-mail address.
Reach measurement using Umami
Umami is a privacy-friendly open source analytics solution. It does not collect any personally identifiable information and anonymizes all collected data. Users cannot be identified and are not tracked across sessions. Umami does not use cookies.
The processing is carried out in accordance with Art. 6 para. 1 lit. f) GDPR on the basis of our legitimate interest. The measurement of reach and the resulting information are suitable for improving our platform.
Advertising by e-mail, telephone and letter
We use your contact data for advertising if you have consented to this (Art. 6 para. 1 lit. a) GDPR), as well as for legally permissible direct advertising for our own and related products if you have specified this when placing your order or registering (Art. 6 para. 1 lit. f) GDPR in conjunction with. § Section 7 (3) UWG).
If you no longer wish to receive advertising, you can withdraw your consent or object to direct advertising at any time
Your personal data will be passed on to our external and intragroup marketing and newsletter service providers and competition partners if they support us in data processing. We contractually oblige them neither to use data for their own purposes nor to pass it on to others. We will not pass on your data to third parties for advertising purposes without your express consent. The data processed by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.