Try-AS/400:Privacy policy
This article integrates mandatory information in the Federal Republic of Germany for public websites. It contains the privacy policy as well as the legal notice.
Definition of Terms
This Privacy Policy is based on the terminology used by the European Regulatory and Regulatory Authority in the adoption of the General Data Protection Regulation (GDPR). It should be easy to read and understand for the public. To ensure this, the terms used are explained in advance.
Please note: This website can be accessed without explicitly entering personal data. For technical reasons, personal data will be derived from your access, and saved.
The following terms are used in this privacy statement, among others:
Personal Data
Personal data means any information relating to an identified or identifiable natural person (hereinafter the „Affected Person“). A natural person is considered to be identifiable, directly or indirectly, in particular by association with an identifier such as a name, with an identification number, with location data, with an online identifier or with one or more special characteristics expressing the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person can be identified.
Affected Person
Affected person is any identified or identifiable natural person whose personal data is processed by the Responsible Person.
Processing
Processing means any process or series of operations related to personal data, such as collecting, capturing, organizing, organizing, storing, adapting or modifying, reading out, querying, using, with or without the aid of automated procedures; disclosure through submission, dissemination or any other form of provision, reconciliation or association, restriction, erasure or destruction.
Limitation of processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.
Responsible Entity
The Responsible Entity (for data processing) is the natural or legal person, public authority, body or other entity that, alone or in concert with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the Responsible Entity itself, or the specific criteria for his designation may be provided for under Union or national law. In the following, this entity is called Administrator.
Recipient
Recipient is a natural or legal person, agency, agency or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered to be beneficiaries.
Third
The Third is a natural or legal person, public authority, body or other entity other than the Affected Person, the Responsible Entity, the Receiver, the authorized data processor, and the persons authorized under the direct responsibility of the Responsible Entity or authorized data processor to process the personal data.
Consent
Consent is any expression of will voluntarily and unequivocally made by the Affected Person in the form of a statement or other unambiguous confirmatory act, stating that they consent to the processing of personal data concerning them.
Name and Address of the Responsible Person
The person responsible within the meaning of the General Data Protection Regulation, other data protection laws in the Member States of the European Union and other provisions with a data protection character is:
Patrik Schindler Gerhart-Hauptmann-Weg 3 77652 Offenburg Deutschland Tel.: 0781-9705550 E-Mail: webhamster@pocnet.net Website: try-as400.pocnet.net
As mentioned above, this person is to be called Administrator.
Cookies
This website uses cookies. Cookies are text files that are stored on a computer system via an Internet browser.
Many websites and servers use cookies. Often they contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string through which Internet pages and servers can be recognized to the specific Internet browser in which the cookie was stored. This allows visited websites and servers to distinguish the individual's browser from other Internet browsers that contain other cookies. A particular Internet browser can be recognized and identified by the website via the unique cookie ID.
By using cookies, the website can provide users of it with more user-friendly services that would not be possible without the cookie setting.
By means of a cookie, the information and offers on this website can be optimized in the sense of the user. Cookies, as already mentioned, allow this website to recognize visitors. See also the section Write Access. The purpose of this recognition is to make it more convenient for users to use the website. For example, the user of a website that uses cookies need not reenter their credentials every time they visit the website because this is accomplished by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping cart in the online shop. The online shop remembers the items that a customer has placed in the virtual shopping cart via a cookie.
The Affected Person can prevent the setting of cookies by the website at any time by means of a corresponding setting of the Internet browser used and thus permanently suppress the setting of cookies. Furthermore, already set cookies can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the Affected Person suppresses the setting of cookies in the Internet browser used, not all features of the website may be fully usable, though.
Collection of General Data and Information
This website is built upon the Software MediaWiki. MediaWiki has certain requirements for running properly. The requirements are fulfilled as follows:
- Apache provides the function of the web server software,
- PHP provides the function of a dynamic scripting language, enabling creation of HTML pages from program code instead of static files on permanent storage,
- MariaDB provides the ordered storage of content and changes to the content for the website.
All these facilities run on the server side of the website and not on the Affected Person's computer. The facilities mentioned above create HTML formatted text which is transferred to the Affected Person's computer. The web browser therein translates the HTML text to a visual appealing rendition of the website contents.
Any data processing and saving takes place by means of the mentioned software and it's individual changeable or built-in, unalterable settings.
As soon as an article of this website is viewed, a temporary session cookie is created on the visitor's computer (aka the Affected Person's computer). This has an expiration time of 30 days after creation.
Also, accesses to searching or viewing articles are generally logged by the web server software Apache. The log entries include the IP address from which the access originated, the time of access, as well as path and additional data (URL) for controlling the software Mediawiki, as used by this website. Finally, an entry with the status code resulting from the access is added, as well as the size of the transmitted data. For technical reasons, several entries are made in the access log file for the individual elements of a page.
The server's log data is kept for three days. The retention period results from the technical necessity to be able to analyze possible past error conditions in a timely manner.
Furthermore, the log data is copied to an independent data processing system in regular intervals as part of a full backup. The backups are accessible only to the person responsible for data processing (administrator). This backup data is kept for 12 months.
When using this general data and information, the Responsible Person does not draw any conclusions about the Affected Person. Rather, this information is needed to (1) properly deliver the contents of the website, (2) optimize the website's content, (3) ensure the continued viability of the underlying information technology systems and websites technology, and (4) provide law enforcement agencies with necessary information for prosecution in case of a cyber attack.
Additional Information and Personal Data
Anonymous changes of the website are not possible. Write access is granted after a valid log in with user and password. According to the Definition in Wikipedia, the following data will be recorded by means of the Software Mediawiki with every change to content of the website:
- Date/time,
- Username and IP address of the access (change).
This is done in addition to the information named in the previous section. This information is stored indefinitely and is publicly available.
Additional cookies are set at login, for example to maintain the default settings of the logged-in state.
Write access is granted by the administrator on request, individually with a user and password. When this user is created, the following personal information is collected:
- Name,
- Username (short name),
- Password (in encrypted form),
- Email address.
The processing of this personal data takes place exclusively within the website software Mediawiki. They serve only the purpose of
- Authorization of write/change access,
- Delivery of automated (email) notifications of the Mediawiki software,
- Assignment of article changes to users.
Rights of the Affected Person
Confirmation
Each Affected Person has the right, as granted by the European Directive and Regulatory Authority, to require the administrator to confirm whether personal data relating to him/her are being processed.
If an Affected Person wishes to make use of this confirmation right, they can contact the administrator of this website at any time.
Disclosure
Any affected person concerned by the processing of personal data shall have the right granted by the European legislature and regulator at any time to obtain from the Administrator information disclosure free of charge regarding the personal data stored about her, and to obtain a copy of that information. In addition, the European legislator and regulator has grants the Affected Person to request the following data:
- purposes for processing personal data
- the categories of personal data being processed
- the recipients or categories of recipients to whom the personal data has been or is still being disclosed, in particular to recipients in foreign countries or to international organizations
- the planned duration for which the personal data will be stored, or if this is not possible, the criteria for determining that duration
- the confirmation of rights to
- rectification or erasure of the personal data concerning them,
- restriction of data processing
- revocation of permission to data processing.
- appeal to a supervisory authority
- if the personal data is not collected directly from the Affected Person: All available information about the origin of the personal data
- The existence of an automated decision-making, including profiling in accordance with Article 22, paragraph 1 and 4 GDPR and — at least in these cases — meaningful information about the logic involved and the scope and the desired impact of such processing for the person concerned.
Furthermore, the Affected Person has a right to know whether personal data has been transmitted to a foreign country or to an international organization. If this is the case, then the Affected Person has the right to obtain information about the appropriate warrantries regarding the transfer.
If an Affected Person wishes to make use of this right to disclosure, they can contact the administrator of this website at any time.
Correction
Any person affected by the processing of personal data has the right granted by the European directive and regulatory authority to demand the immediate correction of incorrect personal data concerning them. Furthermore, the Affected Person has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.
If an affected person wishes to make use of this right of correction, they can contact the administrator of this website at any time.
Right to Deletion of Data
or: Right to be Forgotten.
Any person affected by the processing of personal data shall have the right granted by the European Directives and Regulators to require the Administrator to immediately delete the personal data concerning him, provided that one of the following reasons is satisfied and the processing is not required:
- The personal data has been collected for such purposes or otherwise processed for which they are no longer necessary.
- The Affected Person withdraws the consent on which the processing was based in accordance with Article 6 (1) (a) of the GDPR or Article 9 (2) (a) of the GDPR and lacks any other legal basis for processing.
- The Affected Person objects to the processing according to Article 21 paragraph 1 of the GDPR and there are no legitimate reasons for the processing, or the affected person appeals in accordance with Article 21 paragraph 2 of the GDPR the processing.
- The personal data was processed unlawfully.
- The deletion of personal data is required to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
- The personal data was collected in relation to information society services offered pursuant to Article 8 paragraph 1 GDPR.
If one of the above reasons is apparent and an Affected Person wishes to pursue the deletion of personal data stored through the website, she may contact the [mailto: webhamster@pocnet.net administrator of this website] at any time. He will delete the mentioned data as soon as possible.
If the personal data have been made public and the administrator is responsible for deleting personal data as the Responsible Person pursuant to Art. 17 (1) GDPR, the administrator shall take appropriate measures, including technical ones, for others, taking into account the available technology and the costs of implementation (a) inform data controllers processing the published personal data that the Affected Person has requested the other data controllers to delete all links to such personal data or to make copies or replicas of such personal data; Processing is not required. In individual cases, the administrator will arrange what is necessary and inform the Affected Person of the measures taken.
For technical reasons, no guarantee can be given for the complete deletion of the published personal data on data processing systems by other data controllers. If the action taken does not appear to be sufficient for the Affected Person, it must enforce its right to be deleted from other data controllers. It is not technically possible for the administrator to name the other persons responsible for the data processing exactly.
Right to Restrict Data Processing
Any Affected Person by the processing of personal data has the right granted by the European directive and regulatory authority to require the Administrator to restrict the processing of their data if one of the following conditions applies:
- The accuracy of the personal data is contested by the Affected Person for a period of time that enables the person responsible to verify the accuracy of the personal data.
- The processing is unlawful, the Affected Person refuses to delete the personal data and instead requests the restriction of the use/processing of personal data.
- The administrator no longer needs the personal data for initial defined purposes, but the Affected Person requires them to assert, exercise or defend their legal rights.
- The Affected Person has objected against the processing according to Article 21 paraagraph 1 GDPR and it is not yet clear whether the legitimate reasons of the administrator outweigh those of the Affected Person.
If one of the above conditions is met and an Affected Person wishes to request the restriction of processing of personal data stored in the website, they may contact the administrator of the website at any time. He will carry out the restriction of processing as requested.
Right to Data Portability
Any Affected Person shall have the right granted by the European Directive and Regulatory Authority to receive the personal data concerning her in a structured, common and machine-readable format. She also has the right to transfer this data to another administrator without hindrance by the data source administrator, provided that the processing is based on the consent pursuant to Article 6 (1) (a) GDPR or Article 9 paragraph 2 (a) of the GDPR or on a contract pursuant to Article 6 (1) (b) of the GDPR and processing by automated means, unless the processing is necessary by means of of public interest or in the exercise of official authority, which has been assigned to the Administrator.
Furthermore, in exercising their right to data portability under Article 20 (1) of the GDPR, the Affected Person has the right to request that the personal data is transmitted directly from one Administrator to another, where technically feasible and if so this does not affect the rights and freedoms of others.
In order to assert the right of data transferability, the Affected Person may at any time contact the administrator of the website.
Right to Objection
Any person concerned by the processing of personal data shall have the right conferred by the European directive and regulatory authority at any time, for reasons arising from its particular situation, against the processing of personal data relating to it pursuant to Article 6 (1) (e) or (f) GDPR takes an objection. This also applies to profiling based on these provisions.
In the event of an objection, the administrator no longer processes the personal data unless it is possible to prove compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the Affected Person, or to exercise or defense of legal claims.
If the administrator processes personal data in order to faciliate direct advertisements, the Affected Person has the right to object at any time to the processing of personal data for the purposes of such advertising. This also applies to profiling, as far as it is associated with such advertising. If the Affected Person objects to processing for direct marketing purposes, the administrator also will no longer process the personal data for these purposes.
In addition, the Affected Person has the right to object against the processing of personal data relating to her, for reasons arising from his or her particular situation, for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, unless such processing is necessary to fulfill a task of public interest.
In order to exercise the right to object, the Affected Person may contact the administrator of the website directly. The Affected Person is also free, in the context of the use of information society services, notwithstanding Directive 2002/58/EC, to exercise her right of opposition by means of automated procedures using technical specifications.
Automated Decisions on an Individual Basis, Including Profiling
Any person concerned by the processing of personal data shall have the right, as granted by the European directive and regulatory authority, not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect on her or, in a similar manner, significantly affects her; unless the decision (1) is necessary for the conclusion or performance of a contract between the Affected Person and the Administrator, or (2) permitted by Union or Member State legislation to which the Administrator is subject, and that legislation provides for appropriate measures to safeguard the rights and freedoms and the legitimate interests of the Affected Person; or (3) with the explicit consent of the data subject.
If the decision (1) is required for the conclusion or performance of a contract between the Affected Person and the Administrator or (2) it is done with the explicit consent of the Affected Person, the administrator of the website shall take appropriate action Measures to safeguard the rights and freedoms and legitimate interests of the Affected Person, including at least the right to obtain the intervention of a person by the Administrator, to express her own position and to contest the decision.
If the Affected Persion wishes to assert rights with regard to automated decisions, they can contact the [mailto: webhamster@pocnet.net administrator of the website] at any time.
Right to Revoke a Data Protection Consent
Any person affected by the processing of personal data has the right, granted by the European directive and regulatory authority, to revoke consent to the processing of personal data at any time.
If the data subject wishes to assert their right to withdraw consent, they can contact the administrator of the website at any time.
Legal Basis of Data Processing
Art. 6 I lit. a GDPR is the legal basis for this website for processing operations where one has obtained consent for a particular processing purpose. If the processing of personal data is necessary to fulfill a contract of which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, processing shall be based on Art. 6 I lit. b GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in the case of inquiries about our products or services. If the website is subject to a legal obligation which requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data may be required to protect the vital interests of the Affected Person or another natural person. Then the processing would be based on Art. 6 I lit. d GDPR. Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. On this legal basis, processing operations that are not covered by any of the above mentioned legal bases are required if the processing is necessary to safeguard the legitimate interests of the administrator of the website or a third party, provided that the interests, fundamental rights and fundamental freedoms of the Affected Person do not outweigh. Such processing operations are particularly permitted because they have been specifically mentioned by the European legislator. In that regard, it considered that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, second sentence, GDPR). In this context, a legitimate interest can be derived from the fact that the data subject has sought permission to write access to the website.
Legitimate Interests in the Processing Being Pursued by the Administrator or a Third Party
Is the processing of personal data based on Article 6 I lit. f GDPR is the legitimate interest of the administrator to store and make publicly available articles though the website.
Legal or Contractual Provisions for the Provision of Personal Data; Necessity for the Conclusion of the Contract; Obligation of the Affected Person to Provide the Personal Data; Possible Consequences of Non-Provision
The administrator informs you that the provision of personal data is partly required by law (eg B tax provisions) or that it can also result from contractual arrangements (eg, information about the contracting party). Sometimes it may be necessary for a contract to be concluded that an affected person provides us with personal data that must subsequently be processed by us. For example, the Affected Person is required to provide us with personal information when our company concludes a contract with her. Failure to provide the personal data would mean that the contract with the person concerned could not be closed. Prior to any personal data being provided by the Affected Person, the Affected Person must contact the administrator of the website. It will inform the individual on a case-by-case basis whether the provision of the personal data is required by law or contract or is required for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of the non-provision of the personal data.
Existence of Automated Decision-Making
There is no automatic decision-making or profiling in the context of using the website.
Sources
This privacy policy has been created with the the privacy statement generator of DGD Deutsche Gesellschaft für Datenschutz GmbH, which acts as an external data protection officer, in cooperation with RC GmbH (recycling used computers) and the law firm WILDE BEUGER SOLMECKE Lawyers.
This text was translated to english language with the aid of Google Translator and manual refinement, where appropriate.
In individual cases, corrections have been made to the wording by the [mailto: ebhamster@pocnet.net administrator of the website] in order to express the special requirements of the data processing by the the website.