1. Scope, purposes and legal bases of processing on this website
When you visit our websites, our web server, which is operated by a service provider located in Germany, collects the following personal communication and usage data in a log file for each access:
- IP address of the requesting end device
- Date and time of access
- Name and URL of the accessed website
- Amount of data transferred
- Message whether the retrieval was processed successfully or error status
- Type of the retrieving browser and operating system
This communication and usage data is usually deleted after 7 days. If there is a suspicion of a security-related incident, the relevant data will be stored until the incident is finally clarified and transmitted to the relevant authorities. We also use a session cookie. The cookie is a small text file that our web server stores in your terminal device. The cookie is technically necessary for the error-free display of the website and does not allow any analysis of your surfing behavior. It is also not stored permanently, but is automatically deleted when you end the session, or at the latest when you close your browser. You can prevent cookies from being set at any time in the options of your browser – however, this website may then no longer be displayed correctly. We process this data only to enable the use of our website in a technically secure manner (connection establishment, error-free transmission and display of content, security-related protection). The legal basis for this is our legitimate interest in the external presentation of our company, statutory publication obligations and the legal obligation to protect website visitors from possible security problems on our websites. As a rule, it is possible to use our website without providing personal data. Insofar as personal data (e.g. name, address or e-mail addresses) is collected on our pages, this is always done on a voluntary basis. This data will not be passed on to third parties without your express consent. No further processing of personal data takes place on these web pages. We only carry out further processing in connection with contractual relationships. We will inform you separately about the details, if necessary, but we would like to point out already now that we only process the personal data of our customers within the scope of what is contractually or legally required, on the basis of the legitimate interests of our customers in personnel and management consulting, or in accordance with a consent that can be revoked at any time with effect for the future.
2. Links to contents of other providers
This data protection declaration applies only to our web pages. Insofar as our web pages contain links to content from other providers, we point out the following: our web pages do not automatically load content from third-party servers and such content is not required to use our web pages. From the respective links it is recognizable that they lead to another provider. You transmit your data to the web server of the provider when you follow the link. We have no influence on other providers and do not control whether they comply with the applicable data protection regulations.
3. Responsible persons, contact persons
The responsible party in the sense of the GDPR is:
THEA Labs GmbH, Marie-Curie-Straße 3, D-50321 Brühl.
Contact person is Dr. Carsten Reimann, you can reach us under Contact.
4. Your rights
Within the legal framework, you have the following rights:
- Information: you can request information from us about whether and how we process your personal data. This includes the right to a copy of this data. As a precaution, we would like to point out that we may not provide information insofar as the information to be disclosed is subject to our professional secrecy or must otherwise be kept secret in accordance with a legal provision or by its nature, in particular due to the overriding legitimate interests of a third party.
- Correction: Upon request, we will correct and complete your personal data.
- Deletion and restriction: Upon request, we will delete your personal data or restrict its processing.
- Data portability: Personal data that you have provided to us on the basis of a contract or consent can be obtained in a structured, machine-readable standard format.
- Objection: Insofar as we process your personal data on the basis of a legitimate interest, you may object to the processing.
- Revocation of consent: You can revoke consents at any time with effect for the future. We will inform you how to revoke when you obtain consent.
- Automated individual case decisions: We do not make automated individual case decisions within the meaning of Art. 22 GDPR.
- Complaints: You can complain about our processing at any time to the competent supervisory authority, e.g. at your permanent place of residence.
To exercise your rights, please contact us via the contact options specified in section 3.