Dorothea Randazzo / DR Sports and Health Dammweg 18 71101 Schoenaich Germanydrfirstname.lastname@example.org Imprint: deincoachdori.com/en/impressum
Types of processed data
Inventory data (for example, personal master data, names or addresses). - Contact details (eg, e-mail, telephone numbers). - Content data (eg, text input, photographs, videos). - Usage data (eg, visited websites, interest in content, access times). - Meta / communication data (eg, device information, IP addresses).
Categories of affected persons
Visitors and users of the online offer (in the following we refer to the affected persons as "users").
Purpose of processing
- Provision of the online offer, its functions and contents. - Answering contact requests and communicating with users. - Safety measures. - Reach Measurement / Marketing
"Personal data" means any information relating to an identified or identifiable natural person (in particular the "data subject"); a natural person is considered as identifiable, which may or may not be identified as having a name, an identification number, a location data, an anonymous person (eg cookie) or an individual or more special features, are the expression of the physical, physiological, genetic, genetic, cultural or social identity of this natural person."Processing" means any process performed with or without the aid of automated procedures, or any such process associated with personal data. The term goes far and includes almost every handling of data."Pseudonymisation" means the processing of personal data in a way that the personal data can no longer be assigned to a particular data subject without additional information being provided that the personal data not assigned to identify or identifiable natural person."Profiling" means to analyze the personal data to evaluate the individual's personal data , reliance, behavior, whereabouts, or relocation of that natural person.'Responsible person' means the natural or legal person, public authority, body or body which, alone or in concert with others, decides on the purposes and means of processing personal data."Processor" means a natural or legal person, public authority, body or body of process.
Relevant legal bases
In accordance with Art. 13 GDPR, we inform you about the legal basis of our data processing. For the scope of the General Data Protection Regulation (DSGVO), the EU and the EEC, unless otherwise stated, the legal basis for obtaining consent is Article 6 (1) lit. a and Art. 7 GDPR; The legal basis for the execution of the procedure is the Art. 6 para. 1 lit. b DSGVO; The legal basis for processing in order to fulfill our legal obligations is Art. 6 (1) lit. c DSGVO;In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO as legal basis. The legal basis for the processing required to carry out a task in the public interest or in the exercise of official authority which has been delegated to the controller is Article 6 (1) lit. e DSGVO. The legal basis for processing in order to safeguard our legitimate interests is Article 6 (1) lit. f DSGVO. The processing of data for purposes other than those for which they were collected is governed by the provisions of Article 6 (4) GDPR.The processing of special categories of data (pursuant to Art. 9 (1) GDPR) is governed by the provisions of Art. 9 (2) GDPR.
We want to take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, and circumstances of the processing and the different likelihood and severity of the risk to the rights to ensure a level of protection appropriate to the risk.Measures include, in particular, ensuring the confidentiality, integrity and availability of data by means of controlling physical access to the data, as well as their access, input, disclosure, availability and disconnection. In addition, we have established procedures to ensure the enjoyment of data subject rights, the erasure of data and the response to data compromise. Furthermore, we consider the protection of personal data already in the development, or selection of hardware, software and procedures, according to the principle of data protection through technology design and privacy-friendly default settings.
Collaboration with contract processors, joint controllers and third parties
If, in the context of our processing, we disclose data to other persons and companies, we will only do so on the basis of a legal permission (eg, if the data has been sent to third parties, such as payment service providers, to fulfill the contract), users have consent to a legal obligation to do so on the basis of our legitimate interests , webhosters, etc.).Insofar as we disclose data to other companies in our group, or otherwise, it is considered as having a legitimate interest and, moreover, on a basis that complies with the legal requirements.
Transfers to third countries
If we process data in a third country (ie outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or in the context of the use of third party services or disclosure, or transmission of data to other persons or companies This will only happen if it is to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to express consent or contractually required transmission, we process or disclose the data only in third countries with a recognized level of data protection, including those certified under the Privacy Shield, or on the basis of specific warranties.Information page of the European Commission ).
Rights of data subjects
In a process of legal compliance.You have accordingly. the legal requirements to the completion of the data concerning you or the correction of the incorrect data concerning you.In accordance with the legal requirements, they have the right to use the data in accordance with the statutory provisions.They have the right to request that they are sent to each other.They also have the right, in accordance with the statutory provisions, to submit a complaint to the competent supervisory authority.
You have the right to revoke consent with effect for the future.
You may object to the future processing of your data in accordance with legal requirements at any time. The objection may in particular be made against processing for direct marketing purposes.
Cookies and right to object to direct mail
Deletion of data
The data processed by us is intended to be deleted or restricted in accordance with legal requirements. It is not necessary for their intended purpose and the law does not apply to any statutory storage requirements.Unless the data is deleted because it is required for other and legally permitted purposes, its processing will be restricted. This means the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.
In addition, we process - contract data (eg, subject matter, term, customer category). - Payment data (eg, bank details, payment history) from our customers, prospects and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.
Order processing in the online shop and customer account
Therapeutic services and coaching
We process the data of our clients and other parties or contractual partners (uniformly referred to as "clients") in accordance with Art. 6 para. 1 lit. b) GDPR in order to provide them with our contractual or pre-contractual services. The data processed, the nature, scope and purpose of their processing are determined by the underlying contractual relationship. The processed data includes stock and master data of the clients (eg, name, address, etc.), as well as the contact data (eg, e-mail address, telephone, etc.), the contract data (eg, services used, fees, names of contact persons, etc.) and payment details (eg, bank details, payment history, etc.).As part of our services, we can therefore special categories of data acc. Art. 9 para. 1 GDPR, in particular regarding the health of the clients, possibly with reference to their sexual life or sexual orientation, ethnic origin or religious or ideological convictions. For this we get, if necessary, acc. Art. 6 para. 1 lit. a., Art. 7, Art. 9 (2) lit. a. DSGVO expressly consent of the clients and process the special categories of data for the purposes of health care on the basis of Art. 9 (2) (h). DSGVO, § 22 Abs. 1 Nr. 1 b. Federal Data Protection Act.Third parties required by the contract, or by third parties, such as by law, or disclose or transmit the data in the context of communication with other specialists comparable service providers, as far as the provision of our services acc. Art. 6 para. 1 letter b. DSGVO serves, legally acc. Art. 6 para. 1 letter c. DSGVO is as a legitimate interest or those of clients in an efficient and cost-effective health care. Art. 6 para. 1 lit. F. DSGVO serves or acc. Art. 6 para. 1 lit d. DSGVO is necessary.to protect the vital interests of clients or any other natural person, or in the context of consent in accordance with. Art. 6 para. 1 lit. a., Art. 7 GDPR.The data is reviewed every three years is checked; otherwise.
External payment service providers
Administration, financial accounting, office organization, contact management
We process data in the context of administrative tasks as well as the organization of our business, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the course of rendering our contractual services. The processing principles are Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. DSGVO. The processing affects customers, prospects, business partners and website visitors. The purpose and interest in processing lies in administration, finance accounting, office organization, data archiving, that is, doing our duties and provide our services.We disclose or transmit data to the financial administration, consultants, such as tax accountants or auditors, as well as other fee offices and payment service providers.Furthermore, we store information on suppliers, organizers and other business partners on the basis of our business interests, eg. We generally store this majority of company-related data permanently.
Business analysis and market research
We process stock data, communication data, contract data. In order to carry out our business activities, to be able to make market tendencies, wishes of the contractors and users, we analyze the data available for business transactions, contracts, inquiries, etc. , payment data, usage data, metadata on the basis of Art 6 para. 1 lit. f. DSGVO, the parties involved, customers, visitors and users of our online offer.The analyzes are carried out for the purpose of business analysis, marketing and market research. In doing so, we can take into account the profiles of registered users with information, eg on their services used. The analysis serves to increase the user-friendliness, the optimization of our offer and the business economy. Externally unless they are anonymous, aggregated value analysis.If these are words or profiles are personal, they will be deleted or anonymized after termination of the users, otherwise after two years from the conclusion of the contract. Incidentally, the overall business analysis and general trend provisions are created anonymously if possible.
Google cloud services
Users can create a user account. As part of the registration, the required information is communicated to the users and based on Art. 6 para. 1 lit. b DSGVO processed for the purpose of providing the user account. The processed data include in particular the login information (name, password and to e-mail address). The data entered during registration is used for the purpose of using the user account and its purpose.Users may be informed by e-mail about information relevant to their user account, such as technical changes. If users have terminated their user account, their data will be with respect to the user account, subject to a statutory retention requirement. It is the responsibility of the users to secure their data upon termination prior to the end of the contract. We are entitled to irretrievably delete all user data stored during the term of the contract.In the context of the use of our registration and registration functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the protection against misuse and other unauthorized use. Unless it is necessary for the pursuit of our claims or there is a legal obligation in accordance with. Art. 6 para. 1 lit. c. DSGVO. The IP addresses wants to be anonymized or deleted after 7 days at the latest.
Comments and posts
If users leave comments or other contributions, their IP addresses based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO be stored for 7 days. This is for our own safety, if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we may be interested in the comment or post and are interested in the identity of the author.Furthermore, we reserve the right, in accordance with our legitimate interests. Art. 6 para. 1 lit. f. DSGVO to process the information of users for the purpose of spam detection.On the same legal basis, we reserve the right, in the case of surveys, to store the IP addresses of users for the duration of their use.The information provided in the comments and contributions to the person, any contact and website information as well as the content information, are stored by the opposition.
The follow-up comments can be made by users with their consent acc. Art. 6 para. 1 lit. subscribed to a DSGVO. Users will receive a confirmation email. Users can unsubscribe from ongoing comment subscriptions at any time. The confirmation email wants to include notes on the revocation options. For the purpose of proving the consent of the users, we would like to save the registration time with the IP address of the users and delete this information when users unsubscribe from the subscription.You can cancel the receipt of our subscription at any time, ie revoke your consent. We may save the submitted email addresses for up to three years based on our legitimate interests. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided at the same time.
Akismet anti-spam check
Our online offering uses the "Akismet" service offered by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. The use is based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f) GDPR. With the help of this service, comments from real people are distinguished from spam comments. Where is it analyzed and stored for four days for comparison. If a comment has been classified as spam, the data will be stored beyond that time. This information includes the name entered, the email address, the IP address, the comment content, the referrer, the computer system and the time of the entry.For more information about Akismet's collection and use of data, see the Automattic Privacy Notice: https://automattic.com/privacy/ .Users are welcome to use pseudonyms, or to refrain from entering the name or email address. You could not avoid the transfer of data by using our commenting system .
Retrieval of emojis and smilies
Within our WordPress blog, graphic emojis (or smilies), ie small graphical files expressing feelings, are used by external servers. Here, the providers of the servers, the IP addresses of the users. This is necessary so that the emojie files can be transmitted to the users' browsers. The Emojie service is offered by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, United States. Automattic Privacy Notice: https://automattic.com/privacy/ , The server domains are used sworg and twemoji.maxcdn.com, which are servers that provide almost and secure transmission of the files and users' personal data.The use of emojis is based on our legitimate interests, ie interest in an attractive design of our online offer acc. Art. 6 para. 1 lit. f. DSGVO.
When contacting us (eg by contact form, e-mail, telephone or via social media), the information provided by the user to process the application request and its processing acc. Art. 6 para. 1 lit. b. (in the context of contractual / pre-contractual relationships), Art. 6 para. 1 lit. f. (other inquiries) DSGVO processed. User information can be stored in a Customer Relationship Management System ("CRM System") or comparable request organization.We delete the requests, if they are no longer required. We check the requirement every two years; Furthermore, the legal archiving obligations apply.
As well as the registration, shipping and statistical evaluation procedures as well as your right of objection. By subscribing to our newsletter, you agree to the receipt and the procedures described.Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter "newsletter"). Insofar as the content of a newsletter is concretely described in the context of an application for the newsletter, it is decisive for the consent of the user. Incidentally, our newsletters contain information about our services and us.Double opt-in and logging: Registration for our newsletter is done in a so-called double opt-in procedure. That means you will receive an e-mail after logging in to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. The registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of the logon and the confirmation time, as well as the IP address. Likewise, changes to your data stored with the shipping service provider will be logged.Credentials: To subscribe to the newsletter, it is sufficient to provide your e-mail address. Optionally, we ask you to give us a name in our newsletter for personal address.The dispatch of the newsletter and the related performance measurement are based on the consent of the recipient acc. Art. 6 para. 1 lit. a, Art. 7 DSGVO in connection with § 7 Abs. 2 Nr. 3 UWG or if it is not required, based on our legitimate interests in direct marketing acc. Art. 6 para. 1 lt. DSGVO in conjunction with § 7 (3) UWG.The logging of the registration process is based on our legitimate interests in accordance with. Art. 6 para. 1 lit. f DSGVO. As well as meeting the expectations of users and allowing us to provide consent.Termination / Revocation - You can cancel the receipt of our newsletter at any time, ie revoke your consent. A link to cancel the newsletter can be found at the end of each newsletter. We may save the submitted email addresses for up to three years based on our legitimate interests. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided at the same time.
Newsletter - Mail Chimp
Newsletter - Success Measurement
The newsletters contain a "web beacon", ie a pixel-sized file that is retrieved from the server when the newsletter is opened by our server or if we are using a shipping service provider. As part of this call, technical information, search as information about the browser and your system, as well as your IP address and time are collected.This information is / are used to improve the technical performance of the information and audience, based on their locations (which can be determined using the IP address). The statistical surveys also include the definition of the newsletters are opened when they are opened and which are left are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is not intended to be used by the shipping service provider to observe individual users. The evaluations serve us much more to identify the habits of our users and to adapt our content to them to different content according to the interests of our users.A separate revocation of the performance measurement is not possible in this case.
Hosting and e-mailing
The following services are provided: infrastructure and platform services, computing capacity, storage and database services, e-mail delivery, security and technical maintenance services. Here we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer acc. Art. 6 para. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO (Conclusion of contract processing contract).
Collection of access data and log files
We, our hosting provider, collects on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO Data on every access to the server on which this service is located (so-called server log files). The access data includes the retrieved web page, file, date and time retrieval, amount of data transferred, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider,For a maximum of 7 days and then deleted, logfile information is stored for security reasons. Until the final clarification of the incident.
Jetpack (WordPress Stats)
Facebook Pixels, Custom Audiences and Facebook Conversion
In the course of our online offer, the Facebook Network, Facebook, 1 Hacker Way, the so-called "Facebook pixel" of the social network Menlo Park, CA 94025, USA If you are located in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland operated ("Facebook").Facebook is certified under the Privacy Shield Agreement ( https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ).(A so-called "Facebook ads"). Accordingly, we use the Facebook Pixels to display the Facebook Ads determined), which we transmit to Facebook (so called "Custom Audiences"). With the help of the Facebook pixel, we want to make sure that our Facebook ads are in line with the potential interest of users and not annoying.The processing of the data by Facebook is part of Facebook's data usage policy. According to Facebook's Facebook Ads Data Usage Policy: https://www.facebook.com/policy . For specific information and details about the Facebook pixels and how it works, visit the help section of Facebook: https://www.facebook.com/business/help/651294705016616 .You may be looking for Facebook Ads. You can see the usage-based advertising settings on https://www.facebook.com/settings?tab=ads . The settings are platform-independent, ie they are adopted for all devices, such as desktop computers or mobile devices.You can therefore use the cookies for distance measurement and promotional purposes via the deactivation page of the Network Advertising Initiative ( http://optout.networkadvertising.org/ ) and in addition the US website ( http://www.aboutads.info/ choices ) or the European website ( http://www.youronlinechoices.com/uk/your-ad-choices/ ).
Online presence in social media
Integration of services and contents of third parties
Based on our legitimate interests (Art. 6 (1) lit. DSGVO), we make use of content or services offered by third party providers in order to provide their content and services Integrate services such as videos or fonts (collectively referred to as "content"). These always presuppose that the third-party providers of this content perceive the IP address of the users. The IP address is therefore required for the presentation of this content. We use the IP address only for the delivery of the content. Third parties may use so-called pixel tags (invisible graphics, or "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information, as the visitor traffic, on the pages of this website.
Use of Facebook social plugins
Twitter, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, may be incorporated. This may include, for example, content such as pictures, videos or texts and buttons, with which users can share the contents of this online offer within Twitter. If you are a user of Twitter, you can use the profiles of the users. Twitter is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation ( https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active ). Data protection: https://twitter.com/privacy, Opt-Out: https://twitter.com/personalization .