Privacy Policy
1. Introduction
We are delighted by your interest in our website. Data protection is of particularly high importance to us. It is generally possible to use our website without providing any personal data. However, if a data subject wishes to use special services via our website, the processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we will generally obtain consent from the data subject.
The processing of personal data, such as the name, address, email address, or telephone number of a data subject, always takes place in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to us. Through this privacy policy, we would like to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy serves to inform data subjects of their rights.
As the data controller, we have implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transmit personal data to us through alternative means, such as by telephone or post.
2. Name and Address of the Data Controller
The data controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in Member states of the European Union, and other provisions related to data protection is:
Martin Lamprecht
Tulpenstr. 22, D-84562 Mettenheim
Telephone: +49 1525 876 55 67
Email: office@trio-musik.de
Website: www.trio-musik.de
3. Contact for Data Protection Matters
Martin Lamprecht has not appointed a data protection officer and is therefore the direct contact person for all data protection matters. Data subjects can contact Martin Lamprecht at any time with their concerns at office@trio-musik.de.
If a data subject is dissatisfied with the information provided to them or has a complaint, they have the right to contact the relevant supervisory authority at any time. The competent supervisory authority for data protection matters is the data protection officer of the federal state in which our company is located. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
4. Data Collection and Use When Contacting via the Website
The website operator collects personal data when data subjects voluntarily provide it as part of a contact (e.g., via contact form or email). The data collected is visible from the respective input forms. The provided data is used to process business activities and inquiries.
After the complete processing of a transaction, the data of the data subjects involved will be blocked for further use and deleted after the expiry of tax and commercial retention periods, unless the data subject has expressly consented to further use of their data, or we reserve the right to further use, which is permitted by law and about which data subjects will be informed below.
a) Contact Form
Our website does not contain a contact form.
5. Storage of Access Data in Server Log Files
In general, visitors can use our websites without providing personal information. Only access data is stored in server log files, such as the name of the requested file, date and time of access, the amount of data transferred, and the requesting provider. This data is used solely to ensure the smooth operation of the websites and to improve the service offered.
The collected data does not allow any conclusions to be drawn about the visitor’s identity due to the lack of personal reference.
6. Cookies
a) What are cookies?
Cookies are records stored in small text files that are associated with a specific browser and stored on the hard drive of a website visitor. Often, a unique identity (ID) is assigned to an internet browser through cookies. A particular browser can be recognized again via this unique cookie ID.
The stored data generally serves the following purposes:
1. Recognizing visitors
2. Personalizing services and offers
3. Gathering statistics about visitor numbers
Additionally, there are services and offers that would not be technically possible without setting cookies. These include personalized areas that are protected by login. Cookies can have an expiration date, after which they expire. Depending on their purpose, this expiration date can be very close or far in the future. Some cookies, in fact, never expire.
b) Are cookies used?
The public areas of our website do not use cookies.
Only for access to the administrative area of the internet service, a technically necessary cookie with the designation “wordpress_test_cookie” is set for login by our internal employees.
7. Tracking and analysis tools
We completely refrain from using tools to track and analyze visitors to this internet offering.
8. YouTube
We use YouTube in our online presence. This is a video portal of YouTube LLC., 901 Cherry Ave., 94066 San Bruno, CA, USA, hereinafter referred to as “YouTube.”
YouTube is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google.”
By certifying according to the EU-US Privacy Shield (“EU-US Privacy Shield”), Google and thus also the subsidiary YouTube guarantee that the data protection requirements of the EU are also complied with when processing data in the USA.
We use YouTube in connection with the “Extended Data Protection Mode” function to display videos to you. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our online presence. According to YouTube’s information, the “Extended Data Protection Mode” ensures that the data described below is only transmitted to the YouTube server when you actually start a video.
Without this “Extended Data Protection,” a connection to the YouTube server in the USA is established as soon as you visit one of our internet pages on which a YouTube video is embedded.
This connection is necessary to display the respective video on our internet page via your internet browser. As part of this, YouTube will at least capture and process your IP address, date and time, as well as the internet page you visited. In addition, a connection is made to Google’s advertising network “DoubleClick.”
If you are logged in to YouTube at the same time, YouTube will assign the connection information to your YouTube account. If you want to prevent this, you must either log out of YouTube before visiting our online presence or make the appropriate settings in your YouTube user account.
For the purpose of functionality and to analyze user behavior, YouTube permanently stores cookies via your internet browser on your end device. If you do not agree to this processing, you have the option to prevent the storage of cookies by setting up your internet browser accordingly. You can find more information on this above under “Cookies.”
Further information on the collection and use of data as well as your rights and protection options can be found in Google’s privacy policy, which is available at https://policies.google.com/privacy.
9. Rights of the data subject
a) Right to confirmation
Every data subject has the right granted by the European legislator to request confirmation from the data controller as to whether personal data concerning them is being processed. If a data subject wishes to exercise this right to confirmation, they can contact our data protection officer at any time.
b) Right to information
Every data subject affected by the processing of personal data has the right granted by the European legislator to obtain free information from the data controller at any time about the personal data stored about them and a copy of this information. Furthermore, the European legislator has granted the data subject access to the following information:
1. The purposes of the processing
2. The categories of personal data that are processed
3. The recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
4. if possible, the planned duration for which the personal data will be stored, or, if this is not possible, the criteria for determining this duration
5. the existence of a right to correct or delete personal data concerning them or to restrict processing by the data controller or a right to object to such processing
6. the existence of a right to lodge a complaint with a supervisory authority
7. if the personal data are not collected from the data subject: all available information about the origin of the data
8. the existence of automated decision-making, including profiling in accordance with Article 22 (1) and (4) GDPR and — at least in these cases — meaningful information about the logic involved, as well as the scope and intended impact of such processing on the data subject
Furthermore, the data subject has the right to be informed whether personal data has been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate guarantees in connection with the transfer. If a data subject wishes to exercise this right to information, they can contact our data protection officer at any time.
c) Right to rectification
Every data subject affected by the processing of personal data has the right granted by the European legislator to request the immediate correction of inaccurate personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data — including by means of a supplementary declaration. If a data subject wishes to exercise this right to correction, they can contact our data protection officer at any time.
d) Right to Erasure (Right to be Forgotten)
Any individual whose personal data is processed has the right, granted by the European legislator, to demand from the controller the immediate erasure of personal data concerning them if one of the following grounds applies and if the processing is not necessary:
The personal data has been collected or otherwise processed for purposes for which they are no longer necessary.
The data subject withdraws consent on which the processing is based according to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and there is no other legal ground for the processing.
The data subject objects to the processing pursuant to Article 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR.
The personal data has been unlawfully processed.
The erasure of personal data is required to fulfil a legal obligation under Union or Member State law to which the controller is subject.
The personal data has been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
If one of the above reasons applies and an individual wants to request the deletion of personal data stored by us, they can contact our Data Protection Officer or another employee responsible for processing at any time. Our Data Protection Officer or another employee will arrange for the deletion request to be complied with immediately. If the personal data has been made public by us and we, as the controller, are obliged to delete the personal data in accordance with Article 17(1) GDPR, we will take appropriate measures, including technical ones, taking into account the available technology and implementation costs, to inform other data controllers processing the published personal data that the data subject has requested the deletion of all links to this personal data or copies or replications of this personal data, unless the processing is necessary. Our Data Protection Officer or another employee will take the necessary action on a case-by-case basis.
e) Right to Restriction of Processing
Any individual whose personal data is processed has the right, granted by the European legislator, to demand from the controller the restriction of processing if one of the following conditions is met:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful, and the data subject opposes the erasure of the personal data and requests instead the restriction of their use.
The controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise, or defence of legal claims.
The data subject has objected to processing pursuant to Article 21(1) GDPR pending the verification of whether the legitimate grounds of the controller override those of the data subject.
If one of the above conditions is met and an individual wants to request the restriction of personal data stored by us, they can contact our Data Protection Officer at any time. The Data Protection Officer will arrange for the restriction of processing.
f) Right to Data Portability
Any individual whose personal data is processed has the right, granted by the European legislator, to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit this data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR, and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, when exercising their right to data portability pursuant to Article 20(1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible, and provided that this does not adversely affect the rights and freedoms of others.
To exercise the right to data portability, the data subject can contact our Data Protection Officer.
g) Right to Object
Any individual whose personal data is processed has the right, granted by the European legislator, to object, on grounds relating to their particular situation, at any time, to the processing of personal data concerning them, which is based on Article 6(1)(e) or (f) GDPR, including profiling based on those provisions.
We will no longer process the personal data in the event of the objection unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defence of legal claims.
If we process personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning them for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to us processing for direct marketing purposes, we will no longer process the personal data for these purposes.
In addition, the data subject has the right, on grounds relating to their particular situation, to object to the processing of personal data concerning them by us for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
To exercise the right to object, the data subject can directly contact us. The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58/EC, to exercise their right to object by automated means using technical specifications.
h) Right to Withdraw Consent to Data Processing
Any individual whose personal data is processed has the right, granted by the European legislator, to withdraw consent to the processing of personal data at any time.
If the data subject wishes to exercise their right to withdraw consent to processing, they can contact the site operator at any time.