Responsible Entity
The responsible entity for the collection, processing and use of your personal data is:
ORYX IT-Consulting GmbH Nördliche Münchner Str. 18 g82031 Grünwald
(hereinafter "ORYX IT").
If you have any questions about data protection, our external data protection officer is available to help:
ORYX IT-Consulting GmbHPersonal/Confidential to the Data Protection Officer
Nördliche Münchner Str. 18 g
82031 Grünwald
E-Mail: datenschutz@oryx-it.de
Data Processing on this Website
a) Description and Scope of Data Processing
ORYX IT automatically collects and stores information that your browser transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL (the previously visited page)
- Hostname of the accessing computer (IP address)
- Date and time of the server request
- Retrieved pages and files
We cannot assign this data to one or more specific persons.
b) Legal Basis for Data Processing
The legal basis for storing the data/log files is Art. 6 para. 1 f) GDPR.
c) Purpose of Data Processing
Storage in log files ensures proper functioning of the website and also serves to improve and secure our systems. Further evaluation of this data (for example, for marketing purposes) does not take place in this context.
d) Duration of Storage
The data stored by ORYX IT will be deleted as soon as it is no longer necessary for the purpose for which it was collected. This is the case after seven days at the latest. Extended storage is possible. In this case, the IP addresses of users are deleted or anonymized so that assignment of the calling client is no longer possible.
e) Possibility of Objection and Removal
The collection of the mentioned data is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
Contact Form and Email
a) Description and Scope of Data Processing
We provide you with a contact form on our website for easy contact. The data entered in the input mask is transmitted to ORYX IT and stored (first and last name, company/organization, email address, telephone number if applicable). In addition, the user's IP address as well as the date and time of transmission are stored at the time of sending.
Alternatively, contact can be made via the provided email address. In this case, the personal data of the user transmitted with the email is stored.
The data is not passed on to third parties. The data is used exclusively for processing the request.
b) Legal Basis for Data Processing
The legal basis is Art. 6 para. 1 sentence 1 f) GDPR. Insofar as we request information via our contact form that is not necessary for contact, we have always marked this as optional. This information serves us to specify your request and to improve the handling of your concern. This information is expressly provided on a voluntary basis and with your consent, Art. 6 para. 1 sentence 1 lit. a GDPR. If the email contact aims at concluding a contract, then the additional legal basis for processing is Art. 6 para. 1 b) GDPR.
c) Purpose of Data Processing
The processing of personal data serves solely to handle the contact. In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data. The other processed personal data serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
d) Duration of Storage
The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the affected matter has been conclusively clarified.
e) Possibility of Objection and Removal
The user has the possibility to revoke his consent to the processing of personal data at any time. For this purpose, the user can contact the responsible party via the contact options provided on the website. If the user contacts ORYX IT by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
Transfer of Personal Data
Your data will only be passed on to affiliated companies and service partners if they act on our behalf and support ORYX IT in providing their services. Processing of your personal data by commissioned service providers takes place within the framework of order processing according to Art. 28 GDPR.
The aforementioned service providers only receive access to such personal information that is necessary for the fulfillment of the respective activity. These service providers are prohibited from passing on your personal information or using it for other purposes, especially for their own advertising purposes.
Insofar as external service providers come into contact with your personal data, we have ensured through legal, technical and organizational measures as well as through regular controls that they also comply with applicable data protection regulations.
Commercial transfer of your personal data to other companies does not take place.
Rights of Data Subjects
Every affected person has the right to information according to Art. 15 GDPR, the right to rectification according to Art. 16 GDPR, the right to deletion according to Art. 17 GDPR, the right to restriction of processing according to Art. 18 GDPR, the right to objection from Art. 21 GDPR as well as the right to data portability from Art. 20 GDPR. The restrictions according to §§ 34 and 35 BDSG apply to the right to information and the right to deletion.
a) Possibility of Complaint
You also have the right according to Art. 77 GDPR to complain to the competent data protection supervisory authority about the processing of your personal data by ORYX IT. The supervisory authority responsible for ORYX IT is:
Bavarian State Commissioner for Data Protection and Freedom of InformationP.O. Box 22 12 19
80502 Munich
Telephone: +49 89 212672-0
Fax: +49 89 212672-50
E-Mail: poststelle@datenschutz-bayern.de
b) Obligation to Provide Personal Data
There is no obligation to provide your personal data. The provision of your personal data is voluntary.
c) Automated Decision-Making and Profiling
Automated decision-making according to Art. 22 GDPR, in particular automated decision about your application, or profiling does not take place.
d) Revocation of Consent
You can revoke consent given for the processing of personal data to ORYX IT at any time. This also applies to the revocation of declarations of consent that were given to ORYX IT before the validity of the General Data Protection Regulation, i.e. before May 25, 2018. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.
e) Right in Case of Data Processing for Direct Marketing
You have the right according to Art. 21 para. 2 GDPR to object at any time to the processing of personal data concerning you. In case of your objection to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes. Please note that the objection only takes effect for the future. Processing that took place before the objection is not affected.
f) Notice of Right to Object in Case of Balancing of Interests
Insofar as we base the processing of your personal data on a balancing of interests, you can object to the processing. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as described by us. In case of your justified objection, we will examine the situation and will either stop or adjust the data processing or explain to you our compelling legitimate reasons.