Who we are
Our website address is: https://myliberty.eu/blog.
Responsible
Thomas Reuner
Weberäckerweg 11
D-91054 Erlangen
E-Mail-Adresse: thomas.reuner@myliberty.eu
Data processing overview
The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects:
Types of data processed
- Inventory data.
- Employee data.
- Contact details.
- Content data.
- Usage data.
- Meta-, communication and process data.
- Protocol data.
Categories of affected persons
- Employees.
- Communication partners.
- Users.
- Third persons.
- Whistleblower.
Purposes of data processing
- Communication.
- Security measures.
- Organizational and administrative procedures.
- Feedback.
- Providing our online offer and user-friendliness.
- Information technology infrastructure.
- whistle blower protection.
- Public relations.
Relevant legal bases
Relevant legal bases according to the GDPR: Below you will find an overview of the legal bases of the GDPR, on the basis of which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection requirements may apply in your or our country of residence or country of residence. Should more special legal bases be decisive in individual cases, we will inform you of these in the privacy policy.
Consent (Art. 6 paragraph. 1 sentence 1 lit. a) GDPR) – The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or several specific purposes.
Performance of the contract and pre-contractual inquiries (Art. 6 paragrapj. 1 sentence 1 lit. b) GDPR) – The processing is necessary for the performance of a contract to which the data subject is a party, or for the implementation of pre-contractual measures, which take place at the request of the data subject.
Legal obligation (Art. 6 paragraph. 1 sentence 1 lit. c) GDPR) – The processing is necessary for the fulfilment of a legal obligation to which the controller is a subject.
Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR) – the processing is necessary to safeguard the legitimate interests of the controller or of a third party, provided that the interests, fundamental rights and freedoms of the data subject who request the protection of personal data do not prevail.
National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany. This includes in particular the law on the protection against misuse of personal data in data processing (Bundesdatenschutzgesetz – BDSG). In particular, the BDSG contains special provisions on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, the processing for other purposes and the transmission, and automated decision-making in individual cases, including profiling. In addition, state data protection laws of the individual federal states can be applied.
Security measures
legal requirements, considering state of the art technologies, implementation costs and the nature, scope, context and purposes of the processing, as well as the different probability and impact of a threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures in particular, ensure the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, transfer, securing availability and separation of data. Furthermore, we have set up procedures that ensure the execution of data subject rights, the deletion of data and response to the risk of data loss. In addition, we take into account the protection of personal data already during design or selection of hardware, software and procedures following the principles of data protection and minimal data collection in our default settings.
We are securing online connections with TLS/SSL encryption technology (HTTPS): In order to protect the data of users transferred via our online services from unauthorized access, we rely on TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt the information that is transmitted between the website or app and the user’s browser (or between two servers), which protects the data from unauthorized access. TLS, as the more advanced and secure version of SSL, ensures that all data transmissions meet the highest security standards. If a website is secured by an SSL/TLS certificate, this is signaled by the display of HTTPS in the URL. This serves as an indicator for users that their data is transmitted securely and encrypted.
General information about data storage and deletion
We delete personal data that we process in accordance with legal regulations as soon as the underlying consents is revoked or there is no further legal basis for the processing. This applies to cases in which the original processing purpose does not exist anymore or the data is no longer required. Exceptions to this regulation exist if legal obligations or special interests require a longer storage or archiving of the data.
In particular, data that must be kept for commercial or tax reasons or whose storage is necessary for the prosecution or protection of the rights of other natural or legal persons must be archived accordingly.
Our privacy policy contains additional information on the retention and deletion of data that applies specifically to certain processing procedures.
In the case of several applicable information about the retention period or deletion periods of a date, the longest period is always decisive. We process data that is no longer stored for the originally intended purpose, but on the basis of legal requirements or other reasons, exclusively for the reasons that justify their storage.
Data retention and deletion: The following general deadlines apply to storage and archiving according to German law:
- 10 years – retention period for books and records, annual accounts, inventories, situation reports, opening balance sheets and the work instructions and other organizational documents required for their understanding (§ 147 paragraph. 1 No. 1 in conjunction Abs. 3 AO, § 14b paragraph. 1 UStG, § 257 paragraph. 1 No. 1 in conjunction Abs. 4 HGB). 8 years – booking documents, such as e.g. B. Invoices and cost documents (§ 147 paragraph. 1 No. 4 and 4a in conjunction Abs. 3 sentence 1 AO and § 257 paragraph. 1 No. 4 in conjunction with Abs. 4 HGB). 6 years – Other business documents: commercial or business letters received, renditions of the transferred commercial or business letters, other documents, insofar as they are relevant for taxation, e.g. B. Hourly wage slips, operating billing forms, calculation documents, price agreements, but also payroll documents, insofar as they are not already accounting documents and cash strips (§ 147 paragraph. 1 No. 2, 3, 5 i.v.m. Abs. 3 AO, § 257 paragraph. 1 No. 2 and 3 in conjunction with Abs. 4 HGB). 3 years – Data required to take into account potential warranty and damages claims or similar contractual claims and rights, as well as to process related requests, based on previous business experiences and customary industry practices, will be stored for the duration of the regular statutory limitation period of three years (§§ 195, 199 BGB).
- The start of the period at the end of the year: If a period does not expressly commence on a specific date and is at least one year, it will automatically start at the end of the calendar year in which the time-triggering event occurred. In the case of ongoing contractual relationships, in the context of which data is stored, the time-triggering event is the time of termination or other termination of the legal relationship.
Rights of the data subjects
Rights of the data subjects based on GDPR: As a data subject, you have various rights according to the GDPR, which arise in particular from Art. 15 to 21 GDPR:
Right to object: You have the right, for reasons arising from your particular situation, to the processing of your personal data, which is based on Art. 6 (1) (e) or (f) GDPR, objections are made; this also applies to profiling based on these provisions. If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is related to such direct marketing.
Right of withdrawal of your consent: You have the right to revoke your consent at any time.
Right of access: You have the right to request confirmation as to whether data in question is being processed and for information about this data as well as for further information and copy of the data in accordance with the legal requirements.
Right to rectification: In accordance with the legal requirements, you have the right to request the completion of the data concerning you or the correction of the incorrect data concerning you.
Right of deletion and restriction of processing: You have the right to request that data concerning you be deleted immediately in accordance with the statutory requirements, or alternatively to request a restriction of the processing of the data in accordance with the legal requirements.
Right to data portability: You have the right to receive data concerning you, which you have provided to us, in accordance with the legal requirements in a structured, commonly used and machine-readable format or to request its transmission to another controller.
Complaint to the supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of its habitual residence, place of work or place of the alleged infringement, if you believe that the processing of personal data concerning you violates the provisions of the GDPR.
Online Presence and web hosting
We process the data of users in order to be able to provide them with our online services. For this purpose, we process the IP address of the user, which is necessary to transmit the content and functions of our online services to the browser or terminal device of the users.
- Processed data types: Usage data (e.g. B. Page views and length of stay, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions); meta, communication and method data (e.g. IP addresses, time stamps, user IDs, people involved). Protocol data (e.g. log files concerning logins or the retrieval of data or access times.).
- Person specific: Users (e.g. B. Website visitors, users of online services).
- Purposes of processing and legitimate interests: provision of our online offer and user-friendliness; information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)). Security measures.
- Retention and deletion: deletion according to information in the section “General information on data storage and deletion”.
- Legal bases: Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR).
Use of cookies
The term “cookies” refers to functions that store and read information on users’ devices. Cookies can also be used in relation to various concerns, for example for the purposes of functionality, the security and convenience of online offers and the preparation of analyses of visitor flows. We use cookies in accordance with the legal regulations. If necessary, we obtain the consent of the users in advance. If consent is not necessary, we rely on our legitimate interests. This applies if the storage and reading of information is essential in order to be able to provide expressly requested content and functions. These include, for example, the storage of settings and ensuring the functionality and security of our online offer. The consent can be revoked at any time. We clearly inform you about their scope and which cookies are used.
Information on data protection legal basis: Whether we process personal data using cookies depends on consent. If consent is available, it serves as the legal basis. Without consent, we rely on our legitimate interests, which are explained above in this section and in the context of the respective services and procedures.
Storage period: In terms of storage duration, the following types of cookies are distinguished:
- Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user leaves an online offer and his terminal device (e.g. B. Browser or mobile application) is closed.
- Permanent cookies: Permanent cookies remain stored even after the terminal device is closed. For example, the log-in status can be stored and preferred content can be displayed directly when the user visits a website again. Likewise, the user data collected with the help of cookies can be used for range measurement. Unless we provide users with explicit information on the type and storage period of cookies (e.g. in the context of obtaining consent), they should assume that these are permanent and the storage period can be up to two years.
General information on revocation and objection (opt-out): Users can revoke the consents they have given at any time and also declare an objection to the processing in accordance with the legal requirements, also by means of the privacy settings of their browser.
- Processed data types: Meta, communication and method data (e.g. B. IP addresses, time indications, identification numbers, people involved).
- Persons concerned: Users (e.g. B. Website visitors, users of online services).
- Legal bases: Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR). Consent (Art. 6 paragraph. 1 sentence 1 lit. a) GDPR).
- Further information on processing processes, procedures and services:
- Processing of cookie data on the basis of consent: We use a consent management solution in which the consent of the users to the use of cookies or to the procedures and providers mentioned in the context of the consent management solution is obtained. This method is used for obtaining, logging, managing and revoking consents, in particular with regard to the use of cookies and comparable technologies used for storing, reading out and processing information on the user’s end devices. This procedure obtains users’ consents to the use of cookies and the associated processing of information, including the specific processing and providers specified in the consent management procedure. Users also have the option to manage and revoke their consent. The declarations of consent are stored in order to avoid a new query and to be able to provide proof of consent in accordance with the legal requirements. The storage takes place on the server side and/or in a cookie (so-called opt-in cookie) or by means of comparable technologies in order to be able to assign the consent to a specific user or his device. Unless there is specific information on the providers of consent management services, the following general information applies: The duration of the storage of consent is up to two years. A pseudonymous user identifier is created, which, together with the time of consent, provides information on the scope of consent (e.g. B. categories of cookies and/or service providers) as well as information about the browser, the system and the terminal device used are stored; legal bases: consent (Art. 6 paragraph. 1 sentence 1 lit. a) GDPR).
Blogs and Publication Media
We use blogs or comparable means of online communication and publication (hereinafter “publication medium”). The data of the readers will only be processed for the purposes of the publication medium to the extent that it is necessary for its presentation and communication between authors and readers or for security reasons. In addition, we refer to the information on the processing of visitors to our publication medium within the scope of this data protection information.
- Processed data types: Inventory data (e.g. the full name, home address, contact information, customer number, etc.); contact details (e.g. B. Postal and email addresses or telephone numbers); content data (e.g. textual or pictorial messages and contributions, as well as the information concerning them, e.g. B. Information on authorship or time of creation); usage data (e.g. B. Page views and length of stay, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Meta-, communication and method data (e.g. B. IP addresses, time indications, identification numbers, people involved).
- Persons concerned: Users (e.g. B. Website visitors, users of online services).
- Purposes of processing and legitimate interests: Feedback (e.g. B. Collecting feedback via online form); providing our online offer and user-friendliness; security measures. Organizational and administrative procedures.
- Retention and deletion: deletion according to information in the section “General information on data storage and deletion”.
- Legal bases: Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR).
Further information on processing processes, procedures and services:
- Comments and Posts: When users leave comments or other contributions, their IP addresses may be stored on the basis of our legitimate interests. This is done for our safety, if someone leaves illegal content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we can be prosecuted for the comment or post ourselves and are therefore interested in the identity of the author.
Furthermore, we reserve the right to process the information of the users for the purpose of spam detection on the basis of our legitimate interests.
On the same legal basis, we reserve the right to store the IP addresses of the users for their duration in the case of surveys and to use cookies in order to avoid multiple votes.
The information provided in the context of the comments and contributions about the person, any contact and website information as well as the content information will be permanently stored by us until the objection of the users; legal bases: Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR).
Contact and request management
When contacting us (e.g. The information of the persons inquiring will be processed by post, contact form, e-mail, telephone or social media) as well as in the context of existing user and business relationships, insofar as this is necessary to answer the contact requests and any requested measures.
- Processed data types: Contact details (e.g. B. Postal and email addresses or telephone numbers); content data (e.g. textual or pictorial messages and contributions, as well as the information concerning them, e.g. B. Information on authorship or time of creation). Meta-, communication and method data (e.g. . IP addresses, time indications, identification numbers, people involved).
- Affected persons: Communication partners.
- Purposes of processing and legitimate interests: communication; organizational and administrative procedures; feedback (e.g. B. Collecting feedback via online form). Providing our online offer and user-friendliness.
- Retention and deletion: deletion according to information in the section “General information on data storage and deletion”.
- Legal bases: Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR). Performance of the contract and pre-contractual inquiries (Art. 6 paragraph. 1 sentence 1 lit. b) GDPR).
Further information on processing processes, procedures and services:
Contact form: When contacting us via our contact form, by e-mail or other communication channels, we process the personal data transmitted to us to answer and process the respective request. This usually includes information such as name, contact information and, where applicable, further information that is communicated to us and is necessary for appropriate processing. We use this data exclusively for the stated purpose of establishing contact and communication; legal bases: fulfilment of the contract and pre-contractual inquiries (Art. 6 paragraph. 1 sentence 1 lit. b) GDPR), Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR).
Social Media
We maintain online presences within social networks and process user data in this context in order to communicate with the users active there or to offer information about us.
We would like to point out that user data can be processed outside the European Union area. This can result in risks for users, because, for example, the enforcement of user rights could be made more difficult.
Furthermore, the data of users within social networks is usually processed for market research and advertising purposes. For example, usage profiles can be created on the basis of the usage behavior and the resulting interests of the users. The latter may in turn be used to serve advertisements inside and outside the networks, for example, which presumably correspond to the interests of the users. Therefore, cookies are usually stored on the users’ computers, in which the usage behavior and the interests of the users are stored. In addition, data can also be stored in the usage profiles independently of the devices used by the users (in particular if they are members of the respective platforms and are logged in there).
For a detailed presentation of the respective forms of processing and the possibilities of objection (opt-out) we refer to the data protection declarations and information of the operators of the respective networks.
Also in the case of requests for information and the assertion of data subject rights, we point out that these can be asserted most effectively with the providers. Only the latter have access to the user data and can take appropriate measures directly and provide information. If you still need help, you can contact us.
- Processed data types: Contact details (e.g. B. Postal and email addresses or telephone numbers); content data (e.g. textual or pictorial messages and contributions, as well as the information concerning them, e.g. B. Information on authorship or time of creation). Usage data (e.g. B. Page views and length of stay, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions).
- Persons concerned: Users (e.g. B. Website visitors, users of online services).
- Purposes of processing and legitimate interests: communication; feedback (e.g. B. Collecting feedback via online form). Public relations.
- Retention and deletion: deletion according to information in the section “General information on data storage and deletion”.
- Legal bases: Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR).
Further information on processing processes, procedures and services:
Plug-ins and embedded functions and content
We integrate functional and content elements into our online offer, which are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These may be, for example, graphics, videos or city maps (hereinafter referred to as “Content”).
The integration always requires that the third-party providers of this content process the IP address of the users, since they could not send the content to their browser without an IP address. The IP address is therefore required for the display of these contents or functions. We strive to use only those content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information, such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include, among other things, technical information on the browser and operating system, websites to be referred to, visit time and other information on the use of our online offer, but may also be linked to such information from other sources.
Information on legal bases: If we ask users for their consent to the use of the third-party providers, the legal basis of the data processing constitutes permission. Otherwise, the user data will be based on our legitimate interests (i.e. Interest in efficient, economic and recipient-friendly services) processed. In this context, we would also like to inform you about the information on the use of cookies in this privacy policy.
- Processed data types: Usage data (e.g. B. Page views and length of stay, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Meta-, communication and method data (e.g. B. IP addresses, time indications, identification numbers, people involved).
- Persons concerned: Users (e.g. B. Website visitors, users of online services).
- Purposes of processing and legitimate interests: provision of our online offer and user-friendliness.
- Retention and deletion: deletion according to information in the section “General information on data storage and deletion”. Storage of cookies of up to 2 years (Unless otherwise stated, cookies and similar storage methods may be stored on the users’ devices for a period of two years.).
- Legal basis: Consent (Art. 6 paragraph. 1 sentence 1 lit. a) GDPR). Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR).
Further information on processing processes, procedures and services:
- OpenStreetMap: We integrate the maps of the OpenStreetMap service, which are offered on the basis of the Open Data Commons Open Database License (ODbL) by the OpenStreetMap Foundation (OSMF). The data of the users are used by OpenStreetMap exclusively for the purpose of displaying the map functions and for caching the selected settings. This data may include, in particular, IP addresses and location data of the users, which are not collected without their consent (usually carried out in the context of the settings of their terminals or browsers); service provider: OpenStreetMap Foundation (OSMF); legal bases: Legitimate interests (Art. 6 paragraph. 1 sentence 1 lit. f) GDPR); website: https://www.openstreetmap.de. Privacy Policy: https://osmfoundation.org/wiki/Privacy_Policy.
Modification and update
We kindly ask you to regularly inform yourself about the content of our privacy policy. We adjust the privacy policy as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes make an act of participation on your part (e.g. B. Consent) or any other individual notification is required.
If we provide addresses and contact information of companies and organizations in this privacy policy, please note that the addresses may change over time and ask you to check the information before contacting us.
Terms and Definitions
In this section you will receive an overview of the terms and definitions used in this privacy policy. Insofar as the terms are defined by law, their legal definitions apply. The following explanations, on the other hand, are intended to serve above all for understanding.
- Employees: Employees are referred to as employees who are in employment, whether as employees, employees or in similar positions. An employment relationship is a legal relationship between an employer and an employee, which is determined by an employment contract or an agreement. It includes the employer’s obligation to pay the employee a remuneration while the employee provides his/her work benefit. The employment relationship includes various phases, including the justification in which the employment contract is concluded, the execution in which the employee carries out his/her work, and the termination when the employment relationship ends, whether by termination, termination contract or otherwise. Employee data is all information relating to these persons and in the context of their employment. This includes aspects such as personal identification data, identification numbers, salary and bank details, working hours, leave claims, health data and performance assessments.
- Inventory data: Inventory data includes essential information necessary for the identification and management of contractual partners, user accounts, profiles and similar assignments. This data may include personal and demographic information such as name, contact information (addresses, telephone numbers, email addresses), dates of birth and specific identifiers (user IDs). Inventory data forms the basis for any formal interaction between persons and services, facilities or systems by enabling clear allocation and communication.
- Content data: Content data includes information generated in the course of creating, editing and publishing content of all kinds. This category of data may include texts, images, videos, audio files and other multimedia content published on different platforms and media. Content data is not only limited to the actual content, but also contains metadata that provides information about the content itself, such as tags, descriptions, author information, and publication data
- Contact details: Contact details are essential information that enables communication with people or organizations. They include, among other things. Telephone numbers, postal addresses and email addresses, as well as means of communication such as social media handles and instant messaging identifiers.
Meta data
In this section you will find an overview of the terms used in this privacy policy. Insofar as the terms are defined by law, their legal definitions apply. The following explanations, on the other hand, are intended to serve in particular for understanding.
- Communication and process data: Meta-, communication- and process data are categories that contain information about the way data is processed, transmitted and managed. Meta-data, also known as data about data, includes information that describes the context, origin, and structure of other data. You can include file size, creation date, document author, and change histories. Communication data collects the exchange of information between users through various channels, such as e-mail traffic, call logs, messages on social networks and chat histories, including the people involved, time stamps and transmission routes. Process data describes the processes and procedures within systems or organizations, including workflow documentation, transactions and activities protocols, and audit logs used to track and verify operations.
- Usage Data: Usage data refers to information that collects how users interact with digital products, services or platforms. This data includes a wide range of information that shows how users use applications, what functions they prefer, how long they stay on certain pages, and what paths they navigate through an application. Usage data may also include the frequency of use, time stamps of activities, IP addresses, device information, and location data. They are especially valuable for analyzing user behavior, optimizing user experiences, personalizing content, and improving products or services. In addition, usage data plays a crucial role in identifying trends, preferences and possible problem areas within digital offerings
- Personal data: “Personal data” means all information relating to an identified or identifiable natural person (hereinafter “data subject”); a natural person is considered identifiable, directly or indirectly, in particular by means of assignment to an identifier such as a name, to an identification number, to location data, to an online identifier (e.g. Cookie) or can be identified to one or more particular characteristics that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
- Log data: Log data is information about events or activities logged in a system or network. This data typically contains information such as time stamps, IP addresses, user actions, error messages, and other details about the use or operation of a system. Log data is often used to analyze system issues, to monitor security, or to generate performance reports.
- Controller: The “controller” is the natural or legal person, public authority, agency or other body that alone or jointly with others decides on the purposes and means of processing personal data.
- Processing: “Processing” means any operation carried out with or without the help of automated procedures or any such series of operations in connection with personal data. The term extends far and covers virtually every handling of data, be it the collection, evaluation, storage, transmission or deletion.