Nowega GmbH’s data protection officer
Nowega GmbH is supported by their instructed data protection commissioner:
Mr. Thomas Floß, EDV Unternehmensberatung Floß GmbH, Parkstraße 1a, 33775 Versmold, Tel. (05423) 964900.
Should you have any questions or issues, please feel free to contact our data protection officer under the following email address: firstname.lastname@example.org
Our Social Media Profiles
Data processing through social networks
We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as LinkedIn, Twitter etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:
If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).
Responsibility and assertion of rights
If you visit one of our social media sites (e.g., LinkedIn), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. LinkedIn).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular, retention periods – remain unaffected.
Individual social networks
We use the short message service Twitter. The provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
You can customize your Twitter privacy settings in your user account. Click on the following link and log in: https://twitter.com/personalization.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs.
Information sheet for video surveillance in accordance with Article 13 of the General Data Protection Regulation
Information on the rights of data subjects
Data subjects have the right to request a confirmation from the controller on whether personal data is processed; if this is the case, the data subject has a right to information on said personal data and the specific information listed in Article 15 GDPR.
The data subject has the right to demand that the controller immediately correct any incorrect personal data concerning him or her and complete any incomplete personal data (Art. 16 GDPR), as the case may be.
Data subjects have the right to demand that the controller immediately delete any of their personal data if any of the reasons mentioned in Article 17 GDPR apply, e.g. if the data is no longer needed for the intended purpose (‘right to be forgotten‘).
The data subject has the right to restrict the controller’s processing of their personal data if any of the prerequisites mentioned in Article 18 GDPR apply for the duration of the controller’s review process, e.g. if the data subject has objected to the processing.
The data subject has the right to object to the processing of their personal data any time for reasons resulting from their particular situation. In this case, the controller may no longer process this personal data, unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims (Article 21 GDPR).
Notwithstanding the right to any other administrative or judicial remedy, every data subject hast the right to lodge a complaint with a supervisory body if the data subject is of the opinion that the processing of their personal data violates the GDPR (Article 77 GDPR). The data subject may exercise this right with a supervisory body in the member state it is a resident of, it has its workplace in, or at the place of the alleged infringement. The supervisory body in charge for North Rhine-Westphalia is: The State Data Protection and Freedom of Information Officer (Landesbeauftragter für Datenschutz und Informationsfreiheit) for North Rhine-Westphalia