Processing of personal data
ENO telecom GmbH takes the protection of your personal data very seriously.
The use of our website is usually also possible without providing personal data.
Insofar as we collect personal data (for example name, address or email addresses), this takes place, as far as possible, always on voluntary basis.
These data will not be disclosed to third parties without your explicit consent.
Please note that data transmission over the Internet (for example, when communicating via email) may have security vulnerabilities.
The complete protection of the data from access by third parties is not possible.
a) Personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter: "data subject").
A natural person is considered to be identifiable if they can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features that express the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
b) Data subject
A data subject is any identified or identifiable natural person whose personal data are processed by the controller.
Processing refers to any process or series of operations related to personal data, such as collecting, gathering, organizing, ordering, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures, disclosure by submission, dissemination, or other form of provision, reconciliation or association, restriction, erasure or destruction.
d) Restriction of processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.
Profiling is any kind of automated processing of personal data that consists in using those personal data to evaluate certain personal aspects relating to a natural person, in particular in order to analyse or predict aspects relating to job performance, economic situation, health, personal preferences, interests, reliability, behaviour, whereabouts or relocation of that natural person.
Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organisational measures to ensure that the personal data are not assigned to an identified or identifiable natural person.
g) Controller or controller responsible for data processing
The controller or controller responsible for data processing is the natural or legal person, public authority, body or entity that, alone or in concert with others, decides on the purposes and means of processing personal data.
Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its designation may be provided for under EU law or national law.
h) Commissioned processor
A commissioned processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
A recipient is a natural or legal person, agency, authority or other entity to whom personal data are disclosed, whether or not it is a third party.
However, authorities which may receive personal data under EU law or national law in connection with a particular mission are not considered as recipients.
j) Third party
A third party is a natural or legal person, public authority, body or entity other than the data subject, the controller, the commissioned processor, or the persons authorised under the direct responsibility of the controller or the commissioned processor, to process the personal data.
Consent is any voluntarily given and unambiguously expressed declaration, in the form of a statement or other unambiguous confirmatory act, by the data subject for the particular case, by which the data subject indicates that they consent to the processing of the personal data concerning them.
Server log files
The provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.
The following information is stored in log files:
- Browser type / browser version
- Operating system used
- Referrer URL
- Hostname / IP of the accessing computer
- Time of the server query
Rights of the data subject
a) Right to confirmation
Every data subject has the right, as granted by the European legislators and regulators, to require the controller to confirm whether personal data relating to them are being processed.
If a data subject wishes to make use of this right of confirmation, they can contact an employee of the controller at any time.
b) Right to information
Any data subject affected by the processing of personal data has the right, granted by the European legislators and regulators, at any time to obtain from the controller information free of charge on the personal data stored about the data subject and to receive a copy of that information.
Furthermore, the European legislators and regulators have granted the data subject the right to the following information:
- the processing purposes
- the categories of personal data being processed
- the recipients or categories of recipients to whom the personal data have been disclosed or are yet to be disclosed, in particular to recipients in third countries or to international organisations
- if possible, the planned duration for which the personal data will be stored or, if that is not possible, the criteria for determining that duration
- the existence of a right to rectification and deletion of the personal data concerning them, the right to a restriction of the processing by the controller, and the right to object to such processing
- the existence of a right to lodge a complaint with a supervisory authority
- if the personal data are not collected from the data subject: All available information about the origin of the data
- The existence of automated decision-making including profiling under Art. 22 (1) and (4) GDPR and - at least in these cases - meaningful information on the logic involved and the scope and intended impact of such processing on the data subject
In addition, the data subject has a right to information regarding whether personal data has been transferred to a third country or to an international organisation.
If this is the case, the data subject has the right to obtain information about the appropriate guarantees in connection with the transfer.
If a data subject wishes to exercise this right to information, they may contact an employee of the controller at any time.
c) Right to rectification
Any data subject affected by the processing of personal data has the right, granted by the European legislators and regulators to demand the immediate correction of inaccurate personal data concerning them.
Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.
If a data subject wishes to exercise this right to rectification, they may, at any time, contact an employee of the controller.
d) Right to deletion (Right to be forgotten)
Any data subject affected by the processing of personal data has the right, granted by the European legislators and regulators to require the controller to immediately delete the personal data concerning him, provided that one of the following reasons is satisfied and the processing is not required:
- The personal data have been collected for such purposes or otherwise processed for which they are no longer necessary.
- The data subject revokes the consent on which the processing was based in accordance with Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR and there is no other legal basis for the processing.
- The data subject objects to the processing according to Art. 21 (1) GDPR and there are no prevailing legitimate reasons for the processing, or the data subject objects to the processing accordance with Art. 21 (2) GDPR.
- The personal data were processed unlawfully.
- The deletion of personal data is necessary to fulfil a legal obligation under Union or national law to which the controller is subject.
- The personal data were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.
If any of the above reasons apply and a data subject wishes to arrange for the deletion of personal data held by us, they may, at any time, contact an employee of the controller.
We will arrange that the deletion request be fulfilled immediately.
If the personal data have been made public by us, and if our company as the controller is responsible for deleting the personal data pursuant to Art.17 (1) GDPR, we shall take appropriate measures, including technical ones, taking into account the available technology and the costs of implementation, to inform other controllers who process the published personal data that the data subject requests the other controllers to delete all links to such personal data and copies or replications thereof, as far as the processing is not necessary.
We will arrange for the necessary steps in individual cases.
e) Right to restriction of processing
Any data subject affected by the processing of personal data has the right, granted by the European legislators and regulators, to require the controller to restrict the processing if one of the following conditions applies:
- The accuracy of the personal data is contested by the data subject for a period of time that enables the controller to verify the accuracy of the personal data.
- The processing is unlawful and the data subject declines to delete the personal data and instead requests the restriction of the use of personal data.
- The controller no longer needs the personal data for the purposes of processing, but the data subject requires them to assert, exercise or defend legal claims.
- The data subject has objected to the processing in accordance with Art. 21 (1) GDPR, and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.
If any of the above conditions is met and a data subject wishes to request the restriction of personal data stored by us, they may contact an employee of the controller at any time about this.
We will initiate the restriction of processing.
f) Right to data portability
Any data subject affected by the processing of personal data has the right, granted by the European legislators and regulators, to receive the personal data concerning them, which they have provided to a controller, in a structured, common and machine-readable format.
The data subject also has the right to transfer this data to another controller without hindrance by the controller to whom the personal data were given, provided that the processing is carried out with consent pursuant to Art. 6 (1) (a) GDPR or Art 9 (2) (a) GDPR or on the basis of a contract pursuant to Art. 6 (1) (b) GDPR and processing is carried out by automated means, unless the processing is necessary for the performance of a task in the public interest or in the exercise of official authority which has been entrusted to the controller.
In addition, in exercising their right to data portability under Art.20 (1) GDPR, the data subject has the right to require that the personal data are transmitted directly from one controller to another, where technically feasible and insofar as this does not affect the rights and freedoms of other persons.
g) Right to objection
Any data subject affected by the processing of personal data has the right, granted by the European legislators and regulators, at any time, for reasons arising out of their particular situation, to object to the processing of personal data relating to them which occurs pursuant to Art. 6 (1) (e) or (f) GDPR.
This also applies to profiling based on these provisions.
In the event of an objection, we no longer process personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or processing is done for the purposes of asserting, exercising or defending legal claims.
If we use personal data to conduct direct marketing, the data subject has the right to object at any time to the processing of personal data for the purposes of such marketing.
This also applies to profiling, as far as it is associated with such direct marketing.
If the data subject objects to our processing for direct marketing purposes, we will no longer process the personal data for these purposes.
In addition, the data subject has the right, for reasons arising from their particular situation, to object to the processing of personal concerning them, which occurs with us for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, unless such processing is necessary to fulfil a task of public interest.
To exercise the right to objection, the data subject can contact us directly.
The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58/EC, to exercise their right to objection by means of automated procedures using technical specifications.
h) Automated decision in individual cases including profiling
Any data subject affected by the processing of personal data has the right, granted by the European legislators and regulators, not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect on them or, in a similar manner, significantly affects them, unless: the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller; or (2) is permitted by Union or Member State legislation to which the controller is subject, and that legislation provides for appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject; or (3) it is done with the express consent of the data subject.
If the decision is necessary to conclude or execute a contract between the data subject and the controller or is taken with the express consent of the data subject, we will take reasonable steps to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of a person on the part of the controller, the right of the data subject to express their own position, and the right to contest the decision.
If the data subject wishes to assert their rights related to automated decision-making, they can contact an employee of the controller at any time.
i) Right to revocation of data-protection consent previously granted
Any data subject affected by the processing of personal data has the right, granted by the European legislators and regulators, to revoke consent to the processing of personal data at any time.
If the data subject wishes to assert their right to revoke consent, they may, at any time, contact an employee of the controller to do this.
The website partly use so-called cookies.
Cookies do not harm your computer and do not contain viruses.
Cookies serve to make our website more user-friendly, effective and secure.
Cookies are small text files that are placed on your computer and stored by your browser.
Most of the cookies we use are so-called "session cookies".
They are automatically deleted after your visit.
Other cookies remain stored on your device until you delete them.
These cookies allow us to recognise your browser the next time you visit.
You can set your browser so that: you are informed about the setting of cookies, cookies are permitted only for a particular case, the setting of cookies is allowed only in certain cases or is generally excluded or cookies are automatically deleted when closing your browser.
Disabling cookies may limit the functionality of this website.
Use of Google maps
This website uses the product Google Maps by Google Inc.
By using this website, you consent to the collection, processing and use of the automated data collected by Google Inc, its agents and third parties.
You can find Google Maps Terms of Service at https://www.google.com/intl/en_en/help/terms_maps.html.
ENO telecom GmbH informs its customers and business partners at regular intervals by means of a newsletter about offers of the company.
The newsletter of our company can in principle be received by the data subject only if:
- (1) The data subject has a valid email address and
- (2) The data subject registers for the newsletter.
For legal reasons, a confirmation email will be sent to the email address registered by a data subject for the first time for the newsletter dispatch as part of a double opt-in procedure.
This confirmation email is used to check whether the owner of the email address as the data subject authorised the receipt of the newsletter.
When subscribing to the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration, as well as the date and time of registration, as assigned by the Internet Service Provider (ISP).
The collection of these data is necessary in order to document the (possible) misuse of a data subject’s email address at a later date and therefore serves as legal safeguarding for the controller.
The personal data collected in the context of registering for the newsletter will be used exclusively to send our newsletter.
Subscribers to the newsletter may also be notified by email if this is necessary for the operation of the newsletter service or registration, as might be the case in the event of changes to the newsletter or technical changes.
There will be no transfer of the personal data collected as part of the newsletter service to third parties.
Subscription to our newsletter may be terminated by the data subject at any time.
The consent to the storage of personal data that the data subject has given us for the newsletter dispatch can be revoked at any time.
There is a corresponding link in each newsletter for the purpose of revoking the consent.
It is also possible to unsubscribe from the newsletter at any time, directly on the controller’s website, or to inform the controller in a different way.
Legal basis for processing
Art. 6 (1) (a) GDPR provides our company with a legal basis for processing operations in which we obtain consent for a particular processing purpose.
If the processing of personal data is necessary to fulfil a contract to which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing is based on Art. 6 (1) (b) GDPR.
The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services.
If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfilment of tax obligations, the processing is based on Art. 6 (1) (c) GDPR.
In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person.
This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party.
In that case, the processing would be based on Art. 6 (1) (d) GDPR.
Finally, processing operations may be based on Art. 6 (1) (f) GDPR.
Processing operations that are not covered by any of the above legal bases are based on this legal basis if processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the data subject prevail.
Such processing operations are particularly permitted for us because they have been specifically mentioned by the European legislator.
The European legislator has held that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, second sentence, GDPR).
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the inquiry and in case of follow-up questions.
Objection to advertising emails
The use of contact information published in the context of the imprint obligation for sending unsolicited advertising and informational materials is hereby objected to.
The operators of the website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.
Contact data for the data protection officer
Creditreform Compliance Services GmbH
D - 41460 Neuss
Tel.: + 49 (0) 21 31 - 109 1089