1. PROCESSING ACTIVITIES
1.1 Accessing the solution
Each time you access our solution, for example under https://www.find-size.com any website which gives access to our solution, your device transfers a couple of data to us which we store in our logfiles. This data may include:
browser type and browser version operating system used internet service provider the IP address hostname of the accessing computer time of the server inquiry websites from which you reach our solution (so-called referrer) websites accessed by the user's system via our solution bytes transferred access status
We process such data temporarily to provide you with the requested content (Art. 6 (1) lit. f) GDPR) and we store and process such data for a period of seven days (unless an unusual incident requires a longer storage period (e.g. after a hacker attack)) for security reasons in order to identify potential attacks on our systems and optimize our systems (Art. 6 (1) lit. f) GDPR). Thereafter, this data is being anonymized. The collection of data for the provision of the solution and the storage of the data in logfiles is mandatory for the operation of the solution. Consequently, there is no possibility of objection on the part of the user.
Insofar as a processing of personal data is necessary for the fulfilment of a legal obligation to which we are subject (e.g. accounting, commercial and tax law), Art. 6 (1) lit. c) GDPR serves as a legal basis.
3. SERVICE PROVIDERS
4. TRANSFER TO RECIPIENTS OUTSIDE THE EEA
We might transfer personal data to recipients located outside the European Economic Area (EEA) into so-called third countries. In such cases, prior to the transfer, we ensure that either the data recipient provides an appropriate level of data protection (e.g. due to a decision of adequacy by the European Commission for the respective country (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en
), due to an agreement based on so-called EU model clauses with the recipient (https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32010D0087&from=en
) or, in the case of the USA, based on the EU-US Privacy Shield (https://www.privacyshield.gov/list
)) or, in case we transfer data to a Vendor (section 1.2 above) which is located outside the EEA, the transfer outside the EEA is permitted because necessary for the implementation of pre-contractual measures taken (Art. 49 (1) lit. b) GDPR).
5. RETENTION OF PERSONAL DATA
Personal data is stored for as long as is necessary for the above-mentioned purposes. If not otherwise indicated, the data will be deleted at the latest one year after its collection, but not until the expiry of applicable statutory retention periods of civil, commercial and tax law.
6. YOUR RIGHTS
6.1 General Rights
You can request access to the personal data stored about you and have the right to receive the data you provided in a common and machine-readable format. In addition, you may, in justified cases, request the deletion, correction or limitation of the processing of your personal data. If your personal data is transferred to a country outside the EU that does not offer adequate protection, you can request a copy of the contract that ensures adequate protection of personal data. You also have a general right to complain to us or a supervisory authority in particular in the member state of your residence, place of work or place of suspected infringement about our data processing.
6.2 Right to object
If we use your personal data on the basis of our legitimate interests (Art. 6 (1) lit. f) GDPR), you may object to the processing and use of your data. In this case, we will no longer use your data unless our interests prevail.
6.3 Contacting us or our data protection officer
In order to exercise the aforementioned rights, please contact us directly in writing or via e-mail or contact our data protection officer under email@example.com