Privacy Data protection
Your cookie settingChange cookie settings
Status: March 2020
The owner of the www.atriga.com internet portal is atriga GmbH, Langen (hereinafter referred to as atriga).
The following is our company’s data protection declaration for the Internet portal
The responsible person in terms of the basic data protection regulation and other national data protection laws of the member states and other data protection regulations is the:
represented by the managing directors Oliver Burgis and Christoph Ruoff
Phone: +49 (0)6103 3746-0
The data protection officer of atriga GmbH is:
Phone +49 (0) 6103 3746-220
E-mail (general) firstname.lastname@example.org
Direct contact with the data protection officer email@example.com
The applicable data protection law grants you comprehensive data protection rights (rights of information and intervention) vis-à-vis atriga as the person responsible for processing your personal data, about which we inform you below:
You can request confirmation from the person responsible as to whether personal data concerning you is being processed by us.
If such processing has taken place, you can request information from the data controller about the following:
- the purposes for which the personal data are processed;
- the categories of personal data which are processed;
- the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
- the planned duration of storage of the personal data concerning you or, if it is not possible to give specific details, criteria for determining the duration of storage;
- the existence of a right of rectification or erasure of personal data concerning you, a right to have the processing limited by the controller or a right to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- any available information as to the source of the data where the personal data are not collected from the data subject;
- the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the DPO and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.
You have the right to request information as to whether the personal data concerning you are being transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate safeguards pursuant to Article 46 of the DPA in connection with the transfer.
You have the right to ask the data controller to correct and/or complete the data if the personal data processed concerning you is incorrect or incomplete. The data controller shall make the correction without delay.
Under the following conditions, you may request the restriction of the processing of personal data concerning you:
- if you dispute the accuracy of the personal data concerning you for a period of time which enables the controller to verify the accuracy of the personal data;
- the processing is unlawful and you object to the deletion of the personal data and instead request the restriction of the use of the personal data;
- the controller no longer needs the personal data for the purposes of the processing, but you need the personal data in order to assert, exercise or defend legal claims; or
- if you have lodged an objection to the processing in accordance with Article 21 (1) of the DPA and it has not yet been established whether the legitimate reasons given by the controller outweigh your reasons.
If the processing of personal data relating to you has been restricted, such data may be processed – apart from storage – only with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or of a Member State.
If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
Duty to delete:
You may request the controller to delete personal data concerning you without delay and the controller is obliged to delete such data without delay if one of the following reasons applies:
- the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing was based under Article 6(1)(a) or Article 9(2)(a) of the DPA and there is no other legal basis for the processing.
- You object to the processing pursuant to Article 21(1) of the DS-GVO and there are no legitimate grounds for processing that take precedence, or you object to the processing pursuant to Article 21(2) of the DS-GVO.
- The personal data concerning you have been processed unlawfully.
- The deletion of personal data concerning you is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
- The personal data concerning you have been collected in relation to information society services offered, in accordance with Article 8(1) of the DS-GVO.
Information to third parties:
If the data controller has made the personal data concerning you public and is obliged to delete it pursuant to Art. 17 (1) DS-GVO, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you, as a data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
The right of cancellation does not apply insofar as the processing is necessary
- on the exercise of the right to freedom of expression and information;
- to comply with a legal obligation to which the processing relates under Union or national law to which the controller is subject or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons of public interest relating to public health pursuant to Article 9 (2) lit. h and i and Article 9 (3) of the DPA;
- for archiving, scientific or historical research purposes in the public interest or for statistical purposes in accordance with Art. 89 (1) DS-GVO, insofar as the law referred to in section a) is likely to render impossible or seriously prejudice the attainment of the objectives of such processing, or
- to assert, exercise or defend legal claims.
If you have asserted the right to rectify, erase or limit the processing vis-à-vis the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure or limitation of processing, unless this proves impossible or involves a disproportionate effort.
You have the right vis-à-vis the controller to be informed of these recipients.
You have the right to receive the personal data concerning you that you have provided to the data controller in a structured, common and machine-readable format. You also have the right to have this data communicated to another person in charge without interference from the person in charge to whom the personal data has been communicated, provided that
- the processing is based on a consent pursuant to Art. 6 Para. 1 letter a DS-GVO or Art. 9 Para. 2 letter a DS-GVO or on a contract pursuant to Art. 6 Para. 1 letter b DS-GVO and
- the processing is carried out by means of automated procedures.
In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data transferability shall not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is carried out pursuant to Article 6(1)(e) or (f) of the DPA, including profiling based on these provisions.
The controller will no longer process the personal data concerning you unless it can demonstrate compelling legitimate reasons for processing which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is linked to such direct marketing.
If you object to processing for the purposes of direct marketing, the personal data concerning you will no longer be processed for those purposes.
You have the possibility to exercise your right of objection in relation to the use of information society services, without prejudice to Directive 2002/58/EC, by using automated procedures involving technical specifications.
You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until revocation.
You have the right not to be subject to a decision based solely on automated processing, including profiling, that has legal effect on you or significantly affects you in a similar manner. This shall not apply if the decision
- is necessary for the conclusion or fulfilment of a contract between you and the person responsible,
- is authorised by Union or national legislation to which the person responsible is subject and that legislation provides for appropriate measures to safeguard your rights and freedoms and your legitimate interests, or
- with your express consent.
However, these decisions may not be based on special categories of personal data in accordance with Art. 9 (1) DS-GVO, unless Art. 9 (2) lit. a or g DS-GVO applies and appropriate measures have been taken to protect rights and freedoms and your legitimate interests.
With regard to the cases referred to in (1) and (3), the controller shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests, which shall include at least the right to obtain the intervention of a person from the controller, to present his or her point of view and to challenge the decision.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place where the alleged infringement is committed, if you consider that the processing of personal data relating to you is in breach of the DS Block Exemption Regulation.
The supervisory authority to which the complaint has been submitted will inform the complainant of the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 DS-GVO.
Below are the contact details of the supervisory authority responsible for our company
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Phone: +49 (0) 611-1408 0
Fax: +49 (0) 611-1408 611
As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our contents and services. The processing of personal data of our users regularly only takes place with the user’s consent. An exception is made in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 (1) lit. a of the EU Basic Data Protection Regulation (DS-GVO) serves as the legal basis.
When processing personal data which is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) (b) of the EU Data Protection Regulation serves as the legal basis. This also applies to processing operations which are necessary for the performance of pre-contractual measures.
Insofar as processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 Paragraph 1 lit. c DS-GVO serves as the legal basis.
In cases where vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) DS-GVO serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or of a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Article 6 (1) (f) DS-GVO serves as the legal basis for the processing.
The personal data of the person concerned will be deleted or blocked as soon as the purpose of the storage no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. Data will also be blocked or deleted when a storage period prescribed by the above-mentioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
The processing is carried out in accordance with Art. 6 Para. 1 letter f DS-GVO on the basis of our justified interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently if there are concrete indications of illegal use.
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
The storage in log files is done to ensure the functionality of the website. In addition, the data serves us to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f DS-GVO.
The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended.
In the case of storage of the data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.
The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. There is therefore no possibility of objection on the part of the user.
The website www.atriga.com uses so-called “cookies”. Cookies are small text files and do not cause any damage to your end device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device.
Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or until your web browser automatically resolves them.
In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for the processing of payment services).
Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies are used to evaluate user behaviour or display advertisements. Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies for measuring the web audience) are stored on the basis of Art. 6 para. 1 lit. f DSGVO, unless another legal basis is given. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of his services. If consent to the storage of cookies has been requested, the storage of the cookies in question will be carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO); the consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the scope of this data protection declaration and, if necessary, request your consent.
Cookie Consent with Borlabs Cookie
Our website uses Borlabs Cookie Content technology to obtain your consent to store certain cookies in your browser and to document this consent in a manner consistent with data protection. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter Borlabs).
When you enter our website, a Borlabs cookie is stored in your browser, which stores the consent you have given or the revocation of this consent. This data is not passed on to the provider of Borlabs Cookie.
The data collected will be stored until you request us to delete it or until you delete the Borlabs cookie itself or until the purpose for which the data is stored no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs cookie can be found under https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
On our website there is a contact form which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask is transmitted to us and stored. These data are:
At the time the message is sent, the following data is also stored:
Date and time
For the processing of the data, reference is made to this data protection declaration in the context of the sending process.
Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.
In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.
The same applies to inquiries by telephone or fax.
The legal basis for the processing of the data is Article 6(1)(a), (f) of the DPA. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for processing is Article 6 (1) (b) DS-GVO.
These data are stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration.
Your data will be deleted after the final processing of your inquiry; this is the case if it can be concluded from the circumstances that the matter in question has been conclusively clarified and provided that there are no legal obligations to keep records that conflict with this.
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot be continued.
Please contact us in case of revocation of the consent and objection of the storage by mail or by e-mail to firstname.lastname@example.org.
All personal data stored in the course of the contact will be deleted in this case.
Information on this can be found under “General information” in section 1.3.
If you would like to receive the newsletter offered on the website, we require an email address, your name, as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Further data is not or only collected on a voluntary basis. We use these data exclusively for sending the requested information and do not pass them on to third parties.
The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address as well as its use for sending the newsletter at any time, for example by using the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you have provided us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have cancelled your subscription. Data that has been stored by us for other purposes remains unaffected.
After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data.
This serves both your interest and our interest in compliance with the legal requirements when sending newsletters (legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
Google Web Fonts
This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.
This site uses the map service Google Maps via an API. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easy to find the places we have indicated on the website. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO. If consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; consent may be revoked at any time.
We maintain publicly accessible profiles in social networks. You can find the social networks we use in detail below. Social networks such as Facebook, Twitter, etc. can usually analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). A visit to our social media sites triggers numerous data protection-relevant processing operations. In detail:
If you are logged in to your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your end device or by recording your IP address.
Our social media appearances are designed to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. The analysis processes initiated by the social networks may be based on different legal bases, which must be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. A DSGVO).
Responsibility and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can basically assert your rights (information, correction, deletion, restriction of processing, data transferability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our possibilities are largely determined by the corporate policy of the respective provider.
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing them no longer applies, you request us to delete them, revoke your consent to storage or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
Social networks in detail
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified according to the EU-US Privacy Shield. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: