Data protection
LTZ-Huf-App

Information about data protection

A. Foreword

We

LTZ – Lehrinstitut Zanger

Dr. Michael Zanger
Martin-Luther-Strasse 2
64683 Einhausen

Tel.: +49 (0) 151 / 1495 2525
Fixed net: +49 (0) 621 / 98194700

Email: info ( @ ) zanger-pferd.de

(hereinafter jointly: “the company”, “we” or “us”) take the protection of your personal data seriously and would like to inform you about the data protection at this point.

In the context of our data protection liability, we have been imposed by the entry into force of the EU General Data Protection Regulation (Regulation (EU) 2016/679; hereinafter: “GDPR”) additional obligations to ensure the protection of personal data of the data subject (we will also address you as a data subject with “customers”, “users”, “you”, “beans” or “betroversyers”).

Insofar as we decide either alone or together with others on the purposes and means of data processing, this includes, in particular, the obligation to inform you transparently about the nature, scope, purpose, duration and legal basis of the processing (cf. Art. 13 and Art. 14 GDPR). With this statement (hereinafter: “Data Protection Notices”), we inform you about how your personal data is processed by us.

B. General

1. Definitions

According to the model of Art. 4 GDPR, this data protection notice is based on the following definitions:

  • “Personal data” (Art. 4 No. 1 GDPR) is all information related to an identified or identifiable natural person (“Controversy”). Identifiable is a person who can be identified directly or indirectly, in particular by assigning to an identifier such as a name, an identification number, an online identifier, location data or by means of information on their physical, physiological, genetic, psychological, economic, cultural or social identity features. The identifiableness can also be given by means of a combination of such information or other additional knowledge. It is not necessary to obtain the status, form or embody the information (including photos, video or sound recordings may contain personal data).
  • “processing” (Art. 4 No. 2 GDPR) is any process in which personal data is handled, whether with or without the aid of automated (i.e. technology-based) procedures. This includes, in particular, the collection (i.e. procurement), the collection, the organisation, the organisation, the organization, the organization, the storage, the adaptation or modification, the reading, the interrogation, the use, disclosure by transmission, the dissemination or other provision, the comparison, the association, the restriction, the erasure or the destruction of personal data, and the modification of a destination or purpose that was originally based on data processing.
  • “Responsible” (Art. 4 No. 7 GDPR) is the natural or legal person, authority, body or other body that decides on the purposes and means of processing personal data alone or together with others.
  • ‘third party’ (Art. 4 No. 10 GDPR) is any natural or legal person, authority, body or other body other than the data subject, controller, processor and persons empowered to process the personal data under the direct responsibility of the controller or processor; This includes other corporate legal entities.
  • “order processor” (Art. 4 No. 8 GDPR) is a natural or legal person, authority, body or other body that processes personal data on behalf of the controller, in particular according to its instructions (e.g. IT service provider). In the sense of data protection, a processor is in particular not a third party.
  • ‘authorisation’ (Art. 4 No. 11 GDPR) of the data subject shall designate any expression of will voluntarily given for the particular case, in an informed and unambiguous manner, in the form of a declaration or any other unambiguous affirmative action by which the data subject understands that he agrees with the processing of personal data concerning him.

Two. Change of data protection information

(1) As part of the development of data protection law as well as technological or organisational changes, our data protection information is regularly checked for adaptation or supplementary requirements. You will be informed about changes.

(2) These data protection notices have the status of December 2024.

3. No obligation to provide personal data

We do not depend on the conclusion of contracts with us that you provide us with personal data beforehand. For you as a customer there is no legal or contractual obligation to provide us with your personal data; it may, however, be that we may only be able to provide certain offers to a limited extent or not at all if you do not provide the necessary data. If this should be the case in the context of the products we offer below, you will be referred to separately.

C. Information about the processing of your data

1. Collection of personal data concerning you

(1) When using our app, we collect personal data about you.

(2) Personal data is all data relating to your person (see above in general). For example, your name, your location data, your IP address, the device identifier, the SIM card number, your address and email address are personal data, your fingerprint, images, movies, audio recordings, and also your user behavior falls into this category.

Two. Legal basis of data processing

(1) In principle, any processing of personal data is prohibited by law and is only permitted if the processing of data falls under one of the following justification rules:

  • Article 6, par. 1 p. 1 lit. a GDPR (“approval”): If the data subject has voluntarily, in an informed and unambiguous manner to understand by a declaration or any other clear affirmative action that he agrees with the processing of personal data concerning him for one or more specific purposes;
  • Article 6, par. 1 p. 1 lit. b GDPR: if the processing is necessary for the performance of a contract, the party of which is the person concerned, or for the implementation of pre-contractual measures which take place on the request of the person concerned;
  • Article 6, par. 1 p. 1 lit. c GDPR: If the processing is necessary to fulfil a legal obligation to which the controller is subject (e.g. a statutory retention obligation);
  • Article 5(1)(d) of the GDPR: if the processing is necessary to protect the vital interests of the data subject or another natural person;
  • Article 6(1) point (e) of the GDPR: If the processing is necessary for the performance of a task which is in public interest or is carried out in the exercise of public authority which has been delegated to the controller; or
  • Article 6, par. 1 p. 1 lit. f GDPR (“Legal interests”): If the processing is necessary for the protection of legitimate (in particular legal or economic) interests of the controller or of a third party, unless the contrary interests or rights of the data subject prevail (in particular if this is a minor).

The storage of information in the end device of the end user or the access to information already stored in the end device shall only be permitted if it is covered by one of the following justifications:

  • § 25 para. 1 TTDSG: If the end user has consented on the basis of clear and comprehensive information. The consent must be made in accordance with Art. 6 para. 1 p. 1 lit. a GDPR;
  • § 25 para. 2 No 1 TTDSG: If the sole purpose is to carry out the transmission of a message via a public telecommunications network, or
  • § 25 para. 2 TTDSG: If the storage or access is absolutely necessary, so that the provider of a telemedia service can provide a telemedia service that is expressly desired by the user.

(2) For the processing operations carried out by us, we specify the applicable legal basis below. Processing may also be based on several legal bases.

3. The data collected during the download

(1) When downloading this app, certain necessary data will be transmitted to your person to the corresponding App Store (e.g. Apple App Store or Google Play).

(2) In particular, when downloading, the e-mail address, the user name, the customer number of the downloading account, the individual device identifier, payment information and the time of downloading will be transferred to the App Store.

(3) We have no influence on the collection and processing of this data, but only through the App Store you selected. Accordingly, we are not responsible for this collection and processing; the responsibility for this lies solely with the App Store.

4. Data collected during use

(1) The benefits of our app are only available to them if certain data required for app operation are collected for your person when using us.

(2) We collect this data only if this is necessary for the performance of the contract between you and us (Art. 6 para. 1 lit. b GDPR). We also collect this data if this is necessary for the functionality of the app and does not override your interest in the protection of your personal data (Art. 6 para. 1 lit. f GDPR) or if you consent to the collection and processing (Art. 6 para. 1 lit. a GDPR).

(3) We collect and process the following data from you:

  • Device information: Access data includes the IP address, device ID, device type, device-specific settings and app settings as well as app properties, the date and time of retrieval, time zone the transferred amount of data and the message whether the data exchange was complete, crashing the app, browser type and operating system. These access data are processed to enable the operation of the app
  • Data you provide to us: A user account is required to use the app. For this, at least specify your login name.
  • Information with your consent: We process other information (assays, information about the veterinarian, data contained in treatment plans) if you allow us to do so.
  • We also process the data of your horse (Hufpass) according to this statement
  • Contact form details: When using contact forms, the data thus transmitted are processed (e.g. gender, name and first name, address, company, e-mail address and the time of transmission).
  • We process non-personal data as training data to improve our AI algorithms

(4) If the storage of information in your end device or the access to information already stored in the end device is necessary for the processing of the data, § 25 para. 1, 2 TTDSG the legal basis for this.

Five. Period of data storage

(1) We will delete your personal data as soon as they are no longer required for the purposes for which we have collected or used it (see C. 4., 5., 6.). As a rule, we store your personal data for the duration of the usage or contractual relationship via the app. In principle, your data is only stored on our servers in Germany, subject to any transfer in accordance with the regulations in F. 1, 2 and 3.

(2) However, storage may take place beyond the specified time in the event of a (threatening) legal dispute with you or any other legal proceedings.

(3) Legal requirements for the retention and erasure of personal data remain unaffected by the foregoing (e.g. § 257 HGB or § 147 AO). If the storage period prescribed by the statutory regulations expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.

6. Data security

(1) We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties, taking into account the state of the art, implementation costs and nature, scope, context and purpose of processing, as well as the existing risks of a data panel (including their probability and impact) for the data subject. Our security measures are continually improved according to technological development.

7. No automated decision-making (including profiling)

We do not intend to use personal data collected by you for automated decision-making (including profiling).

8. Amendment

(1) Processing of your personal data for purposes other than those described shall be carried out only if a legal provision allows this or you have consented to the changed purpose of data processing.

(2) In the event of further processing for purposes other than those for which the data was originally collected, we will inform you about these other purposes before further processing and provide you with all other relevant information.

D. Responsibility for your data and contacts

1. Responsible and contact data

(1) The body responsible for the processing of your personal data within the meaning of Art. 4 No 7 GDPR we are

LTZ – Lehrinstitut Zanger

Dr. Michael Zanger
Martin-Luther-Strasse 2
64683 Einhausen

Tel.: +49 (0) 151 / 1495 2525
Fixed net: +49 (0) 621 / 98194700

Email: info ( @ ) zanger-pferd.de

(2) Please contact this contact point in particular if you wish to assert your rights under Chapter G to us.

(3) For further questions or comments concerning the collection and processing of your personal data, please contact the aforementioned contacts.

Two. Data collection when contacting

(1) If you contact us by e-mail or via a contact form, then your e-mail address, your name and any other personal data you have provided during contact will be stored by us so that we can contact you to answer the question.

(2) We delete this data as soon as storage is no longer necessary. If there are statutory retention periods, the data will remain stored, but we restrict the processing.

F. Data processing by third parties

1. Contract data processing

(1) It may happen that commissioned service providers are used for individual functions of our app. As with any larger company, we also use external domestic and foreign service providers (e.g. for IT, logistics, telecommunications, sales and marketing). These are only operated after our instructions and were contractually obliged to comply with the data protection regulations in iSv Art. 28 GDPR.12

(2) The following categories of recipients, which are usually processors, may be obtained: Access to your personal data:

  • Service providers for the operation of our app and the processing of the data stored or transmitted by the systems (e.g. for data center services, payment processing, IT security). The legal basis for the transfer is then Art. 6 para. 1 p. 1 lit. b or lit. f GDPR, unless it is a processor;
  • State bodies/authorities, where necessary to fulfil a legal obligation. The legal basis for the transfer is then Art. 6 para. 1 p. 1 lit. c GDPR;
  • Persons employed to carry out our business operations (e.g. auditors, banks, insurance companies, legal advisers, supervisory authorities, participants in business purchases or the establishment of joint ventures). The legal basis for the transfer is then Art. 6 para. 1 p. 1 lit. b or lit. f GDPR.

(3) In addition, we will only disclose your personal data to third parties if you are in accordance with Art. 6 para. 1 p. 1 lit. a GDPR have given explicit consent to this.

Two. Legal obligation to provide certain data

We may be subject to a special legal or legal obligation to provide the legally processed personal data for third parties, in particular public bodies (Art. 6 para. 1 p. 1 lit. c GDPR).

G. Your Rights

1. Right of access

(1) You have the right to us in the scope of Art. 15 GDPR, to obtain information about the personal data concerning you.

(2) For this purpose, a request is required by you, which is to be sent by e-mail or by mail to the addresses specified above (see D. 1.).

Two. Right to object to data processing and revocation of consent

(1) You've got Art. 21 GDPR the right to object at any time to the processing of personal data concerning you. We will cease the processing of your personal data, unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

(2) According to Art. 7 para. 3 GDPR, you have the right to revoke your consent once (even before the application of the GDPR, i.e. before 25.5.2018) – that is, your voluntary, informed and unambiguously made clear by a statement or any other unambiguous affirmative action that you agree to the processing of the personal data in question for one or more specific purposes – at any time to us, if you have granted such a consent. As a result, we are no longer allowed to continue the processing of data based on this consent for the future.

(3) Please contact the above contact point (see D. 1.).

3. Right to rectification and deletion

(1) Insofar as personal data concerning you are incorrect, you have to do so in accordance with Art. 16 GDPR the right to request the immediate correction from us. Please contact the contact point indicated above (see D. 1.).

(2) Among those in Art. 17 GDPR, you have the right to request the erasure of personal data concerning you. Please contact the contact point indicated above (see D. 1.). The right to erasure shall be granted to you, in particular, if the data in question is no longer necessary for the purposes of collection or processing, if the data storage period (see C. 7.) has been deleted, an objection exists (see G. 2.) or an unlawful processing is present.

4. Right to restriction of processing

(1) In accordance with Art. 18 GDPR you have the right to request the restriction of the processing of your personal data.

(2) Please contact the contact point indicated above (see D. 1.).

(3) The right to restriction of processing is in particular for you if the accuracy of the personal data between you and us is disputed; in this case, the right is at your disposal for a period of time which is required to verify the correctness. The same applies if the successful exercise of a right of objection (see G. 2.) between you and us is still controversial. This right also applies to you, in particular, if you have a right to erasure (see G. 3.) and you request a restricted processing instead of erasure.

Five. Right to data portability

(1) In accordance with Art. 20 GDPR you have the right to obtain from us the personal data concerning you, which you have provided to us, in a structured, commonly used, machine-readable format according to requirements.

(2) Please contact the contact point indicated above (see D. 1.).

6. Right to appeal to the supervisory authority

You've got Art. 77 GDPR the right to complain about the collection and processing of your personal data to the competent supervisory authority.

The supervisory authority responsible for us is:

Hessian Commissioner for Data Protection and Freedom of Information

represented by
Prof. Dr. Alexander Roßnagel

Gustav Stresemann-Ring 1
65189 Wiesbaden

Telephone: 0611-1408 0
E-mail:

poststelle@datenschutz.hessen.de

0
    0
    Dein Warenkorb
    Dein Warenkorb ist leerZurück zum Shop
    Weiter einkaufen