Legal Notice

Right of access to information
Every user has the right to receive information about the personal data stored about him/her at any time and free of charge. For this information the user can contact hello@ohed.me.

This right of access includes confirmation of whether personal data relating to the data subject is being processed and, if so, the following information:

The purposes of the processing; the categories of personal data being processed; the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organisations; if possible, the envisaged duration for which the personal data will be kept or, if that is not possible, the criteria for determining that duration DSGVO) and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing on the data subject.

In particular, the right to information does not exist if the data is stored only because it may not be deleted due to legal or statutory storage regulations, or if it is used exclusively for the purposes of data security or data protection control and the provision of information would require a disproportionate effort, and if processing for other purposes by appropriate technical and organisational measures is excluded.

Revocation

Every user has the right to revoke his or her consent to the use, processing or transmission of his or her data to me at any time in writing or by email. For this purpose the user can contact hello@ohed.me.

In the event of revocation, I will no longer process the user’s stored data and will delete it immediately. This does not apply if compelling reasons for processing worthy of protection can be proven, if the interests, rights and freedoms of the users outweigh the data or if the processing serves to assert, exercise or defend legal claims.

I will therefore continue to use this data, for example, if it is still necessary for the processing of the contractual relationship.

Correction and completion of data

The user or person concerned has the right to ask me to rectify any incorrect personal data relating to him/her without delay. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration. For this purpose, you can contact hello@ohed.me.

Deletion (“right to be forgotten”)

The user has the right to have personal data stored by me deleted immediately. For this purpose the user can contact hello@ohed.me.

Immediate deletion takes place in the following cases:

• The personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
• The data subject withdraws the consent on which the processing was based and there is no other legal basis for the processing;
• The data subject objects to the processing and there are no overriding legitimate reasons for processing; the personal data have been processed unlawfully
• The deletion of personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject;
• The personal data were collected directly from a child under the age of 16 or without parental responsibility consent in relation to Information Society services provided.

Upon termination of the user relationship, the user’s data in the internal database is regularly deleted. Data is excluded from deletion if, for example, processing of the data is necessary for the assertion, exercise or defence of legal claims; for example, the processing of the contract with OHEDor if deletion is prevented by legal retention periods.

Furthermore, the data will not be deleted if this is necessary (i) to fulfil a legal obligation which requires processing under the applicable law or to perform a task in the public interest or in the exercise of official authority vested in the controller; (ii) to exercise the right to freedom of expression and information; (iii) for reasons of public interest in the field of public health; or (iv) for archiving, scientific or historical research or statistical purposes in the public interest where the right of deletion is likely to make the attainment of the objectives of such processing impossible or to seriously prejudice it.

Similarly, in the case of non-automated data processing, erasure need not take place if, owing to the particular nature of the storage, it would not be possible or would involve a disproportionate effort and the data subject’s interest in obtaining erasure is considered to be minimal. Deletion is then replaced by the restriction of processing.

Furthermore, I restrict processing and do not delete the data for as long as I have reason to believe that deletion would adversely affect your interests or those of the data subject worthy of protection. I will inform you or the data subject about the restriction of processing unless the information proves impossible or would require a disproportionate effort.

Restriction of processing
You also have the right to request that the processing be restricted. For this purpose you can contact hello@ohed.me. You can only successfully enforce the right to restrict processing if one of the following conditions is met:

• the accuracy of the personal data is contested by the data subject, for a period of time which allows the controller to verify the accuracy of the personal data
• the processing is unlawful and the data subject requests their erasure
• who rejects personal data and instead demands the restriction of the use of personal data;
• the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them in order to exercise or defend his rights; or
• the data subject has lodged an objection to the processing as long as it has not been established that the controller’s legitimate reasons outweigh those of the data subject

In the event that you have obtained a restriction on processing, you will be notified by me accordingly before the restriction is lifted.

A restriction of processing can also be applied in certain cases instead of deleting the data. See in particular the above point “Deletion (“right to be forgotten”)”.

Right to data transferability
You have the right to receive the personal data concerning you that you have provided to me in a structured, common and machine-readable format. For this purpose you can contact hello@ohed.me.

You also have the right to have these data communicated to another controller without hindrance by the controller to whom the personal data have been made available, provided that the processing is based on consent or on a contract to which the data subject is a party and that the processing is carried out using automated procedures.

In exercising your right to data transfer, you have the right to obtain that personal data be transferred directly from one controller to another controller, insofar as this is technically feasible.

This right does not apply to the extent that the rights and freedoms of other persons are prejudiced or to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Right of appeal
Every user has a right of appeal to a supervisory authority of his choice. The supervisory authorities in Germany are the competent (data protection) authorities under the respective laws of the Länder.

As a rule, I only store your personal data for as long as it is necessary to implement the contract or the respective purpose and limit the storage period to an absolutely necessary minimum.

In the case of longer-term contractual relationships, such as when using my services, these storage periods may vary, but are generally limited to the duration of the contractual relationship or, with regard to inventory data, to the statutory storage periods (including those in accordance with the German Commercial Code (HGB) and the German Fiscal Code (AO)).

Criteria for the storage period include whether the data is still up-to-date, the contractual relationship with me still exists or whether an enquiry has already been processed or a process has been completed or not and whether legal retention periods for the personal data concerned are relevant or not.

Data security
For the best possible protection of the user’s data, the OHED Website is offered via a secure SSL connection between the user’s server and the browser, i.e. the data is transmitted in encrypted form.

Data when using my offer is stored on servers within the European Union (EU), subject to other information being sent to the user. I use the server provider Strato, Otto-Ostrowski-Straße 7, 10249 Berlin.

I expressly draw the user’s attention to the fact that data protection and data security for data transmissions in open networks such as the Internet cannot be fully guaranteed under the current state of technology. The user is aware that the provider may, from a technical point of view, view the website stored on the web server and possibly also other user data stored there at any time. The user himself is fully responsible for the security and protection of the data transmitted by him to the Internet and stored on web servers. I cannot accept any liability for the disclosure of data due to errors or unauthorised access by third parties.

Availability and validity of the privacy policy; changes

I may amend this Privacy Policy in accordance with applicable regulations.

Controller as the natural or legal person, authority, institution or other body which alone or jointly with others decides on the purposes and means of processing personal data, who is the OHED website.