Your CLIMATE News: best practices to decarbonize, exclusive CHOICE events and insights into our CLIMATE team!
Thank you for your interest in THE CLIMATE CHOICE. The protection of your personal data is important to us. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR). Insofar as links are provided to other websites, we have neither influence nor control over the linked content and the data protection provisions there. We recommend that you check the data protection statements on the linked websites to determine whether and to what extent personal data is collected, processed, used or made available to third parties.
The following data protection declaration applies to the use of our online offer https://theclimatechoice.com as well as https://climatesummit.de. (hereinafter referred to as “website”).
The controller within the meaning of Art. 4 (7) EU General Data Protection Regulation (GDPR) is:
THE CLIMATE CHOICE UG (haftungsbeschränkt)
Managing Directors: Lara Obst, Yasha Tarani
Reichenberger Str. 84
Commercial register entry number: HRB 217580 B
Registration Court: Amtsgericht Charlottenburg (Berlin Local Court)
Data Protection Officer contact: firstname.lastname@example.org
If you wish to object to the collection, processing or use of your data by us in accordance with these data protection provisions as a whole or for individual measures, you can address your objection to the person responsible.
2 General purposes of processing
We use personal data for the purpose of operating the website and for processing requests sent to us via the website.
3 What personal data we collect and how
3.1 Web Access Logs
We use hosting services to provide a range of services, including infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating the website.
In this context, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in an efficient and secure provision of our website pursuant to Art. 6 para. 1 sentence 1 f) GDPR in conjunction with. Art. 28 GDPR.
We collect information about you when you use this website. We automatically collect information about your usage behavior and your interaction with us and register data about your computer or mobile device. We collect, store and use data about each access to our website (so-called server log files). The access data includes:
– Name and URL of the file accessed
– Date and time of access
– amount of data transferred
– message about successful retrieval (HTTP response code)
– browser type and browser version
– operating system
– Referer URL (i.e. the previously visited page)
– Websites that are called up by the user’s system via our website
– Internet service provider of the user
– IP address and the requesting provider
We use this log data without attribution to your person or other profiling for statistical analysis for the purpose of the operation, security and optimization of our website, but also to anonymously record the number of visitors to our website (traffic) and the extent and nature of the use of our website and services, as well as for billing purposes to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content and analyze traffic, search for and correct errors, and improve our services.
This is also our legitimate interest according to Art 6 para. 1 p. 1 f) GDPR.
We reserve the right to review the log data retrospectively if there is a justified suspicion of unlawful use based on concrete indications. We store IP addresses in the log files for a limited period of time if this is required for security purposes or necessary for the provision of services or the billing of a service, e.g. if you use one of our offers. After termination of the order process or after receipt of payment, we delete the IP address if it is no longer necessary for security purposes. We also store IP addresses if we have a concrete suspicion of a criminal offense in connection with the use of our website. In addition, we store the date of your last visit as part of your account (e.g. when registering, logging in, clicking links, etc.).
Our main https://theclimatechoice.com is hosted by https://www.biohost.de/ on servers of https://windcloud.de/ in Germany. We thereby process personal data transmitted via the website, e.g. on content, usage, meta/communication data or contact data. It is our legitimate interest to provide a website, so that the legal basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR.
https://climatesummit.de website is hosted by https://www.wix.com/ which runs servers in the whole world including the US, Europe and backup servers in various locations on the basis of a data processing agreement (Art. 28 GDPR). The provider thereby processes the personal data transmitted via the website, e.g. on content, usage, meta/communication data or contact data. It is our legitimate interest to provide a website, so that the legal basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR.
We use so-called session cookies to optimize our website. A session cookie is a small text file that is sent by the respective servers when you visit a website and is temporarily stored on your hard drive. This file as such contains a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. These cookies are deleted after you close your browser. They are used, for example, to allow you to use the chat function across multiple pages.
To a lesser extent, we also use persistent cookies (also small text files that are stored on your terminal device), which remain on your terminal device and enable us to recognize your browser on your next visit. These cookies are stored on your hard drive and delete themselves after the specified time. Their lifespan is between 1 month and 10 years. This allows us to present our offer to you in a more user-friendly, effective and secure manner and, for example, to display information on the site that is specifically tailored to your interests.
The following data and information, for example, is stored in the cookies:
– Log-in information
– language settings
– entered search terms
– information about the number of visits to our website and the use of individual functions of our website.
When the cookie is activated, it is assigned an identification number and your personal data is not assigned to this identification number. Your name, IP address or similar data that would enable the cookie to be assigned to you are not inserted into the cookie. Based on the cookie technology, we only receive pseudonymised information, for example, about which pages of our store were visited, which products were viewed, etc..
If the cookies are not technically necessary (for example, cookies for the purpose of analysis or tracking), we store the cookie on your terminal device only based on your prior consent by “opt-in”. We will then explain the respective purpose of storing the cookie to you separately in the context of the respective service that stores the cookie on your end device.
You can revoke your consent to the storage of cookies at any time in the cookie settings.
You can also set your browser so that you are informed in advance about the setting of cookies and can decide in individual cases whether you want to exclude the acceptance of cookies for certain cases or generally, or prevent cookies completely. However, this may limit the functionality of the website.
3.3 Google Analytics
We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by site visitors is usually transmitted to a Google server in the U.S. and stored there.
Our legitimate interest according to Art. 6 para. 1 p. 1 f) GDPR is to know how often and in what way our website is used.
Google has submitted to the Privacy Shield Agreement concluded between the European Union and the USA and has certified itself. This means that Google undertakes to comply with the standards and regulations of European data protection law. You can find more information in the entry linked below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
We have activated IP anonymization on this website (anonymizeIp). However, this means that Google will truncate your IP address beforehand within member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage.
You can also prevent the transfer of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
3.4 Google Web Fonts
This site uses so-called web fonts, which are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), for the uniform display of fonts. Google Web Fonts enables us to use external fonts, so-called Google Fonts. When you access our website, the required Google Font is loaded into your browser cache by your web browser in order to display texts and fonts correctly. This is necessary so that your browser can also display a visually improved representation of our texts. If your browser does not support this function, a standard font from your computer will be used for display. The integration of these web fonts is done by a server call, usually a Google server in the USA. This transmits to the server which page of our website you have visited. Also, the IP address of the browser of the end device of the visitor is stored by Google.
We use Google Web Fonts for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. This is also our legitimate interest according to Art. 6 para. 1 lit. f GDPR.
Google has submitted to the Privacy Shield Agreement concluded between the European Union and the USA and has certified itself. This means that Google undertakes to comply with the standards and regulations of European data protection law. You can find more information in the following linked entry: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Further information on Google Web Fonts can be found at http://www.google.com/webfonts/, https://developers.google.com/fonts/faq?hl=de-DE&csw=1 and https://fonts.google.com/.
3.5 Email Newsletter
To register for the newsletter, the data requested in the registration process is required. The registration for the newsletter is logged. After registration, you will receive a message to the specified email address, in which you are asked to confirm the registration (“double opt-in”). This is necessary to prevent third parties from registering with your email address.
You can revoke your consent to receive the newsletter at any time and thus unsubscribe from the newsletter.
We store the registration data as long as they are needed for sending the newsletter. We store the logging of the registration and the shipping address as long as there was an interest in proving the consent originally given, which is usually the limitation periods for civil claims, thus a maximum of three years.
The legal basis for sending the newsletter is our legitimate interest in direct advertising pursuant to Art. 6 para. 1 p. 1 f) as well as recital 47 p. 7 GDPR in conjunction with your consent under competition law pursuant to Section 7 para. 2 No. 3 UWG.
You can cancel the registration at any time without incurring any costs other than the transmission costs according to the prime rates. A notification in text form to the contact details mentioned under point 1 (e.g. e-mail, fax, letter) is sufficient for this. Of course, you will also find an unsubscribe link in every newsletter.
The dispatch service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletters or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.
3.6 E-mail contact
If you contact us (e.g. via contact form or email), we will process your data to process the request and in the event that follow-up questions arise.
If the data processing is carried out for the implementation of pre-contractual measures, which are carried out on your request, or, if you are already our customer, for the implementation of the contract, the legal basis for this data processing is Art. 6 para. 1 p. 1 b) GDPR.
We only process further personal data if you consent to this (Art. 6 para. 1 p. 1 a) GDPR) or we have a legitimate interest in processing your data (Art. 6 para. 1 p. 1 f) GDPR). A legitimate interest is, for example, to respond to your email.
We use the form tool from SurveyMonkey to collect and process primary data to provide business services. Among the data we collect is the following personal data: Name, email and phone number.
3.8 HubSpot (CRM System)
The use of HubSpot primarily affects the areas of CMS, e-mailing (informative as well as automated mailings, e.g. for content downloads, double opt-in procedures, submitted forms), online reporting (e-mail click and opening rates, user interactions with different content, access figures, conversions, social media, etc.), lead and customer management (e-mails, e-mails, etc.). ), lead and customer management (clustering of user groups according to various criteria, customer relationship management), landing pages and forms (e.g. for downloads of documents/information or registration for mailings, etc.), social media (publishing of content).
The information collected by HubSpot is processed and stored on servers of HubSpot Inc. in the USA. The use of this data is solely for the purpose of improving THE CLIMATE CHOICE online offer, as well as the user experience on www.theclimatechoice.com. You have the possibility to request, correct or delete your stored data at any time and free of charge. The third-party provider HubSpot has subjected itself to the requirements of European data protection law by applying the standard contractual clauses of the EU Commission. The corresponding data protection agreement can be found on the website of the third-party provider: http://legal.hubspot.com/de/dpa, https://legal.hubspot.com/privacy-policy.
THE CLIMATE CHOICE uses the business communication platform Slack to provide the means for online community members to communicate with each other, as well as with members of THE CLIMATE CHOICE.
If you are interested in a membership in our online community, you may apply for membership on our website. We process the data requested in this context for the fulfillment of the prospective contract closed with each member, so that the legal basis for the processing is Art. 6 para. 1 s. 1 lit. b GDPR. If you are accepted as a member your data is stored for the duration of your membership. If your application is rejected we delete your data with the exception of your name. It is our legitimate interest to identify you in case of a re-application, so that the legal basis for the continued data processing of your name is Art. 6 para. 1 s. 1 lit. f GDPR.
During your membership, we process data gathered during your application or voluntarily provided by you after based on Art. 6 para. 1 s. 1 lit. b GDPR.
Slack requires an email address for a person to register and become a member. The person is then free to complete their profile with personal data as they like, including their choice of an online name and/or picture. Any communications that the person chooses to make may also constitute personal data.
THE CLIMATE CHOICE uses the videoconferencing software Zoom, developed by Zoom Video Communications, Inc.
Zoom is used to facilitate both standard business communications, meetings and for webinars run by THE CLIMATE CHOICE (hereinafter: “Online Meetings”). “Zoom” is a service provided by Zoom Video Communications, Inc. which is based in the USA.
To attend a live webinar, a person must actively connect to the Zoom session using the Zoom software. Connection data, such as IP addresses and any identifying information such as names will be collected by Zoom, along with any communications made. Webinars are recorded, and therefore any activity by the user will also be recorded in the form of a video recording that may be uploaded to YouTube (see below). The user gives permission for the use of their personal data by participating in the Webinar.
Note: Insofar as you call up the Internet page of “Zoom”, the provider of “Zoom” is responsible for data processing. However, calling up the Internet page is only necessary to use “Zoom” in order to download the software for using “Zoom”.
You can also use “Zoom” if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the “Zoom” app.
If you do not want to or cannot use the “Zoom” app, then the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.
3.10.2 What data is processed?
When using “Zoom”, various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an “online meeting”.
The following personal data are subject to processing:
User details: first name, last name, telephone (optional), e-mail address, password (if “single sign-on” is not used), profile picture (optional),
Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.
For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
For dial-in with the telephone: information about the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting” and, if necessary, to log them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed accordingly for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the “Zoom” applications.
To participate in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.
3.10.3 Scope of processing
We use “Zoom” to conduct “online meetings”. If we want to record “online meetings”, we will transparently inform you in advance and – if necessary – ask for consent. The fact of the recording will also be displayed to you in the “Zoom” app.
If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content. However, this will generally not be the case.
In the case of webinars, we may also process questions asked by webinar participants for purposes of recording and following up on webinars.
If you are registered as a user at “Zoom”, then reports on “Online Meetings” (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars) may be stored at “Zoom” for up to one month.
Automated decision-making within the meaning of Art. 22 GDPR is not used.
3.10.4 Legal basis for data processing
Insofar as personal data is processed by employees of THE CLIMATE CHOICE UG (haftungsbeschränkt), § 26 of the German Federal Data Protection Act (BDSG) is the legal basis for data processing. If, in connection with the use of “Zoom”, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of “Zoom”, Article 6 (1) f) GDPR is the legal basis for data processing. In these cases, our interest is in the effective implementation of “online meetings”.
For the rest, the legal basis for data processing when conducting “online meetings” is Art. 6 (1) lit. b) GDPR, insofar as the meetings are conducted in the context of contractual relationships.
Should no contractual relationship exist, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here, too, our interest is in the effective implementation of “online meetings”.
3.10.5 Recipients / passing on of data
Personal data processed in connection with participation in “Online Meetings” will not be disclosed to third parties as a matter of principle, unless it is specifically intended for disclosure. Please note that the content of online meetings, as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.
Other recipients: The provider of “Zoom” necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in the context of our order processing agreement with “Zoom”.
3.10.6 Data processing outside the European Union
“Zoom” is a service provided by a provider from the USA. A processing of personal data therefore also takes place in a third country. We have concluded an order processing agreement with the provider of “Zoom” that complies with the requirements of Art. 28 GDPR.
An appropriate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU standard contractual clauses. As a supplementary protective measure, we have also configured Zoom in such a way that only data centers in the EU are used to conduct “online meetings”.
3.11 Google Meet
Google Meet is a video-communication service provided by Google. THE CLIMATE CHOICE may use Google Meet to provide business video communication between itself and external parties.
YouTube is an online video platform owned by Google. We use YouTube to host recordings or live streamings of webinars that people can choose to participate in. By participating in the webinars or, participants give consent to the possibility of appearing in recordings hosted on YouTube and other online channels.
We would like to point out that you are using the YouTube channel offered by THE CLIMATE CHOICE UG (haftungsbeschränkt) and its functions on your own responsibility. This applies in particular to the use of the “Discussion” function.
The Terms of Service for YouTube can be found here:
3.14 Gather Town
3.15 Google reCAPTCHA
3.16 Social media presence
We maintain online presences within social networks and platforms in order to be able to communicate with customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing policies of their respective operators apply.
3.16.1 Social plugins
On our website, we offer you social plugins from various social networks such as LinkedIn, Facebook, Instagram or Twitter.
These are operated exclusively by the respective provider. The plugins on our website are identified by the respective button belonging to the provider or service. If you visit one of our websites that contains such a plugin, your browser will connect to the servers of the respective service. This in turn transmits the content of the plugin to your browser, which integrates it into the displayed page. By visiting our website, the respective information is thus transmitted to the respective service. If you are logged into one of the respective services via your personal user account at the same time as visiting our website, this service can assign the visit to the website to your account. Users can post or share links to websites on social networks using plugins. Through interactions, such as leaving a comment or clicking on the respective button, the respective information is transmitted directly to the respective services and stored there.
If you do not want such data transfer and would like to prevent it, log out of your social networks or user accounts before visiting our website. We have no influence on the data collection and transfer by social plugins. The purpose and scope of the data collection of the respective provider or service and the further use and processing of your data can be found in the respective privacy notices directly from the websites of the providers. Find out there what rights you have and how you can achieve a satisfactory data protection setting.
Our website uses functions from CloudFlare. The provider is CloudFlare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA. CloudFlare offers a worldwide distributed content delivery network with DNS. Technically, the information transfer between your browser and our website is routed through CloudFlare’s network. CloudFlare is thus able to analyze the data traffic between users and our websites, for example, to detect and prevent attacks on our services. In addition, CloudFlare may store cookies on your computer for optimization and analysis. This serves to protect our legitimate interests in an optimal marketing of our offer, which are overriding in the context of a balancing of interests according to Art. 6 GDPR. We have concluded a corresponding order processing agreement with Cloudflare based on the GDPR. Cloudflare is a certified participant of the EU-US Privacy Shield Framework. Cloudflare has committed to handle all personal data contained by European Union (EU) member states under the Privacy Shield Framework in accordance with its applicable principles. For more information about the Privacy Shield Framework, please visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov. Cloudflare collects statistical data about visits to this website. Access data includes: Name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type along with version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider. Cloudflare uses the log data for statistical analysis for the purpose of operation, security and optimization of the offer.
Here you can find information about the data collected by Cloudflare https://blog.cloudflare.com/what-cloudflare-logs/.
You can object to the storage of a user profile and information about your visit to our website by Hotjar as well as the setting of Hotjar tracking cookies on other websites via this link: https://www.hotjar.com/legal/compliance/opt-out
3.20 Google Workspace
Google Workspace is a cloud-based productivity and collaboration platform provided by Google. This includes a spreadsheet and word processing products that we use extensively as part of our legitimate operational interest. It may be the case, on an ad hoc basis, that we record some of your personal information for a legitimate operational reason in a document on this platforms products. Where applicable, we will ensure that your Personal Data is deleted in line with our data deletion policy. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
4 Our uses for personal data
Unless specifically stated elsewhere, the personal data we collect is used for one of the following purposes.
4.1 Fulfillment of our contractual obligations
We process personal data that we need to fulfill our contractual obligations, such as name, address, e-mail address, ordered products, billing and payment data. The collection of this data is necessary for the conclusion of the contract.
The deletion of the data takes place after the expiration of warranty periods and legal retention periods. Data linked to a user account (see below) will in any case be retained for the duration of the management of this account.
The legal basis for the processing of this data is Art. 6 para. 1 p. 1 b) GDPR, because this data is needed so that we can fulfill our contractual obligations to you.
4.2 Marketing communications
We may send you marketing communications by e-mail on a regular basis, independently of the newsletter. In this way, we will send you information about products from our range that you might be interested in based on your last purchases of goods or services from us. In doing so, we strictly comply with the legal requirements. You can object to this at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form to the contact data mentioned under point 1 (e.g. e-mail, fax, letter) is sufficient for this purpose. Of course, you will also find an unsubscribe link in every e-mail.
The legal basis for this is the legal permission according to Art. 6 para. 1 p. 1 f) GDPR in conjunction with § 7 para. 3 UWG.
4.3 Customer care
We may use your personal data to provide customer care and support. This also includes contacting you to inform you about important changes to our business that may affect you.
We may also use your information to request feedback about your use of our business services.
4.4 Compliance and legal requirements
For compliance with legal obligations, we may need to inspect collected data to determine a further course of action.
5 How, when and why we share personal data
Unless specifically stated elsewhere, the personal data we collect is shared in the following circumstances.
5.1 To comply with a legal obligation
We may disclose your personal data where we are legally obligated to do so to comply with applicable law, governmental request, judicial proceeding, court order, or legal process, such as in response to a court order or to meet national security or law enforcement requirements.
5. 2 To protect and defend our rights or property
We may disclose your information where we believe it is necessary to prevent, investigate or take action regarding potential violations of our policies, to protect against legal liability, possible wrongdoing in connection with our service, suspected fraud or other criminal activity, to protect the personal safety of any person or the public, or as evidence in litigation in which we are involved.
5.3 To enable third-party service providers
6 How long we retain personal data
Unless specifically stated, we store personal data only as long as necessary to fulfill the purposes pursued. Beyond those purposes, we will not keep your personal data for longer than a general maximum retention period of 36 months once we have no operational need for it..
In some cases, the legislator provides for the retention of personal data, such as in tax or commercial law. In these cases, we only continue to store the data for these legal purposes, but do not process it elsewhere and delete it after the legal retention period has expired.
7 Your rights as a person affected by data processing
According to the applicable laws, you have various rights regarding your personal data. If you wish to exercise these rights, please send your request by e-mail or by post, clearly identifying yourself, to the address mentioned in section 1.
Below you will find an overview of your rights:
7.1 Right to confirmation and information
You have the right to receive clear information about the processing of your personal data.
You have the right to receive confirmation from us at any time as to whether personal data concerning you is being processed. If this is the case, you have the right to request from us free information about the personal data stored about you, together with a copy of this data. Furthermore, you have the right to the following information:
the purposes of processing;
the categories of personal data that are processed;
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organizations;
if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
the existence of a right to obtain the rectification or erasure of personal data concerning you, or to obtain the restriction of processing by the controller, or a right to object to such processing;
The existence of a right of appeal to a supervisory authority;
if the personal data is not collected from you, any available information about the origin of the data;
the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for you.
If personal data is transferred to a third country or to an international organization, you have the right to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
7.2 Right to rectification
You have the right to request that we correct and, if necessary, complete personal data concerning you.
You have the right to demand that we correct any inaccurate personal data concerning you without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data – also by means of a supplementary declaration.
7.3 Right to erasure (“right to be forgotten”).
In a number of cases, we are obliged to delete personal data concerning you.
You have the right under Article 17(1) of the GDPR to request that we erase personal data concerning you without undue delay, and we are obliged to erase personal data without undue delay if one of the following reasons applies:
The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
You revoke your consent on which the processing was based pursuant to Art. 6 (1) p. 1 a) GDPR or Art. 9 (2) a) GDPR and there is no other legal basis for the processing.
You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
The personal data has been processed unlawfully.
The erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject.
The personal data has been collected in relation to information society services offered in accordance with Article 8(1) of the GDPR.
If we have made the personal data public and we are obliged to erase it pursuant to Art. 17 (1) GDPR, we shall take reasonable measures, including technical measures, having regard to the available technology and the cost of implementation, to inform data controllers that process the personal data that you have requested that they erase all links to or copies or replications of that personal data.
7.4 Right to restriction of processing
In a number of cases, you are entitled to request that we restrict the processing of your personal data.
You have the right to demand that we restrict processing if one of the following conditions is met:
the accuracy of the personal data is disputed by you for a period of time that allows us to verify the accuracy of the personal data,
the processing is unlawful and you refuse the erasure of the personal data and have instead requested the restriction of the use of the personal data;
we no longer need the personal data for the purposes of processing, but you require the data for the assertion, exercise or defense of legal claims; or
you have objected to the processing pursuant to Article 21 (1) GDPR, as long as it has not yet been determined whether the legitimate reasons of our company outweigh yours.
7.5 Right to data portability
You have the right to receive personal data concerning you in machine-readable form, to transmit it, or to have it transmitted by us.
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer this data to another controller without hindrance from us, provided that
the processing is based on consent pursuant to Art. 6 (1) p. 1 a) GDPR or Art. 9 (2) a) GDPR or on a contract pursuant to Art. 6 (1) p. 1 b) GDPR and the processing is carried out with the help of automated processes.
When exercising your right to data portability pursuant to paragraph 1, you have the right to have the personal data transferred directly from us to another controller, insofar as this is technically feasible.
7.6 Right of objection
You have the right to also object to lawful processing of your personal data by us if this is based on your particular situation and our interests in the processing do not prevail.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) sentence 1 e) or f) GDPR; this also applies to profiling based on these provisions. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If we process personal data for the purposes of direct marketing, you have the right to object at any time to processing of personal data concerning you for the purposes of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
You have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out in the public interest.
7.7 Automated decisions including profiling
You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you.
Automated decision-making based on the personal data collected will not take place.
7.8 Right to revoke a data protection consent
You have the right to revoke consent to the processing of personal data at any time.
7.9 Right to complain to a supervisory authority
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you believe that the processing of personal data concerning you is unlawful.
A list of supervisory authorities and their addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
8 We do not knowingly collect personal data from minors
THE CLIMATE CHOICE is not directed to anyone under 18 and we do not knowingly collect data from any such minor. By accessing our services, you are stating that you are at least 18 or that you are the parent or guardian of such a minor and consent to their use of THE CLIMATE CHOICE. If we learn that we have collected personal information of a person under 18, we will take reasonable steps to delete such information from our files as soon as possible. If you become aware of any data we have collected from children under age 18, please contact us at email@example.com.
9 How we secure your personal data
We make every effort to ensure the security of your data within the framework of the applicable data protection laws and technical possibilities.
Your personal data will be transmitted encrypted. This applies to your inquiries and also to the login. We use the SSL (Secure Socket Layer) coding system, but we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
To protect your data, we maintain technical and organizational security measures in accordance with Art. 32 GDPR, which we constantly adapt to the state of the art.
We also do not guarantee that our offer is available at certain times; disturbances, interruptions or failures cannot be excluded. The servers we use are carefully secured on a regular basis.
10 Contact in case of queries
If you still have questions or concerns about data protection, please contact us via our contact form.
Status: Version 1.2 – May 2021