Linkedin

Privacy Policy

Responsible for data protection


The controller responsible for data processing on this website is:

Publk GmbH
Knesebeckstr. 59-61/61a
10719 Berlin
Germany

E-Mail: info(at)publk.de
Telephone: 030 700109900

Overview of processing

The following overview summarises the types of data processed and the purposes of their processing and refers to the data subjects.

Types of data processed

  • Inventory data

  • Contact details

  • Content data

  • Usage data

  • Meta, communication and process data

Categories of affected persons:

  • Communication partner

  • Users

Purposes of the processing

  • Contact enquiries and communication

  • Security measures

  • Managing and responding to enquiries

  • Feedback

  • Marketing

  • Provision of our online services and user-friendliness

  • Information technology infrastructure

Relevant legal bases

We process personal data on the basis of the following legal grounds: consent (Art. 6 para. 1 sentence 1 lit. a) GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR), necessity for the fulfilment of a contract (Art. 6 para. 1 sentence 1 lit. b GDPR). Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile.

In addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. These include, in particular, the Act on the Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act – BDSG). The data protection laws of the individual federal states may also apply.

Security measures

We take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

Deletion of data

The data processed by us will be deleted in accordance with the legal requirements as soon as it is no longer required to fulfil the purpose for which it was collected. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted to these purposes. This applies, for example, to data that must be stored for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defence of legal claims or to protect the rights of another natural or legal person.

Our data protection notices may also contain further information on the retention and deletion of data, which apply primarily to the respective processing operations.

Use of cookies

Cookies are small text files that store and read information on end devices. They are used, for example, to save the login status, shopping basket content or content accessed. Cookies can also be used to ensure the functionality, security and convenience of online offers and to analyse visitor flows. We only use cookies that are absolutely necessary to provide our service.

Provision of the online offer and webhosting

We process users’ data in order to provide them with our online services.

Processed data types: Usage data (e.g. websites visited, interest in content, access times); meta, communication and procedural data (e.g. IP addresses, time data, identification numbers, consent status); content data (e.g. entries in online forms).

Data subjects: Users (e.g. website visitors, users of online services).

Purposes of processing: Provision of our online services and user-friendliness; information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)); security measures.

Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing operations, procedures and services:

Provision of online services on rented storage space: We use storage space, computing capacity and software from server providers (web hosts); legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Collection of access data and log files: Access to our online offering is recorded in server log files. These contain, for example, the address and name of the websites and files accessed, date and time of access, data volumes transferred, browser type and version, operating system, referrer URL and IP addresses. This data serves the security and stability of the servers; legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Log file information is stored for a maximum of 30 days and then deleted or anonymised. Data that is required for evidence purposes is excluded from deletion until the incident has been clarified.

For the purpose of providing the online offer and web hosting, we obtain services in the area of the provision of information technology infrastructure and related services (e.g. storage space and/or computing capacities) from the provider Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany, which we use as a processor.

For the purpose of processing, we have concluded an order processing agreement with Hetzner Online GmbH in accordance with Art. 28 GDPR (AVV).

Contact and enquiry management

We use the service provider Zeus Prima d.o.o., Jelenovac 38 F 10 000 Zagreb, Croatia (“Zeus Prima”), which we use as a processor, to answer contact inquiries via e-mail and telephone about our services. When processing contact inquiries that a user has requested to be processed by a human being, we and Zeus Prima process the data of the requesting persons insofar as this is necessary to answer the support requests and any requested measures. Specifically, the following types of data are processed Contact data (e.g. e-mail, telephone numbers); Content data (e.g. entries in online forms); Meta, communication and procedural data (e.g. IP addresses, time data, identification numbers, consent status).

The processing takes place for the fulfillment of the contract and the processing of pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) as well as to safeguard our legitimate interest in proper communication with our users (Art. 6 para. 1 sentence 1 lit. f) GDPR).

For the purpose of processing, we have concluded an order processing agreement with Zeus Prima in accordance with Art. 28 GDPR (AVV).

To process contact enquiries and communicate with you, we use Freshdesk, a service provided by Freshworks, Inc, 2950 S. Delaware Street, Suite 201, San Mateo, CA 94403, USA (“Freshworks”), which we use as a processor. When contacting us (e.g. by post, contact form, email, telephone or via social media) and in the context of existing user and business relationships, we and Freshworks process the information of the enquiring persons to the extent necessary to respond to the contact enquiries and any requested measures. In detail, the following types of data are processed : contact data (e.g. e-mail, telephone numbers); content data (e.g. entries in online forms); usage data (e.g. websites visited, interest in content, access times); meta, communication and procedural data (e.g. IP addresses, time details, identification numbers, consent status).

The processing is carried out for the fulfilment of the contract and the processing of pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) as well as to safeguard our legitimate interest in proper communication with our users (Art. 6 para. 1 sentence 1 lit. f) GDPR).

For the purpose of processing, we have concluded an order processing agreement with Freshworks Inc. in accordance with Art. 28 GDPR (AVV).

During processing, personal data is transferred to the USA. This transfer takes place on the basis of the Commission’s adequacy decision on the EU-US Data Privacy Framework. Freshworks is certified under the EU-US Data Privacy Framework.

Plugins and embedded functions and content

We incorporate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These may be, for example, graphics, videos or city maps (hereinafter uniformly referred to as “content”).

The integration of this content requires the processing of the user’s IP address by the third-party provider. Without the IP address, the content cannot be sent to the user’s browser. Third-party providers may also use pixel tags (invisible graphics) for statistical or marketing purposes. These pixel tags make it possible to analyse visitor traffic on our website. The information collected can be stored in cookies and combined with other data.

Processed data types: Usage data (e.g. websites visited, interest in content, access times); meta, communication and process data (e.g. IP addresses, time data, identification numbers, consent status); inventory data (e.g. names, addresses); contact data (e.g. email, telephone numbers); content data (e.g. entries in online forms).

Data subjects: Users (e.g. website visitors, users of online services).

Purposes of processing: Provision of our online services and user-friendliness.

Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing operations, procedures and services:

Google Fonts

We use Google Fonts, a service of Google LLC, 1600 Amphitheatre Pkwy Mountain View, California 94043, USA (“Google”) to integrate fonts. We do not transmit any personal data from Google. Google also does not use cookies. However, your browser will transmit your IP address to Google for technical reasons. This transmission takes place on the basis of the Commission’s adequacy decision on the EU-US Data Privacy Framework. Google is certified under the EU-US Data Privacy Framework.

You can find Google’s privacy policy here: policies.google.com/privacy, further information on data processing at Google Fonts can be found here: developers.google.com/fonts/faq.

Friendly Captcha

We use Friendly Captcha (hereinafter referred to as “Friendly Captcha”) on this website. The provider is Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, Germany.

Friendly Captcha is used to check whether the data input on this website (e.g. in a contact form) is made by a human or by an automated programme. To do this, Friendly Captcha analyses the behaviour of the website visitor based on various characteristics. Friendly Captcha evaluates various information for the analysis (e.g. anonymised IP address, referrer, visit time, etc.). Further information on this can be found at: friendlycaptcha.com/legal/privacy-end-users/.

The data is stored and analysed on the basis of Art. 6 para. 1 lit. f GDPR. As the website operator, we have a legitimate interest in protecting our website from abusive automated spying and SPAM.

For the purpose of processing, we have concluded an order processing agreement with Friendly Captcha GmbH in accordance with Art. 28 GDPR (AVV).

Polylang

We use the Polylang programme to make our website multilingual. Polylang is a product of WP SYNTEX, 28, rue Jean Sebastien Bach, 38090 Villefontaine, France. Polylang cookies are used exclusively to recognise and record the language used or selected by the user. These cookies are stored for one year and are then deleted. The legal basis for this is Art. 6 para. 1 lit. f GDPR.

Further information on data protection compliance can be found here: https://polylang.pro/doc/is-polylang-compatible-with-the-eu-cookie-law/.

Wordfence

Firewall, security and error detection functions to detect and prevent unauthorised access attempts and technical vulnerabilities that could enable such access. For these purposes, cookies and similar storage methods necessary for this purpose may be used and security logs may be created during the check and, in particular, in the event of unauthorised access. In this context, the IP addresses of users, a user identification number and their activities, including the time of access, are processed and stored, compared with the data provided by the provider of the firewall and security function, and transmitted to the latter.

Service provider: Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.wordfence.com; Privacy policy: https://www.wordfence.com/privacy-policy/; Basis for third-country transfers: Standard contractual clauses (https://www.wordfence.com/standard-contractual-clauses/).

Further information: https://www.wordfence.com/help/general-data-protection-regulation.

Amendment and updating of the privacy policy

We ask you to inform yourself regularly about the content of our privacy policy. We will adapt the privacy policy as soon as changes to the data processing we carry out make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

If we provide addresses and contact information of companies and organisations in this privacy policy, please note that the addresses may change over time and please check the information before contacting us.

Rights of the data subjects

As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR: Right to object (Art. 20 GDPR): You have the right to object to the processing of your data at any time. In the event of an objection, we will no longer process your data. An exception applies if there are compelling reasons worthy of protection that outweigh your interests.

Right to withdraw consent: You have the right to withdraw your consent at any time.

Right to information (Art. 15 GDPR): You have the right to request information about the personal data stored about you.

Right to rectification (Art. 16 GDPR), right to erasure (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR): You have the right to request rectification, erasure and restriction of processing of your data.

Right to data portability (Art. 20 GDPR): You have the right to receive data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to request its transmission to another controller.

Complaint to the supervisory authority: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the provisions of the GDPR.

The German version of this data protection declaration is the only legally binding version. Any translations provided are for information purposes only.