We, digit xperts GmbH, hereinafter: "the company", "we" or "us", would like to take this opportunity to inform you about data protection in our company.
With the entry into force of the EU General Data Protection Regulation (Regulation (EU) 2016/679; hereinafter: "GDPR"), additional obligations have been imposed on us as part of our responsibility under data protection law to ensure the protection of personal data of the person affected by processing, hereinafter: "customer", "user", "you" or "you".
Insofar as we decide either alone or jointly with others on the purposes and means of data processing, this includes above all the obligation to inform you transparently about the type, scope, purpose, duration and legal basis of the processing (Art. 13 and 14 GDPR). With this declaration (hereinafter: "data protection information") we inform you about the way in which your personal data is processed by us.
Our data protection information has a modular structure. It consists of a general section for all processing of personal data and processing situations that apply each time a website is accessed (A. General) and a special section, the content of which relates only to the processing situation specified there with the designation of the respective offer or product, in particular the visit to websites described in more detail here (B. Visit to websites).
A (1) Definitions
A (2) Name and address of the controller
A (3) Contact details of the data protection officer
A (4) Legal basis for data processing
A (5) Data erasure and storage duration
A (6) Data security
A (7) Cooperation with processors
A (8) Requirements for the transfer of personal data to third countries
A (9) Obligation to provide the data
A (10) Legal obligation to transmit certain data
A (11) Your rights
A (12) Changes to the data protection information
B (1) Explanation of the function
B (2) Hosting
B (3) Data collection on the website
B (4) Plugins and tools
(1) Definitions
(2) Name and address of the controller
We are the controller responsible for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR:
digit xperts GmbH
A-30 Centre
Ringstrasse 36
32587 Löhne
represented by the managing director:
Dickson Usuwa
Phone: +49 5731 4987-0
E-Mail: info@digit-xperts.com
for the following website: digit-xperts.com
(3) Contact details of the data protection officer
Our company data protection officer is always available to answer any questions you may have and to act as your point of contact for data protection issues - her contact details are
Ana Kraljevic
Phone: +49 5731 4987-303
E-Mail: datenschutz@digit-xperts.com
(4) Legal basis for data processing
In principle, any processing of personal data is prohibited by law and is only permitted if the data processing falls under one of the following justifications:
For the processing operations we carry out, we indicate the applicable legal basis in each case below. Processing can also be based on several legal bases.
(5) Data erasure and storage duration
For the processing operations carried out by us, we indicate below how long the data is stored by us and when it is deleted or blocked. Unless an explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies. Your data will only be stored on our servers in Germany, subject to any disclosure in accordance with the provisions in A (7) and A (8).
However, data may be stored beyond the specified period in the event of an (impending) legal dispute with you or other legal proceedings or if storage is provided for by statutory provisions to which we are subject as the controller (e.g. Section 257 HGB, Section 147 AO). If the storage period prescribed by the statutory provisions expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.
(6) Data security
We use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties (e.g. SSL encryption for our website), taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its probability and effects) for the data subject. Our security measures are continuously improved in line with technological developments.
We will be happy to provide you with more detailed information on request. Please contact our data protection officer (see under A (3)).
(7) Cooperation with processors
As with any large company, we also use external domestic and foreign service providers to process our business transactions (e.g. for IT, logistics, telecommunications, sales and marketing). These service providers only act on our instructions and are contractually obliged to comply with data protection regulations in accordance with Art. 28 GDPR.
(8) Requirements for the transfer of personal data to third countries
As part of our business relationships, your personal data may be passed on or disclosed to third-party companies. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing takes place exclusively for the fulfilment of contractual and business obligations and to maintain your business relationship with us. We will inform you about the respective details of the transfer at the relevant points below.
The European Commission certifies that some third countries have a level of data protection comparable to the EEA standard through so-called adequacy decisions. However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. If this is the case, we ensure that data protection is adequately guaranteed. This is possible via binding company regulations, standard contractual clauses of the European Commission for the protection of personal data, certificates or recognised codes of conduct. Please contact our data protection officer (see A.(3)) if you would like more information on this.
(9) Obligation to provide the data
As part of our business relationship, you must provide the personal data that is necessary for the establishment, implementation and termination of a business relationship and for the fulfilment of the associated obligations, which we are legally obliged to collect or which we are entitled to collect on the basis of legitimate interests. Without this data, we will generally not be able to enter into a business relationship with you.
(10) Legal obligation to ÜTransmission of certain data
We may be subject to a special legal or statutory obligation to provide the lawfully processed personal data to third parties, in particular public authorities (Art. 6 para. 1 sentence 1 lit. c GDPR).
(11) Your rights
You can assert your rights as a data subject with regard to your processed personal data at any time using the contact details provided at the beginning under A (2). As the data subject, you have the right to
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Kavalleriestr. 2-4
40213 Düsseldorf
Tel: 0211/38424-0
E-Mail: poststelle@ldi.nrw.de
(12) ÄChanges to the data protection information
As part of the ongoing development of data protection law and technological or organisational changes, our data protection information is regularly reviewed to determine whether it needs to be amended or supplemented. You will be informed of any changes here in particular.
(1) Explanation of the function
Information about our company and the services we offer can be found in particular at www.digit-xperts.com together with the associated subsections. When you visit our website, your personal data may be processed.
Analysis tools and tools from third-party providers
When you visit this website, your surfing behaviour may be statistically evaluated. This is primarily done using so-called analysis programmes. Detailed information on these analysis programmes can be found in the following privacy policy.
(2) Hosting
We host the content of our website with the following provider:
IONOS
We host our website with IONOS SE. The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter: IONOS). When you visit our website, IONOS collects various log files including your IP addresses. For details, please refer to the IONOS privacy policy: https://www.ionos.de/terms-gtc/terms-privacy. IONOS is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
(3) Data collection on the website
Cookies
Our Internet pages use so-called "cookies". Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.
Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies can be used to analyse user behaviour or for advertising purposes.
Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
You can find out which cookies and services are used on this website in this privacy policy.
Consent with Complianz
Our website uses the consent technology of Complianz to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Complianz B.V., Kalmarweg 14-5, 9723 JG Groningen, Netherlands (hereinafter referred to as "Complianz").
Complianz is hosted on our servers, so no connection is established to the servers of the provider of Complianz. Complianz stores a cookie in your browser in order to be able to assign the consents you have given or revoke them. The data collected in this way is stored until you ask us to delete it, delete the Complianz cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.
Complianz is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website - the server log files must be recorded for this purpose.
Contact form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.
Enquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your enquiry including all personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.
The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
(4) Plugins and tools
Google Fonts (local hosting)
This site uses so-called Google Fonts, which are provided by Google, for the standardised display of fonts. The Google fonts are installed locally. There is no connection to Google servers. Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.
Ninja Firewall
We have integrated Ninja Firewall on this website. The provider is NinTechNet Limited, Unit 1603, 16th Floor, The L. Plaza 367 - 375 Queen's Road Central Sheung Wan, Hong Kong (hereinafter referred to as Ninja Firewall).
Ninja Firewall is used to protect our website from unwanted access or malicious cyberattacks. For this purpose, Ninja Firewall records the IP address, request, referrer and time of page access. Ninja Firewall is integrated on our own servers and does not transmit any personal data to the provider of the tool or other third parties.
We have activated IP anonymisation in Ninja Firewall so that the tool only records the IP address in abbreviated form.
The use of Ninja Firewall is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website as effectively as possible against cyberattacks.
ManageWP
We manage this website with the help of the ManageWP tool. The provider is GoDaddy.com WP Europe, Trg republike 5, 11000 Belgrade, Serbia (hereinafter ManageWP).
ManageWP allows us to monitor the security and performance of our website and create automatic backups, among other things. ManageWP therefore has access to all website content, including our databases. ManageWP is hosted on the provider's servers.
The use of ManageWP is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most effective and secure operation of its website(s). If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TN9xAAG&status=Active
Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This contract, which is required under data protection law, ensures that the personal data of our website visitors is processed exclusively in accordance with our instructions and in compliance with the provisions of the General Data Protection Regulation (GDPR).