1. Data protection at a glance
The following information provides a simple overview of what happens to your personal data when you visit this website. “Personal data” is any data through which you can be personally identified. For more detailed information on data protection, please refer to our Data Protection Policy below this text.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the website credits on this website.
How do we collect your data?
For one thing, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.
Other data is collected automatically by our computer systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or the exact time of accessing the web page). This data is collected automatically as soon as you access this website.
What do we use your data for?
Some of the data is collected in order to ensure the error-free provision of the website. Other data may be used to analyse your user behaviour.
What rights do you have regarding your data?
You have the right to at any time obtain information on the origin, recipient and purpose of your stored personal data, free of charge. You also have the right to request the rectification or erasure of that data. You can contact us at any time at the address given in the website credits with regard to this or any other questions relating to data protection. You furthermore have the right to lodge a complaint with the competent supervisory authority.
Under certain circumstances, you also have the right to request the restriction of the processing of your personal data. For details, please refer to our Data Protection Policy under “Right to restriction of processing”.
Analysis tools and third-party tools
When visiting this website, your surfing behaviour may be statistically analysed. This is done primarily using cookies and what are called “analysis programs”. The analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you.
You can object to this analysis, or prevent it, by not using certain tools. Detailed information on these tools and on your objection options can be found in the following Data Protection Policy.
2. Hosting and Content Delivery Networks (CDN)
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may above all include IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website access details and other data generated via a website.
The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Article 6(1)(b) GDPR) and to ensure the secure, fast and efficient provision of our online offering by a professional provider (Article 6(1)(f) GDPR).
Our hoster will only process your data insofar as this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data.
Concluding an agreement on contract data processing
In order to ensure that processing complies with data protection regulations, we have concluded an agreement on contract data processing with our hoster.
3. General notes and mandatory information
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially, in accordance with the statutory data protection regulations and this Data Protection Policy.
When you use this website, different personal data is collected. “Personal data” is data by which you can be personally identified. This Data Protection Policy explains what data we collect and how we use it. It also explains how and for what purpose this is done.
We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. It is not possible to completely protect data from access by third parties.
Note on the responsible office
The body responsible for data processing on this website is:
Casino Wiesbaden GmbH & Co. KG
Tel.: +49 611 536 100
Fax: +49 611 536 199
The “data controller” is the natural or legal person who, alone or together with others, determines the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Data protection officer as required by law
We have appointed a data protection officer for our company.
Contact person: Mr. Mentges
In den Leppsteinswiesen 14
Phone: +49 6154 576051 11
Fax: +49 6154 57605 29
Purposes of the collection, processing or use of data:
To identify the guests and to check their data against that of banned players, in accordance with the provisions of the Hessian Casino Act (hessisches Spielbankgesetz), the German Gaming Ordinance (Spielordnung), the Hessian Gambling Act (hessisches Glücksspielgesetz) as well as the German State Gambling Treaty (Glücksspielstaatsvertrag) and the German Money Laundering Act (Geldwäschegesetz). The collection, processing and use of personal data for own purposes (e.g. personnel management, financial accounting and other business operations).
Data subject group(s):
Essentially, personal data of the following groups is collected, processed and used, provided they are natural persons and provided the said collection, processing and use is necessary to fulfil the purposes stated in Section 4:
- Customers / casino visitors / persons with special benefits
- Interested persons / non-customers
- Staff, retirees, former staff, applicants
- Suppliers/service providers
- Public bodies
- Contact persons in the aforementioned groups
- Contacting for the purpose of gaming operations
Data or data categories:
- Planning data, contractual master data and billing data
- Data for personnel administration and control, for communication as well as for the processing and control of transactions
- Customer data required under the provisions of the Hessian Casino Act
- First name, last name, guest number, mobile phone number
Recipients of the data or categories of recipients:
- Public bodies that receive data due to statutory provisions.
- Internal bodies involved in executing the respective business processes (personnel management, bookkeeping, accounting, claims settlement, purchasing, marketing, sales, telecommunications and EDP)
- External contractors (service companies) in accordance with Section 28 of the GDPR
- Other external bodies, e.g. credit institutions (salary payments, insurance benefits), agencies within the scope of intermediary activities, companies belonging to associations/groups, provided that the data subject has declared his or her written consent or a transfer is permissible due to an overriding legitimate interest.
Standard periods for the erasure of data:
The legislator has enacted a variety of retention obligations and periods. After the expiry of these periods, the corresponding data will be routinely erased if it is no longer required for the fulfilment of the contract (e.g. insurance, rental and service contracts). If data is not affected by this, it will be erased once the purposes mentioned under Point 4 cease to apply.
Planned data transfer to third countries (outside EU/EEA):
No transfer of the data to third countries is planned.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can at any time revoke a consent you have already given. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation shall remain unaffected by the revocation.
The right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)
If the data processing is based on Article 6(1)(e) or (f) of the GDPR, you have the right to object at any time to the processing of your personal data on grounds relating to your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this Data Protection Policy. If you make an objection, we will no longer process the personal data concerning you unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or that the processing is for the establishment, exercise or defence of legal claims (objection under Article 21(1) GDPR).
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Article 21(2) GDPR).
Beschwerderecht bei der zuständigen Aufsichtsbehörde
Im Falle von Verstößen gegen die DSGVO steht den Betroffenen ein Beschwerderecht bei einer Aufsichtsbehörde zu, insbesondere in dem Mitgliedstaat ihres gewöhnlichen Aufenthalts, ihres Arbeitsplatzes oder des Orts des mutmaßlichen Verstoßes. Das Beschwerderecht besteht unbeschadet anderweitiger verwaltungsrechtlicher oder gerichtlicher Rechtsbehelfe.
Right of complaint to the competent supervisory authority
In the event of any breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the Member State of their habitual residence, their place of work or the place of the alleged breach. The right of appeal exists without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to have data that we process automatically based on your consent or in the performance of a contract given to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another data controller, this will only be done provided it is technically feasible.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, erasure and rectification
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if applicable, the right to have the data rectified or erased. For this purpose, as well as for further questions concerning personal data, you can contact us at any time at the address given in the website credits.
The right to restriction of processing
You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time at the address given in the website credits. The right to restriction of processing applies in the following cases:
- If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data took place/is taking place unlawfully, you can request the restriction of data processing instead of erasure.
- If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.
- If you have lodged an objection pursuant to Article 21(1) of the GDPR, it will be necessary to weigh your interests against ours in a comparison. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, that data may – besides being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a Member State.
Address for exercising your rights
You are welcome to contact the e-mail address "Betroffenenrechte@spielbank-wiesbaden.de" to exercise your data protection rights.
Objection to advertising e-mails
We hereby prohibit the use of contact data published in the context of the obligation to provide website credits for the purpose of sending advertising and information material that has not been expressly requested. The operators of the web pages expressly reserve the right to take legal action in the event of any unsolicited sending of advertising information, for example through spam e-mails.
4. Data collection on this website
Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your terminal device. They are stored on your terminal device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit ends. Permanent cookies remain stored on your terminal device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your terminal device when you access our pages (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the playing of videos). Other cookies are used to evaluate user behaviour or to display advertisements.
Cookies that are necessary to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in storing cookies to ensure a technically fault-free, optimised provision of its services. Provided appropriate consent has been requested (e.g. consent to store cookies), the processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR; consent can be revoked at any time.
You can set your browser so that you are notified when cookies are set and only allow cookies in exceptional cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.
If cookies are used by third-party companies or for analytical purposes, we will inform you about this separately within the framework of this Data Protection Policy and may request your consent.
Cookie consent with Usercentrics
This website uses the cookie consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your terminal device and to document this in accordance with data protection law. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, website: https://usercentrics.com/en/ (hereinafter “Usercentrics”).
When you access our website, the following personal data will be transferred to Usercentrics:
- Your consent(s) or the withdrawal of your consent(s).
- Your IP address
- Information about your browser
- Information about your terminal device
- The time of your visit to the website
Furthermore, Usercentrics stores a cookie in your browser in order to be able to allocate the consent(s) granted, or their revocation, to you. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations shall remain unaffected.
Contract on order processing
We have concluded an order processing contract with Usercentrics. This is a contract required by data protection law, which ensures that Usercentrics only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Server log files
The provider of the web pages automatically collects and stores information in so-called “server log files”, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of accessing computer
- Time of server request
- IP address
This data will not be combined with other data sources.
The collection of this data is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in the technically fault-free presentation and optimisation of its website: for this purpose, the server log files must be collected.
If you send us any enquiries via the contact form, your details from the enquiry form, including the contact data you have provided in it, will be stored by us for the purpose of processing your enquiry and in case of any follow-up questions. We will not pass on this data without your consent.
The processing of this data is based on Article 6(1)(b) of the GDPR, insofar as your request relates to the performance of a contract or is necessary for implementing pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if it has been requested.
The data you enter in the contact form will remain with us until you request us to erase it, revoke your consent to its storage or until the purpose for storing the data no longer applies (e.g. after your enquiry has been fully processed). Mandatory legal provisions – particularly retention periods – shall thereby remain unaffected.
Enquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your enquiry including all personal data resulting from it (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is based on Article 6(1)(b) of the GDPR, insofar as your request relates to the performance of a contract or is necessary for implementing pre-contractual measures. In all other cases, the processing is based on your consent (Article 6(1)(a) GDPR) and/or on our legitimate interests (Article 6(1)(f) GDPR), as we have a legitimate interest in the effective processing of the enquiries addressed to us.
The data you send to us via contact requests will remain with us until you request us to erase it, revoke your consent to its storage or until the purpose for storing the data no longer applies (e.g. after we have fully processed your request). Mandatory statutory provisions – particularly statutory retention periods – shall thereby remain unaffected.
5. Analytical tools and advertisingAnalysetools und Werbung
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
The storage of Google Analytics cookies and the use of this analysis tool take place on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. If appropriate consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR; consent can be revoked at any time.
We have activated the IP anonymisation function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide further services relating to website usage and internet usage to the website operator. The IP address transmitted by your browser within the framework of Google Analytics will not be combined with other Google data.
Objecting to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set which will prevent the collection of your data on future visits to this website: deactivate Google Analytics.
We have concluded an agreement on contract data processing with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic characteristics function of Google Analytics
This website uses the "demographic characteristics" function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as presented under the heading “Objecting to data collection” above.
Data stored by Google at a user and event level that is linked to cookies, usernames (e.g. user IDs) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymised or erased after 14 months. You can see details of this process under the following link: https://support.google.com/analytics/answer/7667196?hl=en.
Google Analytics Remarketing
This website uses the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google Ads and Google DoubleClick. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
This function makes it possible to link the advertising target groups created through Google Analytics Remarketing with the cross-device functions of Google Ads and Google DoubleClick. In this way, interest-based, personalised advertising messages that have been adapted to you, depending on your previous usage and surfing behaviour on one terminal device (e.g. mobile phone), can also be displayed on another of your terminal devices (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browsing history to your Google Account for this purpose. In this way, the same personalised advertising messages can be displayed on every terminal device on which you log in with your Google account.
To support this feature, Google Analytics collects Google-authenticated IDs of users, which are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad targeting.
You can permanently object to cross-device remarketing/targeting by deactivating personalised advertising; follow this link: https://www.google.com/settings/ads/onweb/.
The aggregation of the collected data in your Google account is based solely on your consent, which you can grant or revoke for Google (Article 6(1)(a) GDPR). In the case of data collection processes that are not aggregated in your Google Account (e.g. because you do not have a Google Account or have objected to the aggregation), the collection of data is based on Article 6(1)(f) of the GDPR. The legitimate interest is based on the fact that the website operator has an interest in the anonymised analysis of website visitors for advertising purposes.
Further information and the data protection provisions can be found in Google’s data protection policy at: https://policies.google.com/technologies/ads?hl=en.
Google Ads and Google Conversion Tracking
This website uses Google Ads. Google Ads is an online advertising programme of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Within the framework of Google Ads, we use so-called “conversion tracking”. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the internet browser sets on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits specific pages of this website and the cookie has not yet expired, Google and we can recognise that the user clicked on the ad and was redirected to this page.
Each Google Ads customer receives a different cookie. The cookies cannot be tracked across Google Ads customers’ websites. The information obtained using the conversion cookie is used to create conversion statistics for Google Ads customers who have opted into conversion tracking. The customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that personally identifies the users. If you do not wish to participate in the tracking, you can object to this use by simply deactivating the Google conversion tracking cookie via your internet browser under user settings. You will then not be included in the conversion tracking statistics.
The storage of “conversion cookies” and the use of this tracking tool are carried out on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. If appropriate consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR; consent can be revoked at any time.
You can set your browser so that you are notified when cookies are set and only allow cookies in exceptional cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.
6. Plugins and toolsPlugins und Tools
This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. In the process, the Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This applies even if you are not logged into Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account.
The use of Vimeo takes place in the interest of presenting our online offers in an attractive way. This constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. If appropriate consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR; consent can be revoked at any time.
Google Web Fonts
This site uses so-called “web fonts” provided by Google for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you use must connect to Google’s servers. This informs Google that this website was accessed via your IP address. The use of Google Web Fonts is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on their website. If appropriate consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR; consent can be revoked at any time.
If your browser does not support web fonts, a standard font of your computer will be used.
This website uses the mapping service Google Maps via an API. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this website has no influence on this data transmission.
Google Maps is used in the interest of presenting our online offers in an attractive way and allowing visitors to easily locate the places we indicate on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR.
7. Information on data processing in accordance with Art. 13 GDPR for job applications
Handling applicant data
In the context of the application documents you send us it is essential, for administrative and legal reasons, to collect, store and process personal data relating to you. In the following, we provide you with information in accordance with Art. 13 GDPR:
Contact details of the data controller
Casino Wiesbaden, Kurhausplatz 1, 65189 Wiesbaden, Germany
represented by the Managing Director Andreas Krautwald
Contact details of the Data Protection Officer
CTM-COM GmbH, In den Leppsteinwiesen 14, 64380 Rossdorf, Germany
We offer you the opportunity to apply to us (e.g., by e-mail in unencrypted form, by post or via the online application form). In the following, we inform you about the scope, purpose and use of your personal data collected during the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with the applicable data protection laws and all other legal provisions and that your data will be treated in a strictly confidential way.
Scope and purpose of data collection
When you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) insofar as this is necessary to decide whether to establish an employment relationship. The legal basis for this is Section 26 of the new version of the German Federal Data Protection Act (BDSG-neu) under German law (initiation of an employment relationship), Article 6(1)(b) of the GDPR (general contract initiation) in conjunction with Article 88 of the GDPR (data processing in the context of employment) and – provided you have given your consent – Article 6(1)(a) of the GDPR. The consent can be revoked at any time. Within our company, your personal data will be passed on only to persons involved in processing your application.
If the application is successful, the data you submitted will be stored in our data processing systems on the basis of Section 26 of the German Federal Data Protection Act (BDSG-neu) and Article 6(1)(b) of the GDPR, in conjunction with Article 88 of the GDPR (data processing in the context of employment) for the purpose of conducting the employment relationship.
Retention period of the data
If we are unable to make you a job offer, if you reject a job offer or if you withdraw your application, we reserve the right to retain the data you have provided for us on the basis of our legitimate interests (Article 6(1)(f) GDPR) for up to 3 months from the termination of the application process (rejection or withdrawal of the application). The data will then be erased and the physical application documents destroyed. This storage serves, in particular, to provide evidence in the event of a legal dispute. If it is evident that the data will be required after the three-month period has expired (e.g. due to a threatened or pending legal dispute), the data will only be erased once the purpose for further retention ceases to apply.
Longer retention may also take place if you have given your consent (Article 6(1)(a) GDPR) or if legal retention obligations prevent deletion.
Inclusion in the applicant pool
If we do not make you a job offer, it may be possible to include you in our applicant pool. In the event of inclusion, all documents and data from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.
Inclusion in the applicant pool is based exclusively on your express consent (Article 6(1)(a) GDPR). The provision of consent is voluntary and is not related to the current application process. The data subject may revoke his/her consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, unless there are legal reasons for retention.
The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.
Right of access, rectification, erasure, withdrawal and data portability
You have the right to obtain information from the data controller about the personal data relating to you, as well as the right to the rectification, erasure or restriction of processing, the right to object to processing and the right to portability of your personal data.
If you have given us your consent to process personal data relating to you for one or more specific purposes, you may withdraw this consent at any time.
The right to withdraw your consent to data processing shall not affect the lawfulness of the data processing carried out up to the time of your withdrawal.
Your right to have the said data erased will thereby regularly be countered by our legitimate interest in asserting, exercising or defending legal claims and/or by mandatory regulations, such as the German Fiscal Code (Abgabenordnung), which make it necessary to store and retain data (e.g., accounting obligations, associated retention periods).
Right of complaint
You have the right to file a complaint with a supervisory authority about our processing of your personal data if, in your view, there has been a violation of the law.