I. Legal scope
II. Contact details of the controller
We at TOPSTAR GmbH are to be called the controller in compliance with the General Data Protection Regulation (“GDPR”) and the Bundesdatenschutzgesetz (BDSG) as well as other data protection regulations for the trademark WAGNER and our website (www.wagner-living.de) and the data processing linked to these regulations. You can find more information about our company in the imprint.
A trademark of TOPSTAR GmbH
Augsburger Straße 29
III. Data protection officer
Here are the contact
Herr RA Alexander Bradt
c/o IT LAW AND ORDER UG (with limited liability)
Sterzinger Straße 3
Tel.: +49 (0) 821 6660 6600
The web server which is used to operate our website is run by the IT service company. Here are their contact details:
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 4-6
V. Running of the website and log files
1. Description and scope of the data processing
With every visit to our website you submit (out of technical necessity) data via your browser to our web server.
During a running connection of communication, our system records automatically information of the calling computer’s system or the user’s terminal.
During this process we collect the following data:
• information about the browser and the used version
• the operating system of the user’s terminal
• the user’s internet service provider
• the IP address of the user
• the previous website which the user visited before our website (referrer URL)
• the date and time of the server request of our website
• the name of the requested file
• the quantity of data transmitted
2. Legal basis of the data processing
The legal basis for the temporary retention of these data and of the log files is Article 6, Paragraph 1, point (f) GDPR (legitimate interests by us as the controlling website operator).
3. Purpose of the data processing
The temporary retention of the user’s IP-address by our system is necessary in order to ensure that the user has access to our website. It is therefore inevitable that the user’s IP-address is retained during the visit to our website. The above named data is stored in log files in order to make sure that our website works properly. In addition, these data serve to optimize the website and to guarantee the security of our information technology systems (for example concerning intrusion detection). We do not evaluate your data for marketing purposes.
4. Duration of data retention
The above named data are deleted as soon as they are not needed anymore to achieve the purpose of their collection. Concerning the collection of data to make sure the access to our website, the user’s data is deleted when he or she leaves our web page. Concerning the retention of data in log files, your data will be deleted after 60 days at the latest. A temporary retention is possible. In this case, the user’s IP address is deleted or made unrecognizable by us in order to ensure that the calling client cannot be identified and that the existing data cannot be related to a specific person anymore.
In parts, our website uses so-called cookies. Cookies do not cause any damage on your computer and do not contain viruses. They rather serve to render our service more user-friendly, effective and secure. Cookies are small text files which are deposited on your computer and which are stored by your browser.
Most of the cookies used by us are so-called “session-cookies“. Session cookies are automatically deleted once you leave our website. Other cookies are stored on your terminal until you delete them. These cookies make it possible for us to recognize your browser when you next visit our website. A cookie which has been stored for this purpose remains valid for our website for 12 months.
You can set your browser so that you are informed of the storage of cookies and that you allow cookies only in particular cases, exclude the acception of cookies for certain cases or in general and activate the automatic deletion of the cookies when closing the browser. When deactivating the cookies, the functionality of this website can be reduced.
VII. Data security
By employing technical and organizational measures we secure our website and other systems against loss, destruction, access, alteration or dissemination of your data by unauthorized persons. We particularly transfer your personal data in code. During your visit to our website we employ the widespread Secure Socket Layer (SSL) procedure. Unfortunately, the transfer of information via the internet is not completely secure. Therefore, we cannot guarantee the security of the data which has been transferred to our website via the internet.
VIII. Data transfer
We do not share your personal data with third parties unless you have given your consent to the transferring of your data or that we are entitled or obliged to pass on your data due to legal provisions and/or official or judicial orders. This particularly means that we are allowed to provide information for reasons of criminal prosecution, public safety or enforcement of intellectual property rights.
IX. Rights of the data subject
In case that personal data of a user are processed, this user is called a data subject according to the GDPR.
According to Art. 4 GDPR, personal data are all these kinds of information which relate to an identified or identifiable natural person.
A person is called “identifiable“ in case he or she can be determined in a direct or indirect way. This can happen by assigning him or her to a reference like a name, a reference number, location data or online identification data. Another way to identify someone is to assign him or her to one or more special features which express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
This person is a data subject whose personal data are processed, for example the user of the website or the sender of an email.
As a user of our internet-based service you have the following rights according to Art. 15, 16, 17, 18 and 21 GDPR.
• Right of access
According to Article 15 GDPR you have the right of confirmation as to whether or not personal data concerning him or her are being processed. In your access request you should state more precisely the reason why you contact us in order to make it easier for us to compile the necessary data. Please note that under certain circumstances your right of access might be limited by other laws (especially Paragraph 34 Bundesdatenschutzgesetz and Article 10 Bayerisches Datenschutzgesetz).
• Right to rectification
According to Art.16 GDPR you have the right to request rectification of incorrect or incomplete data.
• Right to erasure
According to Art. 17 GDPR you have the right to the erasure of your personal data. Among other things, your right to deletion depends on the fact if we still need your data in question for the fulfilment of our legal tasks.
• Right to restriction of processing
According to Art. 18 GDPR you have the right to request a restriction of the processing of your personal data.
• Right to data portability (Art. 20 GDPR)
• Right to object
On grounds relating to your specific situation you can at any time object to the processing of your personal data (Art. 21 GDPR). However, we cannot always comply with this right, for example in case we are bound by legal regulations regarding our official task fulfilment of data processing,
• Right to revoke your data protection declaration of consent
• Right to lodge a complaint with the supervisory authority (Art. 77 GDPR)
When you object to a declaration of consent
A data subject has at any time the right to object to his or her data protection declaration of consent. However, the lawfulness of the processing which has been performed because of your consent until your objection is not affected.
When you lodge a complaint with a supervisory authority
Regardless of the lodging of an administrative or judicial appeal, every data subject has the right to complain about the use of his or her personal data and contact a supervisory authority, in particular in the member state of his or her habitual residence, the place of work or the place of the alleged infringement. The data subject can lodge a complaint if he or she considers that the processing of his or her personal data by us has infringed the GDPR.
The responsible supervisory authority is:
Data Protection Authority of Bavaria for the Private Sector
To lodge a complaint you can also contact the responsible supervisory authority of your place of residence. You can find current addresses and contact details here: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html