As of: February 5, 2025
Working Group Dimensional Physics GbR
Athener Ring 3
97084 Würzburg, Germany
E-mail address: christian.kosmak@dimensionale-physik.de
The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.
Relevant legal bases according to the GDPR: The following is an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection requirements may apply in your or our country of residence or domicile. Should more specific legal bases apply in individual cases, we will inform you of these in the data protection declaration.
National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations for data protection in Germany apply. These include, in particular, the Act for the Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special provisions on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and for transmission, and automated decision-making in individual cases, including profiling. Furthermore, the data protection laws of the individual federal states may apply.
Note on the validity of the GDPR and the Swiss DPA: This data protection notice serves to provide information in accordance with both the Swiss DPA and the General Data Protection Regulation (GDPR). For this reason, we ask you to note that, for reasons of comprehensibility and the fact that it applies to a wider geographical area, the terms of the GDPR are used. In particular, instead of the terms used in the Swiss DSG, “processing” of “personal data”, “overriding interest” and “particularly sensitive personal data”, the terms used in the DSGVO are “processing” of “personal data” as well as “legitimate interest” and “special categories of data”. However, the legal meaning of the terms will continue to be determined by the Swiss DSG within the scope of the validity of the Swiss DSG.
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as the access, input, disclosure, safeguarding of availability and its separation. Furthermore, we have set up procedures to ensure that the rights of data subjects are exercised, that data is deleted and that we respond to data being compromised. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and processes, in accordance with the principle of data protection, through technology design and data protection-friendly default settings.
As part of our processing of personal data, it may be necessary to transfer or disclose it to other departments, companies, legally independent organizational units or persons. The recipients of this data may include, for example, service providers contracted to perform IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.
Data processing in third countries: If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transmission of data to other persons, bodies or companies, this will only be carried out in accordance with the legal requirements. If the level of data protection in the third country has been recognized by means of an adequacy decision (Art. 45 GDPR), this serves as the basis for the data transfer. Otherwise, data transfers will only take place if the level of data protection is otherwise ensured, in particular by standard contractual clauses (Art. 46 (2) (c) GDPR), express consent or in the case of contractual or legally required transfer (Art. 49 (1) GDPR). We will also provide you with the basis for third-country transfers for the individual providers from the third country, with the adequacy decisions taking precedence as the basis. Information on third-country transfers and the relevant adequacy decisions can be found on the European Commission’s website: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=de. As part of the so-called “Data Privacy Framework” (DPF), the EU Commission has also recognized the level of data protection for certain companies from the USA as secure within the framework of the adequacy decision of July 10, 2023. The list of certified companies and further information on the DPF can be found on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/. We will inform you in the data protection notice which of our service providers are certified under the Data Privacy Framework.
We delete personal data that we process in accordance with the statutory provisions as soon as the underlying consent is revoked or there are no further legal grounds for processing. This applies to cases in which the original purpose of processing no longer applies or the data is no longer needed. Exceptions to this rule exist when legal obligations or special interests require longer storage or archiving of the data.
In particular, data that must be stored for commercial or tax law reasons or that must be stored for legal prosecution or to protect the rights of other natural or legal persons must be archived accordingly.
Our data protection notices contain additional information on the storage and deletion of data that specifically applies to certain processing operations.
If there is more than one retention period or deletion period for a date, the longest period always applies
If a period does not explicitly begin on a specific date and is at least one year long, it automatically begins at the end of the calendar year in which the event triggering the period occurred. In the case of ongoing contractual relationships in the context of which data is stored, the event triggering the deadline is the point in time at which the termination or other termination of the legal relationship takes effect.
We process data that is no longer stored for the originally intended purpose but due to legal requirements or other reasons exclusively for the reasons that justify its storage.
Further information on processing, procedures and services:
Rights of data subjects under the GDPR: As a data subject, you have various rights under the GDPR, which arise in particular from Articles 15 to 21 of the GDPR
We process user data in order to provide our online services. For this purpose, we process the user’s IP address, which is necessary to transmit the contents and functions of our online services to the user’s browser or device.
Further information on processing, procedures and services
The term “cookies” refers to functions that store and read information on users’ end devices. Cookies can also be used for a variety of purposes, such as to ensure the functionality, security and convenience of online services and to generate visitor flow analyses. We use cookies in accordance with legal requirements. To do this, we obtain users’ consent in advance if necessary. If consent is not necessary, we rely on our legitimate interests. This applies when the storage and reading of information is essential to provide expressly requested content and functions. This includes, for example, the storage of settings and ensuring the functionality and security of our online services. Consent can be withdrawn at any time. We provide clear information about the scope of this and which cookies are used.
Notes on the legal basis under data protection law: Whether we process personal data using cookies depends on consent. If consent has been given, it serves as the legal basis. Without consent, we rely on our legitimate interests, which are explained above in this section and in the context of the respective services and procedures.
Storage period: With regard to the storage period, the following types of cookies are distinguished:
General information on revocation and objection (opt-out): Users can revoke the consent they have given at any time and also object to the processing in accordance with the legal requirements, including by means of the privacy settings of their browser.
When contacting us (e.g. by post, contact form, email, telephone or via social media) and in the context of existing user and business relationships, the information provided by the requesting persons is processed insofar as this is necessary to answer the contact requests and any requested measures.
Further information on processing, procedures and services:
We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). These may be, for example, graphics, videos or city maps (hereinafter uniformly referred to as “content”).
The integration always requires that the third-party providers of this content process the IP address of the user, since they would not be able to send the content to the user’s browser without the IP address. The IP address is therefore required for the presentation of this content or these functions. We endeavor to use only content from providers who use the IP address solely for the purpose of delivering the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include, but is not limited to, technical information about the browser and operating system, referring websites, time of visit and other information regarding the use of our online services.
Notes on the legal basis: If we ask users for their consent to use third-party providers, the legal basis for data processing is permission. Otherwise, user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and recipient-friendly services). In this context, we would also like to draw your attention to the information on the use of cookies in this data protection declaration.
Further information on processing, procedures and services:
Created with the free Datenschutz-Generator.de from Dr. Thomas Schwenke