Privacy policy
General
- Your personal data within the meaning of Art. 4 No. 1 GDPR (e.g. IP address, name, e-mail address) will only be processed by us in accordance with the provisions of German data protection law and taking into account the European General Data Protection Regulation (GDPR). The following regulations inform you about the type, scope and purpose of the collection, processing and use of personal data.
- The processing of personal data within the meaning of Art. 4 No. 2 GDPR is lawful in accordance with Art. 6 GDPR if one of the following conditions is met:
- The data subject has given their consent to the processing of their personal data for one or more specific purposes;
- the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which the controller is subject;
- processing is necessary to protect vital interests of the data subject or another natural person;
- the processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been delegated to the controller;
- processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject that require the protection of personal data prevail, in particular if the data subject is a child acts.
- The processing of special personal data (e.g. health data) within the meaning of Art. 9 Para. 1 GDPR is lawful in accordance with Art. 9 Para. 2 GDPR if one of the following conditions is met:
- there is an explicit consent of the person;
- the processing is necessary for the establishment, exercise or defense of legal claims or in the case of actions by the courts in the context of their judicial work.
- There is no automatic decision-making or profiling of personal data within the meaning of Art. 22 GDPR.
- The operator ensures the security of the data in accordance with Art. 32 GDPR, taking into account the principle of proportionality, by means of suitable technical measures.
- If, contrary to expectations, there is a breach of data protection, the competent supervisory authority in accordance with Art. 33 GDPR and the data subject in accordance with Art. 34 GDPR will be notified.
Scope
This data protection declaration only applies to our websites. If you are redirected to other sites via links on our site, please inform yourself there about the respective handling of your data.
Duration of data storage
The duration of the storage of the data transmitted by you depends on the legal storage obligations. In accordance with commercial and tax laws, invoices must be retained for a period of 10 years.
Disclosure of data to third parties
Data transmitted as part of the contractual relationship will only be passed on to third parties (Art. 4 No. 10 GDPR) if you have expressly given your consent (Art. 4 No. 11 GDPR) or if the transfer is necessary to fulfill the contract. Consent can be revoked informally at any time. Data collected by visiting the website is only collected by third parties who are expressly named below.
Responsible in the sense of the GDPR
The person responsible within the meaning of the General Data Protection Regulation (GDPR), as well as other data protection laws applicable in the European Union and other provisions of a data protection nature is:
Barnickel Asset Management UG (haftungsbeschränkt)
Kirschenweg 7
64678 Lindenfels
Contact:
Email: p.barnickel[at]bam-portfolio.com
Storage of access data in log files
You can visit our website without providing any personal information. The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type/ browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of server request
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to subsequently check this data if we become aware of specific indications of illegal use. The purpose of the processing results from our legitimate interest within the meaning of Art. 6 Para. 1 S. 1 lit. f) GDPR.
A contract for order processing was concluded with our hoster.
Contact form
When using the contact form offered on these pages, the information you enter is transmitted and stored for the purpose of answering your request. The data will not be passed on to third parties. The legality of the use of the form results from Art. 6 Para. 1 Sentence 1 lit. f) GDPR.
Requests via email
If you contact us by email, your request including all resulting personal data (name, request, etc.) will be stored and processed by us for the purpose of processing your request. We will not disclose this data without your consent.
The processing of this data is based on Art. 6 (1) (b) GDPR, if your request is related to the fulfillment of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests directed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if requested.
The data you send us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after completing the processing of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
Your data will not be disclosed to third parties without your consent and are subject to medical confidentiality. Please note that we usually receive your data by email unencrypted. IT experts often remind us of the principle that what you would not send as a postcard, you should not send by email either. Therefore, please do not send us confidential information/data via regular email, but rather choose an end-to-end encrypted transmission, such as encrypted email or file transfer, or send it by post.
Please understand that we reject any liability for unsolicited data/emails sent to us.
Social media links
We feature social media pages for third-party providers that can be accessed via links from this website. By using the links, you will be redirected to the respective websites of the third-party providers (e.g., LinkedIn), where you can also share our content. No data transfer takes place when you visit our website.
As soon as you access the third-party provider's website, you fall under the jurisdiction of that particular third-party provider. Consequently, their data protection policies or their statements regarding data use will apply. We do not exert any control over this, but to minimize data transfer, we advise you to log out of the respective third-party provider before utilizing a corresponding link. This action will ensure that the third-party provider doesn't create user profiles simply based on your use of the link.
Security of your data / SSL encryption
In line with legal standards, this site employs SSL encryption, which is signified by a lock icon in your browser's address bar. When SSL encryption is enabled, the data you transmit is safeguarded from third-party access.
Generally, a 256-bit encryption is utilized. If, for any reason, your browser doesn't support the 256-bit encryption, we default to the 128-bit v3 technology. You can ascertain if an individual webpage on our site is encrypted by noting the closed representation of the key or lock symbol in the lower status bar of your browser.
Beyond encryption, we have in place adequate technical and organizational security protocols. These are designed to shield your data from unintended or willful manipulations, partial or complete loss, destruction, or unwarranted third-party access. As technology evolves, we consistently refine and bolster our security measures.
User rights
At any point, you can request complimentary information about your stored personal data. This encompasses the rights to obtain confirmation, correct, limit, block, and erase such data. Additionally, you have the right to receive a copy of the data in a transfer-friendly format, and to revoke any given consent or raise objections. Nonetheless, legally mandated retention guidelines are not impacted.
Your rights are primarily derived from the subsequent GDPR provisions:
- Article 7(3) - Right to withdraw consent under data protection law
- Article 12 - Transparent information, communication, and means to practice the data subject's rights
- Article 13 - Directive to offer information when gathering personal data from the data subject
- Article 14 - Information to be given when the personal data wasn't sourced from the data subject
- Article 15 - Right of access for the data subject, inclusive of the right to confirmation and to receive a copy of the personal data
- Article 16 - Right to correction
- Article 17 - Right to deletion (“right to be forgotten”)
- Article 18 - Right to limit processing
- Article 19 - Duty to inform about corrections or erasure of personal data or processing restrictions
- Article 20 - Right to data transferability
- Article 21 - Right to objection
- Article 22 - Right against decisions purely based on automated operations, including profiling
- Article 77 - Right to lodge grievances with a regulatory agency
To utilize your rights (apart from Art. 77 GDPR), kindly get in touch with the entity mentioned under “Responsible within the meaning of the GDPR” (for instance, via email).
Supervisory authority:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Gustav-Stresemann-Ring 1
65189 Wiesbaden, Germany
Phone: 0611-1408 0