Our website uses necessary cookies, to enable essential services and functionality on our site. By clicking accept you agree with our cookie policy.

§ 1 Controller and scope

The controller in the meaning of the EU General Data Protection Regulation (hereinafter: GDPR), other national data protection laws of member states and additional data protection regulations is:

Breyer Publico SLU
International VAT ID: B09688177
ES-08198 Sant Cugat del Vallès, Barcelona
Director: Jutta Breyer

mail@breyer-publico.eu
www.breyer-publico.eu

This privacy policy applies to the website(s) of Breyer Publico SLU that is accessible via the domain http://breyer-publico.eu and various subdomains (hereinafter: “our website”).

§ 2 Principles of data processing

The term personal data refers to all information that relates to an identified or identifiable natural person. It includes, for instance, information such as your name, age, address, telephone number, date of birth, email address, IP address and user behavior. Information that does not allow us to establish a connection to you as a person (or would only allow such a connection with an unreasonable amount of effort), for instance anonymized information, is not classed as personal data. Processing personal data (for instance collecting, querying, using, storing and transferring personal data) always requires a legal basis or your consent. Processed personal data is deleted as soon as the purpose for which it was collected is fulfilled and statutory retention periods no longer apply.

Insofar as we process your personal data in order to provide specific services to you, the following serves to inform you of the concrete processes, the scope and the purpose of data processing, the legislation on which it is based and the duration of storage in each case. We may rely on our affiliated companies or other third parties to process personal data, please refer to our subcontract list.

§ 4 Individual processing activities

1. Website provision and use a. Type and scope of data processing When you call up and visit our website, we collect personal data that your browser automatically sends to our server. This information is stored temporarily in a so-called log file. When you use our website, we collect the following data needed for technical reasons to display the website and guarantee its security and stability:

• IP address of the requesting computer
• Date and time of access
• Name of the URL and the requested file
• The website from which access was made (referrer URL)
• Your browser and possibly also your computer’s operating system as well as the name of your access provider

b. Legal basis Art. 6 Para. 1 (f) GDPR serves as the legal basis for data processing activities detailed in the preceding. Processing the specified data is an essential part of making the website accessible and therefore serves a legitimate interest of our company.

c. Duration of storage The specified data will be deleted as soon as it is no longer needed to display the website. Collecting the data is essential to making the website available; storing the data in log files is essential to operating the website. The user therefore has no option to object to collection and storage. In some cases data may be stored for other purposes if required by law.

6. Contact options on our website Our website offers you options to contact us by email:

• mail@breyer-publico.eu

a. Type and scope of data processing Every user of this website can send their inquiries to this email address. Email inquiries are processed by the appropriate department. The data we collect in this case is limited to the email address of the email account you used to contact us and any other personal data you disclose to us within the scope of your inquiry.

b. Legal basis The lawfulness of data collection is based on Art. 6 Para. 1 (f) GDPR as both you and we have an interest in contacting and communicating with one another and we as a company have a legitimate interest in processing the data detailed in the preceding in order to respond to your inquiry.

c. Duration of storage The duration of storage with regard to the preceding personal data depends on the nature of your inquiry. Your data will be routinely deleted insofar as the purpose of your communication no longer applies and data storage is no longer necessary (or once we have finished handling your inquiry).

§ 5 Disclosing data

We will only disclose your data to third parties if:

• You have explicitly granted your consent in accordance with Art. 6 Para. 1 p. 1 (a) GDPR
• To do so is lawful and necessary to fulfill our contractual obligations towards you in accordance with Art. 6 Para. 1 p. 1 (b) GDPR
• We are obligated to do so by law in accordance with Art. 6 Para. 1 p. 1 (c) GDPR
• Disclosure is necessary to protect our legitimate interest or to assert, exercise or defend legal claims in accordance with Art. 6 Para. 1 p. 1 (f) GDPR and there is no reason to assume that you have an overriding interest in non-disclosure worthy of protection.

§ 6 Use of cookies

a. Type and scope of data processing Our website uses required cookies. Cookies are small files that are sent to and stored by your browser when you visit our web pages. Certain technical cookies are essential as some of our website’s functions will not work without them.

Function 1: Required cookies These cookies are required for technical reasons as they enable you to visit our website and use the functions we provide. These cookies also contribute towards making the use of our website secure and in compliance with regulations.

b. Legal basis The legal basis for processing personal data using cookies is Art. 6 Para. 1 (f) GDPR on account of the purposes described in the preceding (cf. clause 6. a.). If you have granted your consent to the use of cookies in response to a notice (“cookie banner”) on the website, then lawfulness is also based on Art. 6 Para. 1 p. 1 (a) GDPR.

c. Duration of storage The information will be deleted as soon as the data provided to us via the cookies is no longer required to fulfill the purposes described in the preceding. In some cases data may be stored for other purposes if required by law.

d. Configuration of browser settings Most browser are set to accept cookies by default. You can, however, configure your browser so that it only accepts certain cookies or none at all. Please note, however, that you may not be able to use all the functions of our website if its cookies are deactivated in your browser settings. You can also use your browser settings to delete cookies already stored in your browser. In addition, you can set your browser to inform you whenever a cookie is about to be stored. As browsers differ in regards to their functionality, please refer to your browser’s help menu for information on adjusting configuration options. We recommend installing specific plug-ins if you want to see a comprehensive overview of all third parties with access to your web browser.

§ 8 Hyperlinks

Our website contains so-called hyperlinks to websites operated by other providers. Activating a hyperlink will transfer you directly to the website of the corresponding provider. You can recognize the transfer by the change of URL, for example. We cannot accept any liability for the confidential use of your data on these websites as we have no influence on the compliance of these companies with data protection regulations. Please refer directly to the website concerned to obtain information on how your personal data is handled.

§ 9 Right of access

The GDPR stipulates that you as a data subject whose data is processed have the following rights:

• Pursuant to Art. 15 GDPR, you can request information with regard to your personal data processed by us. In particular, you can request information in relation to the purposes of the processing; the categories of personal data concerned; the categories of recipients to whom the personal data has been or will be disclosed, including recipients in third countries or international organizations; the envisaged period for which the personal data will be stored; the existence of the right to request from us the rectification or erasure of your personal data or restriction of processing of your personal data or to object to such processing; the existence of the right to lodge a complaint; the source of your personal data to the extent that it was not collected by us; and the existence of automated decision-making, including profiling and any meaningful information about the particulars thereof.
• Pursuant to Art. 16 GDPR, you can demand the immediate correction of incorrect or incomplete personal data stored by us.
• Pursuant to Art. 17 GDPR, you have a right to request the erasure of your personal data stored by us insofar as processing is not required for the purpose of exercising the right of freedom of expression and information; for compliance with a legal obligation; for the performance of a task carried out in the public interest or in the exercise of official authority vested in us; or for the establishment, exercise or defense of legal claims.
• Pursuant to Art. 18 GDPR, you have a right to restrict our use of your personal data if you contest the accuracy of the data; the processing is unlawful; we no longer need the personal data, but it is required by you for the establishment, exercise or defense of legal claims. Your right pursuant to Art. 18 GDPR remains unaffected if you have lodged an objection to data processing in accordance with Art. 21 GDPR.
• Pursuant to Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format; you also have the right to have your data transmitted to another controller.
• Pursuant to Art. 7 Para. 3 GDPR, you have the right to withdraw previously granted consent at any time. Consequentially, we will not be permitted to continue processing your data on the basis of your consent in the future.
• Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. You can contact the supervisory authority of the Member State of your habitual residence, place of work or place of the alleged infringement.

§ 10 Right to Object

In relation to the processing of your personal data on the basis of legitimate interests in accordance with Art. 6 Para. 1 p. 1 (f) GDPR, you have the right pursuant to Art. 21 GDPR to object to your data being processed on grounds relating to your particular situation or if your objection concerns direct marketing. With regard to direct marketing, you have a general right to object without providing a specific reason and we are required to take appropriate action.

§ 11 Data safety and security measures

1. Security measures We undertake to protect your privacy and to treat your personal data confidentially. We have implemented extensive technological and organizational measures to prevent the manipulation, loss or misuse of your personal data stored on our servers. These measures are routinely reviewed and adapted to reflect technological developments. They include the use of acknowledged encryption methods (SSL or TLS).

Please note, however, that the structure of the internet makes it possible for persons and institutions outside of our sphere of control to disregard data protection regulations and the security measures detailed in the preceding. In particular, data that is transmitted without prior encryption – for instance by email – can be read by third parties. We have no technological influence in this regard. It is the user’s responsibility to protect the data provided by them from misuse by way of encryption or other suitable means.

b. Legal basis Art. 6 Para. 1 (f) GDPR serves as the legal basis for data processing activities detailed in the preceding. Processing the specified data is an essential part of reducing the risk of payment default, misuse or fraud in our orders and therefore serves a legitimate interest of our company.

c. Duration of storage The data is stored for 18 months with the service provider and then deleted.