Introduction and General Information

Thank you for your interest in our website. The protection of your personal data is given the highest level of priority by us. In the further sections of this text, you will find information about how we use your data when we collect them during your use of the website. The processing of your data takes place in accordance with the applicable legal laws and regulations on data protection.

Data Controller under the General Data Protection Regulations (GDPR)  

Karaca Lisans Germany GmbH

Vogelsanger Weg 80, 404070 Düsseldorf

datenschutzauskunft@karaca.com

Contact information of the data controller

Jurcom GRC Services

World trade Center, Prinses Margrietplantsoen 33 2595 AM

The Hague/Niederlande 

Definitions

The data protection disclosure text has been structured to be simple to ensure that it can be easily understood by anyone. This document refers to the official definitions described in article 4 of the General Data Protection Regulations (GDPR).

Webhosting

The data collected on this website are stored in the servers of the host. This website is hosted at the located Vodafone Esenyurt Data Center, Ornek, Erzurum Kongre Cd. No:11, 34517 Esenyurt/İstanbul, the data collected on this website are stored in the servers of the host, which may include data related to IP addresses, contact requests, meta and contact information, website access and other data generated on a website

In line with the requirements defined in article 28 of the GDPR, we have signed an order processing contract to assure that the data of our clients are protected, and they are not shared with third persons. 

Server Log Files

When you visit our website, related data are required to be transferred to our web server through your internet browser. The following data are recorded during communication between our web server and your internet browser:

  • Date and time of the request
  • Name of the requested file
  • The page on which the file was requested
  • Access status
  • The web server and operation system used
  • The full IP address of the requesting computer
  • The amount of data transferred
  • The type and version of your internet browser

We collect the data listed above in order to ensure smooth connection to and easy use of the by users. Besides, log files are used for evaluating system security and stability, and also for administrative purposes. The legal basis for the temporary storage of the data and log files is article 6 paragraph (1) subparagraph (f) of the GDPR.

In order to ensure technical security and, in particular, prevent attempts of attacks to our server, these data are stored for a short period of time. It is not possible to derive any personal information from such data. These data are narrowed down to IP addresses and domains after 6 weeks, after which it will be impossible to make any references to the individual user.

CONTACT FORM

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The processing of the data entered in the contact form is therefore exclusively based on your consent (Article 6 Paragraph 1a of the GDPR). You can revoke this consent at any time. an informal message by e-mail to us is sufficient. The legality of the data processing operations that took place up until the revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

Cookies

Our website uses the so called “cookies”. Cookies are small-sized text files stored in your device during a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit, while permanent cookies are stored in your device until you delete them manually or they are automatically deleted by your web browser.

Cookies have various functions. Technically, high number of cookies are needed, since certain website functions do not work without them (shopping cart, shopping function, language settings, etc.). There are also other cookies used to evaluate user behaviours or showing advertisements.

Technically necessary cookies are stored pursuant to article 6, paragraph 1, subparagraph (f) of the GDPR. We have legitimate interest in storing cookies, in order for our services to be delivered in a technically error-free and optimized manner. On the other hand, other cookies are stored only with your consent pursuant to article 6, paragraph 1, subparagraph (a) of the GDPR, and you can revoke your consent at any time. The legal basis for the storage of cookies is article 6, paragraph 1, subparagraph (b) of the GDPR, when processing is necessary for the performance of a contract to which the data owner is a party, or for the implementation of pre-contractual measures taken upon the demand of the data owner.

When cookies are required to be used for analysing purposes, we will separately inform you and obtain your consent under this disclosure on data protection.

You can manage the settings of your browser with the options given below:

  • You can receive information about cookie settings,
  • You can allow cookies on a case basis,
  • You can accept cookies only in certain conditions, or reject them in general,
  • You can activate the setting for the automatic deletion of cookies when the browser is closed.

Cookie settings can be managed via the following links for various browsers: 

You can also manage the cookies and advertisement functions of different companies separately. For this, you can use the dedicated user tools at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.

 

In addition, many browsers offer the “Do-Not-Track-Function”. When this function is activated, the browsers notifies the advertisement networks, websites and applications that it does not want to be tracked to behavioural advertising or similar purposes.

You can find the information and instructions necessary for the management of these functions via the following links depending on your browser type:

You also have the option to prevent automatic downloading of script files. The "NoScript" function allows JavaScripts to work only on the secure areas of Java and other extensions you will choose. You can find the information and instructions necessary for the management of this functions from the provider of your browser  (e.g. at https://addons.mozilla.org/de/firefox/addon/noscript/ for Mozilla Firefox).

 

Please note that certain functions of our website may be restricted when you deactivate cookies.

Store

For having access to our online store, we offer you the option to register and create a customer account by entering your personal data. During registration, your data are entered in an input mask, transferred to us, and stored. Your data are not transferred to third persons. As a part of the customer account, we need to store the following data, necessary for the signing and performance of the contract:

  • Name
  • Surname
  • Address
  • E-Mail Address

 

User registration is required for the performance of the contract, for taking pre-contractual measures, or for providing the services requested. The legal basis for the storage of cookies is article 6, paragraph 1, subparagraph (b) of the GDPR. When the data are no more needed for the performance of the contract, they are deleted. Even after the contract is made, it can be necessary to store the personal data of our contract partners for the fulfilment of contractual or legal obligations. As the user, you are entitled to cancel your registration at any time. Unless otherwise stipulated by contractual or legal obligations, the data can be deleted prematurely.

Blog Comments

As a user of our website, you have the option to write comments on the individual content of our blogs. For this, we need your name or nickname and your e-mail address (not to be published). Also, your IP address and comment time will remain in the protocol and will be stored for 6 weeks. The IP address is stored for security reasons and against the risk of the violation of the rights of third persons or illegal content. We need your e-mail address so that we can contact you if a third party complains that the content shared by you is illegal.

Comments are stored after you have given your consent (GDPR, article 6, paragraph 1, subparagraph (a). You can revoke your consent at any time. To do this, you can just send us an informal e-mail. However, the legal consequences of data processing that have already taken place will not be affected by such revocation.

Storage of any additional data (IP address and e-mail address) takes place based on our legitimate interests in line with article 6, paragraph 1, subparagraph (f) of the GDPR. We are entitled to remove any comments for which a third person claims illegality.

Collected IP addresses are deleted after 6 weeks’ time.

Please contact us if you want any of your comments to be deleted.

Bulletin Segmentify

If you would like to receive regular newsletters containing information about our offers and products, we need your e-mail address.

Besides, additional data is required in order to be able to address you personally in the newsletters and/or identify you when you want to exercise your rights as the data owner.

We use the “double opt-in procedure” to send our newsletters to you. Accordingly, we will send you our newsletters by e-mail if you expressly confirm newsletter notification. In the first step, you will receive an e-mail with a link to confirm that as the owner of the e-mail address, you wish to receive our future newsletters.

Upon confirmation, you will be considered to have given consent for the use of your personal data for sending the requested newsletters, pursuant to article 6, paragraph 1, subparagraph (a) of the GDPR.

When you sign up for newsletters, in addition to your e-mail address required for notification, we record the IP address you used to sign up for the newsletters, and the date and time of your registration so we can monitor any potential abuse, and your consent.

You can unsubscribe to the newsletters at any time via the link in each newsletter or by sending an e-mail to the contact person whose contact information is given above. Upon unsubscribing, your e-mail address will be immediately removed from our newsletter distribution list, unless you expressly consent to the continued use of the collected data or continued processing is legally permitted.

Our e-mail newsletters are sent through the services of a technical service provider, to which we forward the data you provide when registering for newsletters. We have signed an order processing contract with our email service provider, where we oblige them to protect the data of our customers and not to share such data with third persons.

Service provider: segmentify GmbH

Address: Kappellenstr. 47, 65830 Kriftel

Privacy statement: https://www.segmentify.com/de/richtlinie-zur-verarbeitung-personenbezogener-daten (personal data processing directive)

Guarantee when needed: Segmentify normally uses servers located in Frankfurt. However, when the data are transferred to third countries, Segmentify employs the suitable guarantees in line with article 44 ff of the GDPR.

The service provider uses the information in the newsletter registration to send the newsletters on our behalf and make statistical evaluations. The e-mails sent contain web beacons or tracking pixels that represent single-pixel image files stored on our website, for evaluation purposes. In this way, it can be determined whether a newsletter link has been opened and the links contained have been clicked. With the help of conversion tracking, it is also possible to analyse whether a predefined action (e.g. purchasing a product on our website) have taken place after clicking on the link in the newsletter. Technical information is also recorded (e.g. request time, IP address, browser type and operating system). The data are collected only in anonymous form, and they are not linked to your other personal data, as a result of which direct personal reference is not possible. These data are only used for the statistical analysis of newsletter campaigns. The results obtained through these analyses can be used to better tailor future newsletters to buyers’ interests.

Related Marketing Cloud Platform 

News bulletins are also sent through the Related Marketing Cloud Platform, a service provider of Related Digital company located at Maslak Mah. Büyükdere Cd. No. 249, Sarıyer - İstanbul, Turkey.

When you sign up for newsletters, in addition to your e-mail address required for notification, we record the IP address you used to sign up for the newsletters, and the date and time of your registration so we can monitor any potential abuse, and your consent. You can unsubscribe to the newsletters at any time via the link in each newsletter or by sending an e-mail to the contact person whose contact information is given above. Upon unsubscribing, your e-mail address will be immediately removed from our newsletter distribution list, unless you expressly consent to the continued use of the collected data or continued processing is legally permitted.

Our e-mail newsletters are sent through the services of a technical service provider, to which we forward the data you provide when registering for newsletters. We have signed an order processing contract with our email service provider, where we oblige them to protect the data of our customers and not to share such data with third persons.

Related Digital uses these data to send the newsletters on our behalf and make statistical evaluations. The e-mails sent contain web beacons or tracking pixels that represent single-pixel image files stored on our website, for evaluation purposes. In this way, it can be determined whether a newsletter link has been opened and the links contained have been clicked. With the help of conversion tracking, it is also possible to analyse whether a predefined action (e.g. purchasing a product on our website) have taken place after clicking on the link in the newsletter. Technical information is also recorded (e.g. request time, IP address, browser type and operating system). The data are collected only in anonymous form, and they are not linked to your other personal data, as a result of which direct personal reference is not possible. These data are only used for the statistical analysis of newsletter campaigns. The results obtained through these analyses can be used to better tailor future newsletters to buyers’ interests. The legal basis for this is article 6, paragraph 1, subparagraph (f) of the GDPR. If you decide to object to data analysis for statistical evaluation purposes, you need to cancel your newsletter subscription.

Since personal data are transferred to Turkey, additional protective mechanisms are needed to ensure the data protection level required by the GDPR. In order to achieve this, we have agreed with Related Digital on standard data protection clauses pursuant to article 46, paragraph 2, subparagraph (c) of the GDPR. These oblige the recipients of the data in third countries to process the data in accordance with the level of protection required in the European Union. In cases where this protection cannot be achieved even with the extension of this contract, we try to obtain additional arrangements and commitments from the recipient.

For more information on the privacy policy of Related Digital and the service provider, please see: https://www. Relateddigital.com/en/privacy-polic.

Google Analytics

Our website uses Google Analytics, a web analysis service provided by Google Ireland Limited located at Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses "cookies".

Commissioned by the website operator, Google uses these data to evaluate your use of the website and to compile reports on website activity. Google also uses these data to provide the website operator with other services related to the use of the website and the Internet. The IP address sent by your browser within in relation to Google Analytics is not combined with other data from Google. The processing takes place pursuant to Article 6, paragraph 1, subparagraph (a) of the GDPR, based on your consent.

We only use Google Analytics with IP anonymisation enabled. This means that your IP address is only be processed by Google in shortened form.

We have signed an order processing contract with the service provider, in which we oblige them to to protect the data of our customers and not to share such data with third persons.

Since personal data are transferred to the USA, additional protective mechanisms are needed to ensure the data protection level required by the GDPR. In order to achieve this, we have agreed with the service provider on standard data protection clauses pursuant to article 46, paragraph 2, subparagraph (c) of the GDPR. These oblige the recipients of the data in the USA to process the data in accordance with the level of protection required in the European Union. In cases where this protection cannot be achieved even with the extension of this contract, we try to obtain additional arrangements and commitments from the recipient in the USA.

For more information on the conditions of use and privacy policy of Google Analytics, please see:

http://www.google.com/analytics/terms/de.html

https://www.google.de/intl/de/policies/

Your data will be deleted when they are no longer needed to achieve the purpose for which they have been collected. User-level and event-level data associated with cookies, user IDs and advertising IDs (e.g. DoubleClick cookies, Android advertising ID, IDFA [Apple identifier for advertisers]) are deleted in 14 months after they are collected at the latest.

You can prevent cookies from being stored by managing the settings of your internet browser accordingly. However, we would like to point out that in such a case you may not be able to use all functions of the website without restriction. You can also prevent Google to collect the data generated by the cookies and analyse your use of the website (including your IP address) and the processing of this data by Google, by downloading and installing the browser extension available at https://tools.google.com/dlpage/gaoptout?hl=de.

Google Ads Remarketing

This website uses Google Remarketing, a Google Ads service, to integrate Google Ireland Limited (“Google”) ads. The provider is Google Ireland Limited located at Gordon House, Barrow Street, Dublin 4, Ireland.

When website visitors visit other websites in the Google Display Network, this function can target website visitors with this function by placing a personalized, interest-based advertisements. When you later visit another website on the Google Display Network, ads are likely to be shown taking into account previously accessed products and information.

Google uses cookies to analyse website usage, which forms the basis for creating interest-based ads.

“Cookies” are text files stored on your device to enable the analysis of the use of the website. The information generated by the cookies about the use of this website (including your IP address) and the delivery of advertising formats is transferred to the Google server in the USA and stored there. These data may be transferred by Google to its contracted partners. However, Google does not combine your IP address with other data stored by you. If you allow cookies to be stored, it takes place pursuant to article 6, paragraph 1, subparagraph (a) of the GDPR. You can prevent the storage of cookies by managing your browser settings accordingly. However, we would like to point out that in such a case you may not be able to fully use all functions of this website. You can also prevent the collection of data generated by cookies about your use of the website and the processing of these data by Google by downloading and installing the browser extension available at https://tools.google.com/dlpage/gaoptout?hl=de. You can also disable the cookies via this Link.

Since personal data are transferred to the USA, additional protective mechanisms are needed to ensure the data protection level required by the GDPR. In order to achieve this, we have agreed with the service provider on standard data protection clauses pursuant to article 46, paragraph 2, subparagraph c of the GDPR. These oblige the recipients of the data in the USA to process the data in accordance with the level of protection required in the European Union. In cases where this protection cannot be achieved even with the extension of this contract, we try to obtain additional arrangements and commitments from the recipient in the USA.

For more information on Google Ads Remarketing and the privacy policy of Google, please see: http://www.google.com/privacy/ads/

Google Tag Manager

This website uses the Google Tag Manager provided by Google Ireland Limited located at Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Thanks to this service, website tags are managed through an interface. Google Tag Manager only implements tags, which means that no cookies are used and only the user’s IP address data is transferred to Google to establish the connection. While Google Tag Manager triggers other tags that in turn can collect data, it does not access this data. If a domain or cookie-level deactivation occurs, this deactivation remains in place for all tracking tags, provided that it is implemented with Google Tag Manager.

We use Google Tag Manager based on our legitimate interests based on article 6, paragraph1, subparagraph (f) of the GDPR. Our legitimate interest is to provide technical integration of other website tools.

Since personal data are transferred to the USA, additional protective mechanisms are needed to ensure the data protection level required by the GDPR. In order to achieve this, we have agreed with the service provider on standard data protection clauses pursuant to article 46, paragraph 2, subparagraph (c) of the GDPR. These oblige the recipients of the data in the USA to process the data in accordance with the level of protection required in the European Union. In cases where this protection cannot be achieved even with the extension of this contract, we try to obtain additional arrangements and commitments from the recipient in the USA.

Facebook Pixels

On our website, we use “Facebook Pixel”, a service provided by Facebook Inc. located at 1601 S California Ave, Palo Alto, California 94304, USA (“Facebook”).

If you have given us your consent pursuant to article 6, paragraph 1, subparagraph (a) of the GDPR, the Facebook Pixel is used for marketing and optimization purposes, in particular to place ads that are relevant and interesting to you on Facebook, thereby improving our offer, making it more interesting for you as a user and avoiding annoying advertisements.

The Facebook Pixel enables Facebook to display “Facebook Ads” on Facebook only to Facebook users who visit our website, especially those who show an interest in our online offer. In such a case, Facebook Pixel also makes it possible to check whether a user has been redirected to our website after clicking on our Facebook ads. Among others, Facebook Pixel uses cookies, which are small text files that are stored locally in the cache of your web browser on your end device. If your user account is registered with Facebook, your visit to our online offer is recorded in your user account. The data collected about you are anonymous to us, so we cannot draw any conclusions about the identity of the user. However, this data may be linked by Facebook to your user account on Facebook. If you have a Facebook user account and are registered, Facebook can associate the visit with your user account.

Since personal data are transferred to the USA, additional protective mechanisms are needed to ensure the data protection level required by the GDPR. In order to achieve this, we have agreed with the service provider on standard data protection clauses pursuant to article 46, paragraph 2, subparagraph (c) of the GDPR. These oblige the recipients of the data in the USA to process the data in accordance with the level of protection required in the European Union. In cases where this protection cannot be achieved even with the extension of this contract, we try to obtain additional arrangements and commitments from the recipient in the USA.

For more information on data protection from the third-party provider please see: bulunabilir: https://www.facebook.com/about/privacy. For more information on Facebook Pixel, please see: https://www.facebook.com/business/help/651294705016616.

You can manage the settings about which type of ads will be presented to you via the following Facebook link: https://www.facebook.com/settings?tab=ads.

Please note that if you delete your cookies, your setting will be reset as well. In addition, you can disable cookies used for reach measurement and advertising purposes via the following links:

http://optout.networkadvertising.org/
http://www.aboutads.info/choices
http://www.youronlinechoices.com/uk/your-ad-choices/
Please note that if you delete your cookies, your setting will be reset as well.

Hotjar

Our website uses the Hotjar web analysis service of Hotjar Ltd, a European company headquartered in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe).

With this tool, the movements on the websites where Hotjar is used can be tracked (called a heatmap). For example, it is possible to track how far the users have progressed on the page and how often they click on which areas. It is also possible to get feedback directly from the users of the website with the help of this tool. Most importantly, the functionality of a Hotjar based website can be enhanced by Hotjar services making it more user friendly, more valuable, and easier to use for end users.

When using this tool, we pay special attention to the protection of your personal data. In this way, we can only understand which buttons are clicked, mouse history, amount of scrolling, device screen size, device type and browser information, geographic location (country only) and preferred language to view our website. The areas on the websites where personal data of you and third parties are displayed are automatically hidden by Hotjar and therefore cannot be tracked at any time. To disable direct personal reference, IP addresses are stored and processed only anonymously. However, Hotjar uses various third-party services such as Google Analytics and Optimizely. It is therefore possible for these services to collect data transmitted by your browser during the processing of website requests. These may be, for example, cookies or your IP address. In these exceptional cases, this processing takes place in accordance with article 6, paragraph 1, subparagraph (a) of the GDPR, on the basis of your consent for statistical analysis of user behaviour for optimization and marketing purposes.

Hotjar stores customer data in the European Union. In some rare cases, data (e.g. e-mail) may be accessed or transmitted from countries with data protection laws that differ from those of your home country, such as the USA or other countries. Hotjar implements appropriate safeguards that ensure the security of your personal data and requires its third-party service providers and partners to take appropriate action as well.

Hotjar offers each user the option titled as “Do Not Track” to prevent the use of the Hotjar tool, in which case no data about the visit to the relevant website is recorded. This setting is supported by all standard browsers in their current versions. To do this, your browser sends a request to Hotjar to disable tracking for you as a user. If you use our websites on different browsers/computers, you must set the “Do Not Track” option for each of these browsers/computers separately.

When you visit a Hotjar based website, you can prevent the collection of your Hotjar data at any time by visiting our deactivation page https://www.hotjar.com/legal/compliance/opt-out and clicking on the deactivation option.
For more information on Hotjar Ltd. and the Hotjar tool, please see: https://www.hotjar.com
For Hotjar Ltd.’s privacy statemen, please see: https://www.hotjar.com/privacy

Segmentation

With your consent under article 6, paragraph 1, subparagraph (a) of the GDPR, this website uses Segmentify, a web-based service operated on our behalf by Segmentify GmbH, located at Rheinsberger Str. 76-77, 10115 Berlin, Germany. Segmentify is a cloud service for websites, and it collects and analyses user behaviour on websites in order for the automatical calculation and display of different types of smart product recommendations and other content.

Segmentify uses cookies that are stored on your computer and provide an analysis of your use of the website. These cookies access and collect information about your surfing behaviour, your interest in our products, technical information about the device you use to access our website (e.g. operating system, browser language and version, timestamp) and the broad geographic area you are in. Segmentify anonymises IP addresses before they are processed.

If you do not want to receive Segmentify cookies, you can deactivate it by clicking the following link: https://www.karaca.com/de/?_sgm_tracking=disabled 

Data Transfer and Recipients

Your personal data is not transferred to third parties except under the following conditions:

- If it is clearly stated in the description for the respective data processing,

- If you have given your express consent for this, pursuant to article 6, paragraph 1, subparagraph (a) of the GDPR,

- Pursuant to article 6, paragraph 1, subparagraph f of the GDPR, when disclosure is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,

- In case of a legal obligation pursuant to article 6, paragraph 1, subparagraph (c) of the GDPR, and

- When necessary for the processing of contractual relations with you pursuant to article 6, paragraph 1, subparagraph (b) of the GDPR.

For the purposes stated in this data protection declaration, we can transmit personal data within the group of companies and pass it on to the respective parent and subsidiary companies. Some of our companies are based outside the EU or the European Economic Area (EEC). Inquiries and complaints regarding your personal data can be addressed to Karaca Lisans Germany GmbH as the person responsible.
We also use external service providers for the processing of our services, for example web hosting and hotline services, sending e-mails, but also shipping or forwarding service providers, as well as maintenance and maintenance of our IT systems. carefully selected and assigned in writing. You are bound by our instructions and are regularly checked by us.

With whom we may have entered into order processing agreements pursuant to Article 28 of the GDPR.

Through adequacy decisions, the European Commission has certified that some third countries have a data protection standard that is comparable to the level of protection in the European Economic Area. You can see a list of these countries at

https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF recall, here, an identical level of protection must be confirmed with a specific case-by-case assessment. If there is no comparable data protection standard in a country, we make sure that data protection is adequately guaranteed by other measures. This is possible, for example, via binding company regulations, standard contractual clauses of the European Commission for the protection of personal data, certificates, or recognized codes of conduct. The processing of the data by the server of the parent company of Karaca Lisans Germany GmbH in Turkey, the Karaca Lisans ve Marka Yönetimi A.S., takes place on the basis of the Law on the Protection of Personal Data No. 6698 (LPPD), which came into force on April 7, 2016, which is based on the principles of the General Data Protection Regulation (GDPR) in essential points.

Likewise, the regulations of the Turkish Law on the Protection of Personal Data No. 6698 (LPPD) apply, in particular with regard to your personal data. Please contact our data protection officer named above if you would like more information on this.

Data Security

Pursuant to article 32 of the GDPR, we take appropriate technical and organizational measures in order to provide a level of protection well responding to the actual risks, taking into account the state of the art, the costs of implementation and the type, scope, conditions and purposes of the transaction, as well as the probability and severity of the risk to the rights and freedoms of natural persons. This website uses SSL encryption for security reasons and to protect the transfer of confidential content.

Period of Storage of Personal Data

The period of storage of personal data depends on the respective statutory retention periods (e.g. commercial law and tax law). At the end of the relevant period, the data are regularly deleted. The data will be deleted unless they are required to fulfil or initiate the contract or we have legitimate interest in further storage, or they are no longer necessary for these purposes or you do not exercise your right of cancellation and objection.

Your Rights

Below you can find information on the rights you have as the data owner for the processing of your personal data by the data controller under the data protection law:

The right to request information about your personal data processed by us pursuant to article 15 of the GDPR. In particular, you can request information on the purposes of processing, the category of personal data, the categories of recipients with whom your data will be shared, the planned storage period, the right to correction, deletion, restriction or objection, the right to complain, the origin of your data if your data is not collected by us, and the existence of automatic decision-making, including profiling.

The right to request the immediate correction of inaccurate or incomplete personal data stored by us pursuant to article 16 of the GDPR.

The right to request the deletion of your personal data stored by us pursuant to article 17 of the GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, the fulfilment of a legal obligation, reasons of public interest or for the establishment, exercise or defence of legal claims.

The right to request the restriction of the processing of your personal data under article 18 of the GDPR, if you raise an objection claiming that the data are not accurate, the processing is illegal, but you refuse to delete the data and we no longer need the data, but you need them to assert, exercise or defend legal claims, or if you object to their processing pursuant to article 21 of the GDPR.

The right to receive the personal data that you have provided to us in a structured, common and machine-readable format, or to request the transfer of them to another data controller, under article 20 of the GDPR.

The Right to lodge a complaint with a supervisory authority pursuant to article 77 of the GDPR. In general, you can contact the supervisory authority in the jurisdiction of our registered office listed above or, if applicable, the federal state of your place of residence or place of business.

The right to revoke consent given pursuant to article 7, paragraph 3 of the GDPR. You have the right to revoke your consent to the processing of data at any time, being effective for a future date. If the processing is not based on a legal cause for processing without consent, we will immediately delete the relevant data upon revocation. The revocation of consent does not affect the lawfulness of the processing performed on the basis of consent until the date of revocation.

Right of Objection

If your personal data is processed by us for legitimate interests pursuant to article 6, paragraph 1, subparagraph (f) of the GDPR, you have the right to object to the processing of your personal data under to article 21 of the GDPR, on grounds arising from your particular situation. If the objection is for the processing of personal data for direct advertising purposes, you have a general right of objection without specifying a specific reason.

 

If you want to exercise your right of cancellation or objection, you can send an e-mail to datenschutzauskunft@karaca.com.

Legal Obligations

The provision of personal data for the conclusion or performance of a contract, or the implementation of pre-contractual measures is optional. However, if you provide such personal data necessary for the conclusion or performance of the contract, or for pre-contractual measures, we can decide in line with contractual measures.

Automatic Decision Making

No automatic decision is made or profile is created in accordance with article 22 of the GDPR.


Right of Modification

We reserve the right to modify or update this data protection statement, if necessary, taking into account the applicable data protection laws ansd regulations. In this way, we can adapt the statement to current legal requirements and take into account any changes in our services, for example when introducing new services. The most current version is introduced to you at the time of your visit.

Effective date of this privacy and data protection statement : 22.02.2022