Privacy Policy

Responsible for the homepage's content is:
schnaq GmbH
Speditionstraße 15a
40221 Düsseldorf
Germany

Handelsregister: HRB 95753
Registergericht: Amtsgericht Düsseldorf
VAT ID: DE349912851

Represented by the management:
Dr. Alexander Schneider, Dr. Christian Meter and Michael Birkhoff

Legally binding is the German version of this page.

General information on data processing

As a matter of principle, we only process personal data insofar as this is necessary to provide a functional website and our content. Personal data is regularly processed only with the consent of the user.

Insofar as consent is required for processing operations of personal data, Art. 6 (1) lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis. If the processing is necessary to protect a legitimate interest on our part or on the part of a third party and your interests, fundamental rights and freedoms do not override the former interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.

Personal data will be deleted as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which we are subject. Data will also be deleted if a storage period prescribed by the aforementioned standards expires.

Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects connection data and information (browser type / version used, operating system, IP address, date and time of access, websites from which our website was accessed, websites accessed via our website) from the computer system of the accessing computer. This is quite normal behaviour of most browsers. The data is only kept in the server’s memory for the duration of the use of schnaq. This data is not stored together with other personal data of the user. The legal basis for the temporary storage of the data is Art. 6 para. 1 lit. f GDPR.

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address must remain stored for the duration of the session. The browser type and the version used are required in order to display the website optimally on different browsers. The data is used to optimise the website and to ensure the security of our information technology systems. These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.

The data is automatically deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. Every day, sometimes several times, the working memory with all connection data is deleted. Any storage beyond this does not take place.

The collection of data for the provision of the website is absolutely necessary for the operation of the website. Consequently, there is no possibility to object.

Cookies

We use so-called cookies on our homepage. Cookies are data packages that your browser stores in your terminal device at our instigation. A distinction is made between two types of cookies: temporary, so-called session cookies, and persistent cookies.

Session cookies are automatically deleted when you close the browser. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. The use of session cookies is necessary so that we can provide you with the website. The legal basis for the processing of your personal data using session cookies is Art. 6 para. 1 lit. f GDPR.

Persistent cookies are automatically deleted after a predefined period of time, which may differ depending on the cookie. These cookies remain on your end device for a predefined time and are usually used to recognize you when you visit our homepage again. The use of persistent cookies on our homepage is based on the legal basis of Art. 6 para. 1 lit. f GDPR.

You can set your internet browser so that our cookies cannot be stored on your end device or so that cookies that have already been stored are deleted. If you do not accept cookies, this may lead to restrictions in the function of the Internet pages.

Specifically, we have these types of cookies::

CSRF token (session cookie), which, e.g., secures the contact form against unobserved content submission. This is a random arrangement of characters, which is used only for sending the form. This cookie is deleted after you leave our website. This protection mechanism complies with common security standards and can be researched further on Wikipedia and similar sites.
Analytics Cookie (persistent cookie) is set if you agree to the extended analysis of your anonymized user behavior. All data is processed in a GDPR-compliant manner and without identifying you as a person. It helps us to identify and fix problems on schnaq Consulting more quickly.

Web analysis by Matomo (formerly PIWIK)

Description and scope of data processing

We use the open source software tool Matomo (formerly PIWIK) on our website to analyze the use of our internet presence. For example, we are interested in which pages are accessed how often and whether smartphones, tablets or computers with large screens are used. If individual pages of our website are accessed, the following data is stored:

Two bytes of the IP address of the calling system
The accessed web page
The website through which our website was accessed (referrer)
The subpages that are called from the called web page
The time spent on the website
The frequency of access to the website

Matomo is set so that the IP addresses are not stored in full, but two bytes of the IP address are masked (example: 192.168.xxx.xxx). In this way, an assignment of the shortened IP address to the calling computer is no longer possible.

Matomo is used exclusively for schnaq services and on our own schnaq servers. Personal data of the users is only stored there. Personal data is and will never get passed on to third parties.

Your anonymized data will be stored for 180 days and then automatically deleted from our servers.

Purpose of data processing

The processing of anonymized user data enables us to analyze the use of our website. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our services and their user-friendliness. By anonymizing the IP address, the interest of the user in the protection of his personal data is sufficiently taken into account.

The evaluation is exclusively anonymized, pseudonymized and aggregated so that no conclusion can be drawn about individual persons.

The use of Matomo on our homepage is based on the legal basis of Art. 6 para. 1 lit. f GDPR.

Form Submissions

On some pages, like the contact page, we use forms, that send the data you input to the schnaq administration team via email. The data in question consists of: Your name, email address, optional phone number and message. The resulting email is stored in the schnaq email inbox as long as it is needed to respond to your request. After that, the email is removed from the schnaq mail servers. We use the contents of your message, the email address, your name and the optional phone number to process your request and contact you with an answer.

Rights of the Data Subjects

If personal data is processed by you, you are a data subject in the sense of the GDPR and you are entitled to the rights described below. Please address your request, preferably by e-mail, to the above-mentioned data controller.

Information: You have the right to receive from us at any time free information and confirmation of the personal data stored about you and a copy of this information.

Correction: You have the right to rectification and/or completion if the personal data processed concerning you is inaccurate or incomplete.

Restriction of Processing: You have the right to request the restriction of processing if one of the following conditions is met:

You dispute the accuracy of the personal data for a period of time that allows us to verify the accuracy of the personal data.
The processing is unlawful, you object to the erasure of the personal data and request instead the restriction of the use of the personal data.
We no longer need the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims.
You have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether our legitimate grounds outweigh yours.

Deletion: You have the right to have the personal data concerning you erased without delay, provided that one of the following reasons applies and insofar as the processing is not necessary:

The personal data were collected or otherwise processed for such purposes for which they are no longer necessary.
You withdraw your consent on which the processing was based and there is no other legal basis for the processing.
You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR.
The personal data have been processed unlawfully.
The deletion of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject.
The personal data was collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

Data Portability: You have the right to receive the personal data concerning you that you have provided to the controller in a structured, common and machine-readable format. You also have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided. In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from us to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

Opposition: You have the right to object at any time to the processing of personal data concerning you that is carried out on the basis of Art. 6 (1) lit. f GDPR. We will no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.

Revocation of Consent: You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, if you consider that the processing of personal data concerning you infringes the GDPR. The data protection supervisory authority responsible for the operator of this site is:

The State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia, Kavalleriestr. 2-4, 40102 Düsseldorf, Tel.: +49211/38424-0, e-mail: poststelle@ldi.nrw.de