Data Privacy Statement
Thank you very much for your interest in our company and in our websites, which also includes our social media sites (LinkedIn, Instagram and X) and our deBlog (available at https://blog.denic.de/en/). The protection of your personal data and your privacy are very important to us. In this privacy statement, we would like to inform you about how we handle your personal data. The party responsible for data processing is
DENIC eG
Theodor-Stern-Kai 1
60596 Frankfurt am Main
GERMANY
Phone: +49 69 27 235 0
Fax: +49 69 27 235 238
E-Mail: info[at]denic[dot]de
You can contact our Data Protection Officer at privacy[at]denic[dot]de.
When you make use of one of DENIC eG's offerings, e.g. visit our website or use the tools we provide there, we will process your personal data. We process your data in strict confidence and only for the purpose we tell you when we collect the data. The processing of your data will always be in keeping with the standards of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other applicable data protection provisions.
1. Provision of the Websiten
Whenever you visit our Internet offerings or retrieve a file, a range of data referring to this action is temporarily stored and processed in a log file. The following data is processed:
- IP address
- Date and time of your access (time stamp)
- Details of the access request and destination address (protocol version, HTTP method, referrer, user-agent string)
- Name of the file that has been accessed and amount of data transmitted (requested URL incl. query string, size in bytes)
- Message whether the request was successful (HTTP status code)
- Website from which the request is made
- Browser type or app used
- Operating system and the interface it uses
- Language and version of browser software
When processing this data, we will not draw conclusions about your person. Neither a personal evaluation nor an evaluation of the data for marketing or profiling purposes will take place. The legal basis for data processing in this context is Article 6(1) (f) of the GDPR. The processing of this data is technically inevitable in order to make our website available and to guarantee stability and security of our systems. It is not possible to use our website without such processing of data, so you cannot object to this processing. Your data will be deleted after seven days.
2. Use of Cookies
We use cookies on our website. Cookies are stored on your computer and from there transmitted to our website. A cookie comprises a characteristic string of characters that allows your web browser to be uniquely identified when you return to our website. We differentiate between essential cookies (item 2.1) and cookies for usage analysis (item 2.2). You can configure the processing of cookies in your browser yourself. By changing the settings in your browser, you can deactivate or restrict the transmission of cookies. Cookies that have been stored may be deleted at any time. This can also be done in an automated way. If cookies are deactivated for our website, it may no longer be possible to use all functions to their full extent. You find more detailed information on the website of your respective browser provider:
2.1 Essential Cookies
Essential cookies are technically necessary for the proper functioning of our website. Some of these cookies ensure the technical stability of our website and enable functionalities that are relevant to security. Moreover, essential cookies are mandatory for certain functions. You cannot use our website without such data being processed. Essential cookies do not contain personal data, i.e. no IP addresses or other information is collected that would allow tracking. Below you find a list of the essential cookies we use:
Cookie | Purpose | Deletion |
---|---|---|
fe_typo_user | Identifies sessions (for TYPO3 frontend login) and enables use of the member login and the member section | End of Session |
JSESSIONID | Enables use of the RAI (Registrar Admin Interface) | End of Session |
The legal basis for personal data processing with essential cookies is Article 6(1) (f) of the GDPR. By using technically necessary cookies we want to make the use of our website easier for you. Some functions of our website will not work without cookies. For these functions, it is necessary that your browser will be recognised when you revisit our website after visiting other websites. The purposes pursued with the aforementioned constitute our legitimate interest. We do not use your user data collected through our technically necessary cookies to create a user profile.
2.2 Cookies for Usage Analysis
Usage analysis cookies enable us to analyse in which way you use our website. With the help of these cookies we can test the effectiveness of our website and identify errors. Moreover, the cookies provide information that help us to optimise our services and that is useful for web analyses. We use the cookies listed below for usage analysis:
Cookie | Supplier | Purpose | Deletion |
---|---|---|---|
_pk_ref | Matomo | To store the attribution information of the referrer that was originally used to visit the website | 6 months |
_pk_id | Matomo | Is used to store some details about the user, such as the unique visitor ID | 13 months |
_pk_ses | Matomo | Short-lived cookies used to temporarily store data for the visit. | 30 minutes |
_pk_cvar | Matomo | Short-lived cookies used to temporarily store data for the visit. | 30 minutes |
The legal basis for personal data processing with usage analysis cookies is your declaration of consent according to Article 6(1) (a) of the GDPR.
Matomo
Our website uses Matomo, a web analysing service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. With Matomo, we analyse the usage of our website and of individual functions and services, with the aim to optimise our website. Matomo uses cookies, which allow us to analyse your way of using our website (including your IP address).
We have activated the "Anonymise Visitor's IP addresses" function on our website. This means that your IP addresses are processed in a shortened form so that a reference to a person can be ruled out.
The legal basis for data processing in this context is Article 6(1) (a) of the GDPR.
Right to Object
You have the right to withdraw your consent at any time with effect for the future without giving reasons. If you do not agree with your data being transmitted to Matomo when you use our website in the future, you can opt for fully deactivating Matomo in your browser settings (see item 2 above). If you choose that option, it may no longer be possible to fully use all functions of our website.
For further information about the terms and conditions of use and data protection of Matomo please go to https://matomo.org/privacy-policy/.
You are not obliged to make available your personal data. There are neither legal nor contractual terms that require the provision of your personal data nor is that data necessary to enter into a contract. However, if you do not provide that data it might not be possible for you to use our website at all or to its full extent.
3. Contacting Us
There are various possibilities to get into contact with us.
3.1. Scope of Data Processing
You can contact us via the contact details (e-mail, post, phone) provided on our website. If you do so, we will process your personal data transmitted to us (e.g. e-mail address, postal address, phone number, information revealed in the text of the communication).
3.2. Legal Basis
If you contact us in the context of an existing contract or prior to entering into a contract, the legal basis is Article 6(1) (b) of the GDPR. In all other cases, the legal basis for processing your data is Article 6(1) (f) of the GDPR. It is our legitimate interest to process your contact inquiry.
3.3. Purpose of Data Processing and Categories of Recipients
The purpose of the data processing is the handling of your contact request. Your data is processed exclusively for this purpose. If you contact the contact points indicated for the DENICdirect customer service, your data will be transferred to and processed by DENIC Services GmbH & Co. KG, Heinrich-Hertz-Straße 5, 64295 Darmstadt, Germany.
3.4. Duration of Storage of Your Personal Data
After your contact request has been processed completely, we will restrict your data for further processing. Your data will be deleted once the statutory retention periods under fiscal and commercial law have expired. Pursuant to Section 147 of the German Fiscal Code, the retention period is ten full years for accounting records and, pursuant to Section 257 of the German Commercial Code, six full years for business documents. You are not obliged to make available your personal data. There are neither legal nor contractual terms that require the provision of your personal data, nor is that data necessary to enter into a contract. However, if you do not provide that data we will not be able to enter into contact with you.
4. DENIC Domain Query (Whois Service)
Domain holders and third parties who can proof to have a legitimate interest, can use the DENIC domain query at https://webwhois.denic.de/?lang=en to obtain specific holder information of a domain.
The domain holder can query their domain data by entering their postal code or their e-mail address in a form. If the entered data match the data in the DENIC database, the domain holder will be sent a link to the e-mail address registered with DENIC. With this link, the domain holder can access the data for a limited period.
Third parties who wish to obtain information about a domain must submit a corresponding request. This option is only available under specific conditions. For more detailed information, please go to https://www.denic.de/en/service/whois-service/third-party-requests-for-holder-data/.
4.1. Scope of Data Processing
We will process the personal data that has been transmitted in relation with the whois service. In the respective form, you can see which data will be processed. In the forms, only those fields are marked as mandatory that are absolutely necessary to process your domain query.
4.2. Legal Basis
If domain holders themselves make the DENIC domain query, the legal basis for processing the data is Article 6(1) (b) of the GDPR in conjunction with our Domain Guidelines and/or our Domain Terms and Conditions. If a third party makes the domain query, the legal basis for the processing of your data is Article 6(1) (f) of the GDPR. A third party has a legitimate right (interest) to initiate the domain query and to possibly obtain data, provided the specified conditions are met.
4.3. Purpose of Data Processing and Categories of Recipients
Use of the data is strictly limited to the context of the whois service. If domain holders submit the domain query themselves, the data is not passed on to any third party.
If, however, a third party makes the domain query, this party will receive the information on the domain holder only if it can prove to have a legitimate interest in them. DENIC will always consider each case individually in this context.
4.4. Duration of Storage of Your Personal Data
Your personal data is deleted upon expiry of the first full calendar year following the submission of the application.
5. DENIC Mailing Lists
On our website at https://list.denic.de/, we make available several mailing lists to which a user can subscribe free of charge. For further information, please go to https://www.denic.de/en/service/mailing-lists/.
5.1. Scope of Data Processing If you subscribe to a mailing list, we will process the following personal data:
- Name
- E-mail address
- IP address of the computer from which the subscription application is submitted
- Date and time of dispatch
During the registration procedure, you will be asked to consent to the processing of your data. We verify your subscription through a so-called double opt-in procedure. Thus, we make sure that the e-mail address indicated in connection with the subscription of the mailing list is actually your address. After entering the required data in the registration form, you will receive an automated e-mail with a link for activation. Once you have confirmed the link, you will be subscribed to the respective mailing list.
5.2. Legal Basis
The legal basis for the processing of your personal data is Article 6(1) (a) of the GDPR.
Right to Object
You have the right to withdraw your consent at any time with effect for the future without giving reasons, for instance by clicking the unsubscribe link that is displayed in every mail you receive from the list.
5.3. Purpose of Data Processing and Categories of Recipients
The purpose of the data processing is the implementation of your subscription to the mailing list(s). Depending on the mailing list you have subscribed to, the list is used for general discussions about .de domains, ENUM domains, and DENIC matters. Additionally, you get up-to-date information related to DENIC (such as press releases, announcements, maintenance or disturbance notifications) or to technical news (such as topical information from all over the world about domains, the Internet, Internet governance, ICANN, etc.). Your data is processed exclusively for this purpose. Your data is not passed on to any third party in this context.
5.4. Duration of Storage of Your Personal Data
We store your personal data as long as your subscription to a DENIC mailing list is active. You are not obliged to make available your personal data. There are neither legal nor contractual terms that require the provision of your personal data, nor is that data necessary to enter into a contract. However, if you do not provide that data you will not be able to subscribe to our mailing list(s).
6. DENIC Dispute Online Assistant
At https://www.denic.de/service/tools/dispute-online-assistent/, we make available a Dispute Online Assistant, which can be used as a template for submitting a request for a DISPUTE entry for a .de domain. For further information, please go to https://www.denic.de/en/service/dispute/.
6.1. Scope of Data Processing
We will process your personal data transmitted to us in connection with our Dispute online assistant. In the corresponding form, you can see which data is processed. In the form, only those fields are marked as mandatory that are absolutely necessary to apply for a DISPUTE entry.
6.2. Legal Basis
The legal basis for processing your data is Article 6(1) (b) of the GDPR in conjunction with our Domain Guidelines and/or our Domain Terms and Conditions. The processing of your personal data is necessary for making the DISPUTE entry.
6.3. Purpose of Data Processing and Categories of Recipients
Your data is processed exclusively for generating the DISPUTE entry form. Your data is not passed on to any third party in this context.
6.4. Duration of Storage of Your Personal Data
The personal data from the input mask is deleted as soon as we have generated your DISPUTE entry form.
7. DENIC Member Website
At https://member.secure.denic.de/en/, we offer our members access to a password-protected member section. To get access, you must register using the data of your member account or your DENIC ID.
7.1. Scope of Data Processing
We will store your personal data transmitted to us in this context. In the corresponding form, you can see which data is processed. In the form, only those fields are marked as mandatory that are absolutely necessary to make use of the DENIC member website.
7.2. Legal Basis
The legal basis for processing your data is Article 6(1) (b) of the GDPR in conjunction with our Domain Guidelines and/or our Domain Terms and Conditions.
7.3. Purpose of Data Processing and Categories of Recipients
We use the data for administering your membership. To the extent permitted by law, we will pass on your data, if required, to our partner companies that support us in the due performance of the contract. These companies, too, are obliged to comply with all applicable data protection regulations; in particular, they are only allowed to process the data for the fulfilment of their tasks on our behalf and only in accordance with our instructions.
7.4. Duration of Storage of Your Personal Data
Upon termination of your membership with DENIC, we will restrict your data for further processing. Your data will be deleted once the statutory retention periods under fiscal and commercial law have expired. Pursuant to Section 147 of the German Fiscal Code, the retention period is ten full years for accounting records and, pursuant to Section 257 of the German Commercial Code, six full years for business documents.
8. DENIC TRANSIT Service Center
With TRANSIT, DENIC has a procedure in place that enables the domain holder to take quick and easy action to return their domain to regular domain administration by a provider or to simply delete the domain if they do not want to use it anymore. You can submit a deletion request or generate your individual provider transfer password (AuthInfo) and change the e-mail address(es) stored for the domain(s) directly at https://transit.secure.denic.de/en/. To log in to this page of the protected internal section of our website, you need your personal TRANSIT password that is indicated in the TRANSIT letter you have received. For more detailed information, please go to https://www.denic.de/en/service/transit/.
8.1. Scope of Data Processing
We will store the personal data that has been transmitted to us in this context. In the corresponding form, you can see which data will be processed. In the form, only those fields are marked as mandatory that are absolutely necessary to make use of the respective service.
8.2. Legal Basis
The legal basis for processing your data is Article 6(1) (b) of the GDPR in conjunction with our Domain Guidelines and/or our Domain Terms and Conditions.
8.3. Purpose of Data Processing and Categories of Recipients
We will use your personal data to process the service requested by you. The data is not passed on to third parties.
8.4. Duration of Storage of Your Personal Data
Your personal data will be deleted once the statutory retention periods under fiscal and commercial law have expired. Pursuant to Section 147 of the German Fiscal Code, the retention period is ten full years for accounting records and, pursuant to Section 257 of the German Commercial Code, six full years for business documents. You are not obliged to make available your personal data. There are neither legal nor contractual terms that require the provision of your personal data, nor is that data necessary to enter into a contract. However, if you do not provide that data we will not be able set up a user account for you.
9. Newsletter
On our website you have the possibility to subscribe to our free newsletter.
9.1 Scope of Data Processing
When you subscribe to our newsletter, the following personal data is processed by us:
- First name, last name
- E-mail address
- IP address of the computer from which the subscription application is submitted
- Date and time of dispatch
During the registration procedure, you will be asked to consent to the processing of your data. We verify your subscription through a so-called double opt-in procedure. With this measure, we make sure that the e-mail address submitted when subscribing to the newsletter is actually your address. After you have entered the required data (your name, your e-mail address) in the respective input masks, you will receive an automated e-mail with an activation link. By clicking this link in the e-mail, you complete the subscription to our newsletter.
We use rapidmail for sending out our newsletter. The provider is rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg im Breisgau, Germany. rapidmail is used, among other things, for organising and analysing the dispatch of newsletters. The data you enter for the purpose of receiving the newsletter is stored on the German servers of rapidmail. If you do not wish rapidmail to carry out any analysis, you must unsubscribe from the newsletter. Every newsletter message from us contains an unsubscribe link for this purpose. The e-mails sent with rapidmail include a so-called tracking pixel for analysing, which connects to the servers of rapidmail when the e-mail is opened. In this way, it can be determined whether a newsletter message was opened or whether links from the message were clicked.
9.2 Legal Basis
The legal basis for the processing of your personal data is your declaration of consent according to Art. 6 (1) a of the GDPR.
Right to Object
You have the right to withdraw your consent at any time with effect for the future without giving reasons, for instance by clicking the unsubscribe link that is displayed in every newsletter mail you receive.
9.3 Purpose of Data Processing
We will pass on your data to our service provider rapidmail to the extent permitted by law. Our service provider, too, is obliged to comply with all applicable data protection regulations. In particular, the service provider may only process your data to fulfil its tasks on our behalf and only in accordance with our instructions. For more detailed information, please go to https://www.rapidmail.de/datenschutz.
9.4 Duration of Storage of Your Personal Data
We store your personal data as long as your subscription to our newsletter is active.
You are not obliged to make available your personal data. There are neither legal nor contractual terms that require the provision of your personal data nor is that data necessary to enter into a contract. However, if you do not provide that requested data you will not be able to subscribe to our newsletter.
10. Job Application
On our website, we inform you about vacancies at DENIC. You can apply for a vacant position by using one of the contact channels indicated (see item 3 – Contacting Us).
10.1. Scope of Data Processing
In order to participate in the application process, it is necessary for us to process personal data of you that originates from the documents you make available to us, such as letter of application, curriculum vitae, application photo, certificates or other professional qualifications. This data may include personal master data, such as first name, last name, address, date of birth, or contact data (e.g. telephone number or e-mail address) as well as data relating to your educational and/or professional background such as school certificates and job references, data on training, internships or previous employers. For the processing of applications, we limit ourselves to the information you provide directly. This may also include information that you have stored in professional online networks or job exchanges.
10.2. Legal Basis
The legal basis for the processing of personal data is Article 6(1) (b) of the GDPR and Article 88 (1) of the GDPR in conjunction with Section 26 of the German Federal Data Protection Act (BDSG).
10.3. Purpose of Data Processing and Categories of Recipients
We process the personal data you have provided with an application exclusively for the purpose of applicant selection. Your data is not passed on to any third party in this context.
10.4. Duration of Storage of Your Personal Data
If your application leads to an employment relationship with DENIC, your personal data will be transferred to your personnel file. If your application is not accepted, your data will be deleted by us six months after the non-acceptance, unless you have consented in including your personal data in our applicant pool. The legal basis for the data processing in this context is Article 6(1) (a) of the GDPR. You can revoke the consent you have given us at any time.
Right to Object
You have the right to withdraw your consent at any time with effect for the future without giving reasons, for instance by sending an e-mail to privacy[at]denic[dot]de. If you withdraw your consent, your data will be deleted immediately from our pool of applicants.
The provision of your personal data is mandatory for submitting an application. If you do not provide that data, we will not be able to process your application.
11. Online Presence in Social Media
We maintain an online presence on social networks and platforms. We regularly publish and share content on our social media sites.
11.1 Scope of Data Processing
Every time you interact on our fan pages, the operators of the respective social network automatically collect and store your personal data for market research and advertising purposes. It cannot be ruled out that the collected data will also be processed outside the European Union. This may, among other things, make it more difficult to enforce your rights as a data subject. When you visit fan pages, the social network operators record your usage behaviour through cookies and similar technologies. The operators can view general statistics about your interests and demographic characteristics (e.g. age, gender, region) with each of your interactions. The operators use pseudonyms to create user profiles from the data collected. These can be used, for example, to place advertisements inside and outside of social networks that presumably correspond to your interests.
We operate fan pages on the following social media platforms:
- Registered office: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland
- Data privacy statement: https://help.instagram.com/519522125107875?helpref=page_content
- Opt-out: Instagram does not offer its own opt-out function, but refers to the functions of individual advertising partner agencies (e.g. Network Advertising Initiative (http://www.networkadvertising.org/managing/opt_out.asp), Digital Advertising Alliance (http://www.aboutads.info/) or European Digital Advertising Alliance (http://youronlinechoices.eu/http://instagram.com/about/legal/privacy/)
- Basis for data transfer: Basis for data transfer: Standard contractual clauses (
- https://help.instagram.com/272603474673152/?helpref=related_articles) and certification of Meta Platforms Inc. 1601 Willow Rd, Menlo Park, CA 94025
- Registered office: LinkedIn Irland Unlimited Company, Wilton Plaza Wilton Place, Dublin 2, Ireland
- Data privacy statement: https://www.linkedin.com/legal/privacy-policy
- Opt-out: LinkedIn Privacy Policy, Manage Advertising Preferences | LinkedIn Help
- Order processing agreement: LinkedIn Data Processing Agreement
- Basis for data transfer: Standard contractual clauses (https://legal.linkedin.com/dpa) and certification of LinkedIn Corporation 1000 W Maude Avu, Sunnyvale, CA 94085 within the EU-U.S. Data Privacy Framework
X (previously Twitter)
- Registered office: X Corp. Attn: Privacy Policy Inquiry, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
- Data privacy statement: Data privacy principles of X
- Opt-out: Personalisation and data / X
- Basis for data transfer: Certification of X Corp. within the EU-U.S. Data Privacy Framework
We are responsible for the processing your data if you communicate with us directly via our fan pages or share personal content with us.
We generally collect all messages, content and other information that you share with us when you visit our social media sites, for example when you post something on one of our social media sites or send us private messages. If you have an account with the respective social network, we can also see your public information, such as your user name, information in your public profile and content that you share with a public target group. The nature, extent and purposes of the processing of your personal data in social networks are primarily determined by the social network operators.
11.2 Usage Analysis (page insights on Instagram)
The social network operators provide us with so-called "insights" as part of our social media profiles. We use Instagram insights to learn more about our account subscribers or their performance.
Each time you interact with our social media profile, Meta Platforms Ireland Limited (hereafter referred to as Instagram) tracks your usage behaviour by means of cookies and similar technologies. These are anonymised statistics that can help us understand how you interact with our posts or other content. It is not possible for us to identify you personally. We do not have access to the personal data used by Instagram to create insights ("page insights data"). The selection and processing of Page Insights data is carried out exclusively by the social network operator.
Insights provide us with information on how our target audience interacts with specific posts, stories, videos, reels, and live videos. Insights and metrics for our account may also include paid activity. The following Insights are available to us on Instagram:
- Current highlights
- Overview of accounts reached or accounts that have interacted;
- Total number of friends/subscribers;
- Content we shared;
- Interactions with our account;
- Discoveries;
- Display information.
This helps us to optimise our activities on the sites, for example by enabling us to better address the interests and usage habits of our audience when planning and selecting our content.
As part of the Insights function, Instagram may provide us for instance with the following data categories in anonymised (statistical) form for the purpose of measuring performance and optimising our presence:
- Date and time of the action;
- Country/city of the user,
- Language code (http status code);
- Age/Gender Group;
- Previously visited website;
- End device of the user;
- User ID (if logged in).
We and Instagram are jointly responsible for the processing of your data in connection with Insights. In this context, the social network operator provides the associated IT infrastructure as well as the website of the social network and is the primary point of contact when it comes to the processing of your data on the social network pages (e.g. information or deletion). With regard to data processing on social networks, we therefore recommend that you contact the respective social network directly with information requests or other questions regarding user rights, such as a request for deletion, since only the operators of the social networks have full access to your user data. However, you can also assert your legal rights against us. In this case, we will forward your requests to the operator of the social network if necessary. For this purpose, we have defined in an agreement which company fulfils which data protection obligations with regard to the processing of Page Insights data in accordance with the GDPR.
You can view the agreement with Instagram here: https://www.facebook.com/legal/terms/page_controller_addendum.
A summary of the key contents of this agreement can be found here:
https://www.facebook.com/legal/terms/information_about_page_insights_data.
For more information about the data processing by the respective operator, as well as your rights and the settings options for protecting your privacy, please refer to the data protection information of the respective operator.
11.3 Legal Basis of Data Processing
If you are asked by the respective social network operator for consent to data processing, the legal basis for data processing is Art. 6(1) (a) of the GDPR. Otherwise, the legal basis is Article 6(1) (f) of the GDPR. We have an overriding legitimate interest in an optimised presentation of our offers and effective communication with our customers and prospects.
Right to Object
You have the right to withdraw your consent at any time with effect for the future without giving reasons. If you do not agree with the future transmission of your data in the context of the use of our social media presences, you can opt out of data processing. We have compiled the links you need to make use of your rights under item 11.1.
If you choose to opt out, it may no longer be possible to fully use all functions of our website.
11.4 Purpose of Data Processing
The purpose of our online presence is to enable effective communication with our customers and prospective customers and to optimise the presentation of our offers.
You are not obliged to make available your personal data. There are neither legal nor contractual terms that require the provision of your personal data nor is that data necessary to enter into a contract. However, if you do not provide your personal data, you may not be able to use our websites or may not be able to use them to their full extent.
12. Rights of the Data Subject
If we process your personal data, you are a data subject within the meaning of Article 4(1) of the GDPR, which gives you the following rights vis-à-vis DENIC:
- Right of Access (Art. 15 GDPR)
- Right to Rectification (Art. 16 GDPR)
- Right to Erasure (Art. 17 GDPR)
- Right to Restriction of Processing (Art. 18 GDPR)
- Notification Obligation (Art. 19 GDPR)
- Right to Data Portability (Art. 20 GDPR)
- Right to Object (Art. 21 GDPR)
- Right to revoke your declaration of consent under data protection law (Art. 7(3) GDPR).
You have the right to withdraw your consent vis-à-vis DENIC at any time, for instance by e-mail to privacy[at]denic[dot]de. The withdrawal of consent shall not affect the lawfulness of data processing based on your consent before its withdrawal.
Right to Object (Art. 21 GDPR)
Pursuant to Article 21 of the GDPR, you are entitled to object, for reasons relating to your particular situation, at any time to the processing of your personal data which is based on Article 6(1) (e) or (f) of the GDPR, including profiling based on these provisions. In this case, DENIC will no longer process your personal data, unless DENIC demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing is necessary to assert, exercise or defend any legal claims.
If you want to exercise one of these rights, please contact our Data Protection Officer at privacy[at]denic[dot]de.
We would like to point out that in certain cases we may ask you to provide additional information in order to verify your identity. This enables us to ensure that information is not disclosed to unauthorised persons, e.g. when you exercise your right of access.
Pursuant to Article 77 GDPR, you also have the right to complain to a data protection supervisory authority if you believe that we are not processing your personal data in a lawful way. The competent authority for DENIC is the data protection supervisory authority of Hesse. The contact details are: Hessischer Beauftragter für Datenschutz und Informationsfreiheit, Postfach 3163, 65021 Wiesbaden, Germany, e-mail: poststelle@datenschutz.hessen.de.
Automated decision making does not take place on our website.
13. Security
DENIC has technical and organisational safety measures in place to protect your personal data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. We continuously improve our security measures in line with technological evolution.
14. Responsibility for External Content
Our website contains links that lead to Internet pages of external providers. We have no influence on such providers and cannot ensure that they comply with the applicable data protection regulations. If you believe that linked external sites violate applicable law or have other inappropriate content, please let us know. We will check on it and remove the external link, if appropriate. We cannot be held responsible for the content and availability of linked external web pages.
15. Validity of the Data Privacy Statement
Further development of our website or the implementation of new technologies may render amendments to this data privacy statement necessary. We reserve the right to change this privacy statement at any time with effect for the future. The relevant version of this statement is always the version that is available at the time you visit our website.
Last updated: September 2024