Ionera Technologies GmbH, Engesserstrasse 4b, 79108, Germany, HRB 710911 operates the website www.ionera.de. As the operator of this website, we take the protection of your personal data very seriously and treat these data confidentially and in accordance with current legal data protection rules.


This Privacy Policy clarifies the nature, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online services and the related websites, features and content, as well as external online presence, e.g. our social media profile (collectively referred to as the "online services"). With regard to the terminology used, e.g. "personal data" or their "processing", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR). Types of processed data are inventory-, contact-, content-, contract-, usage- and meta/communication data. Customers, interested persons, visitors and users of our online services are referred to as “users”.


The purpose of data processing in regard to online services is to provide the online services, its contents and functions, provision of contractual services, service and customer care and answering contact requests, communicating with users and to advertise the products and services of Ionera Technologies GmbH.


Rev. 16.05.2018


1. Relevant legal basis

In accordance with Article 13 GDPR, we inform you about the legal basis of our data processing. Unless the legal basis is not mentioned in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6 (1) lit. a and Article 7 GDPR, the legal basis for the processing to fulfil our services and contractual performance as well as the response to inquiries is Art. 6 (1) lit. b GDPR, the legal basis for processing in order to fulfil our legal obligations is Art. 6 (1) lit. c GDPR, and the legal basis for processing in order to safeguard our legitimate interests is Article 6 (1) lit. f GDPR. In case vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as legal basis.

2. Changes and updates to the privacy policy

We ask you to inform yourself regularly about the content of our privacy policy. We will adjust the privacy policy as soon as changes to our data processing require it. We will inform you if such changes require your participation (e.g. consent) or other individual notification.


3. Security measures

We take appropriate technical and organisational measures, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons and organizational measures, to ensure a level of protection appropriate to the risk. Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as digital access, input, disclosure, availability and separation. In addition, we have established procedures to ensure users’ to exercise their rights, data erasure and a reaction to data vulnerability. Furthermore, we consider the protection of personal data already in the development or selection of hardware, software and procedures, according to the principle of data protection by privacy-friendly default settings taken into account.


4. Cooperation with contract processors and third parties

4.1. If, in the context of our processing, we disclose, transmit or otherwise grant access to data to other persons and companies (contract processors or third parties), this will only be done on the basis of a legal permission (e.g. as required by payment service providers to fulfil the contract), on the basis of your consent, legal obligation or based on our vital interests (e.g. the use of agents, web-hosts, etc.).

4.2. If we commission third parties to process data on the basis of a so-called "contract processing contract", this is done on the basis of Art. 28 GDPR.


5. Transfers to third countries

Processing data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure or transmission of data to third parties, is only conducted to fulfil our (pre-) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our vital interests. Subject to legal or contractual permissions, we only process or have the data processed in a third country if the requirements of Article 44 et seq. GDPR are met. E.g. the processing is based on specific guarantees, such as a officially recognized level of data protection (e.g. for the US through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").


6. Right of information, correction and erasure

6.1. Users have the right to ask for confirmation as to whether the data in question is being processed and for information about this data as well as for further information and a copy of the data.

6.2. Users have the right to demand the completion of their data or the correction of incorrect data.

6.3. Users have the right to demand that their data are deleted immediately or, alternatively, demand a restriction of the processing of data.

6.4. Users have the right to receive the data, which they have provided to us and to demand the transmission of the data to another controller.

6.5. Users have the right to file a complaint with the competent supervisory authority.


7. Right of withdrawal

Users have the right to revoke any granted consent at any time with effect for the future.


8. Right of objection

You have the right to object to the future processing of your data at any time. The objection may in particular be made against processing for direct marketing purposes.


9. Cookies

We may use temporary and persistent cookies, i.e. small files stored on your devices. The cookies are provided for security purposes or are necessary for the operation of our online services (for example for the presentation of the website).


The storage of cookies can be disabled by adjusting the settings of your browser accordingly. If you do not accept cookies, you may not be able to use the full scope of the website’s functions.


10. Erasure of data

10.1. The data processed by us are erased or processing is restricted in accordance with Articles 17 and 18 GDPR. Unless explicitly stated in this privacy policy, the data stored by us are erased if no longer required for their purpose and the erasure does not conflict with any statutory storage requirements. Unless data are erased, because it is required for other legitimate purposes, processing will be restricted. I.e. the data are locked and are not processed for any other purpose. This applies e.g. for data which must be kept for commercial or tax reasons.

10.2. In particular according to §257 Abs. 1, HGB, we have the obligation to store e.g. trading books, inventories, opening balance sheets, annual accounts, trade letters, accounting documents, etc. for 6 years and in accordance with § 147 Abs. 1, AO, we have to store books, records, management reports, accounting documents, commercial and business letters, documents relevant to taxation, etc. for 10 years.


11. Performance of contractual obligations

11.1. We process inventory data (e.g. names and addresses as well as users contact information), contract data (e.g., services used, contact names, billing information) for the purpose of fulfilling our contractual obligations and services in accordance with Article 6 paragraph 1 lit b GDPR.

11.2. Data storage is based on our vital interests as well as the users’ for protection against misuse and other unauthorized use. These data is generally not transmitted to third parties unless necessary for prosecution of our claims or to fulfil legal obligations in accordance with Article 6 paragraph 1 lit c GDPR.

11.3. This data is erased after the legal warranty and comparable obligations have expired. In case of legal archiving obligations, the data is erased after expiration of the legal retention time i.e. 6 years for data concerning commercial law and 10 years for data concerning tax law Information. The necessity to store the data is checked every two years.


12. Contact requests

12.1. If users are contacting us via e-mail, the data provided by the user is processed in order to attend to the contact request and subsequent actions.

12.2. We delete these data, if they are no longer required. In case of legal archiving obligations, the data is erased after expiration of the legal retention time i.e. 6 years for data concerning commercial law and 10 years for data concerning tax law Information. The necessity to store the data is checked every two years.


13. Server log files

13.1. Based on our vital interests, Data is processed upon every access to the server on which this service is located (so-called server log files). The access data includes the name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page) and the requesting provider.

13.2. Logfile-Information is stored for security purposes (e.g. to investigate abusive or fraudulent activities) for a maximum of seven days and is then deleted. Data whose further retention is required for evidential purposes shall be exempted from the erasure until final clarification of the incident.


14. Online presence in social media

14.1. We may maintain online presence within social networks and platforms in order to communicate with users active there and to inform them about our services. When visiting these networks and platforms, the data processing guidelines of their operators apply.

14.2. Unless otherwise stated in our Privacy Policy, we process users' data as long as they communicate with us within social networks and platforms, e.g. write posts on our online presence or send us messages.


15. Contact regarding privacy policy

For further information concerning the protection of personal information, please contact us at the following address:


Ionera Technologies GmbH

Engesserstrasse 4b

79108 Freiburg

Germany


Email: PrivacyEmail