Thank you for your interest in our website. Data protection is a particularly high priority for the operators of this site. The website can be used without providing any personal data. However, if a data subject wishes to make use of special services via our website, it may be necessary to process personal data. If it is necessary to process personal data and there is no legal basis for this, we shall as a rule obtain consent from the data subject.
As the controller, Berlin Partner für Wirtschaft und Technologie GmbH has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, internet-based data transmissions can still be subject to vulnerabilities, meaning that absolute protection cannot be guaranteed. For this reason, each data subject is free to provide us with personal data via alternative means, for example by telephone.
a) Personal data
Personal data include all information which relates to an identified or identifiable natural person (hereinafter referred to as “data subject”). Identifiable refers to a person who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
The data subject is any identified or identifiable natural person whose personal data are processed by the controller.
Processing includes any process carried out with or without the help of automated processes or any such series of processes in connection with personal data such as collection, recording, organisation, filing, saving, adaptation or amendment, reading, querying, use, publication by forwarding, distribution or any other form of provision, comparison or encoding, abbreviation, deletion or destruction.
d) Restriction of processing
Restriction of processing is the identification of stored personal data in order to limit their future processing.
Profiling is any kind of automated processing of personal data which involves the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or relocation of that natural person.
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.
(g) Data controller or party responsible for data processing
The data controller or party responsible for data processing is the natural or legal person, public authority, institution or other body which, alone or in conjunction with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by European Union law or the law of the Member States, the controller or the specific criteria for its designation may be provided for under European Union or national law.
A processor is a natural or legal person, authority, institution or other body who processes personal data on behalf of the data controller.
The recipient is a natural or legal person, public authority, institution or other body to whom personal data are disclosed, whether or not they are third parties. However, authorities which may receive personal data in the context of a specific task under European Union law or Member State law, shall not be considered recipients.
j) Third party
A third party is a natural or legal person, public authority, institution or other body other than the data subject, the data controller, the processor and those authorised under the direct responsibility of the controller who processes personal data.
Consent is any declaration or other unambiguous and informed expression of intent given voluntarily by the data subject, in the form of a declaration or other unambiguous affirmative action, in which the data subject indicates that he/she agrees to the processing of his/her personal data.
2. Name and address of the controller
The controller within the meaning of the General Data Protection Regulation, other data protection laws in force in the Member States of the European Union, and other provisions of a data protection nature, is:
Berlin Partner für Wirtschaft und Technologie GmbH
Telephone: +49 30 46302-500
3. Name and address of the data protection officer
The data protection officer of the controller is:
Berlin Partner für Wirtschaft und Technologie GmbH
Telephone: +49 30 4630408
Should data subjects have any questions and suggestions regarding data protection, they can contact our data protection officer directly at any time.
By using cookies, Berlin Partner für Wirtschaft und Technologie GmbH can provide users of this website with more user-friendly services that would not be possible without the cookie setting.
The data subject can prevent cookies being set by our website at any time by using an appropriate setting of the browser being used, thereby permanently objecting to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time using an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the placing of cookies on the internet browser used, it may be that not all functions of our website are fully usable.
5. Collection of general data and information
The website of Berlin Partner für Wirtschaft und Technologie GmbH collects a series of general data and information each time the website is accessed by a data subject or an automated system. These general data and information are stored in the log files of the server. Data captured can include (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the internet page from which an accessing system reaches our internet page (referrer), (4) the sub-websites which are accessed via an accessing system on our website, (5) the date and time the website is accessed, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information which serves to protect against attacks on our information technology systems.
When using this general data and information, Berlin Partner für Wirtschaft und Technologie GmbH does not draw any conclusions about the data subject. This information is instead required in order to (1) deliver the content of our website correctly, (2) to optimise the content of our website and its advertising, (3) to ensure the long term functionality of our information technology systems and the technology of our website, and (4) to provide law enforcement agencies with the information that is necessary for prosecution in the event of a cyber attack. These anonymously collected data and information are therefore statistically evaluated by Berlin Partner für Wirtschaft und Technologie GmbH on the one hand and with the aim of increasing data protection and data security in our company in order to ensure ultimately an optimum level of protection for the personal data processed by us. The anonymous data in the server log files are stored separately from all personal data provided by a data subject.
6. Registration on our website
By providing personal data, the data subject has the possibility to register on the website of the controller (entity responsible for data processing). The type of personal data transferred to the controller is determined by the input mask used for registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for the data to be passed on to one or more processors, such as a courier service provider, who shall also use the personal data exclusively for internal purposes attributable to the controller.
The IP address, date and time of registration given by the Internet service provider (ISP) of the data subject shall also be saved by registration on the website of the controller. The storage of these data is based on the fact that this is the only way to prevent misuse of our services and these data also enable us to investigate crimes and copyright infringements if necessary. In this respect, the storage of such data is necessary in order to safeguard the controller. These data shall not be passed on to third parties unless there is a legal obligation to do so, or the passing on serves the requirements of criminal or legal proceedings.
The registration of the data subject, with the voluntary provision of personal data, is intended by the controller to offer the data subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to modify the personal data given upon registration at any time, or to delete them completely from the database of the controller.
The controller shall, at any time and upon request, inform each data subject about the personal data held regarding that person at any time. In addition, the data processor shall correct or delete personal data at the request or notice of the person concerned, insofar as this is not incompatible with statutory storage obligations. The entire staff involved in the data processing of the controller shall be available to the data subject as the contact persons in this respect.
7. Routine erasure and blocking of personal data
The data controller shall process and store personal data relating to the data subject only for the period of time necessary to achieve the purposes for which the data are stored, or to the extent provided for by the European guideline and regulatory body or any other legislator of laws or regulations to which the data controller is subject.
If the purpose of data storage no longer applies or a retention period prescribed by the European legislative authority by means of European directives, or another legislator, expires, the personal data shall be typically blocked or erased in accordance with statutory provisions.
8. Your rights as a data subject
a) Right of confirmation
Every data subject has the right, as granted by the European directive and legislator, to request confirmation from the data controller as to whether personal data relating to him/her are being processed. If the data subject wishes to exercise this right of confirmation, he/she may contact an employee of the data controller at any time.
b) Right to information
Any data subject has the right, as granted by the European directive and legislator, to receive from the data controller at any time information and a copy of his or her personal data that are being stored or processed. In addition, the European directive and legislator grants the data subject access to the following information:
- the purposes for which the data are being processed;
- the categories of personal data that are being processed;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- if possible, the planned duration for which the personal data shall be stored, or, if this is not possible, the criteria for determining this duration;
- the existence of the right to have personal data corrected or erased, or to restrict how much they can be processed by the data controller, or the right to object to the processing of your personal data;
- the right to lodge a complaint with a supervisory authority;
- if the personal data are not collected from the data subject; all available information on the origin of the data;
- the existence of automated decision making including profiling pursuant to Article 22 paras. 1 and 4 of the GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended effect of such processing with respect to the data subject.
The data subject also has the right to know whether personal data has been transferred to a third country or to an international organisation. In such a case, the data subject is also entitled to obtain information on the relevant guarantees in connection with the transmission.
If the data subject wishes to exercise this right to information, he/she may at any time contact an employee of the data controller.
c) Right to correction
Any data subject has the right, as granted by the European directive and legislator, to demand the immediate correction of any inaccurate personal data that relate to him or her. Furthermore and taking into account the purposes of processing, the data subject has the right to request that incomplete personal data be completed, with the inclusion of a supplementary declaration.
If the data subject wishes to exercise this right of correction, he/she may contact an employee of the data controller at any time.
d) Right to deletion (right to be forgotten)
Any data subject has the right, as granted by the European directive and legislator, to demand that the data concerning him or her be deleted immediately, provided that one of the following reasons applies and insofar as the data processing is not necessary:
- The personal data are no longer necessary for the purposes for which they were collected or were handled in some other form which is no longer necessary.
- The data subject revokes his/her consent to the processing of personal data pursuant to Article 6 para. 1 lit. a of the GDPR or Article 9 para. 2 lit. a of the GDPR and there is no other legal basis for processing.
- The data subject lodges an objection against the processing of data pursuant to Article 21 para. 1 GDPR and there are no overriding legitimate reasons for processing, or the data subject lodges an objection against the processing of data pursuant to Article 21 para. 2 of the GDPR.
- If the personal data were processed illegally.
- if the deletion of personal data is necessary to fulfil a legal obligation under European Union law or the law of the Member States by which the data controller is governed.
- The personal data were collected in relation to information society services offered pursuant to Article 8 para. 1 of the GDPR.
If one of the above reasons applies and a data subject wishes to have personal data stored at Berlin Partner für Wirtschaft und Technologie GmbH deleted, they can contact an employee of the data controller responsible for processing at any time. The employee of Berlin Partner für Wirtschaft und Technologie GmbH will arrange for the deletion request to be complied with immediately.
If the personal data have been made public by Berlin Partner für Wirtschaft und Technologie GmbH and our company, as the data controller, is obliged to delete the personal data in accordance with Article 17 para. 1 GDPR, Berlin Partner für Wirtschaft und Technologie GmbH takes appropriate measures, including technical measures, taking into account the available technology and the implementation costs, in order to inform other data processors who process the published personal data that the data subject has requested the deletion of all links to these personal data or of copies or replications of these personal data from these other data controllers responsible for data processing, insofar as the processing is not necessary. The employee of Berlin Partner für Wirtschaft und Technologie GmbH will make the necessary arrangements in individual cases.
e) Right to restriction of processing
Any data subject has the right, as granted by the European directive and legislator, to demand that the data controller restrict the processing of such data if one of the following conditions is met:
- The data subject disputes the correctness of the personal data and the data controller is granted sufficient time to verify whether the data are correct or not.
- The processing of data is unlawful, the data subject declines the erasure of personal data and instead demands that the use of personal data be restricted.
- The data controller no longer needs the personal data for the purposes of processing, but the data subject needs the data to assert, exercise or defend legal claims.
- The data subject has lodged an objection to the processing of the data pursuant to Article 21 para. 1 of the GDPR and it is not yet clear whether the legitimate grounds asserted by the data controller outweigh those of the data subject.
If one of the above conditions is met and a data subject would like to request the restriction of personal data stored at Berlin Partner für Wirtschaft und Technologie GmbH, they can contact an employee of the data controller responsible for processing at any time. The employee of Berlin Partner für Wirtschaft und Technologie GmbH will arrange for the processing to be restricted.
f) Right to data portability
Any data subject has the right, as granted by the European directive and legislator, to receive any of the personal data he/she has provided to the data controller in a structured, established and machine readable format. In addition, the data subject has the right to transmit these data to another data controller without hindrance by the current data controller to whom the personal data have been made available, provided that the processing does not conflict with the consent given pursuant to Article 6 para. 1 lit. a of the GDPR or Article 9 para. 2 lit. a GDPR, or for a contract pursuant to Article 6 para. 1 lit. b GDPR and the processing is performed with the aid of automated procedures, provided that the processing is not necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the data controller.
Furthermore, when exercising their right to data portability in accordance with Article 20 para. 1 of the GDPR; the data subject has the right to demand that the personal data be transmitted directly by a data controller to another data controller, insofar as this is technically feasible and insofar as this does not affect the rights and freedoms of other persons.
To assert the right to data portability, the data subject can contact an employee of Berlin Partner für Wirtschaft und Technologie GmbH at any time.
g) Right to object
Any data subject has the right, as granted by the European directive and legislator, for reasons arising from his or her particular situation, to object at any time to the processing of personal data relating to him or her, as provided for in Article 6 para. 1 lit. e or f of the GDPR. This also applies to profiling based on these clauses.
Berlin Partner für Wirtschaft und Technologie GmbH will no longer process the personal data in the event of an objection, unless we can prove compelling legitimate reasons for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves the assertion, exercise or defence of legal claims.
If Berlin Partner für Wirtschaft und Technologie GmbH processes personal data in order to operate direct mail, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling insofar as it is associated with such direct advertising. If the data subject objects to Berlin Partner für Wirtschaft und Technologie GmbH processing them for direct marketing purposes, Berlin Partner für Wirtschaft und Technologie GmbH will no longer process the personal data for these purposes.
In addition, the data subject has the right, for reasons that arise from their particular situation, to object to the processing of personal data concerning them that is carried out by Berlin Partner für Wirtschaft und Technologie GmbH for scientific or historical research purposes or for statistical purposes in accordance with Article 89 para. 1 of the GDPR, unless such processing is necessary for the fulfilment of a task that is in the public interest.
To exercise the right to object, the data subject can contact any employee of Berlin Partner für Wirtschaft und Technologie GmbH or another employee directly. The data subject is also free to exercise his or her right to object to the use of the data for services provided by information societies, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.
h) Automated individual decision-making including profiling
Any data subject has the right, as granted by the European guideline and regulatory body, not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect on him or her, or substantially impairs him or her in a similar manner where the decision, (1) is not necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is admissible under the laws of the European Union or of the Member States to which the data controller is subject and where such laws contain appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, or (3) is made with the express consent of the data subject.
If the decision is (1) necessary for the conclusion or performance of a contract between the data subject and the controller or (2) is made with the express consent of the data subject, then Berlin Partner für Wirtschaft und Technologie GmbH shall take appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject, including at least the right to obtain the intervention of a person from the controller, to express his/her own position and to challenge the decision.
Should the data subject wish to assert his or her rights with regard to automated decision making, then he or she may at any time contact an employee of the data controller.
i) Right to revoke consent under data protection law
Any data subject has the right, as granted by the European directive and legislator, to withdraw consent to the processing of personal data at any time.
Should the data subject wish to assert his or her right to right to revoke their consent, then he or she may at any time contact an employee of the data controller.
9. Newsletter tracking
Individual newsletters of Berlin Partner für Wirtschaft und Technologie GmbH contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in emails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, the Berlin Partner für Wirtschaft und Technologie GmbH may see if and when an e-mail was opened by a data subject, and which links in the e-mail were visited up by the affected recipient.
Such personal data collected via the tracking pixels contained in the newsletters are stored and analyzed by the data controller in order to optimize the newsletter and to better tailor the content of future newsletters to the interests of the affected recipient. This personal data will not be disclosed to third parties. Recipients are entitled at any time to revoke the separate declaration of consent given in this regard via the double opt-in procedure. After revocation, this personal data will be deleted by the data controller. The Berlin Partner für Wirtschaft und Technologie GmbH automatically regards an unsubscription of the newsletter as a revocation.
We use CleverReach, a service for our email marketing, to send our newsletter.
The data controller responsible for processing has integrated the Matomo component on this website. Matomo is an open source software tool for web analysis. Web analysis is the acquisition, collection and evaluation of data concerning the behaviour of the website visitors. Among other things, a web analysis tool collects data about which website a data subject has accessed the current website from (so-called referrer), which sub-pages of the website were accessed, or how often and for which length of time a sub-page was viewed. Web analysis is mainly used to optimise a website and for carrying out a cost-benefit analysis of internet advertising.
The software operates on the controller’s server; data protection-relevant, sensitive log files are solely stored on this server.
The purpose of the Matomo component is to analyse the flow of visitors to our website. The controller uses the data and information gathered to analyse use of the website and to compile online reports concerning activities on our website, amongst other aspects.
Matomo places a cookie on the information technology system of the data subject. What cookies are, has already been explained above. Setting the cookie enables us to analyse the use of our website. Every time one of the individual pages of this website is called up, the Internet browser on the information technology system of the person concerned is automatically prompted by the Matomo component to transmit data to our server for the purpose of online analysis. Within the scope of this technical procedure, we receive information about personal data, such as the IP address of the data subject, which we use to trace the origin of visitors and the clicks made (amongst other aspects).
The cookie is used to store personal information, such as the access time, the location from which access was gained and the frequency of visits to our website. Whenever our website is visited, personal data, including the IP address of the Internet connection used by the data subject, are transmitted to our server. These personal data are stored by us. We do not pass these personally identifiable data on to third parties.
The data subject can prevent our website from setting cookies at any time (as already mentioned above) by means of making the appropriate adjustments in their Internet browser settings and thus permanently object to the setting of cookies. Such a setting in the internet browser used would also prevent Matomo from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Matomo can be deleted at any time via an internet browser or other software programs.
Furthermore, the data subject has the option of objecting to the collection of the data generated by Matomo relating to the use of this website and of preventing such collection. To do this, the data subject must set “Do Not Track” in their browser.
The placing of opt-out cookies does entail the possibility of the controller’s websites not being fully usable by the data subject.
The controller has integrated SlideShare components into this website. LinkedIn SlideShare is a file-hosting service which enables presentations and other documents, such as PDF files, videos and webinars to be shared and archived. This file-hosting service enables users to upload media content in all common formats with documents either marked as public or private.
LinkedIn SlideShare provides “embed codes” for the stored media content (presentations, PDF files, videos, photos, etc.). Embed codes are programming codes that are embedded in websites to enable external content to be played on a proprietary website. Embed codes enable content to be played on a proprietary website without having to place the content on a proprietary server and therefore without violating the reproduction rights of the respective author of the content. Another advantage in using an embed code is that the respective operator of a website does not need to use their own data storage capacity and can thereby reduce the load on their own server. An embed code can be incorporated anywhere on a website to enable external content to be integrated, even within one’s own text. The purpose of using LinkedIn SlideShare is to lessen the load on our server and prevent copyright infringements while simultaneously using external content.
Whenever our website featuring a SlideShare component (embed code) is accessed, this component causes the browser you are using to download the corresponding embedded data from SlideShare. As part of this technical process, LinkedIn is informed about which specific sub-page on our website has been visited by the data subject.
Insofar as the data subject is simultaneously logged into SlideShare, SlideShare recognises each visit to our website by the data subject, the entire duration of the respective stay on our website, as well which specific sub-page of our website the data subject visits. This information is collected by SlideShare and assigned by LinkedIn to the respective SlideShare account of the data subject.
LinkedIn will always receive information from the SlideShare component informing that the data subject has visited our website (when the data subject is logged into SlideShare at the same time as when they access our website), regardless of whether or not the data subject clicks on the embedded media data. If such a transmission of this information to LinkedIn is not desired by the data subject, he or she can prevent transmission by logging out of their SlideShare account before accessing our website.
The controller has integrated YouTube components into this website. YouTube is an internet video portal that allows video publishers to post video clips free of charge and for users to view, rate and comment on these videos free of charge. YouTube allows the publication and viewing of all types of videos, which include complete film and television programs as well as music videos, trailers and videos made by users themselves.
YouTube is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time you access one of the individual pages of this website, which is operated by the controller and on which a YouTube component (YouTube video) has been integrated, the Internet browser on the information technology system of the data subject is automatically induced by the relevant YouTube component to download the YouTube content of that component. Further information about YouTube can be found at: www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google are informed about which specific sub-page on our website has been visited by the data subject.
Insofar as the data subject is logged into YouTube at the same time as visiting our website, YouTube will recognise which specific sub-page of our website is visited by the data subject once the sub-page containing a YouTube video has been opened. This information is collected by YouTube and Google and linked to the YouTube account of the data subject.
YouTube and Google will always receive information from the YouTube component informing that the data subject has visited our website (when the data subject is logged into YouTube at the same time as when they access our website), regardless of whether or not the data subject clicks on a YouTube video. If such a transmission of this information to YouTube and Google is not desired by the data subject, he or she can prevent the transmission by logging out of their YouTube account before accessing our website.
14. Legal basis of data processing
Article 6 para. lit. a of the GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary to fulfil a contract of which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing is based on Article 6 para. 1 lit. b of the GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfilment of tax obligations, the processing is based on Article 6 para. 1 lit. c of the GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured at our company premises and his or her name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Article 6 para. 1 lit. d of the GDPR. Finally, processing operations could be based on Article 6 para.1 lit. f of the GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds where processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. The legislator considers that a legitimate interest could be assumed if the data subject is a client of the data controller (Recital 47 clause 2 of the GDPR).
15. Legitimate interests pursued by the data controller or by a third party
Where the processing of personal data is based on Article 6 para.1 lit. f of the GDPR, our legitimate interest is to carry out our business in favour of the well being of all our employees and the shareholders.
16. Period for which the personal data shall be stored
The criteria used to determine the period of storage of personal data is the respective statutory retention period. After this period expires, the corresponding data shall be routinely erased, as long as they are no longer necessary for the fulfilment of the contract or the initiation of a contract.
17. Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of failure to provide such data
We clarify that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information concerning the contractual partner). Sometimes in order to conclude a contract, it may be necessary for the data subject to provide us with personal data which we must subsequently process. The data subject is, for example, obligated to provide us with personal data when our company signs a contract with him or her. The non-provision of the personal data would have the consequence that the contract with the data subject could not be concluded. Before personal data are provided by the data subject, the data subject must contact one of our employees. The employee shall clarify to the data subject whether the provision of the personal data is required by law or contract, or if it is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of non-provision of the personal data.
18. Existence of automated decision making
As a responsible company, we do not use automatic decision making or profiling.
You can revoke your consent to the use of individual cookies and external services or agree to their use on this website at the following link.