Data protection statement
As the operator of this website, we take the protection of your personal data extremely seriously. We will handle your personal data confidentially and in accordance with statutory data protection regulations and this data protection statement. You can use our website without having to input personal data. Where personal data (e.g. name, address, email address etc.) is collected on this site, it is collected on a voluntary basis wherever possible. This data will not be shared with any third party without your express permission. For security reasons, our website uses SSL or TLS encryption, which ensures that data transmitted via the site cannot be accessed by any third party.
Nonetheless you should be aware that data transfer via the Internet (e.g. via email) is never wholly secure and the protection of your data against third party access cannot be guarantee.
1. Name and contact details for the data controller responsible for data processing and for the company data protection officer
This data protection information applies to the processing of data by:
Data controller: Start-Up Services GmbH, represented by its managing director Helga Bailey, Hermann-Weinhauser-Straße 73, 81673 München, email Info@Start-Up-Services.de,
tel. +49 (0)89 939452-11, fax +49 (0)89 930 49 14
The data protection officer for Start-Up Services GmbH can be contacted at at GDPR@Start-Up-Services.de.
2. Collection and storage of personal data and type and purpose of use of personal data
a) When you visit our website
When you visit our website, the browser used on your device will automatically send information to our server. This information will be temporarily saved in a logfile. The following information will be captured and stored until it is automatically deleted:
- IP address of requesting computer
- Date and time of access
- Name and URL of file accessed
- Website you were on before visiting ours (referrer URL)
- Browser type used and version and where applicable your computer’s operating system and the name of your access provider
- Websites accessed by user via our website
The aforementioned data will be used by us for the following purposes:
- Establishing a trouble-free connection to our website
- Guaranteeing ease of use of our website
- Evaluation of system security and stability
- Other administrative purposes
The legal basis for data processing is art. 6 para. 1 f) GDPR. Our legitimate interest lies in the aforementioned purposes of data collection. In no circumstances will the data collected be used to identify you. Logfiles and their contents are stored for a maximum of 7 days and then deleted, unless they are required for the clarification or documentation of an abusive or illegal use that has become known within the retention period.
When you visit our website, we also use cookies, analysis tools and links to social networks. For more information, see 4, 5 and 6 below.
b) When you use our contact form
For questions of any kind, you can contact us using the contact form on our website, for which you will have to enter your first name, surname and email address so that we know who has sent the enquiry and so that we can respond. Other information can be provided voluntarily.
If you would like to use our chat to contact us quickly and directly, you first have to agree to use the chat. When using the chat, a cookie is set (see 5 c) HubSpot). If you chat with us, only your IP address will be saved. All other data that you provide us with in the context of the chat will be answered if necessary to process further questions.
Data processing for the purpose of contacting us and processing, documenting and following up your enquiry is carried out in accordance with Art. 6 para. 1 b) or f) GDPR. Your data will be deleted as soon as your enquiry has been answered and there is no other purpose for storage.
3. Data sharing
Your personal data will not be shared with any third party for any purpose other than those defined in this data protection statement. A commercial sale of your personal data expressly does not take place.
Your personal data will be shared with third parties only if:
- You have given your express consent under art. 6 para. 1 a) GDPR
- The sharing is required under art. 6 para. 1 f) GDPR for the assertion of or defence against claims or for the exercise of rights and there are no grounds for supposing that you have an overwhelming interest in your data not being shared
- There is a statutory obligation to do so as per art. 6 para. 1 c) GDPR
- The sharing is permissible under statute and under art. 6 para. 1 c) GDPR is necessary for the processing of contractual relations with you.
4. Data subject rights
You have the right:
- under art. 15 GDPR to be informed as to the personal data of yours that we are processing. You especially have the right to be informed of: the purpose of the processing; the categories of personal data held; the categories of recipients with whom your data is or has been shared; the planned storage duration; the existence of your right to correction, deletion, restriction of processing and to object; the existence of your right to complain; the origin or your data if it hasn’t been collected by us; and the existence of any automated decision-making process, including profiling, and where applicable meaningful information about how it works;
- under art. 16 GDPR to the immediate correction of inaccurate data held by us or the completion of incomplete data held by us;
- under art. 17 GDPR to the deletion of the personal data held by us about you, unless the processing is required for the exercise of the right to freedom of speech or information, for compliance with a legal obligation, on the grounds of public interest or for the assertion of or defence against claims or the exercise of rights;
- under art. 18 GDPR to the restriction of the processing of your personal data insofar as the accuracy of the data is contested by you or the processing is unlawful, but you decline to have it deleted and we no longer need it, but you need it for the assertion of or defence against claims or the exercise of rights, or you have objected to processing under art. 21 GDPR;
- under art. 20 GDPR to have the personal data that you have provided to us issued to you in a structured, current and machine-readable form or to have it transferred to another data controller;
- under art. 7 para. 3 GDPR at any time to withdraw your previously given consent. This will mean that we will with future effect have to cease any data processing based on this consent; and
- under art. 77 GDPR to complain to the supervisory authorities. This usually involves complaining to the supervisory authority responsible for your habitual place of residence or work or for our corporate head office.
5. Right to object
Insofar as your personal data is processed on the basis of legitimate interests under art. 6 para. 1 f) GDPR, you have the right under art. 21 GDPR to object to such processing, provided your objection is based on your specific circumstances or relates to direct marketing. In the latter of these two cases you have a general right to object and do not need to give any specific circumstances.
Should you wish to exercise your right to withdraw your permission or to object, please email GDPR@Start-Up-Services.de or send a fax to +49 (0)89 930 49 14
Note:
Both the capture of data for the purposes of providing the website and the storage of data in logfiles are required for the operation of our website. You therefore have no right to object to these processes.
To submit a complaint about the processing of your personal data, contact the Bayerische Landesamt für Datenschutzaufsicht (BayLDA) [Bavarian regional data protection authorities] at https://www.lda.bayern.de/de/beschwerde.html
6. Duration of storage
For the duration of website use or in the event that information or other services are required, the personal data you provide will be stored to the extent allowed and in accordance with GDPR. Your personal data will be deleted or locked as soon as it is no longer required for the purpose for which it was stored. It may be stored for longer if allowed under EU or national legislation in the form of regulations, statutes or other regulations to which the data controller is subject. Except in cases where continued storage is required for formation or performance of contract, data will also be locked or deleted if a storage period specified by the aforementioned provisions expires.
7. Data security
Our website uses the widely deployed SSL (secure socket layer) process in combination with the highest level of encryption supported by your browser, which is usually 256 bit encryption. If your browser does not support this level of encryption, we will revert to 128 bit v3 technology. Whether or not a specific page of our website is encrypted can be determined from the presence of the key or padlock symbol in the status bar at the bottom of your browser.
We also use appropriate technical and administrative security measures to protect your data from accidental or intentional manipulation, partial or total loss, destruction and unauthorised third-party access. Our security measures are continually updated in line with technological developments.
8. Further enquiries
If you have any queries about our data protection rules or the collection of your data, you can contact us at: GDPR@Start-Up-Services.de
9. Updating and amendment of this data protection statement
This data protection statement is currently valid and was last amended in June 2021.
As our website and services develop or as statutory or official regulations change, it may be necessary for this data protection statement to be amended. The latest version can always be found at, and printed out from, at