Data Policy / Disclaimer
We, 7 Tips PC, take the protection of your personal data seriously and would like to inform you about the data protection in our company by means of this data protection declaration.
As part of our data protection liability, the entry into force of the European General Data Protection Regulation (hereinafter abbreviated as the “EU-DGSVO”) has imposed additional obligations on us to ensure the protection of the personal data of the data subject of processing.
Insofar as we decide either alone or jointly with others on the purposes and means of data processing, this includes above all the obligation to inform you transparently about the nature, scope, purpose, duration and legal basis of the processing (see Articles 13 and 14 EU GDPR). With this data protection declaration, we inform you about how your personal data is processed by us.
The terms in this data protection declaration are based on the following definitions, following the example of Article 4 of the EU GDPR:
– “Personal data” (see Article 4(1) EU GDPR) means any information relating to an identified or identifiable natural person (‘data subject’). A person is identifiable if he or she can be identified directly or indirectly, in particular by assigning it to an identifier such as a name, identification number, online identifier, location data or by means of information on his physical, physiological, genetic, psychological, economic, cultural or social identity characteristics. The identification can also be given by means of a link of such information or other additional knowledge. It is not important to obtain, shape or embody the information (including photos, video or audio recordings may contain personal data).
– ‘processing’ (see Article 4(2) of the EU GDPR) means any operation or series of processes carried out with or without the aid of automated procedures in connection with personal data such as the collection, collection, organisation, ordering, storage, adaptation or modification, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking , the restriction, deletion or destruction, and the modification of a purpose or purpose that was originally used for data processing.
– ‘responsible person’ (see Article 4(7) of the EU GDPR) means any natural or legal person, authority, body or other body which decides, alone or jointly with others, on the purposes and means of the processing of personal data.
– “processor” (see Article 4(8) of the EU GDPR) means any natural or legal person, authority, body or other body that processes personal data on behalf of the controller, in particular in accordance with his instructions (e.B.g. IT service provider). In the sense of data protection law, a processor is in particular not a third party;
– ‘third party’ (see Article 4(10) of the EU GDPR) means any natural or legal person, authority, body or other body, except the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor. This includes legal entities belonging to the Group.
– ‘consent’ of the data subject (see Article 4(11) of the EU GDPR) means any voluntary expression of will in the form of a declaration or other unambiguous affirmative act in the case of the particular case, in an informed manner and unequivocally, in the form of a declaration or other unambiguous affirmative act by which the data subject indicates that he or she agrees to the processing of the personal data concerning him or her.
2. Name and address of the controller
The body responsible for the processing of your personal data within the meaning of Article 4(7) of the EU GDPR is:
7 Tips PC
Greece, Elpidos 7,
153 43 Athens Tel: +30
E-mail address: email@example.com
Further information about our company can be found in the imprint information on our website.
3. Contact details of the Data Protection Supervisor (see Art. 37 EU GDPR)
Our company data protection officer is always at your disposal for all questions and as a contact person on the subject of data protection with us. His contact details are:
7 Tips PC
Greece, Elpidos 7,
153 43 Athens Tel: +30
E-mail address: firstname.lastname@example.org
By law, any processing of personal data is prohibited by law and is only permitted if the processing of data falls within one of the following justifications:
– Article 6(1) p. 1 lit. a EU GDPR (‘Consent’): If the data subject has voluntarily, in an informed manner and unequivocally indicated by a declaration or other unambiguous affirmative act that he agrees to the processing of the personal data concerning him or her for one or more specific purposes;
– Article 6 (1) p. 1 lit.b EU GDPR: If the processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject;
– Article 6 (1) p. 1 lit.c EU GDPR: If the processing is necessary to fulfil a legal obligation to which the controller is subject (e.B. a statutory retention obligation);
– Article 6(1) p. 1 lit. d EU GDPR: if processing is necessary to protect the vital interests of the person concerned or of another natural person;
– Article 6(1) s. 1 lit. e EU GDPR: If processing is necessary for the performance of a task which is in the public interest or in the exercise of official authority delegated to the controller, or
– Article 6(1) p. 1 lit. f EU GDPR (“Eligible interests”): If the processing is necessary to safeguard the legitimate (in particular legal or economic) interests of the controller or a third party, unless the conflicting interests or rights of the data subject prevail (in particular if the data subject is a minor).
For the processing operations carried out by us, we specify the applicable legal basis in each case. Processing may also be based on several legal bases.
5. Data erasure and storage time
For the processing operations we perform, we specify in the following how long the data is stored by us and when it will be deleted or blocked. Unless an explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for the storage is omitted.
However, storage may take place beyond the stated time in the event of a (threatening) dispute with you or any other legal procedure or if the storage is provided for by legal regulations to which we are responsible. If the retention period prescribed by the statutory provisions expires, the personal data will be blocked or deleted, unless further storage by us is required and there is a legal basis for this.
6. Data security (see Art. 32 EU GDPR)
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties taking into account the state of the art, implementation costs and the nature, scope, context and purpose of processing, as well as the existing risks of a data breach (including the probability of the data breach). Our security measures are continuously improved in line with technological developments.
7. Cooperation with processors (see Article 28 EU GDPR)
As with any major company, we use external domestic and foreign service providers (e.B. for the areas of IT, logistics, telecommunications, sales and marketing) to handle our business transactions. These act only in accordance with our instructions and have been contractually obliged to comply with the data protection regulations within the meaning of Article 28 of the EU GDPR.
If personal data is passed on by you through us to our partner companies or is passed on to us by our partner companies (e.B. for advertising purposes), this is done on the basis of existing order processing relationships.
8. Requirements for the transfer of personal data to third countries
As part of our business relationships, your personal data may be disclosed to third-party companies. They may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing is carried out exclusively for the fulfilment of contractual and business obligations and for the maintenance of your business relationship with us. We will inform you about the respective details of the transfer below at the relevant points.
In some third countries, the European Commission certifies data protection comparable to the EEA standard by means of so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.html). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. As far as this is the case, we ensure that data protection is adequately guaranteed. This is possible through binding company regulations, standard contractual clauses of the European Commission for the protection of personal data, certificates, recognised codes of conduct or self-certification via the EU-US Privacy Shield (for more information please click here: https://www.privacyshield.gov/welcome).
9. No automated decision-making (including profiling)
We do not intend to use any personal information you collect for automated decision-making (including profiling).
10. No obligation to provide personal data
We do not make the conclusion of contracts with us dependent on you providing us with personal data in advance. As a customer, there is no legal or contractual obligation to provide us with your personal data; however, we may be unable to provide certain offers to a limited extent or not at all if you do not provide the necessary information. If this should exceptionally be the case within the scope of the products or services presented below and offered by us, you will be informed separately.
11. Legal obligation to transmit certain data
We may be subject to a special legal or legal obligation to provide the legally processed personal data to third parties, in particular public authorities (see Art. 6 sec. 1 p. 1 lit.c EU GDPR).
12. Your rights
You may exercise your rights as a data subject with regard to your processed personal data at any time to us under the contact details provided at the beginning of Part A. Section 2. As a person concerned, you have the right to:
– to request information about your data processed by us in accordance with Art. 15 EU GDPR. In particular, you may request information about the processing purposes, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of a right of rectification, deletion, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, and the existence of automated decision-making including profiling and, where applicable, meaningful information on its details;
– in accordance with Article 16 of the EU GDPR, to request without delay the correction of inaccurate data or the completion of your data stored by us;
– in accordance with Article 17 of the EU GDPR, to request the deletion of your data stored by us, unless processing is necessary for the exercise of the right to free expression and information, to fulfil a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
– to request the restriction of the processing of your data in accordance with Article 18 of the EU GDPR, insofar as the accuracy of the data is disputed by you or the processing is unlawful;
– in accordance with Article 20 of the EU GDPR, to receive your data that you have provided to us in a structured, common or machine-readable format or to request the transfer to another controller (“data portability”);
– to object to the processing in accordance with Article 21 of the EU GDPR, provided that the processing takes place on the basis of Art. 6 sec. 1 lit. e or lit. f EU GDPR. This is especially the case if the processing is not necessary for the performance of a contract with you. Unless there is an objection to direct marketing, we ask us to explain the reasons why we should not process your data as we have carried out in the exercise of such an objection. In the event of your justified objection, we will check the situation and will either discontinue or adapt the data processing or show you our compelling reasons for protecting us, on the basis of which we continue the processing;
– in accordance with Article 7(3) eu GDPR, your consent given once (even before the application of the EU GDPR, i.e. before 25 May 2018) – i.e. your voluntary, informed and unequivocally made understandable by a declaration or other clear affirmative act, that you agree to the processing of the personal data in question for one or more specific purposes – to withdraw from us at any time. , if you have granted one. As a result, we may not continue the processing of data based on this consent for the future; And
2. Personal data processed
When using the website in an informative manner, we collect, store and process the following categories of personal data:
a) “Log data”: When you visit our websites, a so-called log record (so-called “server log files”) is temporarily and anonymized on our web server. It consists of:
– the page from which the page was requested (so-called
– the name and URL
of the requested page – the data
and time of the call – the description of the type, language
and version of
browser used – the IP address of the requesting computer, which is shortened so that a personal reference is no longer recoverable – the amount of data transferred – the operating system – the message whether the call was successful (access status/http status code)
– the GMT time zone
b) “Contact Form Data”: When using contact forms, the data transmitted thereby will be processed (e.B. gender, name and first name, address, company, e-mail address and the time of transmission).
3. Purpose and legal basis of data processing
We process the above-specified personal data in accordance with the provisions of the EU GDPR, the other relevant data protection regulations and only to the extent necessary. Insofar as the processing of personal data is based on Art. 6 sec. 1 p. 1 lit. f EU GDPR, the aforementioned purposes also represent our legitimate interests.
The processing of the log data serves statistical purposes and improves the quality of our website, in particular the stability and security of the connection (legal basis is Art. 6 sec. 1 p. 1 lit. f EU GDPR).
The processing of contact form data is carried out for the processing of customer enquiries (legal basis is Art. 6 sec. 1 p. 1 lit.b or lit. f EU GDPR).
4. Duration of data processing
Your data will only be processed for as long as is necessary to achieve the above-mentioned processing purposes; for this purpose, the legal bases specified in the context of the processing purposes shall apply accordingly. With regard to the use and storage time of cookies, please refer to Part A. Section 5 as well as our disclaimer.
Third parties used by us will store your data on their system for as long as is necessary in connection with the provision of the services for us in accordance with the respective order. For more information on the storage period, please refer to Part A. Section 5 and our disclaimer.
5. transfer of personal data to third parties; Justification
The following categories of recipients, which are usually processors (see Part A. Section 7), may have access to your personal data:
– Service provider for the operation of our website and the processing of data stored or transmitted by the systems (e.B. for data center services, payment processing, IT security). The legal basis for the transfer is then Art. 6 sec. 1 p. 1 lit.b or lit. f EU GDPR, insofar as it is not a processor;
– State agencies/authorities to the extent necessary to fulfil a legal obligation. The legal basis for the transfer is then Article 6(1) p. 1 lit.c EU GDPR;
– persons employed to carry out our business operations (e.B. auditors, banks, insurance companies, legal advisers, supervisory authorities, participants in company acquisitions or the creation of joint ventures). The legal basis for the transfer is then Art. 6 sec. 1 p. 1 lit.b or lit. f EU GDPR.
For the guarantees of an adequate level of data protection when the data is shared with third countries, see Parts A. Section 8. In addition, we will only pass on your personal data to third parties if you have given express consent to this in accordance with Art. 6 sec. 1 lit. a EU GDPR.
– Technical cookies: these are mandatory in order to move around the website, to use basic functions and to ensure the security of the website; they do not collect information about you for marketing purposes, nor do they store which websites you have visited.
– Performance cookies: These collect information about how you use our website, which pages you visit and, for example.B whether there are errors in website usage; they do not collect information that could identify you – all information collected is anonymous and is only used to improve our website and find out what our users are interested in.
– Advertising cookies, targeting cookies: These serve to offer the website user advertising on the website or offers of third parties according to needs and to measure the effectiveness of these offers; Advertising and targeting cookies are stored for a maximum of 13 months.
– Sharing cookies: these are used to improve the interactivity of our website with other services (e..B. social networks); Sharing cookies are stored for a maximum of 13 months.
For more information about which cookies we use and how to manage your cookie settings and disable certain types of tracking, see our disclaimer.
b) Social media plugins: We do not use social media plugins on our websites. If our websites contain symbols of social media providers (e.g. LinkedIn.B), we only use them for passive linking to the pages of the respective providers.