Data Protection Declaration

1. Data Protection at a Glance

General Information

The following text will give you a general overview of what happens with your personal data when you visit this website. Personal data are all data that allow others to personally identify you. You will find more detailed information on data protection in our data protection declaration below this text.

Data Collection on this Website

Who is responsible for collecting data on this website?

The data on this website are processed by the website operator. Contact information may be found under the section Information on the Controller in this Data Protection
Declaration.

How do we process your data?

One way of processing data is by using the data you share with us. This could be any information you share via our contact form for example. Our IT systems collect other data automatically or after you give your consent on our website. In particular, these are technical data (f. ex. Internet browser, operational system or the time you visit a webpage). These data are collected automatically when you visit this website.

How do we use your data?

Some of the data are collected to enable the smooth operation of our website. Other data may be used to analyze user behavior.

What are your rights concerning your data?

You have the right to receive information on the source, recipients and purpose of any personal data that are stored about you at any time and free of charge. You also have the right to obtain rectifications to or the erasure of these data. If you have given us your consent to processing your data, you may withdraw this consent at any time, effective for the future. Subject to certain conditions, you also have the right to obtain restrictions to the processing of your personal data. Furthermore, you have the right to lodge a complaint with the responsible supervisory authority.

Feel free to contact us at any time regarding the above-mentioned information or any other questions relating to data protection.

2. Hosting

We host the contents of this website with the following provider:

IONOS

Provider: IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (in the following IONOS). When visiting our website, IONOS collects different log files including your IP addresses. For more details, please check IONOS’ Data Protection Declaration (in German) at:

https://www.ionos.de/terms-gtc/terms-privacy.

IONOS is commissioned in accordance with Article 6 (1) point f GDPR. We have a legitimate interest in the display of our website being as faithful as possible. Insofar as you were prompted to give a respective consent, processing shall be based exclusively on Article 6 (1) point a GDPR and Section 25 (1) TTDSG (Gesetz über den Datenschutz und den Schutz der Privatsphäre in der Telekommunikation und bei Telemedien, German Act on Data Protection and the Protection of Privacy in Telecommunication and Telemedia), insofar as this consent includes saving cookies or accessing information on the user’s terminal (f. ex. device fingerprinting) according to the TTDSG. You may withdraw your consent at any time.

Commissioned Data Processing

We have concluded a contract on commissioned data processing concerning the use of the above-mentioned service. This is a mandatory contract according to the GDPR, which ensures that the service provider processes personal data of website users only in accordance with our directives and in accordance with the GDPR.

3. General Information and Mandatory Information

Data Protection

The operators of these web pages take the protection of your personal data very seriously. We keep your personal data confidential and handle them in accordance with statutory data protection provisions as well as this Data Protection Declaration.

If you use this website, we will collect different personal data. Personal data are data that allow others to personally identify you. The present Data Protection Declaration will explain which data are collected and what we use them for. In this Declaration, we will also specify how and to what purpose we do that.

Please note that online data communication (f. ex. communication via e-mail) may be subject to security gaps. It is not possible to provide seamless data protection against third party access.

Information on the Controller

The data processing controller of this website is:

Zweckverband Interkommunales Gewerbe- und Industriegebiet Heidelberg – Leimen Weidemaier-Straße 35
69181 Leimen

Phone: +49 (0) 6221 58-10152
E-mail: info-economypark@heidelberg.de

The controller is the natural or legal person who alone or together with others decides on the purpose and means of processing personal data (f. ex. names, e-mail addresses and the like).

Storage Duration

Insofar as no specific storage duration is indicated in this Data Protection Declaration, your personal data are kept until the purpose for data processing ceases to be relevant. If you claim the erasure of your data based on legitimate grounds or you withdraw a data processing consent, your data shall be erased if we do not have any other legally admissible grounds for storing your personal data (f. ex. retention periods based on tax or commerce law); in case of the latter reason, we shall erase your data after these grounds cease to be relevant.

General Information on the Legal Basis for Processing Data on this Website

Insofar as you have given your consent to data processing, we shall process your personal data based on Article 6 (1) point a GDPR and/or Article 9 (2) point a GDPR, insofar as special categories according to Article 9 (1) GDPR are processed. In case of an explicit consent to the transfer of personal data to third countries, data processing shall also be based on Article 49 (1) point a GDPR. Insofar as you have agreed to saving cookies or to accessing information on your terminal (f. ex. via device fingerprinting), data processing shall also be based on Section 25 (1) TTDSG. You may withdraw your consent at any time. If your data are required to comply with contractual obligations or to take steps prior to entering into a contract, we shall process your data based on Article 6 (1) point b GDPR. In addition, we shall process your data based on Article 6 (1) point c GDPR insofar as required to comply with a legal obligation. Furthermore, we may process your data on the basis of a legitimate interest according to Article 6 (1) point f GDPR. In the following paragraphs of this Data Protection Declaration, we will inform you about applicable legal bases regarding the respective individual cases.

Information on Data Transfer to the US and Other Third Countries

Among others, we use tools of companies based in the US or other third countries where relevant regulations do not ensure data security. When these tools are active, your personal data may be transferred to these third countries and processed there. Please note that in these countries we cannot guarantee a level of data protection comparable to EU standards. US companies are for example obligated to disclose personal data to security authorities while the data subject is not granted any rights to take judicial action against that. Therefore, we cannot rule out that US authorities (f. ex. intelligence services) will process, analyze and permanently store your data kept on US servers for surveillance purposes. We have no influence on these processing activities.

Recipients of Personal Data

Within the framework of our business activities, we work with different external entities. On occasion, this requires transferring personal data to these external entities. We shall transfer personal data to external entities only if required to comply with contractual obligations, if required due to statutory obligations (f. ex. transfer of data to tax authorities), if we have a legitimate interest in the transfer according to Article 6 (1) point f GDPR or if any other legal basis allows us to transfer data. When relying on processors, we shall transfer personal data of our customers only on the basis of a valid contract on commissioned data processing. In case of joint controlling, we shall conclude a contract on joint controlling.

Withdrawing Your Consent to Data Processing

Many data processing activities are only possible with your explicit consent. You may withdraw any consent you have already given at any time. Withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right to Object to Data Processing in Particular Situations As Well As to Direct Marketing (Article 21 GDPR)

IF DATA PROCESSING IS BASED ON ARTICLE 6 (1) POINT E OR F GDPR, YOU SHALL HAVE THE RIGHT TO OBJECT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, AT ANY TIME TO PROCESSING OF PERSONAL DATA; THIS INCLUDES PROFILING BASED ON THESE PROVISIONS. YOU MAY FIND THE RESPECTIVE LEGAL BASIS FOR PROCESSING IN THIS DATA PROTECTION DECLARATION. IF YOU FILE AN OBJECTION, WE SHALL NOT PROCESS YOUR PERSONAL DATA ANYMORE UNLESS WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR PROCESSING IS REQUIRED TO ESTABLISH, EXERCISE OR DEFEND A LEGAL RIGHT (OBJECTION ACCORDING TO ARTICLE 21 (1) GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU SHALL HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING AT ANY TIME. THE SAME APPLIES TO PROFILING, INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, SUBSEQUENTLY, YOUR PERSONAL DATA SHALL NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION ACCORDING TO ARTICLE 21 (2) GDPR).

Right to Lodge a Complaint with the Responsible Supervisory Authority

In case of a violation of the GDPR, the data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their work place or the place where the purported violation occurred. The right to lodge a complaint exists irrespective of other administrative or judicial remedies.

Right to Data Portability

You shall have the right that data, which we process based on your consent or automatically in order to perform a contract, be received either by yourself or a third person in a commonly used, machine-readable format. Insofar as you demand to have data transferred directly from one controller to another, this shall be done only where technically feasible.

Access, Rectification and Erasure

Within the framework of applicable statutory provisions, you shall have the right to access any personal data stored about you and to obtain information on their source and recipients as well as the purpose of data processing and, if applicable, a right to rectification or erasure of these data free of charge. Feel free to contact us at any time with any questions regarding the above-mentioned information or any other questions relating to your personal data.

Right to Restriction of Processing

You shall have the right to obtain the restriction of processing of your personal data. You may contact us at any time in this respect. You shall have the right to obtain the restriction of processing in the following cases:

If you contest the accuracy of your personal data stored with us, in general, we need time to verify that. For as long as it takes to verify this claim, you shall have the right to obtain the restriction of processing of your personal data.
If processing your personal data was/is unlawful, you shall have the right to obtain the restriction of processing instead of erasure.
If we no longer need your personal data, but you require them to exercise, defend or establish legal rights, you shall have the right to obtain the restriction of processing instead of erasure.
If you have lodged an objection according to Article 21 (1) GDPR, your interests and our interests shall be weighed to determine the overriding one. For as long as it takes to determine the overriding interest, you shall have the right to obtain the restriction of processing of your personal data.

If you have obtained the restriction of processing of your personal data, these data may be processed exclusively – with the exception of their storage – with your consent or to establish, exercise or defend a legal right or to protect the rights of another natural or legal person or on the grounds of an important public interest of the European Union or a member state.

SSL and/or TLS Encryption

For security reasons and to protect confidential information while it is transferred – like orders or inquiries that you send to us as website operator – this website uses an SSL and/or TLS encryption. An encrypted connection can be recognized by the fact that your browser switches from “http://” to “https://” and by the lock symbol appearing in the address field of your browser. When SSL and/or TLS encryption is active, third parties will not be able to read any data you transfer to us.

4. Data Collection on this Website

Cookies

Our web pages use so-called cookies. Cookies are small data packages and do not cause any damage on your terminal. They may be stored on your terminal temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies will be deleted automatically after your visit. Persistent cookies remain on your terminal until you delete them yourself or your web browser deletes them automatically.

Cookies may be employed by us (first party cookies) or by third party companies (third party cookies). Third party cookies enable certain embedded services of third party companies on web pages (f. ex. cookies to enable payment services).

Cookies have different uses. Numerous cookies are required for technical reasons as certain web page features do not work without them (f. ex. shopping basket features or displaying videos). Other cookies may be used to analyze user behavior or for marketing purposes.

Cookies required to enable electronic communication, for providing certain features requested by you (f. ex. shopping basket feature) or to optimize the website (f. ex. cookies to measure the web audience), shall be saved based on Article 6 (1) point f GDPR insofar as no other legal basis is specified. The website operator has a legitimate interest in saving necessary cookies for optimized and technically correct provision of services. Insofar as you were prompted to give your consent to saving cookies and other comparable recognition technology, processing will be based solely on this consent (Article 6 (1) point a GDPR and Section 25 (1) TTDSG); You may withdraw your consent at any time.

Cookies on the Website of the Zweckverband Interkommunales Gewerbe- und Industriegebiet Heidelberg-Leimen (Special-Purpose District Commercial and Industrial Area Heidelberg-Leimen)

The Special-Purpose District’s web pages use the following cookies:

Cookies to save users’ preferred language when they open pages that exist in several languages. If such a cookie is missing, the German version will be displayed by default. Cookies are not deleted automatically.
Other cookies are only used on pages that are open to registered users only. These cookies will not be deleted automatically either.

You may change your browser settings so that you will be informed about the use of cookies and accept cookies only individually, exclude cookies in specific cases or in general and activate automatic deletion of cookies upon closing your browser. Disabling cookies may affect the functioning of this website.

Contact Form

If you send us your inquiry using our contact form, we will store the information on the contact form including any contact information you provide there for the purpose of processing your inquiry and in case of any further questions. We will not transfer these data without your consent.

Processing of these data is based on Article 6 (1) point b GDPR, insofar as your inquiry concerns the performance of a contract or as processing is required to take steps prior to entering into a contract. In any other case, processing is based on our legitimate interest in the effective processing of any inquiry addressed to us (Article 6 (1) point f GDPR) or your consent (Article 6 (1) point a GDPR) insofar as you were prompted to give your consent. You may withdraw your consent at any time.

Any information provided on our contact form remains with us until you request its erasure, you withdraw your consent to storing or the purpose of storing data ceases to be relevant (f. ex. after your inquiry has been closed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Inquiries via Mail, Phone or Fax

If you contact us via mail, phone or fax, your inquiry including any personal contained therein (name, request) will be stored and processed for the purpose of handling your request. We will not transfer these data without your consent.

Any information you provide us with in your inquiries remains with us until you request its erasure, you withdraw your consent to storing or the purpose of storing data ceases to be relevant (f. ex. after your inquiry has been closed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

5. Plugins and Tools

Google Maps

This website uses the map services of Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the features of Google Maps, your IP address needs to be saved. In general, this information is transferred to a Google server in the US and saved there. The provider of this website has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of a uniform display of fonts. When you open Google Maps, your browser will load the necessary web fonts to your browser cache to display texts and fonts correctly.

We use Google Maps to ensure an attractive display of our online offer and easy location of places mentioned on this website. This represents a legitimate interest according to Article 6 (1) point f GDPR. Insofar as you were prompted to give a respective consent, processing shall be based solely on Article 6 (1) point a GDPR and Section 25 (1) TTDSG, insofar as this consent includes saving cookies or accessing information on the user’s terminal (f. ex. device fingerprinting) according to the TTDSG. You may withdraw your consent at any time.

Data transfer to the US is based on the standard contract clauses of the EU Commission.
Details can be found here:

https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

More information on how user data is handled can be found in Google’s Privacy Policy: https://policies.google.com/privacy?hl=en-GB.

6. Contact for Questions Regarding Data Protection

Should you have any questions concerning the processing of your personal data or your rights concerning data protection, do not hesitate to contact:

Rebecca Radde
Bgm.-Weidemaier-Straße 35
69181 Leimen
Phone: +49 (0) 6221 58-10151
E-mail: rebecca.radde@heidelberg.de