Data Protection

In accordance with the requirements of the General Data Protection Regulation (DSGVO/GDPR), you are informed below about the collection of data when using the website, as well as the purpose of the processing and your rights under the DSGVO. The protection of your personal data is taken very seriously during processing.

Purpose & Legal Basis

The processing of your personal data is carried out in accordance with the provisions of the DSGVO and the German Federal Data Protection Act (BDSG) insofar as this is necessary for the establishment, execution and fulfillment of contracts as well as for the implementation of pre-contractual measures.

An initiation or implementation of a contractual relationship or in the context of the implementation of pre-contractual measures justifies the processing of personal data pursuant to Art. 6 (1) lit. B DSGVO.

By giving explicit consent to the processing of personal data for specific purposes (e.g. disclosure to third parties, evaluation for marketing purposes or promotional speech), the lawfulness of the processing is given according to Art. 6 para. 1 lit. a DSGVO. With effect for the future, the consent can be revoked at any time.

If necessary and legally permissible, your data will be used beyond the actual contractual purposes for the fulfillment of legal obligations pursuant to Art.6 para. 1 lit. c DSGVO. Furthermore, processing may be carried out to protect legitimate interests on the part of the provider or third parties in accordance with Art.6 para.1 lit. f DSGVO.

Categories

Only indispensable data regarding the establishment of the contract or the pre-contractual measures is processed. This is general data about you (name, address, contact details, bank details, etc.) as well as any other data that you share in the context of the contract.

Rights as a Subject

If personal data is processed by you, you are considered a data subject according to the GDPR. You are free to exercise the following under the contact details.

.information about your stored data and its processing (Art. 15 DSGVO)
.correction of incorrect personal data (Art. 16 DSGVO)
.deletion of your stored data (Art. 17 DSGVO)
.restriction of data processing, if your data is not yet intended for deletion due to legal obligations (Art. 18 DSGVO)
.data portability, provided that you have consented to the data processing or have concluded a contract (Art. 20 DSGVO)
.objection to the processing of your data (Art. 21 DSGVO)
.right not to be subject to a decision based solely on automated processing, including profiling (Art. 22 DSGVO)

Should you make use of your above rights, the controller will check whether the legal requirements for this are met.

You also have the right to complain to a supervisory authority. The supervisory authority responsible for the data controller is the State Commissioner for Data Protection and Freedom of Information North Rhine – Westphalia.

Kavalleriestr. 2-4
40213 Düsseldorf
Telephone: 0211/38424-0
Fax: 0211/38424-99
Email: office@ldi.nrw.de

Right of Revocation

You have the possibility to revoke your previously given consent (Art. 6 para. 1 lit. a DSGVO) at any time. The revocation is then valid for the future. Personal data will then no longer be processed, unless compelling reasons worthy of protection for the processing are demonstrated. These must override your rights, interests and freedoms or the processing must serve as the assertion, exercise or defense of legal claims.

Should the processing be carried out to protect legitimate interests pursuant to Art. 6 (1) lit. f DSGVO, you have the right to object to the processing at any time for reasons arising from your particular situation pursuant to Art. 21 DSGVO.

Your personal data will then no longer be processed. If compelling legitimate grounds for processing can be demonstrated, processing will continue. These must outweigh your interests, rights and freedoms or the processing must serve as the assertion, exercise or defense of legal claims.

Sources

Only data provided by you in the context of establishing a contract on the website or during the payment process will be processed. Data from third party sources is not obtained. The transmission of sensitive data in the sense of Art. 9 DSGVO is expressively not requested.

Recipients

Personal data is only passed on in order to be able to guarantee the fulfillment of contractual and pre-contractual measures. If personal data is processed on behalf of the company, the data protection-compliant processing is ensured by order processing contracts.

Data will only be passed on to recipients outside the company if this is permitted by law, if it is necessary for the fulfillment of the contract or at your request for pre-contractual measures, if the provider received your consent or is authorized to provide information. Under these conditions, for example:

.Public bodies / institutions in the presence of a legal or regulatory obligation.

Third Country Transfer

Data processing outside the European Union (EU) or the European Economic Area (EEA) is not planned or intended.

Duration of Storage

As far as necessary, data is stored for the duration of the business relationship. This also includes the initiation and execution of a contract. A storage beyond that happens only as far as legally permissible or in the concrete case of the assertion, exercise or defense of legal claims for the duration of a legal dispute.

In addition, there are storage and documentation obligations in accordance with the German Commercial Code (HGB) and the German Fiscal Code (AO). The prescribed periods are two to ten years.

Finally, the storage period also depends on the statutory limitation periods, e.g. according to §§195 ff. of the German Civil Code (BGB), these are three years. In certain cases, longer.

Necessity of the Provision

The provision of personal data for the purpose of establishing, implementing or fulfilling a contract or for the performance of pre-contractual measures is not required by law. You are not obliged to provide any information. Please note, however, that if you do not provide any information, no contractual relationship can be established.

Collection of General Information

Type and Purpose of Processing

Accessing the website without registering or otherwise transmitting information (e.g. payment transactions) involves the transmission of the following data (server log files):

.type of web browser
.operating system
.domain name of your internet service provider
.IP address
.time of the request

In particular, they are processed for the following purposes:

.ensuring a smooth connection of the website
.ensuring a smooth use of the website
.evaluation of system security
.other administrative purpose

Legal Basis

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO based on a legitimate interest in improving the stability and functionality of the website.

Recipients

Recipients of the data are, if applicable, technical service providers for operation and maintenance of the website.

Storage

The data necessary to provide the website will be deleted should it no longer be required. IP addresses and log data remain stored by the hoster for seven (7) days.

Provision

The provision of the aforementioned personal data is neither required by law nor by contract. However, without an IP address, the service and functionality of the website cannot be guaranteed. For this reason, an objection is excluded.

Cookies

Cookies are data sets and are stored on your terminal device. A cookie contains information about where your computer will be recognized as soon as you visit a website again. However, cookies can also make personal information transparent and transmit it to companies or advertisers. Cookies cannot be used to launch programs or transmit viruses.

Purpose

On the website, so-called cookies are used to ensure the proper operation of the website. Under no circumstances will data be passed on to third parties or linked to personal data without your consent.

Cookies

Only technically necessary cookies are used for the indispensable operation of the website.

Legal Basis

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of legitimate interest in the proper operation of the website and provision of basic functions.

Storage

Via your browser settings, the cookie inventory can be deleted and their storage can be blocked in advance.

Inquiries

Contact by telephone or email will entail the transmission of all resulting personal data and will be stored and processed. The transfer to third parties will not take place without consent. The transmission of sensitive data in the sense of (Art.9 DSGVO) is explicitly not requested.

Legal Basis

The processing of this data is based on Art. 6 (1) lit. b DSGVO, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures.

Storage

The data voluntarily sent by you via contact requests will remain until you request deletion, revoke your consent to storage or the purpose for storage ceases to apply. Mandatory legal provisions, in particular legal retention periods, remain unaffected.

Security

In order to protect the security of your data during transmission, state-of-the-art encryption procedures (e.g. SSL) are used via HTTPS.

Hosting

Websites and emails are hosted by external service providers. The data collected on the website and transmitted via email is stored on the servers of the hosters. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website. The hosters are used for the purpose of fulfilling the contract with potential and existing customers (Art. 6 para. 1 lit. f DSGVO) and in the interest of a secure, fast and efficient provision of the online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).

The contracted hosters will process your data only to the extent necessary to fulfill your service obligations and follow instructions regarding this data. In order to ensure data protection-compliant processing, order processing contracts have been concluded.

Hostinger | https://www.hostinger.com

Links 3rd Parties

This data protection notice does not apply to third-party websites offered on this website in the form of links. Please refer to the data protection notices of the respective providers when visiting these websites.

Links are clearly indicated. When clicking on a link, data will be transmitted. This is technically necessary.

PayPal

Type & Purpose

The use of PayPal (Europe) S.à r.l. et Cie, S.C.A. / 22-24 Boulevard Royal / L-2449 Luxembourg (email: impressum[at]paypal.com) as a payment processor on the website is done in order to offer an efficient and secure online payment processing. During the payment process, data necessary for the payment process is forwarded to PayPal and stored. PayPal is not a processor in the sense of Art. 4 No. 8 DSGVO. The conclusion of a processing order is therefore not necessary.

PayPal has implemented compliance measures for international data transfers and implemented worldwide for all activities where PayPal processes personal data of individuals in the EU. The measures are based on the EU Standard Contractual Clauses (SCCs).Data processing at recipients located in third countries (outside the EU, Iceland, Norway, Liechtenstein, in particular in the USA) or data transfer to these countries is done on the basis of the so-called standard contractual clauses Art. 46 para. 2 and 3 DSGVO.

Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data comply with European data protection standards even if they are transferred to third countries and stored there.

The relevant decision and standard clauses can be found here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de.

Information on the standard contractual clauses and on data processing when carrying out payment processing: https://www.paypal.com/webapps/mpp/ua/privacy-full.

PayPal (Europe) S.à r.l. et Cie, S.C.A. is listed as a bank throughout the EU. The supervisory authority is the Luxembourg banking supervisory authority CSSF (Commission de Surveillance du Secteur Financier).

Categories

In the conclusion and fulfillment of the contract, the following data (Art. 6 para. 1 lit b. DSGVO) will be forwarded to PayPal:

.name of the card provider
.email address
.customer number
.order number
.bank details
.credit card details
.credit card expiration date
.credit card verification number (CVC)
.date and time of transaction
.transaction amount
.name of the provider
.place

may be required to forward additional data for credit assessment purposes.

Furthermore, for fraud prevention, financial reporting and to be able to fully offer its own services, PayPal may collect location data in addition to technical data of your device.

The processing of the provided data under this section is not required by law or contract. Without the transmission of your personal data, a payment via PayPal cannot be carried out. It is possible for you to arrange another payment method. To do so, please send an email to: info[at]byteducate.com. PayPal carries out a credit check for various services, such as payment by direct debit, to ensure your willingness and ability to pay. This corresponds to the legitimate interest of PayPal (according to Art. 6 para. 1 lit. f DSGVO) and serves the execution of the contract (according to Art. 6 para. 1 lit. b DSGVO). For this purpose, your data (name, address and date of birth, bank account details) will be passed on to credit agencies. The provider has no influence on this process and only receives the result of whether the payment was made or rejected or a check is pending.

For more information on objection and removal options vis-à-vis PayPal, please visit: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Legal Basis

PayPal is used in accordance with Art. 6 (1) lit. f DSGVO on the basis of legitimate interest in being able to offer a secure and efficient payment method.

Storage

As far as necessary, data is stored for the duration of the business relationship. Personal data is generally stored for the duration of the service provision. That is until terminating the cooperation with PayPal. However, in order to be able to fulfill legal and official obligations, it may come to a storage beyond the duration of the service provision. As a globally active company, it can also come to a storage in several countries on the part of PayPal. Thus, the storage of data outside the country of the payment provider may also occur.

3rd Country Transfer

When using PayPal as a payment processor, storage and processing outside the EU may also occur. Most third countries are considered unsafe under current European data protection law. Data may not simply be transferred to, stored in, and processed in third countries unless there are suitable safeguards (such as EU standard clauses) between the contracting parties.

You can delete, deactivate or manage cookies used for the functions in the browser.

Right of Revocation

According to Art. 7 DSGVO, you are entitled to revoke the consent to use your personal data at any time. A revocation is only valid for the future. Please note that the legal requirements for compliance with the retention period must be complied with.

Should the processing be carried out in accordance with Art. 6 (1) lit. f DSGVO to protect legitimate interests, you have the right to object to the processing at any time in accordance with Art. 21 DSGVO for reasons arising from your particular situation.

Your personal data will then no longer be processed. If compelling legitimate grounds for processing can be demonstrated, processing will continue. These must override your interests, rights and freedoms, or the processing must serve as the assertion, exercise or defense of legal claims.

Content Delivery Through pCloud

pCloud is a file hosting service for private users and companies founded in Switzerland in 2013. The data is stored either in a data center in the European Union or in the United States.

The full company name is pCloud International AG 74 Zugerstraße, 6340 Baar, Switzerland.

As a Swiss company, pCloud is subject to the Swiss Data Protection Act. pCloud complies with all requirements of the European General Data Protection Regulation (EU-DSGVO). The data center providers are SSAE 18 SOC 2 Type II & SSAE 16 SOC 2 Type II certified and meet the highest level of physical and technical security applications.

All files are protected on the server side by high level bit-256 AES encryption and a series of firewalls. TLS/SSL encryption is used when transferring files to and from the servers.

pCloud is used in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of legitimate interest in being able to offer complete contract performance.

Further information can be found in the data protection notice on the operator’s page: https://www.pcloud.com/de/privacy_policy.html.

Online Presence on Social Media

Note: As a precautionary measure, please note that the use of social media platforms and their functions is your own responsibility. As a rule, social networks analyze user behavior comprehensively. By visiting the social media presences, numerous processing operations relevant to data protection are triggered.

For the information services offered, in this sense, social media, the controller makes use of the technical platforms:

YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland).
Facebook (Facebook Ireland Ltd. (Meta Platforms), 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland)
Instagram (Instagram (Meta Platforms), 1 Hacker Way, Menlo Park, USA)

The use of the pages and their functionalities is at your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).

When visiting a social media page, among other things, your IP address and other information that is present in the form of cookies on your computer. This information is used to provide the operators with statistical information.

The operators provide more detailed information under the following links:

YouTube: https://support.google.com/youtube/topic/9257532?hl=de&ref_topic=9257610
Facebook: http://de-de.facebook.com/help/pages/insights
Instagram: https://www.facebook.com/help/instagram/788388387972460?helpref=faq_content

The data collected about you in this context is processed by the companies and, where applicable, transferred to countries outside the European Union. What information the respective social media platform provider receives and how it is used is described by the companies in general terms in their data usage policies. There you will also find information about contact options and setting options for advertisements. The data usage policies are available at the following links:

YouTube: https://www.youtube.com/static?gl=DE&template=terms&hl=de
Facebook: https://de-de.facebook.com/terms
Instagram: https://help.instagram.com/581066165581870/?helpref=uf_share

The full data policy is available at the following links:

YouTube (Google): https://policies.google.com/privacy?hl=de
Facebook: https://de-de.facebook.com/policy.php
Instagram: https://help.instagram.com/519522125107875/?helpref=uf_share

The way in which YouTube, Facebook and Instagram use data for their own purpose. The extent to which activities on the page are assigned to individual users, how long this data is stored and whether data from a visit is passed on to third parties is not conclusively and clearly stated by the operators and is not known to the provider of the website.

When accessing a social media page, the IP address assigned to your terminal device is transmitted to the operator. According to information provided by the operators, this IP address is anonymized. The operators also store information about the end devices of its users (e.g. as part of the login notification function). If necessary, this makes it possible to assign IP addresses to individual users.

If you are logged in as a user on YouTube, Facebook or Instagram, a cookie with your respective identifier is located on your end device. This enables the operators to track which pages you have visited and how you have used them.

Via buttons embedded in websites, it is possible for the operator to record your visits to these pages and assign them to your profile.

Based on this data, content or advertising can be offered tailored to you.

If you want to avoid this, you should log out of the operator or deactivate the “stay logged in” function, delete the cookies present on your device and exit and restart your browser. In this way, information through which you can be directly identified will be deleted. This will allow you to use the website without revealing your identifier. When you access interactive features on the website, a login screen will appear. After logging in, you will again be identifiable as a specific user.

Categories / 3rd Country Transfer

Information on this can be found under the following details of the respective provider.

Instagram
Data Policy: https://help.instagram.com/519522125107875/?helpref=uf_share
Terms of Use: https://help.instagram.com/581066165581870/?helpref=uf_share

Facebook
Data Policy: https://de-de.facebook.com/full_data_use_policy
Terms of Use: https://de-de.facebook.com/legal/terms?ref=pf

YouTube
Privacy Policy: https://policies.google.com/privacy?hl=de
Terms of Use: https://www.youtube.com/t/terms

Discord as Server

Purpose

Discord is used to conduct conference calls and ensures the community server (chat room). Discord is an online service for instant messaging, chat, voice and video conferencing.

Data

During the use of Discord, a wide variety of content is processed. Sharing content should always be done with caution. Before use, you must register. Without registration, use is excluded.

Beyond that, the use does not require any further data. Within the scope of the contract fulfillment, the customer is basically free to actively participate. Participation is voluntary.

Discord takes the following data protection relevant measures to protect user data:

.Encryption: Discord describes in the privacy policy that all texts, images and videos are sent encrypted.
.Transport Layer Security is used for encryption.

Scope

Discord is used to provide the community server (chat room) and to conduct conference calls.

Discord is based in the United States. Data is also stored on servers outside the United States. When data is transferred outside the EEA, standard contractual clauses, supported by adequacy decisions of the European Commission for certain countries, or other legally compliant mechanisms or conditions are applied.

You may contact Discord’s privacy officer at: dpo@discord.com.

Conference calls are recorded. When actively participating (spoken word), you consent to a publication of the recordings. The recordings are to be published as educational content. Please do not actively participate if you do not agree with this.

Legal Basis

The use of Discord to provide a community server is based on Art. 6 para. 1 lit. b DSGVO.

Questions & Concerns

If you have any questions regarding data protection, you can contact Discord at any time using the email address provided: privacy@discord.com.

Further Information

Discord provides further information on data protection: https://discord.com/privacy.

Google Meet

Purpose

Google Meet is used to conduct online seminars. Google Meet is a video conferencing and instant messaging service provided by the US company Google. The full company description is Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google headquarters, Gordon House, Barrow Street, Dublin 4, Ireland.

Data

A wide variety of content is processed while using Google Meet. Sharing content should always be done with caution. No user account is required for use.

Beyond that, the use does not require any further data. Within the framework of the fulfillment of the contract, active participation is voluntary.

To ensure the security and privacy of data, Google Meet supports the following cloud encryption measures for video conferencing: By default, meeting data is encrypted in transit between the client and Google’s data centers. This applies to all meetings that take place on Google Meet. Video conferences are encrypted according to the following standards: IETF (Internet Engineering Task Force) security standards for DTLS (Datagram Transport Layer Security) & SRTP (Secure Real-Time Transport Protocol).

Scope

Google Meet is used to conduct online seminars. Google Meet is based in the United States. Data is also stored on servers outside the United States. When transferring data outside the EEA, standard contractual clauses, supported by adequacy decisions of the European Commission for certain countries or other legally compliant mechanisms or conditions for such data transfer are applied.

Online seminars are recorded. When actively participating (spoken word), you consent to a publication of the recordings. The recordings are to be published as educational content. Please do not actively participate if you do not agree to this. Unless expressively agreed, participants are not be seen on published video recordings under any circumstances.

Legal Basis

The use of Google Meet as a provider for online seminars is based on Art. 6 para. 1 lit. b DSGVO.

Questions & Concerns

If you have any questions about data protection, you can contact Google Meet at any time using the email address provided: support-in@google.com.

More information from Google: https://policies.google.com/privacy?hl=de.

Transmission

The provider expressively asks users to refrain from transmitting sensitive data in the sense of DSGVO Art. 9 at any time.

Changes

Changes to the data protection notice may occur at any time.