Thank you for your interest in our company. Data protection has a high priority for GetHalal UG (limited liability), entered in the commercial register of the district court of Berlin Charlottenburg under HRB 235174 B and business address at Vulkanstraße 12A in 10367 Berlin (hereinafter ” GetHalal ” or ” We ” or ” Us “), that is why it is the use of our website (https://www.dethalal.de) is basically possible without any indication of personal data. If the processing of personal data is necessary to provide a functional website and the platform as well as our content, services and any of our services (hereinafter ” Services “), the processing takes place regularly only after obtaining the consent of the user and customer or on the basis of the corresponding contract. An exception applies in such cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by statutory provisions.
SCOPE AND RESPONSIBLE
This data protection declaration informs the users of our services about the type, scope and purpose of the collection and use of personal data.
The person responsible within the meaning of the European General Data Protection Regulation (hereinafter “ GDPR ”), other data protection laws applicable in the member states of the European Union and other provisions of a data protection nature is:
GetHalal UG (limited liability)
Vulkanstraße 12A in 10367 Berlin
Telephone: +49 ( 172) 9294325
DATA PRIVACY OFFICER
You can reach our data protection officer as follows:
GENERAL INFORMATION ABOUT DATA PROCESSING Personal Data
Personal data is all information that relates to an identified or identifiable person (hereinafter “data subject “). A person is considered to be identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier or to one or more special features that express the physical, physiological, genetic, psychological, economic , cultural or social identity of that person can be identified.
Processing is any process carried out with or without the help of automated procedures, such as in particular collecting, recording, organizing, arranging, storing, adapting or changing, reading out, querying, disseminating or any other form of provision, comparison or the linking or deletion of personal data.
Scope of processing of personal data
we only collect and use your personal data to the extent that this is necessary to provide a functional website, our content and services and to process orders. The collection and use of your personal data takes place regularly only with your consent. An exception applies in such cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by statutory provisions.
Legal bases for the processing of personal data
Insofar as we have to obtain the consent of the person concerned for the processing of personal data, Art. 6 Para. 1 lit. a DS-GVO as the legal basis for the processing of personal data.
When processing personal data that is required to fulfill a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is necessary to fulfill a legal obligation to which we are subject, Art. 6 Para. 1 lit. c GDPR as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 lit. d DS-GVO as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Para. 1 lit. f DS-GVO as the legal basis for processing.
DESCRIPTION AND SCOPE OF THE INDIVIDUAL PROCESSING Server log data
Every time our website, one of its subpages or other services is called up, an automated system records a series of general data and information in so-called server log data, which the mobile application or the operating system automatically transmits to us.
- The end device used (computer, smartphone, tablet, etc.);
- The user’s operating system;
- host name of the accessing computer;
- date and time of the call;
- IP address of the user;
- URL via the so -called referrer ;
- The amount of data transferred and whether the access/retrieval was successful;
- similar data and information that serves to avert danger in the event of attacks on our information technology systems.
The legal basis for the temporary storage of the so-called server log data is Art. 6 Para. 1 lit. f GDPR.
Purpose of processing 0
When using these general data and information , GetHalal does not draw any conclusions about the data subject. Rather, this information is required to determine the attractiveness of our offers and, if necessary, to improve their performance or content and make them even more interesting for you. This anonymously collected data and information is therefore evaluated by GetHalal statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. This data is not merged with other data sources. There is no way for GetHalal to link the IP address to any personal data that may exist.
Subscription to our newsletter
Which personal data is transmitted to us when ordering the newsletter results from the input mask used for this purpose. GetHalal informs you about trends at regular intervals by means of a newsletter.
You can only receive the newsletter if (a) you have a valid e-mail address and (b) you register to receive the newsletter . For legal reasons, a confirmation e-mail will be sent to the e-mail address you entered for the first time for the newsletter dispatch using the double opt -in procedure. This confirmation e-mail is used to check whether the owner of the e-mail address has authorized receipt of the newsletter.
When registering for the newsletter, we also store the IP address assigned by the Internet Service Provider (ISP) of the computer system used by the person concerned at the time of registration, as well as the date and time of registration.
We have integrated a newsletter with Mailchimp components into our services. The newsletter is sent using “Mailchimp”, a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
The legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR. The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 Para. 1 lit. f GDPR.
purpose of processing
The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a person concerned at a later point in time and therefore serves to provide legal protection for the person responsible for processing. The personal data collected as part of registering for the newsletter will only be used to send our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or for registration, as could be the case in the event of changes to the newsletter offer or changes in the technical conditions. The personal data collected as part of the newsletter service will not be passed on to third parties.
Possibility of revocation and elimination
The subscription to our newsletter can be canceled by the data subject at any time. The consent to the storage of personal data that the person concerned has given us for sending the newsletter can be revoked at any time. An informal message by e-mail to us is sufficient. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
For quick electronic contact and direct communication with GetHalal , you have the option of contacting us via our e-mail address or the contact form on our website.
Of course, we will only use the personal data transmitted to us in this way for the purpose for which you made it available to us when contacting us. This personal data will not be passed on to third parties without your consent.
The processing of the data entered in the contact form (name, e-mail address, etc.) is therefore based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR. You can revoke this consent at any time. An informal message by e-mail to us is sufficient. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation. The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
Registration and Orders
purpose of processing
Legal basis of processing
execution of the contractual relationship
Art. 6 para. 1 lit. b GDPR
execution of the contractual relationship
Art. 6 para. 1 lit. b GDPR
communication and identification
Art. 6 (1) lit. a GDPR
Communication and Identification and Delivery
execution of the contractual relationship
Art. 6 para. 1 lit. b GDPR
communication and identification
Execution of the User Agreement
Art. 6 para. 1 lit. b GDPR
Password ( Hashed )
Identification of the customer account
Execution of the User Agreement
Art. 6 para. 1 lit. b GDPR
Data transfer when registering to the web server
Execution of the User Agreement
Art. 6 para. 1 lit. b GDPR
ELECTRONIC PAYMENT PROCESS
Payment processing, including checking for possible fraud, is carried out by the following certified external payment service provider.
We have integrated PayPal components into our services. PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which represent virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no classic account number. PayPal makes it possible to trigger online payments to third parties or to receive payments. PayPal also assumes trustee functions and offers buyer protection services.
PayPal’s European operating company is PayPal ( Europe) S.à.rl. & Cie. SCA, 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If the data subject selects “PayPal” as the payment option during the ordering process in our online shop, the data of the data subject is automatically transmitted to PayPal. By selecting this payment option, the data subject agrees to the transfer of personal data required for payment processing.
The personal data transmitted to PayPal is usually first name , last name, address, email address, IP address, telephone number, mobile phone number or other data that is necessary for payment processing. Personal data related to the respective order are also required to process the purchase contract.
The transmission of the data is intended for payment processing and fraud prevention. The person responsible for processing will transmit personal data to PayPal in particular if there is a legitimate interest in the transmission. The personal data exchanged between PayPal and the person responsible for processing may be transmitted by PayPal to credit agencies. The purpose of this transmission is to check identity and creditworthiness. PayPal may pass on the personal data to affiliated companies and service providers or subcontractors insofar as this is necessary to fulfill the contractual obligations or the data is to be processed in the order.
The data subject has the option of withdrawing their consent to the handling of personal data from PayPal at any time. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing. PayPal’s applicable data protection regulations can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full .
Stripe components for our services as a payment method . Stripe is an online payment service provider. Payment is made via the payment service provider Stripe Payments Europe Ltd, Block 4, Harcourt Center , Harcourt Road, Dublin 2, Ireland , to which we send the information you provided during the ordering process together with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) – pass them on. Your data will only be passed on for the purpose of payment processing with the payment service provider Stripe Payments Europe Ltd. You can find more information about Stripe ‘s data protection at https://stripe.com/de/terms .
We offer you the option of using your Visa/ Mastercard (credit card or prepaid card) also in digital form in accordance with the card terms and conditions already agreed with you for the type of card and the supplementary instructions for use with Apple Pay. You can pay with Apple in online stores or on mobile for in-app purchases. Responsible for
The legal basis for the processing of personal data mentioned under 2. a), b), d) and e) is Art. 6 Para. 1 S. 1 lit. b) GDPR (performance of contract and pre-contractual measures). The legal basis for the processing of personal data mentioned under 2. c) is Art. 6 Para. 1 S. 1 lit. f) GDPR
We have integrated Google Pay as a payment method for our services. Google Pay is a product offered to Google Account holders. The data protection declaration provided by Google and the data protection information for Google Payments apply to the use of Google Pay.
Responsible in terms of data protection with regard to data processing within Google Pay is solely Google LLC based in California, USA (hereinafter “Google”). With your consent to the transmission of personal data to Google and the registration for Google Pay, you give us the order to process the personal data required to provide the service, in particular the digital/virtual card data (token), the sales and sales inquiries collect and store for the period of service provision. Furthermore, you agree to pass on your personal data to Google for the purpose of registration. The data passed on can be stored, evaluated or otherwise processed by Google, which is beyond GetHalal ‘s sphere of influence .
So that we can enable the use of Google Pay via the Google Pay app (service provision), it is necessary to exchange personal data with Google and the network set up for credit card payments. We process personal data for the purpose of performing the service provision. Relevant personal data are, for example, card, device, authentication and transaction data (in particular the total of the transactions, the transaction ID, the transaction type, the transaction category and the status of the authorization) as well as information on the security of payment transactions. When registering for Google Pay, the encrypted card number, the card expiry date, the registration date and the registration time with which the registration was made are saved.
The processing of personal data (Art. 4 No. 2 GDPR) takes place for the purpose of using Google Pay.
We have integrated components from Klarna into our services. Klarna is an online payment service provider that allows both purchase on account and otherwise flexible installment payments. Klarna also offers a number of other services, such as buyer protection or an identity and credit check. Klarna’s operating company is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden.
If the data subject chooses “purchase on account” or “installment purchase” as the payment option when ordering in our online shop, the data of the data subject is automatically transmitted to Klarna. By selecting one of these payment options, the person concerned agrees to the transfer of personal data required for processing the invoice or installment purchase or for identity and creditworthiness checks. The personal data transmitted to Klarna is regularly the first name , surname, address, date of birth, gender, email address, IP address, telephone number, mobile phone number and other data required to process an invoice or installment purchase. Personal data related to the respective order are also required to process the purchase contract. The purpose of transmitting the data is an identity check, as well as payment administration and fraud prevention. For its part, Klarna passes on personal data to affiliated companies (the so-called Klarna Group) and service providers or subcontractors, insofar as this is necessary to fulfill contractual obligations or the data is to be processed on behalf of the customer. To decide on the establishment, implementation or termination of a contractual relationship, Klarna collects and uses data and information about the previous payment behavior of the person concerned.
The data subject has the option of revoking their consent to the handling of personal data from Klarna at any time. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing. Further information on Klarna’s data protection regulations can be found at: https://cdn.klarna.com/1.0/shared/content/policy/data/de_de/data_protection.pdf .
ROUTINE DELETION AND STORAGE OF PERSONAL DATA
The data processed by us will be deleted or their processing restricted in accordance with Art. 17 and 18 DS-GVO. We process and store personal data only for the period necessary to achieve the purpose of storage. We measure the storage period for the data based on the specific purposes for which we use the data. In addition, we are subject to statutory storage and documentation obligations. This applies, for example, to data for commercial or tax reasons, in particular from the Commercial Code (HGB), the Tax Code (AO). Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, are generally three years (from the end of the calendar year) according to Sections 195 et seq. of the German Civil Code (BGB).
If the purpose of storage no longer applies or if a storage period prescribed by the European directive and regulation authority or another responsible legislator expires, the personal data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions.
To protect the transmission of confidential content that you send to GetHalal via the website or the mobile application, the website uses secure SSL or TLS encryption. This means that data that you transmit via the website cannot be read by third parties. You can recognize an encrypted connection by the “https://” address line of your browser and by the lock symbol in the browser line.
As part of the hosting, all the data required to operate the website is stored. We process the data based on our legitimate interests in accordance with Art. 6 Para. 1 lit. f GDPR. To provide the website, we use the services of web hosting providers to whom we transmit the above data.
DATA TRANSFER TO THIRD PARTIES
Your personal data will not be transmitted to third parties for purposes other than those listed below. We only pass on your personal data to third parties if and to the extent that (a) you have given your express consent in accordance with Art. 6 Para . 1 S. 1 lit. a DS-GVO, (b) the transfer according to Art. 6 Para. 1 S. 1lit. f DS-GVO is required to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data, (c) for disclosure in accordance with Art. 6 Para. 1 S. 1lit . c DS-GVO there is a legal obligation or (d) this is legally permissible and necessary for the processing of contractual relationships with you.
When we share your personal data in accordance with this privacy notice, this may involve the transfer of your personal data to countries outside the European Union. With such a data transmission, the high European level of data protection does not exist. In the case of transmission, it may be that there is currently no adequacy decision by the EU Commission within the meaning of Art. 45 Para. 1, 3 DS-GVO. This means that the EU Commission has not yet positively determined that the country-specific level of data protection corresponds to the level of data protection in the European Union based on the GDPR, which is why we have created the following suitable guarantees and ensure that an adequate level of protection is guaranteed :
Transfer of personal data to countries which, in the opinion of the European Commission, offer an adequate level of protection for personal data (so-called “adequacy decision”); Use of special contracts approved by the European Commission, which ensure personal data has the same protection as it enjoys in the EU; Transfer of personal data to an entity that has implemented binding internal data protection rules equivalent to the EU level of protection for personal data.
In particular, our employees and partners outside the European Union are therefore obliged by us to maintain confidentiality and to comply with data protection regulations.
INTERFACES FOR SERVICE PROVIDERS
Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. Pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that Google will shorten the IP address of users in member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. The IP address transmitted by the user’s browser will not be merged with other Google data. Users can prevent the storage of cookies by adjusting the settings in their browser software accordingly.
The legal basis for the use of Google Analytics is Section 15 (3) TMG and Article 6 (1 ) lit. f GDPR. Users can also prevent the data generated by the cookie and related to their use of the website (including their IP address) being sent to Google and the processing of this data by Google by downloading and installing the browser add-on. Opt -out cookies prevent future collection of your data when you visit this website. Google is part of the EU-US Privacy Shield Agreement and thus guarantees compliance with European data protection laws. The personal data of the users will be deleted or made anonymous after 14 months.
You can find more information on data use by Google, setting and objection options in Google’s data protection declaration (https://policies.google.com/privacy) and in the settings for the display of advertisements by Google (https://adssettings. google.com/authenticated).
If you no longer wish to be recorded by Google Analytics in the future, you can send an email to email@example.com at any time .
COOKIES AND PIXELS
We use so-called cookies on our website. Cookies are text files that are stored and stored on a device via an Internet browser.
This enables the websites and servers visited to distinguish the individual browser of the person concerned from other Internet browsers. A specific internet browser can be recognized and identified via the unique cookie ID.
By using cookies, GETHALAL can provide the users of these services with more user-friendly services that would not be possible without the cookie setting.
The person concerned can prevent us from setting cookies at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our services may be fully usable.
We have integrated components from the company Facebook into our services. Facebook’s operating company is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a person concerned lives outside the USA or Canada, the person responsible for processing personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Each time one of the individual pages of these services is called up, which is operated by the person responsible for processing and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the information technology system of the person concerned is automatically activated by the respective Facebook component causes a representation of the corresponding Facebook component to be downloaded from Facebook. You can find an overview of all Facebook plug-ins at: https://developers.facebook.com/docs/plugins/?locale=de_DE .
As part of this technical process, Facebook is informed which specific subpage of our services is visited by the person concerned. If the person concerned is logged in to Facebook at the same time, Facebook recognizes which specific subpage of our app the person concerned is visiting each time the person concerned calls up our app and for the entire duration of their stay on our app. This information is collected by the Facebook component and assigned to the respective Facebook account of the person concerned by Facebook. If the person concerned clicks on one of the Facebook buttons integrated into our app, for example the “Like” button, or if the person concerned makes a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and stores this personal data . Facebook always receives information via the Facebook component that the person concerned has used our services if the person concerned is logged in to Facebook at the same time as accessing our services; this takes place regardless of whether the person concerned clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook in this way, they can prevent the transmission by logging out of their Facebook account before accessing our services. The data policy published by Facebook, which can be accessed at https://de-de.facebook.com/about/privacy/ , provides information about the collection, processing and use of personal data by Facebook. It is also explained there which setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the person concerned to suppress data transmission to Facebook.
right to confirmation
Every data subject has the right, granted by the European directive and regulation giver, to request confirmation from the person responsible for processing as to whether personal data relating to them are being processed. If a data subject wishes to exercise this right to confirmation, they can contact an employee of the data controller at any time.
right to information
Every person affected by the processing of personal data has the right, granted by the European directive and regulation giver, to receive free information about the personal data stored about him and a copy of this information from the person responsible for processing at any time. Furthermore, the European legislator for directives and regulations has granted the data subject access to the following information:
- the processing purposes
- the categories of personal data being processed
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
- if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria used to determine that duration
- the existence of a right to correction or deletion of the personal data concerning you or to restriction of processing by the person responsible or a right to object to this processing
- the existence of a right of appeal to a supervisory authority
- if the personal data is not collected from the data subject: all available information about the origin of the data
- the existence of automated decision-making including profiling in accordance with Article 22 (1) and (4) GDPR and – at least in these cases – meaningful information about the logic involved and the scope and intended effects of such processing for the data subject
Furthermore, the data subject has a right to information as to whether personal data has been transmitted to a third country or to an international organization. If this is the case, the person concerned has the right to receive information about the appropriate guarantees in connection with the transmission.
If a data subject wishes to exercise this right to information, they can contact an employee of the data controller at any time.
Right to Rectification
Every person affected by the processing of personal data has the right granted by the European directive and regulation giver to demand the immediate correction of incorrect personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data – also by means of a supplementary declaration.
If a data subject wishes to exercise this right to rectification, they can contact an employee of the data controller at any time.
Right to erasure (right to be forgotten)
Any person affected by the processing of personal data has the right, granted by the European legislator of directives and regulations, to demand that the person responsible delete the personal data concerning them immediately if one of the following reasons applies and if the processing is not necessary:
- The personal data were collected for such purposes or otherwise processed for which they are no longer necessary.
- The data subject revokes their consent to which the processing is based pursuant to Art. 6 Para. 1 lit. a DS-GVO or Art. 9 Para. 2 lit. a DS-GVO and there is no other legal basis for the processing.
- The data subject objects to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate reasons for the processing, or the data subject objects to the processing pursuant to Article 21 (2) GDPR processing on.
- The personal data have been unlawfully processed.
- Erasure of the personal data is necessary to fulfill a legal obligation in Union or Member State law to which the controller is subject.
- The personal data was collected in relation to information society services offered in accordance with Art. 8 Para. 1 DS-GVO.
If one of the above reasons applies and a data subject wishes to have personal data stored at GetHalal deleted , they can contact an employee of the data controller at any time. The GetHalal employee will ensure that the request for deletion is complied with immediately.
GetHalal has made the personal data public and our company, as the person responsible, is obliged to delete the personal data in accordance with Art. 17 Para. 1 DS-GVO, GetHalal will take appropriate measures, including technical ones, taking into account the available technology and the implementation costs to inform other persons responsible for data processing who process the published personal data that the person concerned has requested the deletion of all links to this personal data or copies or replications of this personal data from these other persons responsible for data processing, insofar as the processing is not required. The employee of GetHalal will arrange the necessary in individual cases.
Right to restriction of processing
Any person affected by the processing of personal data has the right, granted by the European directive and regulation giver, to demand that the person responsible restrict the processing if one of the following conditions is met:
- The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.
- The processing is unlawful, the data subject refuses the deletion of the personal data and instead requests the restriction of the use of the personal data.
- The person responsible no longer needs the personal data for the purposes of processing, but the data subject needs them to assert, exercise or defend legal claims.
- The data subject has lodged an objection to the processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored at GetHalal , they can contact an employee of the data controller at any time . The employee will arrange for the restriction of processing.
Right to data portability
Every person affected by the processing of personal data has the right, granted by the European directive and regulation giver, to receive the personal data relating to them, which the person concerned has provided to a person responsible, in a structured, common and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance by the person responsible to whom the personal data was provided, provided that the processing is based on the consent in accordance with Art. 6 Para. 1 lit. a DS-GVO or Art. 9 Para. 2 lit. a DS-GVO or on a contract according to Art. 6 Para. 1 lit. b DS-GVO and the processing is carried out using automated procedures, unless the processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible.
Furthermore, when exercising their right to data portability in accordance with Art. 20 Para the rights and freedoms of other persons are not impaired by this.
In order to assert the right to data transferability, the person concerned can contact an employee of GetHalal at any time .
right to object
Every person affected by the processing of personal data has the right granted by the European directive and regulation giver, for reasons that arise from their particular situation, at any time against the processing of personal data concerning them, which is based on Art. 6 Para. 1 lt. e or f DS-GVO to file an objection. This also applies to profiling based on these provisions .
We no longer process the personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims .
If GetHalal processes personal data in order to operate direct advertising, the person concerned has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling insofar as it is associated with such direct advertising. If the data subject objects to GetHalal to the processing for direct marketing purposes, GetHalal will no longer process the personal data for these purposes.
In addition, the data subject has the right, for reasons arising from their particular situation, against the processing of personal data relating to them, which is carried out at GetHalal for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Para. 1 DS-GVO to object, unless such processing is necessary to fulfill a task in the public interest.
In order to exercise the right to object, the data subject can contact any GetHalal employee directly . The data subject is also free, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise their right to object by automated means using technical specifications.
Right of appeal to the competent supervisory authority
In the event of violations of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which the company is based, in our case Berlin. Please address possible complaints in data protection matters to the state commissioner for data protection.
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219 10969 Berlin
Phone: 030 13889-0 Fax
: 030 2155050
LINKS TO OTHER WEBSITES
Our website may contain links to websites of other providers. We would like to point out that this data protection declaration applies exclusively to the GetHalal website . We have no influence and do not check that other providers comply with the applicable data protection regulations.
We reserve the right to change or adapt this data protection declaration at any time in compliance with the applicable data protection regulations.