• Kostenlose Kursberatung:
  • Schreib uns!
  • +49 89 20 00 350 – 31
  • The cart is empty
  • The cart is empty

Data Privacy Policy

1 OVERVIEW

The provisions of the EU General Data Protection Regulation (hereinafter: GDPR) apply throughout Europe. Please read our privacy policy carefully.

The following data protection information informs you about the type and scope of the processing of so-called personal data by ISM Academy GmbH (hereinafter: ISM Academy). Which data is processed in detail and how it is used depends largely on the services requested or agreed by you. Therefore, not all parts of this information will apply to you. Personal data is information that is or can be directly or indirectly assigned to your person.

Data processing by the ISM Academy can essentially be divided into two categories:

For the purpose of contract processing, all data required for the execution of a contract with ISM Academy is processed. If external service providers are also involved in the execution of the contract, e.g. transport companies, your data will be passed on to them to the extent necessary.

When you access the ISM Academy website/application, various information is exchanged between your end device and our server. This may also involve personal data. The information collected in this way is used, among other things, to optimize our website or to display advertising in the browser of your device.

The requirements of the GDPR

Die Websiten werden auf externen Servern innerhalb Europas gehostet und unterliegen somit den in Europa geltenden Sicherheitsbestimmungen, Rechtsgrundlage hierfür sind Vereinbarungen über Auftragsverarbeitung nach Art. 28 EU-DSGVO.

Sollten Sie Fragen zu unseren Datenschutzhinweisen haben, können Sie sich jederzeit unter This email address is being protected from spambots. You need JavaScript enabled to view it. an uns wenden.

 

2. CONTACT DETAILS AND RIGHT TO INFORMATION

This privacy policy applies to data processing by ISM Academy GmbH, Otto-Hahn-Straße 19, 44227 Dortmund, Germany, and to the following websites and applications: ism-academy.de.

You have a right to free information about the data we have stored about you and, if necessary, a right to correct, block or delete this data. If you have any questions regarding the collection, processing or use of your personal data, for information, correction, blocking or deletion of data as well as revocation of consents granted or objection to a specific use of data, please contact us directly: This email address is being protected from spambots. You need JavaScript enabled to view it.

We have appointed Mr. Marc Althaus as our external company data protection officer, who works continuously to ensure compliance with data protection regulations and carries out regular checks. You can find the contact details here:

Contact form:

https://www.dsextern.de/anfragen

DS EXTERN GmbH

Dipl.-Kfm. Marc Althaus

Frapanweg 22

22589 Hamburg (Germany)

3 PURPOSE OF DATA COLLECTION, LEGAL BASIS, INTERESTS AND CATEGORY OF RECIPIENTS

3.1 Accessing our website/application

When you access our website/application, the browser used on your device automatically sends information to the server of our website/application and stores it temporarily in a log file. We have no influence on this. The following information is also collected without any action on your part and stored until it is automatically deleted after seven days

IP address of the requesting internet-enabled device,

Date and time of access,

Name and URL of the accessed file,

Website/application from which the access was made (referrer URL),

Browser used and, if applicable, the operating system of your internet-enabled computer

Name of your access provider

Language, country, city

Screen resolution

Demographic characteristics: Age, gender

Search term

The legal basis is Article 6(1)(f) GDPR. Our legitimate interest follows from the purposes of data collection listed below. Please note that we cannot draw any conclusions about your identity from the data collected and that we do not do so.

We use the IP address of your end device and the other data listed above for the following purposes

Ensuring a smooth connection setup,

Ensuring convenient use of our website

To ensure convenient use of our website/application,

Evaluation of system security and stability and
other administrative purposes

We also use cookies, tracking tools and targeting procedures for our website/application. The exact procedures involved and how your data is used for this purpose are explained in more detail below in section 3.3.4.
If you have consented to geolocalization in your browser, operating system or other settings on your device, we do not use this function. However, you may receive individual services based on your current location from the search engines you use or other online service providers.

3.2 Conclusion, execution or termination of a contract
3.2.1 Data processing upon conclusion of a contract

The object of ISM Academy's activities is the provision of services and the distance selling of goods, the retail trade within the scope of the permits granted by the authorities and the series production of the goods to be offered. In this context, we process the data required for the conclusion, execution or termination of a contract. This includes

Surname/birth name

first name

Place of birth
Country of birth
Date of birth

sex

Nationality

Address(es)

E-mail address(es)
Date of entry

Billing and payment details

Telephone number(s)

Booked courses

Exam results


If available, other supplementary documents relating to the booking

The legal basis for this is Article 6(1)(b) GDPR. Insofar as we do not use your contact data for advertising purposes (see 3.3. below), we store the data collected for the execution of the contract until the expiry of the statutory or possible contractual warranty and guarantee rights. After this period has expired, we retain the information required under commercial and tax law relating to the contractual relationship for the periods specified by law. For this period (regularly ten years from the conclusion of the contract), the data is processed again solely in the event of a review by the tax authorities.

 

3.2.2 Identity, creditworthiness and transmission to credit agencies and debt collection agencies

If necessary, we may verify your identity using information from service providers. The legal basis for this is Article 6(1)(b) and (f) GDPR. The authorization for this arises from the protection of your identity and the avoidance of fraud attempts to our detriment. The fact and the result of our request will be stored in your customer account or guest account for the duration of the contractual relationship.

In the course of the ordering process, we also check your creditworthiness in order to be able to show you only the payment methods that can be used by you. For this purpose, we transmit the following types of data to credit agencies cooperating with us: Name, address, date of birth. The legal basis for this is the declaration of consent declared by you below within the meaning of Article 6(1)(a) GDPR:

I hereby consent to the review of my creditworthiness by ISM Academy. I am aware that the check is carried out at the beginning of the order process and that I can revoke my consent at any time.

You can revoke your consent at any time with effect for the future by sending a message to the address given under “Contact”. The revocation of consent does not affect the legality of the personal data processed until the revocation. If you do not wish to give the above consent, please notify us accordingly before you complete your purchase or use the guest order option. In this case, however, we can only offer you payment methods that are not associated with a credit risk for ISM Academy. The circumstance and the result of our request will be stored in your customer account for the duration of the contractual relationship.

If you have already made a purchase with us, the data we have stored about you may be supplemented by so-called score values. Scoring is understood to mean the creation of a forecast of future events on the basis of collected information and experience from the past. The data stored about you is used to assign you to statistical groups of people who have had similar entries in the past. The underlying procedure used is a well-founded mathematical-statistical method for forecasting risk probabilities that has been tried and tested in practice for many years.

In the event of a delay in payment, we transmit the necessary data to a company commissioned to enforce the claim if the other legal requirements are met. The legal bases for this are both Article 6(1)(b) and Article 6(1)(f) GDPR. The assertion of a contractual claim is to be regarded as a legitimate interest within the meaning of the second-mentioned provision. If the other legal requirements are met, we also transmit information about the delay in payment or a possible default to credit agencies cooperating with us. The legal basis for this is Article 6(1)(f) GDPR. The legitimate interest required here arises from our interest and that of third parties in reducing contractual risks for future contracts.

To collect our outstanding receivables, we transfer this function to a debt collection company and in this context pass on the necessary data to the debt collection company commissioned by us. This company first checks the legitimacy of the receivables transferred for collection and then sends a reminder to the defaulting invoice in writing or, if necessary, by telephone. If payment is refused, the collection agency will initiate legal dunning proceedings if necessary. There is also the option of compulsory enforcement and seizure of realizable assets.

3.3 Data processing for advertising purposes

3.3.1 Advertising purposes of the ISM Academy and third parties

If you have concluded a contract with us, we will list you as an existing customer. In this case, we process your contact data in order to send you information about new and similar products and services. From time to time, we will send your postal contact details to carefully selected contractual partners as service providers so that they can inform you about new and similar ISM Academy products.

3.3.2 Interest-based advertising

We categorize and add further information to your customer profile so that you only receive information that is supposedly of interest to you. Both statistical information and information about you personally (e.g. basic data from your customer profile) are used for this purpose. The aim is to send you advertising based solely on your actual or perceived needs and not to bother you with unnecessary advertising.

The legal basis for the aforementioned processing is Article 6(1)(f) GDPR. The processing of existing customer data in this way for our own advertising purposes or for the advertising purposes of third parties is to be regarded as a legitimate interest.

3.3.3 Right to object

You can object to data processing for the aforementioned purposes at any time for the respective communication channel separately and with effect for the future. All you need to do is send an email or a letter by post to the contact details listed under 1.

If you object, the contact address concerned will be blocked for further advertising data processing. We would like to point out that in exceptional cases, advertising material may still be sent even after your objection has been received. This is for technical reasons and does not mean that we will not implement your objection. Thank you for your understanding.

3.3.4 Cookies - general information

We use cookies in our systems on the basis of Article 6(1)(f) GDPR. Our interest in optimizing our website is to be regarded as legitimate within the meaning of the aforementioned provision. Cookies are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware. Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity. The use of cookies serves to make the use of our website more pleasant for you. For the purpose of user-friendliness, we use permanent cookies that are stored on your end device for a period of 30 days. If you visit our site again to use our services, it is automatically recognized that you have already visited us and which entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you and to display information specifically tailored to you. These cookies enable us to automatically recognize that you have already visited our website when you return. These cookies are automatically deleted after a period of 30 days. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website. The storage duration of cookies depends on their purpose and is not the same for all cookies.

3.3.4.1 Cookie consent with Usercentrics

This website uses Usercentrics' cookie consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations.

Operator of Usercentrics:

Usercentrics GmbH

Rosental 4

80331 Munich, Germany

You can find information on data protection at Usercentrics here: https://usercentrics.com/de/datenschutzerklaerung/

When you visit our website, the following personal data is transmitted to Usercentrics:

  • Your consent(s) or the revocation of your consent(s)

  • Information about your browser

  • Information about your end device

Time of your visit to the website

  • Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consents given or their revocation to you. The data collected in this way is stored until you ask us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

Usercentrics is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

3.3.4.2 Preventing the setting of cookies

If you wish to prevent the setting of cookies, you can - in addition to or instead of our cookie consent solution - set cookies on the website in a more general way:

Browser settings

Most browsers are set to accept cookies by default, but you can set your browser to reject cookies or ask for your confirmation beforehand. The help function in the menu bar of most web browsers explains how you can prevent your browser from accepting new cookies, how you can have your browser notify you when you receive new cookies, or how you can delete all cookies you have already received and block the browser from accepting any more.

If you reject cookies, however, this may mean that part of our website (and services of other websites) are not available and therefore some functions cannot be used. Cookies must also generally be activated in order to be able to object to the use of programs/uses (due to the setting of your objection (opt-out cookies).

3.3.5 Google Analytics

For the purpose of needs-based design and continuous optimization, we use Google Analytics, a web analysis service of Google Inc (“Google”), on the basis of Article 6 (1) (f) GDPR. In this context, pseudonymized user profiles are created and cookies are used. The information generated by the cookie about your use of this website, such as

Browser type/version,

operating system used,

Referrer URL (the previously visited page),

Host name of the accessing computer (IP address),

time of the server request,

are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage for the purposes of market research and the needs-based design of this website. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that they cannot be assigned. The retention period for the data sent by you and linked to cookies, user IDs or advertising IDs is 14 months. For each new activity, the period is set to the current duration plus the specified retention period.

Google signals: Cross-device reports only contain summarized data. Data of individual users is not disclosed.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

3.3.5.1 Google Optimize

Our website uses the web analysis and optimization service “Google Optimize”, which is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google Optimize”). We use the Google Optimize service to increase the attractiveness, content and functionality of our website by displaying new functions and content to a percentage of our users and statistically evaluating the change in usage. Google Optimize is a sub-service of Google Analytics (see Google Analytics section).

Google Optimize uses cookies that enable optimization and analysis of your use of our website. The information generated by these cookies about your use of our website is usually transferred to a Google server in the USA and stored there. We use Google Optimize with activated IP anonymization, so that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information to evaluate your use of our website, to compile reports on the optimization test and the associated website activities and to provide us with further services associated with the use of the website and the Internet.

3.3.6 Google Tag Manager

This website uses Google Tag Manager.

Operator of Google Tag Manager:

Google LLC

1600 Amphitheatre Parkway

Mountain View, California 94043 (USA)

This service allows website tags to be managed via an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected.

The Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, it remains in place for all tracking tags, provided that these are implemented with the Google Tag Manager.

3.3.7 Google Enhanced Conversions

On our website, we use a web tracking service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google Enhanced Conversion). ISM collects conversion data with the help of Google Enhanced Conversions. Google Enhanced Conversion Tracking is a function that can increase the accuracy of your conversion measurement. It sends hashed first-party conversion data from our website to Google in a secure manner as part of an addendum to the existing conversion tags. Customer information is not shared with other advertisers. Access controls and encryption are in place to prevent unauthorized access. Customer information is not shared with other advertisers. You can revoke your consent to the collection and storage of data at any time with effect for the future.

 

3.3.8 Targeting

Die im Folgenden aufgeführten und von uns eingesetzten Targeting-Maßnahmen werden auf Grundlage des Artikel 6 Absatz 1 Buchstabe f DSGVO durchgeführt. Über die zum Einsatz kommenden Targeting-Maßnahmen wollen wir sicherstellen, dass Ihnen nur an Ihren tatsächlichen oder vermeintlichen Interessen orientierte Werbung auf Ihren Endgeräten eingeblendet wird. Sie nicht mit für Sie uninteressanten Werbeeinblendungen zu belästigen liegt dabei sowohl in Ihrem als auch in unserem Interesse.

 

3.3.8.1 Onsite-Targeting

Auf unserer Website werden unter Verwendung von Cookies Informationen zur Optimierung von Werbeeinblendungen erfasst und ausgewertet. Diese Informationen enthalten zum Beispiel Angaben dazu, für welche unserer Kurse Sie sich interessiert haben. Die Erfassung und Auswertung erfolgt ausschließlich pseudonym und ermöglicht es uns nicht, Sie zu identifizieren. Insbesondere werden die Informationen nicht mit personenbezogenen Daten zu Ihnen zusammengeführt. Anhand der Informationen können wir Ihnen auf unserer Seite Angebote anzeigen, die speziell an Ihren Interessen ausgerichtet sind, wie diese sich aus Ihrem bisherigen Nutzerverhalten ergeben. Das Cookie wird nach 30 Tagen automatisch gelöscht.

 

The targeting measures listed below and used by us are carried out on the basis of Article 6(1)(f) GDPR. The targeting measures we use are intended to ensure that you only see advertising on your end devices that is based on your actual or perceived interests. It is in both your and our interests not to bother you with advertisements that are of no interest to you.

3.3.8.1 On-site targeting

Our website uses cookies to collect and evaluate information to optimize advertising. This information includes, for example, details of which of our courses you have shown an interest in. The collection and analysis is exclusively pseudonymous and does not allow us to identify you. In particular, the information is not combined with personal data about you. We can use the information to show you offers on our website that are specifically tailored to your interests, as they result from your previous user behavior. The cookie is automatically deleted after 30 days.


3.3.8.2 Re-targeting

We also use re-targeting technologies from ad servers.This enables us to make our online offering more interesting and tailored to you. For this purpose, a cookie is set with which interest data is collected using pseudonyms. This information is used to show you interest-related advertisements about our offers.No personal data is stored and no user profiles are merged with personal data about you.The cookie is stored for a period of 30 days and then automatically deleted.

3.3.8.3 Objection options

You can prevent the targeting technologies described above by making the appropriate cookie settings in your browser (see also 3.3.4).Facebook custom audience can be deactivated under the following link: reachlocal.com/opt-out.

4 MAKING CONTACT
In accordance with Article 8(1), the processing of the child's personal data is lawful if the child has reached the age of sixteen. If the child has not yet reached the age of sixteen, this processing is only lawful if and insofar as this consent is given by or with the consent of the holder of parental responsibility for the child. By agreeing to the declaration of consent, we assume that you have either reached the age of sixteen or that you have received parental consent.

4.1 Contact form

We provide you with contact forms to make it easier for you to contact us.

The data collected includes, for example

First name and surname
e-mail address

The data collected in this context will be stored by us in order to provide you with information about the ISM Academy's services via the channels you have selected. The data will be forwarded for further processing within the organization. If you are inactive, your data will be deleted after 36 months, unless you specify otherwise.

4.2 E-mail

Data that you send us by e-mail will be stored within the organization and forwarded internally in order to process your request. E-mails are archived within the organization as part of the statutory retention obligation.

4.3 Option to object

You can revoke the selected contact options at any time.

5 VIDEO UND ONLINE-KONFERENZSYSTEME

5.1 Youtube

Wir setzen zum Einbinden von Videos den Anbieter YouTube ein. Die Videos wurden dabei im erweiterten Datenschutzmodus eingebettet. Wie die meisten Websites verwendet auch YouTube Cookies, um Informationen über die Besucher ihrer Internetseite zu sammeln. YouTube verwendet diese unter anderem zur Erfassung von Videostatistiken, zur Vermeidung von Betrug und zur Verbesserung der Userfreundlichkeit. Auch führt dies zu einer Verbindungsaufnahme mit dem Google DoubleClick Netzwerk. Wenn Sie das Video starten, könnte dies weitere Datenverarbeitungsvorgänge auslösen. Darauf haben wir keinen Einfluss. Weitere Informationen über Datenschutz bei YouTube finden Sie in deren Datenschutzerklärung unter: youtube.com/t/privacy_at_youtube.

Rechtsgrundlage hierfür ist Artikel 6 Absatz 1 Buchstabe f) DSGVO.

 

5.2 Mediathek

Bei Bedarf und wenn nicht anders möglich werden Filmbeiträge auch über Mediatheken eingebunden, Rechtsgrundlage hierfür ist Artikel 6 Absatz 1 Buchstabe f) DSGVO. Wir weisen darauf hin, dass für die Nutzung von Drittbetreibern wie Mediatheken andere Datenschutzrichtlinien und Haftungsregelungen gelten. Die Speicherung und Nutzung von Daten durch den Anbieter, die bei Nutzung anfallen, kann den Umfang der vorliegenden Datenschutzerklärung überschreiten.

 

5.3 Zoom

Zur Durchführung von Lehrveranstaltungen, Online-Meetings, Videokonferenzen und/oder Webinaren (nachfolgend Online-Meetings) nutzen wir die Webkonferenz Software Zoom.

Betreiber von Zoom:

Zoom Video Communications, Inc.

55 Almaden Blvd, Suite 600,

San Jose, California 95113 (USA)

Soweit Sie die Internetseite von Zoom aufrufen, ist der Betreiber von Zoom für die Datenverarbeitung verantwortlich. Ein Aufruf der Internetseite ist für die Nutzung von Zoom jedoch nur erforderlich, um sich die Software für die Nutzung von Zoom herunterzuladen. Sie können Zoom auch nutzen, wenn Sie die jeweilige Meeting-ID und ggf. weitere Zugangsdaten zum Meeting direkt in der Zoom-App eingeben. Wenn Sie die Zoom-App nicht nutzen wollen oder können, dann sind die Basisfunktionen auch über eine Browser-Version nutzbar, die Sie ebenfalls auf der Website von Zoom finden.

Bei der Nutzung von Zoom werden verschiedene Datenarten verarbeitet. Der Umfang der Daten hängt davon ab, welche Daten Sie vor bzw. bei der Teilnahme an einem Online-Meeting machen. Folgende personenbezogene Daten sind Gegenstand der Verarbeitung:

Bei Online-Meeting: Vorname und Nachname, ggf. Thema des Meetings und Beschreibung, Teilnehmer-IP-Adressen sowie Geräte-/Hardware-Informationen

Bei Aufzeichnungen: MP4-Datei aller Video-, Audio- und Präsentationsaufnahmen, M4A-Datei aller Audioaufnahmen, Textdatei des Online-Meeting-Chats.

Bei Einwahl mit dem Telefon: Angabe zur eingehenden und ausgehenden Rufnummer, Ländername, Start- und Endzeit. Ggf. können weitere Verbindungsdaten wie z.B. die IP-Adresse des Geräts gespeichert werden.

Text-, Audio- und Videodaten: Sie haben ggf. die Möglichkeit, in einem Online-Meeting die Chat-, Fragen- oder Umfragenfunktionen zu nutzen. Insoweit werden die von Ihnen gemachten Texteingaben verarbeitet, um diese im „Online-Meeting“ anzuzeigen und ggf. zu protokollieren. Um die Anzeige von Video und die Wiedergabe von Audio zu ermöglichen, werden entsprechend während der Dauer des Meetings die Daten vom Mikrofon Ihres Endgeräts sowie von einer etwaigen Videokamera des Endgeräts verarbeitet. Sie können die Kamera oder das Mikrofon jederzeit selbst über die Zoom-Applikationen abschalten bzw. stummstellen.

Um an einem Online-Meeting teilzunehmen bzw. den „Meeting-Raum“ zu betreten, müssen Sie zumindest Angaben zu Ihrem Namen machen. Wenn wir Online-Meetings aufzeichnen wollen, werden wir Ihnen das im Vorwege transparent mitteilen und – soweit erforderlich – um eine Zustimmung bitten. Die Tatsache der Aufzeichnung wird Ihnen zudem in der Zoom-App angezeigt.

Wenn es für die Zwecke der Protokollierung von Ergebnissen eines Online-Meetings erforderlich ist, werden wir die Chatinhalte protokollieren. Das wird jedoch in der Regel nicht der Fall sein. Für Zwecke der Aufzeichnung und Nachbereitung von Online-Meetings können wir auch die gestellten Fragen von Webinar-Teilnehmenden verarbeiten.

Wenn Sie bei Zoom als Benutzer registriert sind, dann können Berichte über Online-Meetings (Meeting-Metadaten, Daten zur Telefoneinwahl, Fragen und Antworten in Webinaren, Umfragefunktion in Webinaren) bis zu einem Monat bei Zoom gespeichert werden.

Die bestehende Möglichkeit einer softwareseitigen „Aufmerksamkeitsüberwachung“ („Aufmerksamkeitstracking“) ist deaktiviert. Eine automatisierte Entscheidungsfindung i.S.d. Art. 22 DSGVO kommt nicht zum Einsatz.

Personenbezogene Daten, die im Zusammenhang mit der Teilnahme an Online-Meetings verarbeitet werden, werden grundsätzlich nicht an Dritte weitergegeben, sofern sie nicht gerade zur Weitergabe bestimmt sind. Beachten Sie bitte, dass Inhalte aus Online-Meetings wie auch bei persönlichen Besprechungstreffen häufig gerade dazu dienen, um Informationen mit Kunden, Interessenten oder Dritten zu kommunizieren und damit zur Weitergabe bestimmt sind.

Der Anbieter von Zoom erhält notwendigerweise Kenntnis von den o.g. Daten, soweit dies im Rahmen unseres Auftragsverarbeitungsvertrages mit Zoom vorgesehen ist.

Zoom ist ein Dienst, der von einem Anbieter aus den USA erbracht wird. Eine Verarbeitung der personenbezogenen Daten findet damit auch in einem Drittland statt. Wir haben mit dem Anbieter von Zoom einen Auftragsverarbeitungsvertrag geschlossen.

Rechtsgrundlage der Datenverarbeitung ist Artikel 6 Absatz 1 Buchstabe b und f) DSGVO. Informationen über Datenschutz bei Zoom finden Sie unter: https://zoom.us/docs/de-de/privacy-and-legal.html

 

6 EMPFÄNGER AUSSERHALB DER EU: Datenverarbeitung zu Werbezwecken

Die unter 3.3 genannten Verarbeitungen bewirken eine Datenübermittlung an die Server der durch uns beauftragten Anbieter von Tracking- bzw. Targetingtechnologien. Diese Server befinden sich in den USA.

 

7 IHRE RECHTE

7.1 Überblick

Neben dem Recht auf Widerruf Ihrer uns gegenüber erteilten Einwilligungen stehen Ihnen bei Vorliegen der jeweiligen gesetzlichen Voraussetzungen die folgenden weiteren Rechte zu:

  • Recht auf Auskunft über Ihre bei uns gespeicherten persönlichen Daten gem. Art. 15 DSGVO,
  • Recht auf Berichtigung unrichtiger oder auf Vervollständigung richtiger Daten gem. Art. 16 DSG-VO,
  • Recht auf Löschung Ihrer bei uns gespeicherten Daten gem. Art. 17 DSGVO,
  • Recht auf Einschränkung der Verarbeitung Ihrer Daten gem. Art. 18 DSGVO,
  • Recht auf Datenübertragbarkeit gem. Art. 20 DSGVO.

 

7.2 Widerspruchsrecht

Unter den Voraussetzungen des Art. 21 Abs. 1 DSGVO kann der Datenverarbeitung aus Gründen, die sich aus der besonderen Situation der betroffenen Person ergeben, widersprochen werden.

Das vorstehende allgemeine Widerspruchsrecht gilt für alle in dieser Datenschutz-Information beschriebenen Verarbeitungszwecke, die auf Grundlage von Artikel 6 Absatz 1 Buchstabe f) DSGVO verarbeitet werden. Anders als bei dem auf die Datenverarbeitung zu werblichen Zwecken gerichteten speziellen Widerspruchsrecht (vergleiche oben 3.3.3), sind wir nach der DSGVO zur Umsetzung eines solchen allgemeinen Widerspruchs nur verpflichtet, wenn Sie uns hierfür Gründe von übergeordneter Bedeutung nennen (z.B. eine mögliche Gefahr für Leben oder Gesundheit). Darüber hinaus besteht die Möglichkeit, sich an eine Aufsichtsbehörde oder den Datenschutzbeauftragten zu wenden.

 

8 DATENSICHERHEIT

Alle von Ihnen persönlich übermittelten Daten, einschließlich Ihrer Zahlungsdaten, werden mit dem allgemein üblichen und sicheren Standard SSL (Secure Socket Layer) übertragen. SSL ist ein sicherer und erprobter Standard, der z.B. auch beim Onlinebanking Verwendung findet. Sie erkennen eine sichere SSL-Verbindung unter anderem an dem angehängten s am http (also https://...) in der Adressleiste Ihres Browsers oder am Schloss-Symbol im unteren Bereich Ihres Browsers.

Wir bedienen uns im Übrigen geeigneter technischer und organisatorischer Sicherheitsmaßnahmen, um Ihre bei uns gespeicherten persönlichen Daten gegen Manipulation, teilweisen oder vollständigen Verlust und gegen unbefugten Zugriff Dritter zu schützen. Unsere Sicherheitsmaßnahmen werden entsprechend der technologischen Entwicklung fortlaufend verbessert. Datenaustausch zwischen dem Server und einem darauf zugreifenden Computer (client) ist durch SSL-Zertifikate mit dem Signaturalgorithmus SHA-256 abgesichert. Dies gilt für ism.de, en.ism.de und blog.ism.de.

© ISM Academy GmbH