Thank you for visiting our homepage and for your interest in NEXCOM. We take the protection and security of your personal data seriously and would like to guarantee a safe and well-informed use of our website.

It is therefore important for us to inform you which personal data are collected when you use our offers and services and how they are used. Personal data is any data that can be used to reveal your identity, such as your name, postal address or e-mail address.

Generally, you can visit our websites without us collecting any personal data from you. Personal data is only collected if you provide it to us voluntarily, for example in the context of an enquiry or when ordering information material. In general, the data that you transmit via our online forms is transmitted to us securely and in encrypted form.

If you have any questions about data protection, please contact us:

Ralf Lanz, info@lanz-consult.de

Data protection Terminology

Our data protection declaration uses terms that are used in the data protection basic regulation and the Federal Data Protection Act. The data protection declaration should be easy to understand. For this reason, we would like to explain the following particularly important terms in more detail:

The person concerned is a natural person, i.e. a person whose personal data are affected by the processing by a responsible person.

Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific characteristics that are an expression of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing means any operation or set of operations which is carried out with or without the aid of automated means relating to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or association, qualification, erasure or destruction.
Limitation of processing is the marking of stored personal data with the aim of limiting their future processing.

Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or movements of that natural person.

The responsible party is the natural or legal person, public authority, agency or other entity which alone or jointly with others decides on the purposes and means of the processing of personal data; where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the responsible party or entities may be designated in accordance with Union law or with the law of the Member States on the basis of specific criteria.

Processor is a natural or legal person, public authority, agency or other entity which processes personal data on behalf of the the responsible party.

The recipient is a natural or legal person, public authority, agency or other entity to whom personal data are disclosed, whether or not that person is a third party. However, authorities which may receive personal data in the course of a specific investigation task under Union law or the law of the Member States shall not be considered as recipients; the processing of such data by those authorities shall be carried out in accordance with the applicable data protection rules and in accordance with the purposes of the processing.

Third party(ies) means any natural or legal person, public authority, agency or entity except the person concerned, the responsible person, the processor and the persons authorised to process the personal data under the direct responsibility of the responsible person or the processor.

The consent of the person concerned is any voluntary, informed and unambiguous expression of his or her will in the particular case, in the form of a statement or other unequivocal affirmative act by which the data subject indicates his or her consent to the processing of his or her personal data.

The supervisory authority is an independent government entity established by a Member State to promote and monitor compliance with data protection provisions.

In the following we would like to inform you which categories of data we collect, how we process the data you provide us with and what your rights are:

In the following, we would like to inform you which data categories we collect, how we process the data that you make available to us and what rights you have:

  • On the processing of personal data

Person responsible for processing

NEXCOM IT-Services GmbH, Thomas-Mann-Str. 37, 53111 Bonn, Germany, is responsible for processing in accordance with the Basic Data Protection Regulation.

Contact form

We collect personal data in the contact form in the form of your name, your company, your contact data and your communication to us.

Purpose of processing

The purpose of the processing is to fulfill your customer requests, order information material and contact our services. In particular, NEXCOM provides consulting, service and development services in the field of software.

Legal basis for processing

The legal basis for the processing is your consent to the processing of your data, which you declare by sending it to us.

Recipient of the data

Your data will be forwarded after sending to our employees, who will process your request and send you information and material, if necessary, or contact you.

Personal data will only be processed within the context of our organisational structure. We use service providers who process data on our behalf for mail, cloud and web hosting. Among other things, these service providers are obliged by us to treat all data as strictly confidential. They are prohibited from processing the data for purposes other than those agreed. We do not sell your data to third parties, nor do we market them in any other way.

Your data will not be transferred to an EEA third country or an international organisation.

The duration of storage

The storage period of your data extends to the processing time of your enquiry and, if necessary, also to legal storage periods or to the periods for which the storage of the data is necessary for the assertion of legal claims and will subsequently be deleted. If we have received your contact data for the regular sending of information material, it will be stored until you revoke your consent.

Automated decision making or profiling

Automated decision making or profiling within the meaning of Article 22 (1) and (4) DS-GVO does not take place through us.

Use of cookies

Our websites use cookies. Cookies are text files which are stored on a computer system via a web browser. Many websites and servers use cookies.

Many cookies contain a so-called cookie ID, i.e. a unique identifier. It consists of a string of characters by which web pages and servers can be assigned to the specific web browser in which the cookie was stored. This enables the visited web pages and servers to distinguish the individual browser of the person concerned from other web browsers that contain other cookies. A particular web browser can be recognized and identified by its unique cookie ID.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser during your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, accept cookies for certain cases or generally exclude them and activate the automatic deletion of cookies when closing the browser.

If cookies are deactivated, the functionality of this website may be restricted.

Google Analytics and Google Remarketing

This website uses Google Analytics and Google Remarketing. These are services of Google Inc. (“Google”). Google uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. The IP address is then shortened by Google by the last three digits, a unique allocation of the IP address is therefore no longer possible. Google complies with the data protection provisions of the “US Safe Harbor” agreement and is registered with the “Safe Harbor” program of the US Department of Commerce. Google will not associate your IP address with any other data held by Google, but will use this information to evaluate your use of the website, to compile reports on website activity for website operators and to provide other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Third parties, including Google, place advertisements on websites on the Internet. Third parties, including Google, use stored cookies to serve ads based on previous visits by a user to this website.

Under the terms of the contract agreement, which we have entered into with Google Inc., Google uses the information collected to compile an analysis of website usage and website activity and provides services relating to internet usage. Our legitimate interest in data processing also resides in these purposes. The legal basis for the use of Google Analytics is § 15 paragraph 3 TMG or Art. 6 paragraph 1 letter f DS-GVO. The data sent by us and linked to cookies, user IDs (e.g. user ID) or advertising IDs are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

The collection and storage of data may be revoked at any time with effect for the future. You have the option of preventing the storage of cookies on your device by making the appropriate settings in your browser. It is not guaranteed that you can access all functions of this website without restrictions if your browser does not allow cookies.

You can also use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to Google Inc. and used by Google Inc. The following link will take you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=de

Alternatively, by clicking on this link (deactivate Google Analytics) you prevent Google Analytics from collecting data about you within this website. Click on the link above to download an “opt-out cookie”. Your browser must therefore always allow the storage of cookies for this purpose. If you delete your cookies regularly, a new click on the link is necessary each time you visit this website.

However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

We also use Google Analytics to evaluate data from AdWords and the double-click cookie for statistical purposes. If you do not wish this to happen, you can deactivate it using the ad preferences manager (http://www.google.com/settings/ads/onweb/?hl=de). Further information on data protection and data use by Google Inc:

Google SiteSearch (Google AJAX Search API)

Our websites use Google AJAX Search API using Java-Script code. When using the search field on this website, data will be passed on to Google, which is subject to Google’s privacy policy (https://www.google.com/intl/de_de/policies/privacy/). To prevent the execution of the Java-Script code used, you can install a Java-Script-Blocker (e.g. www.noscript.net).

Google Web Fonts

This page uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google’s servers. This enables Google to know that your IP address has been used to access our website. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

Google Maps

This page uses the Google Maps map service via an API. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the features of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

You will find more information on the handling of user data in Google’s data protection declaration: https://www.google.de/intl/de/policies/privacy/.

Log files for system-internal and statistical purposes (log files)

Our website collects a series of general data and information each time it is called up by a data subject or an automated system. This general data and information is stored in log files on the server. For example, the browser types and versions used, the operating system used by the accessing system, the website from which an accessing system accesses our website (so-called referrers), the sub-sites which are accessed via an accessing system on our website, the date and time of access to the website, the anonymised Internet protocol address (IP address) and other similar data and information used to avert dangers in the event of attacks on our information technology systems are recorded.

We do not identify the individual involved. This information is needed to correctly deliver and optimize the content of our website, to ensure the long-term functionality of our IT systems and the technology of our website, and to provide law enforcement authorities with the information they need to prosecute a cyber attack. This anonymously collected data and information is also statistically evaluated by us in order to ensure the greatest possible customer benefit of the web pages.

The anonymous data of the server log files are stored separately from all personal data provided by the person concerned.

Technical and organizational measures

We use technical and organizational security measures to protect your personal data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. This also applies if external services are used. When personal data is entered, it is always transmitted in encrypted form.

Your rights as a data subject

Under the basic European Data Protection Regulation, you have the following rights as a data subject:

Revocation of consent: If the processing of your personal data is based on your consent, you have the right to revoke your consent at any time pursuant to Article 7 (3) DS-GVO.

Disclosure: You have the right to demand confirmation from the person responsible as to whether your data will be processed by him and, if necessary, the right to obtain information about this personal data.

Revision: You have the right to ask the data controller to immediately correct any inaccurate personal data concerning you.

Deletion: You may have the right to demand that the person responsible delete your personal data immediately.

Restriction of processing: You may have the right to request the controller to restrict the processing.

Objection to processing: You may object to the processing of your data at any time for reasons arising from your particular situation.

Consequences of not providing the data: You are not obliged to provide us with data. If you do not provide us with your data, we may not be able to process your request.

Right to data transfer: You have the right to receive the personal data concerning you which you have provided to the responsible person in a structured, common and machine-readable format.

Automated decisions or profiling: if the controller carries out automated decisions or profiling, you have the right to be subject to decisions that are not exclusively based on automated processing, including profiling.

Right of appeal to a supervisory authority: You have the right to complain to a supervisory authority.

Data protection – Your rights as a concerned person

Under the basic European Data Protection Regulation, you have the following rights as a data subject:

Revocation of consent

If the processing of your personal data is based on your consent, you have the right to revoke your consent at any time pursuant to Article 7 paragraph 3 DS-GVO.

Information

You have the right to obtain confirmation from the data controller as to whether your data will be processed by him and, if applicable, the right to access such personal data, the purpose of processing, the categories of personal data, the recipients or categories of recipients to whom your data have been disclosed or to whom your data will be disclosed, if possible, the planned duration of the data storage or the criteria for determining the duration of the processing. The right to information is limited if the provisions of § 34 paragraph 1 of the Federal Data Protection Act n.F. are fulfilled.

If the data is not collected directly from you, there is a right to information about their origin. If the data are transferred to an EEA third country or an international organisation, you have the right to be informed of suitable guarantees in accordance with Article 46 DS-GVO. The data controller shall provide a copy of the data subject to processing.

Correction

You have the right to ask the data controller to rectify without delay any inaccurate personal data concerning you and to ask for the completion of incomplete personal data, taking into account the purpose of the processing.

Deletion

You have the right to demand that the person responsible delete your personal data immediately if

  • the data have been processed for the purposes of collection and are no longer necessary, or
  • you have withdrawn your consent in accordance with Article 6(1)(a) or Article 9(2)(a) of the DS-GVO and there is no other legal basis for the processing, or
  • you object to the processing under Article 21(1) DS-GVO and there are no overriding legitimate reasons for the processing or you object to the processing under Article 21(2) DS-GVO or
  • if your data have been unlawfully processed or
  • the deletion is subject to the fulfilment of legal obligations, or
  • the data relating to an Information Society service offered have been collected pursuant to Article 8(1) of the DS-GVO.

If the controller has made the personal data public and is obliged to delete them in accordance with Article 17(1) of the DS-GVO, he shall take appropriate measures, including technical measures, taking into account the technology available and the costs of implementation, to inform data controllers who process the personal data that the data subject has requested them to delete all links to those personal data or copies or replications.

The aforementioned deletion rights do not apply if

  • the processing is necessary for the exercise of the right to freedom of expression,
  • they are necessary to fulfil a legal obligation of the controller which the processing requires, or
  • they are required for the assertion, exercise or defence of legal claims,
  • prevent deletion in accordance with the statutes or contractual retention periods pursuant to § 35 paragraph 3 of the Federal Data Protection Act (Bundesdatenschutzgesetz n.F.).

The right to deletion may be replaced by a restriction of processing in cases of § 35 of the Federal Data Protection Act, as amended, where deletion is not possible or is possible at a disproportionately high expense. The same shall apply if the person responsible has reason to believe that deletion would impair an interest worthy of protection of the person concerned. Where possible, the data controller shall inform the data subject of the limitation.

Limitation of processing

Under the following conditions, you have the right to request the controller to restrict the processing:

  • You dispute the accuracy of the personal data, for as long as it allows the controller to verify the accuracy or,
  • if the processing is unlawful and erasure is refused, or
  • the controller no longer needs the data for the purpose of the processing, but the data subjects need them for the assertion, exercise or defence of legal claims, or,
  • if you have objected to the processing pursuant to Article 21(1) of the DS-GVO, until it has been established whether the controller’s legitimate reasons outweigh those of the data subject.

Insofar as processing has been restricted in accordance with Article 18(1) of the DS-GVO, such data may, apart from being stored, only be processed with the consent of the data subject or for the purpose of the exercise, exercise or defence of legal rights or for the protection of another natural or legal person or for reasons of an important public interest. The data subject who has obtained a restriction on the processing shall be informed by the controller before the restriction is lifted.

Objection to the processing

You may object to the processing of your data at any time for reasons arising from your particular situation, provided that such processing is carried out in accordance with Article 6(1)(e) or (f) of the DS-GVO. The data controller will then only process the personal data if he can prove compelling reasons worthy of protection before the processing, which outweigh the interests, rights and freedoms of the data subject or the processing serves the assertion, exercise or defence of legal claims.

If personal data are processed for the purpose of direct marketing, the data subject shall have the right to object at any time to the processing of his/her personal data. This also applies to profiling as far as it is connected with direct marketing. The data will then no longer be processed for the purpose of direct marketing. The reference to this right must be made at the latest at the time of the first communication. In connection with the use of information society services, the data subject may exercise his/her right to object by means of automated procedures using technical specifications.

Consequences of non-availability of data

You are not obliged to provide us with your data. If you do not provide us with your data, we may not be able to process your request.

Right to data transfer

You have the right to receive the personal data relating to you that you have provided to the data controller in a structured, common and machine-readable format and to transmit this data to another data controller without obstruction, provided that

  • processing on the basis of a consent pursuant to Article 6(1)(a) or Article 9(2)(a) DS-GVO, or
  • is based on a contract pursuant to Article 6(1)(b) of the DS-GVO, or
  • processing is carried out using automated procedures.

In exercising this right, the data subject may request that the data be transferred directly from one responsible person to another responsible person, insofar as this is technically feasible and no rights and freedoms of other persons are impaired.

Automated decisions or profiling

If the person responsible carries out automated decisions or profiling, you have the right to be subject to decisions that are not exclusively based on automated processing – including profiling – that have legal effect on you or significantly affect you in a similar way. This does not apply if

  • the decision is necessary for the conclusion or performance of a contract between you and the person responsible, or
  • the legal provisions to which the data controller is subject permit this and contain appropriate measures to safeguard the rights and freedoms and the legitimate interests of the data subject; or
  • the processing takes place with your explicit consent.

If the processing is not based on statutory provisions, the person responsible shall take appropriate measures to protect your rights and freedoms as well as your legitimate interests.

Decisions in accordance with the above exceptions may not be based on special categories of personal data pursuant to Article 9(1) of the DS-GVO unless Article 9(2)(a) or (g) of the DS-GVO applies and appropriate measures have been taken to safeguard your rights and freedoms and your legitimate interests.

Right of appeal to a supervisory authority

You have the right to complain to a regulatory agency.