AERO EDU appreciates your interest in our company and products. We take the protection of your personal data seriously and want you to feel comfortable visiting our web pages. We attach great importance to protecting your privacy while processing personal data, and take it into account in our business processes. We process personal data collected during visits to our websites in accordance with the applicable data protection and data security laws.
§ 1 CONTROLLER AND SCOPE OF APPLICATION
The controller in the sense of the General Data Protection Regulation and other national privacy laws of Member States as well as other privacy law provisions is
AERO EDU UG (haftungsbeschränkt)
Dachauer Str. 145
Markus Maria Bachbauer
§ 3 WHAT ARE PERSONAL DATA?
Personal data are individual details about personal or factual situations of a specific or identifiable natural person (data subject). This includes information such as your name, address, phone number, date of birth, or e-mail address. Information with which we cannot (or can only with a disproportionate effort) establish a reference to your person, e.g. by making the information anonymous, is not personal data.
§ 4 GENERAL INFORMATION ON DATA PROCESSING
We only collect and use our users' personal data if and to the extent needed to provide a functional website as well as our contents and services. We use your personal data to provide the services you need, to answer your questions and to operate and improve our websites and applications.
Your personal data is not used for any other purpose, especially not for advertising purposes. Your personal data shall not be transferred to third parties without your consent, except in the cases described below, unless we are legally obliged to provide the data.
b) Legal basis
If we obtain the consent of the data subject to his/her process personal data, Art. 6, Section 1a, of the EU General Data Protection Regulation (GDPR) shall serve as the legal basis for processing said data. Art. 6, Section 1b, of the GDPR serves as legal basis for processing the personal data required to execute a contract to which the data subject is a party. Article 6, Section 1c, of the GDPR serves as legal basis for processing the personal data required to fulfil a legal obligation of our company.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6, Section 1f, of the GDPR shall serve as legal basis for processing.
c) Data erasure and storage time
Your personal data shall be erased or blocked as soon as the purpose of storage ceases to apply. However, the data may be stored if provided for by European or national laws or other statutory provisions to which the controller is subject. The data shall be blocked or erased at the end of a storage period prescribed by the aforementioned standards, unless the data needs to be stored further in order to conclude or implement a contract.
§ 5 INDIVIDUAL PROCESSING OPERATIONS
You can use a large part of our website without providing your personal data. Access data without personal reference, such as the name of your Internet service provider, the page from which you are visiting us, the names of the files required and their retrieval date are stored. These data are exclusively evaluated for the purpose of improving our website and do not allow any conclusions regarding your person. These data are:
- Browser type and version
- The operating system used
- Referrer URL
- Host name of the computer used for access
- Names of the requested files
- Date and time of server request
- IP address
In particular, personal data are used as follows:
a) Contact forms
In this context, the data is not disclosed to third parties. The data is used exclusively for processing the conversation.
The legal basis for processing the data transmitted alongside an e-mail is Art. 6, Section 1a, of the GDPR. We process personal data from the contact form only for the purpose of processing the establishment of contact.
§ 6 USE OF WEB STATISTICS
AERO EDU is currently not using any web statistics or analytics services.
§ 7 USING COOKIES
Besides the cookies described in Section 6 above, we use other cookies which are sent by our web server to your browser during your visit to our website and are stored on your computer for later retrieval. These cookies contain a characteristic character string that enables clear identification of the browser when the website is called up again.
The legal basis for processing personal data using technically necessary cookies is Art. 6, Section 1f of the GDPR. If the user has given his or her consent in this regard, the legal basis for processing personal data using cookies for analysis purposes is Art. 6, Section 1a, of the GDPR.
The user data collected by technically necessary cookies are not used to create user profiles.
Most browsers are pre-set to automatically accept cookies. However, you can deactivate the storage of cookies or set your browser so that it informs you before cookies are stored. Users who do not accept cookies may not be able to access certain areas of our websites.
Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.
In order to find out more about browser settings please refer to the Help menu of your browser.
§ 8 PLUG-INS AND TOOLS
Our website uses plugins from Google's YouTube platform. The pages are operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
If you visit any of our pages equipped with a YouTube plug-in, a connection is set up to the YouTube servers. The YouTube server is informed about our pages you have visited.
If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to make the presentation of our online offers appealing. This is a legitimate interest in the sense of Art. 6, Section 1f, of the GDPR.
b) Google Maps
This page uses the map service "Google Maps" via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps it is necessary to save your IP address. This information is usually transferred to and stored in a Google server in USA. The provider of this page has no influence on this data transmission.
Using Google Maps makes the representation of our online offers appealing, and the places indicated by us on the website easy to locate. This is a legitimate interest in the sense of Art. 6, Section 1f, of the GDPR.
c) Facebook plugins (Like & share button)
Our pages include plug-ins from the social network Facebook. Provider: Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. You can recognise the Facebook plug-ins through the Facebook logo or the "Like" button on our page. An overview of the Facebook plug-ins can be found here: https://developers.facebook.com/docs/plugins/
If you do not want Facebook to associate your visit to our pages with your Facebook account, please log out of your Facebook account.
§ 9 SECURITY MEASURES TO PROTECT YOUR DATA
We undertake to protect your privacy and to treat your personal data confidentially. To prevent the loss or misuse of data stored by us, we take extensive technical and organisational safety precautions which are regularly checked and adapted to technological progress. However, we would like to point out that due to the structure of the Internet, it is possible that the data protection rules and the above-mentioned safety measures may not be observed by other persons or institutions outside our field of responsibility. In particular, unencrypted data transmitted by e-mail, for instance, can be read by third parties. We have no technical influence on this. It is the user's responsibility to protect the data provided by him/her against misuse through encryption or in any other way.
§ 10 HYPERLINKS TO EXTERNAL WEBSITES
Our website contains so-called hyperlinks to other providers' websites. When these hyperlinks are activated, you are redirected from our website directly to other providers' websites. You can recognise this, for example, by the change of URL. We cannot assume any responsibility for the confidentiality of your data on these third-party websites, as we have no influence on these companies' compliance with data privacy policies. You can find out how these companies handle your personal data directly on these websites.
§ 11 YOUR RIGHTS AS A DATA SUBJECT
If your personal data are processed, you are concerned in the sense of the General Data Protection Regulation (GDPR) and you have the following rights vis-à-vis the controller:
1. Right to information
You can ask the controller to confirm whether your personal data are processed by us.
If this is the case, you can ask the controller for the following information:
- the purposes for which the personal data are processed;
- the categories of personal data processed;
- the recipients or categories of recipients to whom your personal data have been or are still being disclosed;
- the planned duration of the storage of your personal data or, if specific information on this is not possible, the criteria for determining the storage period;
- the existence of a right to rectify or erase your personal data, a right to have the processed data restricted by the controller, or a right to object to such processing;
- the existence of a right to appeal to a supervisory authority;
- all available information about the origin of the data if the personal data are not collected from the data subject.
You have the right to request for information as to whether your personal data is transferred to a third country or to an international organisation. In this connection, you may request that the appropriate guarantees pursuant to Art. 46 of the GDPR in connection with the transmission of data shall be made available to you.
2. Right to correction
You may ask the controller to rectify and/or complete your personal data if your personal data are incorrect or incomplete. The controller shall make the correction without delay.
3. Right to restrict the processing
You may request that the processing of your personal data be restricted on the following terms and conditions:
- if you contest the accuracy of your personal data a;
- if the processing is unlawful and you reject the deletion of the personal data and instead demand the restriction of the use thereof;
- if the controller no longer needs the personal data for the purposes of processing, but you do need them to assert, exercise or defend legal claims, or
- if you have filed an objection to the processing pursuant to Art. 21, Section 1, of the GDPR and it has not yet been determined whether the controller's legitimate reasons outweigh your reasons.
If the processing of your personal data has been restricted, such data may only be processed - apart from being stored - with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.
If the processing restriction has been limited on the above conditions, we shall inform you before the restriction is lifted.
4. Right to deletion
a) Deletion obligation
You may ask to delete your personal data without delay and we are obliged to delete this data without delay if:
Your personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
You revoke your consent, on which the processing was based pursuant to Art. 6, Section 1a or Art. 9, Section 2a of the GDPR, and there is no other legal basis for the processing.
You file an objection against the processing pursuant to Art. 21, Section 1, of the GDPR and there are no overriding legitimate reasons for the processing, or you file an objection against the processing pursuant to Art. 21, Section 2, of the GDPR.
Your personal data have been processed unlawfully.
Deleting your personal data is necessary to fulfil a legal obligation under EU law or the law of the Member States to which we are subject.
Your personal data have been collected regarding the services offered by the information company pursuant to Art. 8, Section 1, of the GDPR.
b) Information to third parties
If we have made your personal data public and are obliged to delete it pursuant to Art. 17, Section 1, of the GDPR, we shall take appropriate measures, including technical measures, considering the available technology and the implementation costs, to inform the processors of the personal data for which you as the data subject have asked for the deletion of all links thereto or of copies or replications thereof.
The right to deletion does is excluded if and to the extent as the processing is required
- to exercise the freedom of expression and information;
- to fulfil a legal obligation required for processing under EU law or the law of Member States to which the controller is subject or for the performance of a task in the public interest or in the exercise of official authority conferred on the controller;
- for reasons of public interest in the field of public health pursuant to Art. 9, Sections 2h and i, and Art. 9, Section 3, of the GDPR;
- for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89, Section 1, of the GDPR, insofar as the law referred to under a) is likely to render impossible or seriously impair the attainment of the objectives of such processing, or
- to assert, exercise or defend legal claims.
5. Right to information
If you have asked us to correct, delete or restrict the processing of your personal data, we must inform all recipients of your personal data about this correction or deletion of the data or restriction on processing, unless this proves impossible or entails a disproportionate effort.
You have the right to be informed of such recipients.
6. Right to data portability
You have the right to receive the personal data you have made available to the controller in a structured, accessible and machine-readable format. Moreover, you have the right transmit this data on to another controller, provided that
processing is based on consent pursuant to Art. 6, Section 1a, of the GDPR or Art. 9, Section 2a, of the GDPR or on a contract pursuant to Art. 6, Section 1b, of the GDPR and
processing is carried out automatically.
While exercising this right, you also have the right to request that your personal data be transferred directly from us to another controller, so far as this is technically feasible.
Other persons' freedoms and rights must not be affected by this.
The right to portability shall not apply to the processing of personal data needed to perform a task in the public interest or to exercise official authority conferred on the controller.
7. Right to object
You have the right to object at any time, on the grounds of your particular situation, to the processing of your personal data in accordance with Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions.
We shall no longer process your personal data, unless we can prove protection-worthy compelling reasons for the processing, which outweigh your interests, rights and freedoms, or unless the processing is used to assert, exercise or defend legal claims.
You have the possibility to exercise your right of objection in connection with the use of the services of an information company by means of automated procedures based on technical specifications, notwithstanding Directive 2002/58/EC.
8. Right to revoke the data protection consent
You have the right to revoke your data protection consent at any time.
The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation.
9. Right to appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or where the alleged infringement has been made, if you believe that the processing of your personal data is contrary to the stipulations of the GDPR. The competent supervisory authority for Bavaria is:
Bayerisches Landesamt für Datenschutzaufsicht, Promenade 27, 91522 Ansbach, https://www.lda.bayern.de/de/kontakt.html