top of page

Data protection declaration

Data protection declaration

As the operator of this website, we take the protection of your personal data very
seriously, treating your personal data confidentially and in accordance with the
applicable statutory data protection regulations and this data protection declaration.
You can always visit the (provider's) websites without telling us who you are. We
then only automatically receive the following server log files. These data are not
linked to other personal data and do not allow any direct conclusions to be drawn
about your person. The information collected in this way is used for statistical

• the operating system you are using, the web browser you are using and the screen
resolution you have set
• the date and time of your visit
• the websites you have looked at
• the website from which you came to us

If personal data (e.g. your name, address or email addresses) is collected on our
websites, this is always done on a voluntary basis and only with your prior consent.
However, some of our services are only available with the submission of this data.
These data records will not be passed on to third parties without your express
consent. We would like to point out that data transfer via the Internet (e.g. when
communicating by email) can be subject to security gaps. Complete protection of
data against access by third parties is not possible.

“Controller” within the meaning of the General Data Protection Regulation
Martin März (lawyer)
SMF Rechtsanwälte und Steuerberater
Könneritzstraße 33
01067 Dresden
Tel: +49 (0)351 50193100
Fax: +49 (0)351 50193129
Your rights as a data subject
As a data subject, you have the following rights granted by the European
legislature. If you, as a data subject, wish to exercise one of these rights, you can
contact us at any time at the address given in the “Data Controller” or “Data
Protection Officer” section.
1) Right to confirmation
You can request confirmation from the data controller at any time as to whether
your personal data is being processed.
2) Right of access
You can obtain information about the personal data stored about you and a copy of

this information from the controller free of charge at any time. You also have a
right to information as to whether personal data has been transferred to a third
country or to an international organisation. If this is the case, you also have the
right to obtain information about the appropriate safeguards applied in connection
with the transfer.
3) Right to rectification
You may at any time request the controller to rectify your incorrect personal data
without undue delay. You also have the right to request the completion of
incomplete personal data, taking into account the purposes of the processing.
4) Right to erasure (right to be forgotten)
You have the right to demand from the controller the erasure of personal data
concerning you without undue delay where one of the following grounds applies
and insofar as the processing is not necessary:
• You withdraw the consent on which the processing is based according to point (a)
of Article 6 (1) GDPR, or point (a) of Article 9 (2) GDPR, and where there is no
other legal reason for the processing.
• The personal data was collected for purposes or processed in a way for which it is
no longer necessary.
• You object to the processing pursuant to Art. 21 (1) GDPR and there are no
overriding legitimate grounds for the processing or you object to the processing
pursuant to Art. 21 (2) GDPR. • Your personal data has been collected or processed
• The deletion of personal data is necessary to fulfil a legal obligation under EU law
or the law of the Member States to which the controller is subject.
• The personal data was collected in relation to information society services offered
in accordance with Art. 8 (1) GDPR.
5) Right to restriction of processing
You have the right to demand restriction of processing by the controller at any time
where one of the following applies:
• The accuracy of the personal data is disputed by you. For a period enabling the
controller to verify the accuracy of the personal data.
• The processing of the personal data is unlawful, but you oppose the erasure of the
personal data.
• The controller no longer needs the personal data for the purposes of the
processing, but it is required by you for the establishment, exercise or defence of
legal claims.
• You have objected to the processing pursuant to Art. 21 (1) GDPR and it is not
yet clear whether the legitimate reasons of the controller outweigh your reasons.
6) Right to data portability
You may at any time request from the controller receipt of the personal data you
have provided to the controller in a structured, commonly used and machine-
readable format. You also have the right to transmit this data to another person

without hindrance from the controller to whom you have provided the personal
data, if the processing is based on consent pursuant to Art. 6 (1) (a) GDPR or Art. 9
(2) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR and the processing
is carried out by automated means, provided that the processing is not necessary for
the performance of a task carried out in the public interest or in the exercise of
official authority vested in the controller. In exercising your right to data portability
pursuant to Art. 20 (1) GDPR, you also have the right to have the personal data
transmitted directly from one controller to another, where this is technically
feasible and does not adversely affect the rights and freedoms of others.
7) Right to object
For reasons arising from your particular situation, you may at any time demand to
lodge objection with the controller to the processing of personal data concerning
you on the basis of Article 6 (1) (e) or (f) GDPR. If you exercise your right to
object, we will no longer process your personal data unless we can demonstrate
compelling legitimate grounds for the processing which override your interests,
rights and freedoms or the processing serves the defence, exercise or assertion of
legal claims.
8) Right to withdraw consent under data protection law
You can withdraw your consent given to the controller under data protection law at
any time.
9) Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority at any time if
you believe that the processing of your personal data violates the GDPR. The
supervisory authority responsible for us is the State Data Protection Officer for
Saxony. Information can be found at
Legal basis of the processing
Art. 6 (1) (a) GDPR serves as the legal basis for processing operations for which
we obtain consent for a specific processing purpose, such as responding to form
enquiries that are necessary for the implementation of pre-contractual measures, for
example in cases of enquiries about our products or services. The processing of
personal data is based on Art. 6 (1) (b) GDPR if it is necessary for the fulfilment of
a contract to which you are a party, for example in the case of processing
operations necessary for the delivery of goods or the provision of another service or
Duration for which personal data is stored
We use the respective statutory retention period as the basis for determining the
duration of the storage of personal data. After this period has expired, the
corresponding data is routinely deleted, provided it is no longer required to fulfil
the contract or to initiate further contracts.

Server log files
The provider which stores this site automatically collects and stores information in
what are known as server log files, which your browser automatically transmits.
These are:
• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
This data cannot be assigned to specific persons without additional information.
This data is not merged with other data sources. We reserve the right to check this
data retrospectively if we become aware of specific indications of unlawful use.
SSL encryption
This site uses SSL encryption to improve security and to protect the transmission of
confidential content, such as personal data in form enquiries that you send to us as
the site operator. This makes it much more difficult for third parties to read or
intercept data during transmission. You can recognise an encrypted connection by
the fact that the address line of the browser changes from "http://" to "https://" and
by a browser-specific lock symbol in your browser line.
Google Maps plugin
We use a plugin from the internet service Google Maps on our website. The
provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043,
USA. When you use Google Maps on our website, e.g. for route calculation,
information about the use of this website and your IP address are transmitted to a
Google server in the USA and also stored on that server. We have no knowledge of
the exact content of the data transmitted, nor of its use by Google. In this context,
the company denies linking the data with information from other Google services
and the collection of personal data. However, Google may transfer the information
to third parties. If you deactivate Javascript in your browser, you prevent the use of
Google Maps. However, you will not be able to use the map display on our
website. By using our website, you consent to the described collection and
processing of information by Google Inc. You can find out more about the data
protection provisions and terms of use for Google Maps here:
YouTube videos
We use the extended data protection mode offered by YouTube for embedded
YouTube videos on this website. This prevents YouTube from storing cookies for

any user who views a website with an embedded YouTube video but does not click
on the video to start playback. Although YouTube may store cookies on the user's
computer after they start the YouTube video, no personal cookie information is
stored for playback of embedded videos with extended data protection. Further
information can be found at

bottom of page