Why did we prepare this prospectus?
PENSION BADWIRT manages personal information for a number of purposes and wishes to do this by respecting the rights of those concerned and fulfilling the legal obligation.
PENSION BADWIRT also considers it important to demonstrate the treatment of the personal data that he or she is aware of in the course of his data management activity, the most important feature.
On what basis do we handle the data of the data subjects? We only handle personal data for a specific purpose and with an appropriate legal basis. These goals and legal bases are presented in a specific brochure for specific data management.
Who handles your personal information? Your personal information is handled by the BADWIRT PENSION operator.
What kind of external help do you use to manage your data? Personal information is mostly handled by the BADWIRT PENSION at its own site.
What principles do you find important for the Contractor when handling your personal information?
Personal data will be processed in accordance with current legislation, in particular with the provisions of the Regulation of the European Parliament and Council of 2016/679 of 27 April 2016 (GDPR Regulation).
During the operation of the website, only personal data specified in the scope of the individual data processing will be processed and the security of the personal data provided will be protected by the possible and necessary technical and organizational measures. In this context, particular attention will be paid to ensuring the confidentiality, integrity and availability of personal data.
The Contractor shall be responsible for the authenticity and accuracy of the personal data provided by you. The terms used in this guide are used to interpret the concepts of information self-determination and the interpretative provisions of the GDPR regulation.
What are your rights regarding the personal information handled by the Contractor?
The data controller ensures that those concerned can exercise their rights as defined in the GDPR Regulation. An application for the exercise of these rights may not be denied by the data controller, unless it proves that the data subject can not be identified. It is therefore necessary for the person concerned to identify himself in order to fulfill his request. The data controller shall complete the request without delay, but within a maximum of 1 month from the receipt, or inform the data subject of possible objections or delays. In this case, the deadline may be extended by a further 2 months by notifying the extension and its reasons within one month.
The data controller concerned responds in a form in which he received the request. The person concerned has the opportunity to submit his application electronically, in which case the answer is electronically received, unless expressly stated otherwise.
For the purpose of ensuring the rights of the rights concerned, the rights contained in this information may be exercised free of charge and the data controller will not charge a fee unless the application is clearly groundless or, in particular, due to its repeatability. If and insofar as the requested action, information is overly or manifestly unfounded, the data controller may reasonably claim a fee (in particular, to cover the increased administrative costs of the exaggerated applications) or refuse the action based on the request. In such a case, the data controller has a duty to state reasons for the data subject.
In accordance with the GDPR regulation, the data subject may exercise the following rights:
a.) During the entire period of data management, the data subject shall be entitled to request information and access to the personal data handled by the data controller and the characteristics of the data handling on the given contact details, in particular:
– the identity and contact details of the data controller and his contact person, if he or she applies a data protection officer to the data controller, its contact details
– the purpose, legal basis, duration of the data processing,
– the name, address, data management activity of the data processor, if a data processor is used
– the legal basis and the addressee of the transfer where data is transmitted
– the possible incident of privacy
b.) The party concerned has the right to request the rectification of his / her personal data: If the data of the customer have changed or is not accurate, the data controller may, at any time, modify them at any time during the processing of personal data. You can request this request through our contact details.
c.) In the case of data handling based on your consent, you may withdraw your consent at any time and may request that your data be deleted by the Data Controller if there is no further legal basis for data handling.