We welcome your registration to "LeyLab" or "LeyLab Free" - (all together and individually, "Online Platform"). Your privacy and protection of personal data are important to us. Therefore, our business activities are conducted in accordance with with the applicable legal provisions, such as the German Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG) on data protection and data security. It is very important to us that you feel safe with us. For this reason, we and our data protection officer ensure compliance with data protection regulations. We are aware of the importance of the data you entrust us with and would like to would like to inform you about this in the following:
Please read the following carefully. If you have any questions, you can contact our data protection officer. The contact details can be found further down in this data protection statement.
Data protection is a complex subject. In order to make it easier for you to understand some basic meanings in this privacy statement, we have compiled them for you.
According to Art. 4 of the GDPR, the "data controller" is any natural or legal person, public authority, agency or other body which is determines, alone or jointly with others, the purposes and means of the processing of personal data; where the purposes and means of where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation under Union or Member State law may be specified. criteria for his designation may be provided for by Union or Member State law.
Personal data means any information relating to an identified or identifiable natural person. An identifiable is any natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, to an identification number, to location data, to an online identifier or to one or more special features which are an expression of the physical, physiological, genetic or mental characteristics of an individual, physiological, genetic, mental, economic, cultural or social identity of that natural person. cf. Art. 4 GDPR.
"Processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, processing, analysis, analysis, analysis, analysis, analysis, analysis, analysis, analysis, analysis, analysis, analysis, analysis, analysis, analysis, analysis personal data, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, transmission, processing, storage, retrieval or transmission of personal data. the use, disclosure by transmission, dissemination or any other form of making available, alignment or combination, restriction, integration or alteration of personal data. linking, restriction, erasure or destruction, cf. Art. 4 GDPR.
A "commissioned processing" within the meaning of Art. 28 GDPR is understood in a simplified way as a service in which personal data are collected, processed and/or used by a service provider on behalf of and in accordance with the instructions of the so-called controller. used. Before such an order is placed with a service provider, we, as the responsible body, conclude a special contract with the service provider and take further measures. with the service provider and ensure further measures to protect your personal data.
"Cookies" are small text files that are downloaded and stored on your end device (e.g. computer or smartphone) and that store certain settings and data. and store certain settings and data for exchange with our system via your browser. A cookie contains usually contains the name of the website visited from which the cookie data was sent, information about the age of the cookie and an alphanumeric identifier. identifier. Cookies enable systems to recognise the user's device and to make any preferences immediately available.
Cookies are used to store information about the age of the cookie and an alphanumeric identifier. available.
Third party means a natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons who, under the direct responsibility of the controller or the processor, are authorised to processor to process the personal data, cf. Art. 4 GDPR.
IP addresses are sequences of digits that can be assigned to individual IT devices or a group. The IP is used to, similar to postal addresses, to be able to assign data to the correct recipient.
The responsible body within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature in relation to your personal data on this online platform is the:LD DIDACTIC GmbH („LD“)
The data protection officer of LD is:
Dr. Werner Bietsch
LD Didactic GmbH
Phone: +49 2233 604-0
Fax: +49 2233 604-222
If an entity other than the aforementioned entity is the "responsible entity" within the meaning of the GDPR, you will be explicitly and separately informed of this. unless this is obvious.
We collect, process and use personal data if and to the extent necessary to set up a user account, to ensure the function/security of the online platform or to deal with problems. security of the online platform or for troubleshooting purposes.
A further use of your personal data will only be made if a legal provision allows it or you have consented.
After registration, we set up password-protected access to the inventory data stored by us for every user who has an LD customer number. to the inventory data stored with us. Here you can find out about the personal data we hold about you. Please treat your Please keep your access data strictly confidential, use passwords that are as secure as possible and do not make them accessible to unauthorised third parties. Liability for misuse of passwords, unless we are responsible for the misuse.
The processing of the data entered during registration is based on Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures, and Art. 6 para. 1 lit f GDPR. Our legitimate interest in processing of your personal data follows from the purpose of providing you with the use of the online platform you have requested.
Our online platform is a pure B2B online platform in which consumers within the meaning of §13 BGB cannot and may not register. This is also clearly stated in our terms and conditions. Therefore, we actively ask for your LD customer number each time you register. Furthermore, the following applies no persons under the age of 16 are allowed to place orders.
Of course, you have the option to change or delete your user account data at any time if necessary. You can edit your user account under "User" (top right) --> "Settings" --> "Personal settings" --> "Delete account". You can also go to "Administration" --> "Import/Export" --> "Delete" you can delete all devices and experiments of the school or delete the entire school with all data contained. This also deletes all users will also be deleted.
We would like to point out that in this case, your personal data will be deleted from the databases, provided that this does not conflict with statutory retention obligations. legal obligations to retain data and if the data is no longer required to fulfil the purpose for which it was stored. Your personal data stored up to this point will be stored in the data backups for up to 6 months. However, this data will only be used if this is necessary for IT security and other legitimate use of the backed-up data (e.g. because a restore of the backed-up data becomes necessary due to a system failure). Until deletion, your data is blocked.
We will also be happy to provide you with information about the personal data we have stored about you at any time. To contact us in this please use the contact by e-mail email@example.com with the subject: User account and the details: Your name, e-mail address and the name of your school/institution or its customer number. Of course you can also contact us by post or by fax. To do so, use the contact details provided below.
The online platform collects a series of general data and information each time you or an automated system access the online platform. information. This general data and information is stored in the server's log files. The following data may be collected: (1) the browser types and versions, (2) the operating system used by the accessing system, (3) the internet page from which an accessing system our website (so-called referrer), (4) the subpages which are accessed via an accessing system on our online platform, (5) the date and time of the accessing (5) the date and time of an access to the online platform, (6) an Internet protocol address (IP address), (7) the result code of the access and of the access, and (8) the size of the response in bytes.
When using these general data and information, the LD does not draw any conclusions about the data subject. This information is (1) to deliver the contents of our online platform correctly, (2) to optimise the contents of our online platform, (3) to ensure the long-term operability of our information technology. (3) to ensure the permanent operability of our information technology systems and the technology of our online platform, as well as (4) to enable law law enforcement authorities the information necessary for prosecution in the event of a cyber attack. This collected data and information is therefore evaluated statistically by LD on the one hand and on the other hand with the aim of increasing data protection and data security in our company in order to ultimately improve data security. In the long run, this ensures an optimal level of protection for the personal data we process. The data of the server log files are stored separately from any personal data provided by a data subject. The legal basis for the data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case after seven days at the latest.
Data is logged every time you access the online platform. In doing so, we use your IP address or set cookies to collect data, this is done, among other things, about your browser, your computer and the sub-pages you have visited.
When calling up this online platform, no permanent cookies are used. This means that the cookie set is automatically deleted after you close the browser or log out. or when you log out, a so-called session cookie. This cookie enables you to log in to the online platform, ensures that you can This cookie enables you to log in to the online platform, ensures that you remain logged in and helps you to log out again successfully. The information that the cookie is assigned to the current session of your browser and is deleted when you close the browser. To the extent that this cookie is not permitted it will not be possible to log in to the online platform.
When using the optional "stay logged in" function, a permanent cookie is set that is only deleted after a manual logout or at the latest after 120 days at the latest. This cookie is required to provide the "stay logged in" function and is not used for any other purpose. used for any other purpose.
The legal basis for the processing of the cookies is based on Art. 6 (1) lit. f GDPR. LD has both a legitimate interest in analysing user behaviour in order to optimise the online platform as well as to technically enable the functions you have requested, such as the "stay logged in" function, technically error-free and optimised.
You can prevent the setting of cookies by our online platform at any time by means of an appropriate setting of the browser used and thus permanently object to the setting of cookies. thereby permanently objecting to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via a browser or other software programs. deleted at any time. This is possible in all common browsers. If you deactivate the setting of cookies in the browser used, it may not be possible to use all the not be able to use all the functions of our online platform to their full extent.
If you want to scan a barcode, the online platform requires access to the camera of your end device. You can disable the authorisation for You can disable access to the camera, but we explicitly point out that you will then not be able to scan barcodes.
When you use contact forms in the online platform (for example, for help with CASSY) or otherwise contact us electronically (for example, via e-mail), we store and process your personal data. You can ask us questions about our products in this way, or make comments. Such personal data transmitted to us by you on a voluntary basis will be used for the purpose of processing your enquiry or contacting you. or contacting you and for possible follow-up questions. By providing the contact form, we would like to make it uncomplicated way to contact you. For this purpose, we process your following personal data: Last name, first name, e-mail address, as well as further details for the respective purpose of contacting you, which you communicate to us through your enquiry and which we can derive from your enquiry according to your request. This personal data will not be passed on to third parties.
The processing of the data provided in contact forms and sent to us via e-mail is based on Art. 6 (1) lit. f GDPR. The legitimate interest of LD serves the purpose of processing your sent request. If you contact us in order to request a quotation, place an order or to order or to return an order, the data entered in the contact form will be processed for the purpose of pre-contractual and contractual measures (Art. 6 para. 1 lit. b GDPR).
The data you enter in the forms remains with us until you request us to delete it or the purpose for storing the data ceases to apply (e.g. after we have completed processing your enquiry). Mandatory legal provisions - in particular retention periods - remain unaffected.
We collect and use your data in accordance with the legal requirements and only for our own purposes. We do not pass on your data to so-called third parties, unless there is a legal obligation to do so or you have consented to the disclosure.
We use service providers to help us operate the online platform. For example, we use hosting services and IT support service providers. In terms of data protection law, these service providers are order processors pursuant to Art. 28 of the General Data Protection Regulation (GDPR), who process the personal data provided by us only on our behalf and in accordance with our instructions. Our service providers are also contractually obliged by us to take sufficient technical and organisational measures to ensure the protection of your personal data. personal data.
Your personal data will be deleted if this does not conflict with statutory retention obligations and if you have asserted a right to deletion. have asserted a claim for deletion, if the data is no longer required to fulfil the purpose for which it was stored, or if their storage is inadmissible for other legal reasons. In the event of the deletion of a user account, your personal data stored until this stored up to this point in time will be stored for up to 6 months in the data backups, but this data will only be used if this is necessary for IT purposes. However, this data will only be used if this is necessary for IT security and other lawful use of the saved data (e.g. because a restore of the saved data is necessary due to a system failure). of the backed-up data is necessary due to a system failure). Until deletion, your data is blocked.
The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of the period the corresponding data will be routinely deleted, provided that they are no longer required for the fulfilment of the contract or the initiation of the contract.
As a rule, your data will be processed in Germany. In exceptional cases, information that you submit to us may be stored on servers within the the European Union (EU). Should we deviate from this as the "responsible party", we will notify you of this.
We would like to inform you that security gaps can occur during data transmission on the Internet (e.g. via e-mail). A complete protection against access by third parties is therefore not possible. We secure our IT systems (including the online platform) by means of so-called technical and organisational measures against unauthorised access: Access, disclosure, entry, loss and dissemination, as well as destruction and modification by unauthorised persons.
Your personal data is transmitted securely over the Internet using the Transport Layer Security coding system (TLS encryption). over the Internet. Access to your user account is only possible after entering your personal password. You should always treat your access information confidentiality and close the browser window when you have finished communicating with us and logged out, especially if you are sharing the computer with others. computer together with others.
For the purposes of data security, your IP address and the date and time of your visit are also logged.
You must not use the System or any part of it,
In the event of a deliberate/conscious violation, we reserve the right to take appropriate legal action and to exclude you from further use of the online platform. further use of the online platform.
All rights are to be initiated and carried out by us without delay. If you wish to exercise your rights, you can contact our data protection officer or another contact our data protection officer or another LD employee. To do so, use the contact information for the LD or the Data Protection Officer.
You have the right to request confirmation from us as to whether we are processing personal data about you. In addition, you can obtain free of charge information about the personal data stored about you and receive a copy of this information free of charge. This also includes the purpose of processing or how long we expect to store your data and where we got your data from. You also have the right to receive the data in a structured, commonly used and machine-readable format.
You also have the right to have inaccurate personal data corrected, to have it blocked or, apart from the mandatory data storage for business processing or for the fulfilment of a legal obligation to which the LD is subject, deletion of your personal data. data. In addition, you have the right to request a restriction of processing if this is not necessary for the fulfilment of the contract, or to lodge an objection to the processing.
You have the right to have data that you have provided to us handed over to you or to a third party in a common, machine-readable format. machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if it is technically feasible. technically feasible.
You can, under certain conditions, exercise your rights in relation to automated decisions, i.e. not to be subject to a decision based solely on automated processing - including profiling. automated processing, including profiling.
You may, under certain conditions, exercise your rights in relation to automated decisions, i.e. not to be subject to a distinction based solely on automated processing, including profiling.
You can revoke consent you have already given at any time. An informal communication by e-mail to us is sufficient for this purpose. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.
In the event of violations of data protection law, you have a right of appeal to the competent supervisory authority. Competent supervisory authority in matters of data protection law is the State Data Protection Commissioner of the federal state in which our company is based. The competent supervisory authority for North Rhine-Westphalia is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia.
If you have any questions about data protection, please write us an e-mail or contact our data protection officer directly:
LD DIDACTIC GmbH
Leyboldstr. 1, 50354 Hürth, Germany
Phone: +49 2233 604-0, Fax: +49 2233 604-222, E-Mail: firstname.lastname@example.org
The LD data protection officer is:
Dr Werner Bietsch
LD DIDACTIC GmbH
Leyboldstr. 1, 50354 Hürth, Germany
Phone: +49 2233 604-0, Fax: +49 2233 604-222, E-Mail: email@example.com
Advances in technology, legal requirements or changes in procedures may also have an effect on this data protection declaration, among other things. We therefore reserve the right to change this data protection declaration at any time with effect for the future. The current version of the The current version of the data protection declaration can be found on this online platform. Please visit this sub-page of the online platform regularly to inform yourself about the applicable provisions. inform yourself about the applicable provisions.
As of: 2021/10/19