Skip to content

Privacy Policy / Datenschutzerklärung

1. Introduction

This website is operated by: IEAT. It is very important to us to handle the data of our website visitors with confidence and to protect them in the best possible way. For this reason, we make every effort to comply with the requirements of the GDPR. Below we explain how we process your data on our website. To do this, we use language that is as clear and transparent as possible so that you really understand what happens to your data.

2. General information

2.1 Processing of personal data and other terms Data protection applies to the processing of personal data. Personal data means all data with which you can be personally identified. This is, for example, the IP address of the device (PC, laptop, smartphone, etc.) you are currently using. Such data is processed when 'something happens to it'. Here, for example, the IP is transmitted from the browser to our provider and automatically stored there. This is then a processing (according to Art. 4 No. 2 GDPR) of personal data (according to Art. 4 No. 1 GDPR). These and other legal definitions can be found in Art. 4 GDPR. 2.2 Applicable regulations/laws - GDPR, BDSG and TDDDG The scope of data protection is regulated by laws. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law. In addition, the TDDDG supplements the provisions of the GDPR as far as the use of cookies is concerned. 2.3 The person in charge The person responsible for data processing on this website is the controller within the meaning of the GDPR. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data. You can reach the person in charge at: IEAT info.ieat.kit@protonmail.com 2.4 This is how data is basically processed on this website. As we have already established, there is data (e.g., IP address) that is collected automatically. This data is mainly required for the technical provision of the website. If we also use personal data or collect other data, we will inform you of this or ask for your consent. Other personal data you share with us knowingly. Detailed information on this can be found below. 2.5 Your Right The GDPR provides you with comprehensive rights. These are, for example, the free information about the origin, recipient, and purpose of your stored personal data. In addition, you can request the correction, blocking, or deletion of this data, or complain to the competent data protection supervisory authority. You can revoke any consent you have given at any time. You can find out in detail what these rights are and how to exercise them in the last section of this Privacy Policy. 2.6 Data Protection - Our View Data protection is more than just a chore for us! Personal data is of great value, and careful handling of this data should be a matter of course in our digitalized world. In addition, you as a website visitor should be able to decide for yourself what "happens" to your data, when, and by whom. We therefore undertake to comply with all legal provisions, collect only the data that is necessary for us, and, of course, treat it confidentially. 2.7 Disclosure and Deletion The transfer and deletion of data are also important and sensitive topics. Therefore, we would like to briefly inform you in advance about our general approach to this. A transfer of data only takes place on the basis of a legal basis and only if this is unavoidable. This may be the case in particular if it is a so-called Data Processor and a Data Processing Agreement has been concluded in accordance with Art. 28 GDPR. We delete your data when the purpose and the legal basis for processing cease to apply and the deletion does not conflict with any other legal obligations. A 'good' overview of this is also provided by Art. 17 GDPR. For all further information, please refer to this Privacy Policy and contact the responsible person if you have any specific questions. 2.8 Hosting This website is hosted externally. The personal data collected on this website is stored on the host's servers. This includes the automatically collected and stored log files (see below for more details), as well as all other data provided by website visitors. External hosting is used for the purpose of secure, fast, and reliable provision of our website and in this context serves to fulfill the contract with our potential and existing customers. The legal basis for the processing is Art. 6 para. 1 lit. a, b and f GDPR, as well as § 25 para. 1 TDDDG, insofar as consent includes the storage of cookies or access to information in the terminal device of the website visitor or user within the meaning of the TDDDG. Our hoster only processes data that is necessary for the fulfillment of its service obligation and acts as our Data Processor, which means that it is subject to our instructions. We have concluded a corresponding Data Processing Agreement with our hoster. We use the following hoster: https://github.com/ 2.9 Legal basis The processing of personal data always requires a legal basis. The GDPR provides for the following possibilities in Art. 6 (1) Sentence 1: a) The data subject has given his/her consent to the processing of personal data concerning him/her for one or more specific purposes; b) the processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject's request; c) processing is necessary for compliance with a legal obligation to which the responsible person is subject to; d) the processing is necessary in order to protect the vital interests of the data subject or another natural person; e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the person in charge; f) processing is necessary for the purposes of safeguarding the legitimate interests of the responsible person(s) or of a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data override this, in particular where the data subject is a child. In the following sections, we will provide you with the specific legal basis for the respective processing.

3. What happens on our website

By visiting our website, we process personal data from you. To protect this data as best as possible against unauthorized access by third parties, we use SSL or TLS encryption. You can recognize this encrypted connection by the fact that a https:// or a lock symbol is displayed in the address bar of your browser. In the following, you will learn what data is collected when you visit our website, for what purpose this is done, and on what legal basis. 3.1 Data collection when calling up the website. By calling up the website, information is automatically stored in so-called server log files. This is the following information: - Browser type and version - Operating system used - Referrer URL - Host name of the accessing computer - Time of the server request - IP address This data is temporarily required in order to be able to display our website and to display it to you permanently and without problems. In particular, this data thus serves the following purposes: - System security of the website - System stability of the website - Website troubleshooting - Connecting to the website - Website presentation The data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and is based on our legitimate interest in the processing of this data, in particular the interest in the functionality of the website as well as its security. If possible, this data is stored pseudonymously and deleted after the respective purpose has been achieved. Insofar as the server log files allow the identification of the person concerned, the data is stored for a maximum period of 14 days. An exception exists if a security-relevant event occurs. In this case, the server log files are stored until the elimination and final clarification of the security-relevant event. For the rest, a consolidation with other data does not take place. 3.2 Cookies 3.2.1 General This website uses so-called cookies. This is a data record, information that is stored in the browser of your terminal device and is related to our website. By setting cookies, the navigation of the website in particular can be made easier for the visitor. 3.2.2 Reject cookies The setting of cookies can be prevented by adjusting the settings of your browser. Here you can find the corresponding links to frequently used browsers: Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectslug=Cookies+l%C3%B6schen&redirectlocale=en Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de
Microsoft Edge: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d Safari: https://support.apple.com/en-us/guide/mdm/mdmf7d5714d4/web and https://support.apple.com/en-us/guide/safari/sfri11471/mac. As far as you use another browser, it is recommended to use your browser and 'delete and manage cookies' in a search engine and follow the official link to your browser to the official link. Alternatively, you can also manage your cookie settings at www.aboutads.info/choices/ or www.youronlinechoices.com. However, we must inform you that comprehensive blocking/deletion of cookies may lead to impairments in the use of the website. 3.2.3 Technically necessary cookies We use technically necessary cookies on this website to ensure that our website functions without errors and in accordance with applicable laws. They help to make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies. The legal basis for this is, depending on the individual case, Art. 6 para. 1 lit. b, c and/or f GDPR. 3.3 Data processing through user input 3.3.1 Contact a) E-mail When you contact us by email, we process your email address and any other data contained in the email. This data is stored on the mail server and in some cases on the respective end devices. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements. b) Appointment tool 3.4 Social media profiles In addition to our website, our company is also present on social networks. Here we want to present our company and create the opportunity to get in touch with us. In the following, we provide information about what data we and the respective social network process when you visit and interact with our profile. 3.4.1 Instagram We operate an Instagram profile. This social media platform is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. a) Interaction with our company profile When you visit our Instagram profile and interact with us, we process personal data. On the one hand, the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments, or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our Instagram profile. Unless an inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 (1) (b) GDPR. b) Insights As explained in the Meta Privacy Policy under "How do we use your information?" (https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect), Meta also collects and uses information to provide analytics and provide analytics services, known as insights, for site operators. This also applies to our Instagram profile. Insights are summarized statistics that are created based on certain interactions of visitors with pages and the content associated with them and are logged by the meta servers. This includes the following information, among others - How many people see and interact with our products, services, or content, such as posts, videos, Instagram pages, listings, stories, and advertisements (if the advertisement is shown on meta-products); - How people interact with our content, websites, apps, and services; - Which groups of people interact with our content and which groups of people use our services. Meta provides us with summarized reports and insights that tell us how well our content, features, products, and services are performing. We do not receive access to personal data, but only to the summarized reports. To evaluate the reach, we can make settings or set appropriate filters with regard to the selection of a time period, the viewing of a specific post and demographic groupings. This data is anonymized. It is not possible for us to draw conclusions about specific individuals. The purpose of processing this data is to analyze our reach and adapt our content and advertisements to user interests so that visitors can derive the greatest possible benefit from them. By evaluating this data, we can recognize how our content, our profile and our advertising are consumed. This enables us to create target group-specific content and place advertisements in order to better market our company and our services. The processing is based on our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. When processing personal data in the course of the so-called Insights, the processing is carried out under joint responsibility with Meta in accordance with Art. 26 para. 1 GDPR. We have concluded a corresponding agreement with Meta, which can be viewed here (https://www.facebook.com/legal/terms/page_controller_addendum). Meta's contact details are as follows: Online contact: https://www.facebook.com/help/contact/1650115808681298 Postal: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland. For Instagram, you can contact the data protection officer at the following link: https://www.facebook.com/help/contact/540977946302970. Further information about the Insights: https://de-de.facebook.com/help/page. You can find Instagram's full privacy policy here: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
Processing of personal data and cookies by Meta When you access an Instagram page, the IP address assigned to your device is transmitted to Meta. According to Meta, this IP address is anonymized (for "German" IP addresses). Meta also stores information about the end devices of its users (e.g., as part of the "login notification" function); Meta may thus be able to assign IP addresses to individual users. If you are currently logged in to Instagram as a user, a cookie with your Instagram ID is stored on your device. This enables Meta to track that you have visited this page and how you have used it. Meta buttons integrated into websites enable Meta to record your visits to these websites and assign them to your Instagram profile. This data can be used to tailor content or advertising to you. Further information: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect.

4. This is also important

Finally, we would like to inform you in detail about your rights and how you will be informed about changes in data protection requirements. 4.1 Your Rights in detail 4.1.1 Right to information according to Art. 15 GDPR You can request information about whether personal data about you is being processed. If this is the case, you can request further information on the type and manner of processing. A detailed list can be found in Art. 15 (1) lit. a to h GDPR. 4.1.2 Right to rectification according to Art. 16 GDPR This right includes the correction of inaccurate data and the completion of incomplete personal data. 4.1.3 Right to deletion according to Art. 17 GDPR This so-called 'right to be forgotten' gives you the right, under certain conditions, to request the deletion of personal data by the controller. This is generally the case if the purpose of the data processing has ceased to exist, if consent has been revoked, or if the initial processing took place without a legal basis. A detailed list of reasons can be found in Art. 17 (1) a to f GDPR. Furthermore, this "right to be forgotten" corresponds to the obligation of the controller under Art. 17 (2) GDPR to take appropriate measures to bring about a general erasure of the data. 4.1.4 Right to restriction of processing according to Art. 18 GDPR. This right is subject to the conditions set out in Art. 18(1) a to d. 4.1.5 Right to data portability according to Art. 20 GDPR. Here, the basic right to receive one's own data in a common form and to transfer it to another data controller is regulated. However, this only applies to data processed on the basis of consent or a contract pursuant to Art. 20 (1) a and b and to the extent that this is technically feasible. 4.1.6 Right of objection according to Art. 21 GDPR. In principle, you can object to the processing of your personal data. This applies in particular if your interest in objecting outweighs the legitimate interest of the controller in the processing and if the processing relates to direct marketing and or profiling. 4.1.7 Right to "decision in individual cases" according to Art. 22 GDPR In principle, you have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you. However, this right is also subject to limitations and supplements in Art. 22 (2) and (4) GDPR. 4.1.8 Other rights The GDPR contains comprehensive rights to inform third parties about whether or how you have asserted rights under Art. 16, 17, and 18 GDPR. However, this only applies as far as this is possible or feasible with reasonable effort. We would like to take this opportunity to once again inform you of your right to withdraw your consent in accordance with Article 7 (3) of the GDPR. However, this does not affect the lawfulness of the processing carried out up to that point. In addition, we would also like to inform you about your rights according to §§ 32 ff. of the Federal Data Protection Act (BDSG), which, however, are largely congruent with the rights just described. 4.1.9 Right of appeal according to Art. 77 You also have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of personal data relating to you infringes this Regulation.

5. What if tomorrow the GDPR is abolished or other changes take place?

The current status of this Privacy Policy is June 8, 2025. From time to time it is necessary to adapt the content of the Privacy Policy in order to react to actual and legal changes. We therefore reserve the right to amend this Privacy Policy at any time. We will publish the amended version in the same place and recommend that you read the Privacy Policy regularly.