Data Protection

Here you can find our updated data protection declaration.
Data protection declaration
We are very pleased that you are interested in our company. The management of Animexx
e.V. – DCM (Deutsche Cosplaymeisterschaft/German Cosplay Championship) places a high
value on data protection. Use of the internet site of Animexx e.V. – DCM is in principle
possible without disclosure of personal data. Should a person wish to make use of particular
services of our company through our internet site, the processing of personal data could
however be necessary. If processing of personal data is necessary and there exist no
legislative grounds for such processing, we generally obtain the consent of the person
concerned.
Processing of personal data, for example the name, postal address, email address or telephone
number of an affected person, is in accordance with the Datenschutz-Grundverordnung (EU
General Data Protection Regulation) and in compliance with the country-specific data
protection regulations that apply to Animexx e.V. – DCM. With the help of this data
protection statement, our company would like to inform the general public of the means,
scope and aim of the personal data collected, used and processed by us. Furthermore, persons
concerned will be apprised, by means of this data protection statement, of the legal rights
granted to them.
As the liable processor, Animexx e.V. – DCM has implemented numerous technical and
organisational measures in order to ensure the most complete possible protection of the
personal data processed through this website. However, internet-based data transmissions can
exhibit fundamental security flaws, so that an absolute level of protection cannot be
guaranteed. For this reason, any person concerned is at liberty to submit personal data to us in
alternative ways, for instance over the telephone.
1. Definitions
The data protection declaration of Animexx e.V. – DCM is based on the concepts used by the
European body for issuing directives and regulations when establishing the Datenschutz-
Grundverordnung/DS-GVO (EU General Data Protection Regulation/GDPR). Our data
protection declaration should be clear and comprehensible to the general public as well as to
our customers and commercial partners. To ensure this, we would like first to explain the
terminology we use.
In this data protection declaration, we use the following terms:
a) Personal data
Personal data comprises all forms of information that refers to an identified or identifiable
natural person (hereinafter, the ‘person concerned’). A natural person is regarded as
identifiable who, directly or indirectly, especially by means of the allocation of an
identifier such as a name, identification number, location data, online ID or by the
classification of one or more specific characteristics which are the manifestation of the

physical, physiological, genetic, psychological, economic, cultural or social identity of
this natural person, can be identified.
b) Person concerned
The person concerned is any identified or identifiable natural person whose personal data
is being processed by the party liable for processing.
c) Processing
Processing is any procedure or set of procedures carried out, with or without the aid of
automated technique, in connection with personal data such as collection, collation,
organising, ordering, retention, modifying or amending, selection, retrieval,
appropriation, disclosure, circulation, dissemination or another form of allocation,
comparison or matching, restriction, deletion or destruction.
d) Restriction of processing
Restriction of processing is the selection of retained personal data with the intention of
restricting its processing in the future.
e) Profiling
Profiling is any form of automated processing of personal data such that this personal data
is used to assess specific personal matters that relate to a natural person, in particular for
the analysis or prediction of matters relating to the work performance, economic situation,
health, personal preferences, interests, credibility, behaviour, place of residence or change
of location of this natural person.
f) Pseudonymisation
Pseudonymisation is the processing of personal data in a way in which personal data can
no longer be assigned to a specific concerned person without the deployment of
additional information, provided that this additional information is stored separately and
is subject to technical and organisational measures that ensure that the personal data is not
assigned to an identified or identifiable person.
g) Liable party or liable processor
Liable party, or liable processor, means the natural or legal person, authority, institution
or other position that solely or together with others decides the purposes and means of
processing personal data. Should the purposes and means of this processing be stipulated
by European Union law or by the legal systems of its member states, the liable party or
parties can be provided with specific criteria for their designation under European Union
law or by the legal systems of its member states.
h) Contracted processor
A contracted processor is a natural or legal person, authority, institution or other position
that undertakes the processing of personal data by contract to the liable party.
i) Recipient

The recipient is a natural or legal person, authority, institution or other position to which
the personal data is disclosed, regardless of whether this is a third party or not.
Authorities that, in the context of a specific examination order under European Union law
or by the legal systems of its member states, obtain potentially personal data are not
considered to be recipients.
j) Third party
A third party is a natural or legal person, authority, institution or other position besides
the person concerned, the liable processor, the contracted processor and the persons who,
under the immediate responsibility of the liable party or contracted processor, are
authorised to process personal data.
h) Consent
Consent is any informed and unambiguous expression of consent rendered freely by the
person concerned in the specific case, in the form of a declaration or other explicitly
confirmed action, by which the person concerned indicates that they agree to the
processing of the relevant personal data.
2. Name and address of the party liable for processing
The liable party, in accordance with the General Data Protection Regulation, with other data
protection legislation applicable in the member states of the European Union and with other
stipulations of a data-protection character, is:
Animexx e.V. – DCM
Brunhamstr. 21
81249 Munich
Germany
Tel.: 0700-02646399
E-Mail: info@animexx.de
Website: www.animexx.de
3. Name and address of the data protection officer
The data protection officer responsible for processing is:
Mr Sascha Kuhrau
a.s.k. Datenschutz e.K.
Schulstraße 16a
91245 Simmelsdorf
Germany

Tel.: +49 9155 263 99 70
E-Mail: extdsb@ask-datenschutz.de
Website: www.ask-datenschutz.de

Any person concerned can directly contact our data protection officer at any time for all
questions and suggestions concerning data protection.
4. Cookies
The internet site of Animexx e.V. – DCM uses cookies. Cookies are text files that are
archived and saved onto a computer system via an internet browser.
Numerous internet sites and servers use cookies. Many cookies incorporate a so-called cookie
ID. A cookie ID is the cookie’s clear identifying label. It consists of a sequence of characters
by which internet sites and servers can allocate the actual internet browser to which the
cookie has been saved. This enables the internet sites and servers that have been visited to tell
the difference between the individual browser of the person concerned and other internet
browsers that contain other cookies. A specific internet browser can be recognised and
identified by its unique cookie ID.
By using cookies, Animexx e.V. – DCM is able to provide more user-friendly services to
users of this internet site, which would not be possible without the application of cookies.
By means of cookies, items of information and offers on our website can be optimised for the
benefit of users. Cookies allow us, as already mentioned, to recognise the users of our
website. The goal of this recognition is to make it easier for users to get the most out of our
site. The visitor to a website that uses cookies does not, for instance, need to enter his or her
log-in data once again because this is taken care of by the internet site and by the cookie
archived on the user’s computer system. Another example is the cookie of a basket in the
online shop. The online shop takes note of the article that a customer has put in a virtual
basket, via a cookie.
The person concerned can see the cookie set-up at any time on our internet site by means of a
corresponding filter setting that blocks the internet browser that is being used and, in this
manner, permanently stops cookies being placed. It can also delete any cookies that have
already been placed at any time through an internet browser or other software programmes.
This is possible in all standard internet browsers. If the person concerned deactivates the
placing of cookies in the internet browser being used, there is a chance that not every
function on our internet site will be fully usable.
5. Collection of common data and information
With every visit to its internet site by a person concerned or an automated system, of
Animexx e.V. – DCM gathers an array of common data and information. This common data
and information is saved in the server’s log files. What can be collected are (1) the types of
browser and versions used, (2) the operating system of the accessing system used, (3) the
internet site from which an accessing system arrives at our internet site (the so-called
‘referrer’), (4) the sub-websites which are controlled by an accessing system on our internet
site, (6) an internet protocol address (IP address), (7) the accessing system’s internet service

provider, and (8) other similar data and information that act as danger prevention in the event
of attacks on our information technology systems.
In using this common data and information, Animexx e.V. – DCM draws no conclusions
about the persons concerned. This information is in fact needed (1) to deliver the content of
our internet site correctly, (2) to optimise the content of our internet site and the advertising
for this, (3) to ensure the long-lasting functional capability of our information technology
systems and the technology of our internet site, and (4) to provide law enforcement
authorities with necessary information leading to prosecution in the event of cyber-attacks.
This anonymously collected data and information is therefore hand statistical and also
analysed with the aim of enhancing data protection and data security within our company.
The anonymous data on the server’s log files is separated from all the personal data
pertaining to the person concerned.
6. Routine deletion and locking of personal data
The party liable for processing processes and stores the personal data of the person concerned
for the period of time required for realising the storage purpose or as provided for by the
European body responsible for issuing directives and regulations or other legislative
authorities in laws or requirements to which the liable processor is subject.
If the storage purpose is cancelled or if the period of storage retention, as provided for by one
of the European bodies responsible for issuing directives and regulations or by another
competent legislative authority, expires, then the personal data will be routinely blocked and
deleted in accordance with legal regulations.
7. Rights of the person concerned
a) Right to confirmation
Any person concerned has the right, granted by the European body responsible for issuing
directives and regulations, to request from the liable processor a confirmation of the fact
that the concerned person’s personal data is being processed. If a person concerned would
like to make use of this right of confirmation, he or she can apply for this at any time to
an employee of the liable processor.
b) Right to disclosure
Any person affected by the processing of personal data has the right, granted by the
European body responsible for issuing directives and regulations, to receive from the
liable processor, at any time and free of charge, information concerning stored personal
data that pertains to their person, and to obtain a copy of this information. Furthermore,
the European body responsible for issuing directives and regulations has allowed
disclosure to the person concerned of the following information:
 the purposes of the processing
 the categories of personal data which are processed
 the recipients, or categories of recipients, to which the personal data has been or
will be disclosed, especially recipients in third countries or in international
organisations

 if possible, the planned timeframe during which the personal data is stored or, if
this is not possible, the criteria for stipulating this time period
 the existence of a right to correct or delete the personal data of a person
concerned, a right to restrict the processing by a liable processor, or a right to
object to this processing
 the existence of a right of appeal to a supervisory authority
 if the personal data is not collected by the person concerned: all available
information relating to the origin of the data
 the existence of an automated decision making, including profiling as defined in
Article 22 Paragraphs 1 and 4 of the Datenschutz-Grundverordnung (DS-GVO)
and – at least in these cases – convincing information about the logical steps
involved as well as the scope and intended effects on the person concerned of such
processing
The person concerned furthermore has the right to information regarding whether
personal data has been transmitted to a third country or to an international organisation. If
this is the case, the person concerned has the incidental right to information about the
appropriate safeguards associated with the transmission.
Should the person concerned wish to make use of this right to disclosure, he or she can
apply for this at any time to an employee of the liable processor.
c) Right to correction
Any person affected by the processing of personal data has the right, granted by the
European body responsible for issuing directives and regulations, to request the prompt
amendment of untrue personal data pertaining to the person concerned. The person
concerned has the further right, with regard to the purposes of the processing, to demand
the completion of incomplete personal data by means of a supplementary declaration.
Should a person concerned wish to make use of this right to correction, he or she can
apply for this at any time to an employee of the liable processor.
d) Right to deletion (the right to be forgotten)
Any person affected by the processing of personal data has the right, granted by the
European body responsible for issuing directives and regulations, to demand of the liable
processor that the personal data of the person of concern be immediately deleted if the
following reasons apply and if the processing is not necessary:
 The personal data has been collected for purposes, or has been processed in other
ways, for which it is no longer necessary.
 The person concerned withdraws his or her permission for the processing, in
accordance with Article 6, Paragraph 1, point (a) of the DS-GVO or with Article
9, Paragraph 2, point (a) of the DS-GVO, and there is no other legal basis for the
processing.
 The person concerned states his or her objection to the processing, in accordance
with Article 21, Paragraph 1 of the DS-GVO, and there exist no overriding

grounds for the processing, or the person concerned states his or her objection to
the processing, in accordance with Article 21, Paragraph 2 of the DS-GVO.
 The personal data has not been lawfully processed.
 The deletion of personal data is necessary for compliance with a legal obligation
contained in European law, or in the legal systems of member states, to which the
liable processor is subject.
 The personal data has been collected in relation to services provided by the
information society, according to Article 8, Paragraph 1 of the DS-GVO.
If one of the above-named grounds applies, and a person concerned would like to arrange
for the deletion of personal data that is being held by Animexx e.V. – DCM, he or she can
apply to an employee of the liable processor to have this done at any time. The employee
of Animexx e.V. – DCM will arrange for the deletion to be undertaken promptly.
If the personal data has been made public by Animexx e.V. – DCM and if the company,
as the liable processor according to Article 17, Paragraph 1 of the DS-GVO, has a duty to
delete personal data, Animexx e.V. – DCM shall be obliged, taking into account available
technology and the costs of implementing reasonable measures, including technical
measures, to inform all other parties liable for processing personal data, which process the
released personal data, that the person concerned has requested from these other liable
processors the deletion of all links to this personal data or to copies or reproductions of
this personal data, for as long as the processing is not needed. The employee of Animexx
e.V. – DCM shall take the necessary measures in individual cases.
e) Right to restriction of processing
Any person affected by the processing of personal data has the right, granted by the
European body responsible for issuing directives and regulations, to demand from the
liable processor the restriction of processing if one of the following conditions are met:
 The accuracy of personal data is disputed by the person concerned, and for a
period of time allowed to the liable processor to check the accuracy of the
personal data.
 The processing is unlawful, the person concerned opposes the deletion of personal
data and requests instead a restriction in the use of personal data.
 The liable processor no longer needs the personal data for the purposes of the
processing, but the person concerned however needs the data for asserting,
exercising or defending legal rights.
 The person concerned objects to the processing, in accordance with Article 21,
Paragraph 1 of the DS-GVO, and it is not at the time clear whether the legitimate
reasons of the liable processor outweigh those of the person concerned.
If one of the above-named conditions has been met and a person concerned would like to
request the restriction of personal data that is being held by Animexx e.V. – DCM, he or
she can apply to an employee of the liable processor to have this done at any time. The
employee of Animexx e.V. – DCM shall take the necessary measures in individual cases.

f) Right to data transferability
Any person affected by the processing of personal data has the right, granted by the
European body responsible for issuing directives and regulations, to obtain the personal
data of the person concerned, which the person concerned has made available to the liable
processor, in a structured, conventional and machine-readable format. He or she has the
additional right to transfer this data to another liable processor without hindrance from the
liable processor to which the personal data has been provided, so long as the processing is
based on permission in accordance with Article 6, Paragraph 1 of the DS-GVO or with
Article 9, Paragraph 2, point (a) of the DS-GVO or based on a contract in accordance
with Article 6, Paragraph 1, point (b) of the DS-GVO, and the processing takes place with
the aid of automated procedures, provided that the processing which is transferred to the
liable processor is not necessary for the performance of a task that is for the public benefit
or is performed in the exercise of official authority.
The person concerned, in exercising his or her right to transferability in accordance with
Article 20, Paragraph 1 of the DS-GVO, has the further right that personal data is directly
transferred from one liable processor to another, as far as this is technically feasible and
as long as the rights and freedoms of other persons are not affected.
To assert the right to data transferability, the person concerned can apply at any time to an
employee of Animexx e.V. – DCM.
g) Right to object
Any person affected by the processing of personal data is ensured the right, granted by the
European body responsible for issuing directives and regulations, to make an objection at
any time, on grounds resulting from his or her particular situation, to the processing of the
personal data of the person concerned, in accordance with the procedure laid down in
Article 6, Paragraph 1, points (e) or (f) of the DS-GVO. This applies also to profiling
within the terms of these provisions.
Animexx e.V. – DCM no longer carries out processing of personal data in the event of
objection, unless we can establish compelling and legitimate reasons for the processing
that outweigh the interests, lawful rights and freedoms of the person concerned, or if the
processing serves in the assertion, exercise or defence of legal rights.
Should Animexx e.V. – DCM process personal data in order to carry out direct
advertising, the person concerned has the right to object at any time to the processing of
personal data for advertising purposes of this type. This applies also to profiling as far as
this is in connection with such direct advertising. Should the person concerned object to
processing for the purposes of direct advertising to Animexx e.V. – DCM, then Animexx
e.V. – DCM shall cease processing personal data for these purposes.
The person concerned has the additional right, on grounds resulting from his or her
particular situation, state an objection to the processing of the personal data of the person
concerned that is undertaken by Animexx e.V. – DCM for the purposes of scientific,
historical or statistical research, in accordance with Article 89, Paragraph 1 of the DS-

GVO, unless such processing is necessary for fulfilling a task in the general public
interest.
In order to exercise the right to object, the person concerned can apply directly to any
employee of Animexx e.V. – DCM or to another employee. The person concerned is
furthermore free, in connection with the use of services of the information society,
regardless of European Directive 2002/58/EC, to exercise his or her right to object by
means of automated procedures which make use of technical specifications.
h) Automated decisions in individual cases, including profiling
Any person affected by the processing of personal data is ensured the right, granted by the
European body responsible for issuing directives and regulations, which is not limited to
the automated processing of data – inclusive of profiling – not to be subject to decisions
that have legal implications or that in a similar way substantially affect them, provided
that the decision (i) is not necessary for the conclusion or fulfilment of a contract between
the person concerned and the liable processor, or (2) is permitted on the grounds of
legislation by the European Union or member states to which the liable processor is
subject, this legislation incorporating reasonable measures for the protection of the rights,
freedoms and lawful interests of the person concerned, or (3) is taken with the express
permission of the person concerned.
Should the decision (1) be necessary for the conclusion or fulfilment of a contract
between the person concerned and the liable processor, or (2) be taken with the express
permission of the person concerned, Animexx e.V. – DCM will take the necessary steps
to safeguard the rights, freedoms and lawful interests of the person concerned, including
at least the right to impinge on a person on the part of the liable processor, including in a
statement of its own position and its right to appeal the decision.
Should the person concerned wish to exercise his or her rights with respect to automated
decisions, he or she can apply for this at any time to an employee of the liable processor.
(i) Right to withdraw data protection approval
Any person affected by the processing of personal data is ensured the right, granted by the
European body responsible for issuing directives and regulations, to withdraw at any time
his or her permission for processing the data of a person concerned.
Should the person concerned wish to exercise his or her right to withdraw permission, he
or she can apply for this at any time to an employee of the liable processor.
8. Data protection regulations for the use and application of Facebook
The liable processor has integrated on this internet site components from the Facebook
company. Facebook is a social network.
A social network is a social meeting place operating on the internet, an online community
that generally enables users to communicate with each another and to interact in a virtual
space. A social network can serve as a platform for the exchange of opinions and experiences

or it enables personal or commercial information to be made available to the online
community. Among other things, Facebook lets social network users create private profiles,
upload photos and build networks via friend requests.
Facebook’s operating company is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025,
USA. The liable processor responsible for processing personal data, if the person concerned
lives outside the USA or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand
Canal Harbour, Dublin 2, Ireland.
With every click on an individual page of this internet site, for which the liable processor
carries out processing and on which a Facebook component (Facebook plug-in) has been
integrated, the internet browser is automatically prompted by the Facebook component to
download, from Facebook on to the IT system of the person concerned, a statement from the
relevant Facebook component. A complete overview of all Facebook plug-ins can be found at
https://developers.facebook.com/docs/plugins/?locale=de_DE. By means of this technical
procedure Facebook obtains information about which specific sub-website of our internet site
is accessed by the person concerned.
If the person concerned is at the same time logged on to Facebook, Facebook identifies, with
every click on our internet site by the person concerned and during the entire time that the
user stays on our internet site, which specific sub-website of our internet site is accessed by
the person concerned. This information is collected via the Facebook component and
assigned to the particular Facebook account held by the person concerned. Should the person
concerned activate one of the Facebook buttons integrated on our internet site, for example
the “Like” button, or if the person concerned leaves a comment, Facebook allocates this
information to the personal Facebook user account of the person concerned and stores this
personal data.
Facebook always receives information via its component that the person concerned has
visited our internet site, if the person concerned is at the same time logged on to Facebook
when they click on our internet site; this does not depend on whether the person concerned
has clicked on the Facebook component or not. Should the person concerned not want this
type of information transferral to Facebook, he or she can block the transfer by logging out of
his or her Facebook account before clicking on our internet site.
Facebook’s published data policy, found at https://de-de.facebook.com/about/privacy/, gives
information about the collection, processing and use of personal data by Facebook. It also
explains which settings options Facebook provides for protection of privacy. Various
additional apps are available for blocking data transfer to Facebook. Such applications can be
used by the person concerned to block data transfer to Facebook.
9. Data protection regulations for the use and application of Twitter
The liable processor has integrated on this internet site components from Twitter. Twitter is a
multilingual, public access micro-blogging service, on which the user can publish and
disseminate so-called “tweets”, that is, short messages of up to a limit of 280 characters.
These messages are accessible to anyone, including those who are not signed-up members of

Twitter. The tweets are also displayed to the so-called “followers” of this user. Followers are
other Twitter users who follow the tweets of a user. Tweets also enable a broad public to be
addressed by the use of hashtags, links or retweets.
Twitter’s operating company is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco,
CA 94103, USA.
With every click on an individual page of this internet site, for which the liable processor
carries out processing and on which a Twitter component (Twitter button) has been
integrated, the internet browser is automatically prompted by the Twitter component to
download, from Twitter on to the IT system of the person concerned, a statement from the
relevant Twitter component. Further information about Twitter buttons is available at
https://about.twitter.com/de/resources/buttons. By means of this technical procedure Twitter
obtains information about which specific sub-website of our internet site is accessed by the
person concerned. The purposes of integrating the Twitter component is to enable our users
to further disseminate the content of this internet site, to popularise this internet site and to
increase the number of our site visitors.
If the person concerned is at the same time logged on to Twitter, Twitter identifies, with
every click on our internet site by the person concerned and during the entire time that the
user stays on our internet site, which specific sub-website of our internet site is accessed by
the person concerned. This information is collected via the Twitter component and assigned
to the particular Twitter account held by the person concerned. Should the person concerned
activate one of the Twitter buttons integrated on our internet site, the transferred data and
information thereby transferred is assigned to the personal Twitter account of the person
concerned and is stored and processed by Twitter.
Twitter always receives information via its component that the person concerned has visited
our internet site, if the person concerned is at the same time logged on to Twitter when they
click on our internet site; this does not depend on whether the person concerned has clicked
on the Twitter component or not. Should the person concerned not want this type of
information transferral to Twitter, he or she can block the transfer by logging out of his or her
Twitter account before clicking on our internet site.
Twitter’s applicable data protection regulation can be found at
https://twitter.com/privacy?lang=de
10) Legal grounds for data processing
Article 6, Section I, point (a) of the DS-GVO serves as the legal basis for processing
operations by which we receive permission for a specific processing purpose. Should the
processing of personal data be necessary to fulfil a contract, of which one of the contractual
parties is the person concerned, in the case for example where processing operations are
needed for the delivery of products or the delivery of sundry services and return services, the
processing in this event is based on Article 6, Section I, point (b) of the DS-GVO. This also
applies to processing operations that are required for the implementation of pre-contractual
measures, for example in cases of requests for our products or services. Should our company
be subject to legal obligations in respect of which a processing of personal data is necessary,

for example for the fulfilment of tax obligations, the processing in this event is based on
Article 6, Section I, point (c) of the DS-GVO. In rare cases the processing of personal data
can be required for the protection of the vital interests of the person concerned. This would be
in the event, for example, when a visitor was injured in our business and thereupon his or her
name, age, health insurance data or other vital information needed to be passed on. In this
case, processing would be subject to the provisions contained in Article 6, Section I, point (d)
of the DS-GVO.
Finally, processing operations can be subject to Article 6, Section I, point (e) of the DS-GVO.
Processing operations are based on this legal provision, which is not covered by the
aforementioned legal grounds, if the processing is necessary for safeguarding a legal interest
of our company or of a third party, as long as these do not outweigh the fundamental rights
and freedoms of the person concerned. Such processing operations are so authorised since
they have been explicitly mentioned by the European legislature. It asserts the opinion, in this
respect, that a legal interest can be assumed if the person concerned is a customer of the liable
processor (Recital 47, Sentence 2 of the DS-GVO).
11) Legitimate interests in the processing undertaken by the liable processor or by a
third party
Should the processing of personal data be based on Article 6, Section 1, point (f) of the DS-
GVO, this is in our legitimate interest for the conduct of our business activities for the benefit
of the well-being of all our employees and shareholders.
12) Period of time during which personal data is stored
The criterion for the duration of storage of personal data is the legal storage period that
applies at the time. After expiry of the deadline, the relevant data is automatically deleted if it
is no longer necessary for the fulfilment of a contractual obligation or initiation.
13) Legal or contractual provisions for the delivery of personal data; necessity for
conclusion of contract; obligation to deliver data to the person concerned; possible
consequences of non-delivery
We inform you that the delivery of personal data is partly prescribed by law (for example, tax
regulations) or can take place as a result of contractual regulations (for example, information
pertaining to a contract partner.
Occasionally it is required, at the conclusion of a contract, that a person concerned make his
or her personal data available to us that, as a consequence, needs to be processed by us. The
person concerned is for example obliged to send personal data to us if our company
concludes a contract with him or her. As a consequence, non-delivery of personal data would
mean that the contract with the person concerned could not be concluded.
Before delivery of personal data to the person concerned, the person concerned must apply to
one of our employees. Our employee informs the person concerned in each individual case
whether the delivery of personal data is lawful or necessary for the conclusion of a contract,

whether an obligation exists to deliver personal data and what the consequences of non-
delivery of personal data would be.
14) Existence of automated decision making
As a company conscious of our responsibilities, we forgo automated decision making or
profiling.
This data protection declaration has been compiled by means of the data protection
declaration generator of the Deutsche Gesellschaft für Datenschutz GmbH (German Data
Protection Association), in cooperation with the data protection lawyer Christian Solmecke.