Name and contact information of the Controller pursuant to Article 4 (7) GDPR
NASCH Media I Nadja Schaer
Wexstraße 28, 20355 Hamburg, Germany
E-Mail: info(at)the-tennis-circle.com
Note: To avoid spam e-mails, we have replaced the “@” in our e-mail address with “(at)”. Please use the “@” again instead if you wish to contact us.
Safety and protection of your personal data
It is our primary responsibility to maintain the confidentiality of the personal information you provide and to protect it from unauthorized access. That is why we use the utmost care and the latest security standards to ensure maximum protection of your personal data.
As a company under private law, we are subject to the provisions of the European General Data Protection Regulation (GDPR) and the provisions of the Federal Data Protection Act (BDSG). We have taken technical and organizational measures to ensure that we and our external service providers comply with data protection regulations.
Definitions
The law requires personal data to be processed lawfully, fairly and in a transparent manner to the data subject (“lawfulness, fairness, transparency”). In order to ensure this, we would like to inform you about the legal definitions used in this data protection declaration:
1. Personal data
“Personal data” is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special features that express the physiological, genetic ,economic, physical, mental, social or cultural identity of the natural person.
2. Processing
“Processing” is any process carried out with or without the help of automated processes or any such series of processes in connection with personal data such as collecting, organizing ,recording, storing, changing or adapting ,querying, reading out, use, disclosure through distribution, transmission or other means of making available, combination or comparison, restriction, destruction or deletion.
3. Restriction of processing
“Restriction of processing” is the marking of stored personal data with the aim of restricting their future processing.
4. Pseudonymization
“Pseudonymization” is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to technical and organizational measures to ensure that the personal data not be assigned to an identified or identifiable natural person.
5. Profiling
“Profiling” is any type of automated processing of personal data that consists of using this personal data to evaluate certain personal aspects relating to a natural person, in particular aspects related to health, work performance, economic situation of this person analyze or predict a natural person’s reliability, personal preferences, interests, behavior, movements or location.
6. File system
“File system” means any structured set of personal data that is accessible according to certain criteria, whether centralized, decentralized or distributed according to geographic or functional aspects.
7. Processor
“Processor” is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the person responsible.
8. Controller
“Controller” is the natural or legal person, institution, authority or other body that alone or jointly with others decides on the purposes and means of processing personal data. If the purposes and means of this processing are specified by European Union or Member State law, the person responsible or the specific criteria for his nomination can be provided for by European Union or Member State law.
9. Recipient
“Recipient” is a natural or legal person, agency, public authority or other body to which personal data is disclosed, whether a third party or not. However, public bodies that may receive personal data in accordance with European Union or Member State law as part of a specific request are not considered recipients. The processing of this data by these authorities is carried out in accordance with the applicable data protection regulations according to the purposes of the processing.
10. Third party
“Third party” is a natural or legal person, agency, public authority, or body other than the data subject, controller, processor and persons who, under the direct responsibility of the controller or processor, are authorized to process the personal data
11. Consent
The “consent” of the data subject means any voluntary, informed, specific and unequivocal expression of the data subject’s will by which, by a statement or by an unequivocal act of consent, he or she gives his or her consent to the processing of personal data relating to him or her.
Lawfulness of processing
The processing of personal data is only lawful if there is a legal basis for this processing. According to Article 6 Paragraph 1 lit. a – f GDPR, the legal basis for processing can be in particular:
a. The data subject has consented to the processing of their personal data for one or more specific purposes.
b. The processing is necessary to fulfill a contract to which the data subject is a party or to carry out pre-contractual measures at the request of the data subject.
c. Processing is necessary for compliance with a legal obligation to which the controller is subject.
d. Processing is necessary to protect vital interests of the data subject or another natural person.
e. The processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been assigned to the person responsible.
f. Processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless these interests outweigh the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular when the data subject is a child.
Information regarding the collection of personal data
(1) In the following we inform you about the collection of personal data when using our website. Personal data are e.g. name, post address, e-mail addresses, user behavior etc.
(2) When you contact us by e-mail, the data you provide (your e-mail address, possibly your name and telephone number) will be stored by us in order to answer your questions. We delete the data collected in this way after storage is no longer necessary, processing has been restricted or there are statutory storage requirements.
Collection of personal data when visiting our website
If you only use the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data that is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 Para. 1 lit. f GDPR):
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)IP address
- Content of the request (specific page)
- Any amount of data transferred
- Access Status/HTTP Status Code
- Website from which the request originated
- Browser
- Browser software language and version
- Operating system and its user interface
Use of Cookies
1) In addition to the data mentioned before, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive in the browser you are using and through which certain information flows to the place that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.
2) This website uses the following types of cookies, the scope and functionality of which are explained in the following:
- Transient cookies (see a.)
- Persistent cookies (see b.).
a. Transient cookies are automatically deleted when you close your browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.
b. Persistent cookies are automatically deleted after a specified period of time, which can vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
c. You can configure your browser settings according to your wishes and e.g. refuse to accept third-party cookies or all cookies. “Third-party cookies” are cookies that have been set by a third party and therefore not by the actual website you are on. Please note that by disabling cookies you may not be able to use all the functions of this website.
Minors
The services we offer are intended exclusively for adults. Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or guardians.
Rights of data subjects
1. Revocation of consent
If your personal data is processed on the basis of consent given to us, you have the right to withdraw your consent at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation. You can contact us at any time to exercise your right of withdrawal.
2. Right to information
If personal data is processed, you can request information about this personal data and the following information at any time:
a. the categories of personal data that are processed.
b. the purposes of the processing.
c. if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria used to determine that duration.
d. the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by the person responsible or a right to object to this processing.
e. the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations.
f. if the personal data is not collected from the data subject, all available information about the origin of the data.
g. the existence of automated decision-making including profiling in accordance with Art. 22 Para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved as well as the scope and intended effects of such processing of the data topic.
h. the existence of a right of appeal to a supervisory authority.
If personal data is transmitted to a third country or to an international organization, you have the right to receive information about the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transmission. We provide a copy of the personal data that is the subject of the processing. For any additional copies you request from an individual, we may charge a reasonable fee based on our administrative costs. If your request is submitted electronically, the information must be provided in a standard electronic format unless otherwise specified. The right to receive a copy under paragraph 3 shall not affect the rights and freedoms of other persons.
3. Right to confirmation
You have the right to request confirmation from the controller as to whether we are processing personal data relating to you. You can request this confirmation at any time using the contact details given above.
4. Right to erasure (“right to be forgotten“)
You have the right to request that the controler deletes personal data concerning you immediately, and we are obliged to delete personal data immediately if one of the following reasons applies:
a. the data subject objects to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR.
b. the data subject withdraws the consent on which the processing was based pursuant to Article 6(1)(a) or Article 9(2)(a) and there is no other legal basis for the processing.
c. The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
d. Erasure of the personal data is necessary for compliance with a legal obligation in Union or Member State law to which the controller is subject.
e. The personal data was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.
f. the personal data has been processed unlawfully.
If the controller has made the personal data public and is required to erase the personal data in accordance with paragraph 1, the controller shall take reasonable steps, including technical measures, to inform the controllers who are processing the data, taking into account the available technology and the implementation costs personal data that the person concerned has requested the deletion of all links to this personal data or copies or replications of this personal data from this person responsible.
The right to erasure (“right to be forgotten”) does not exist if the processing is necessary:
- for reasons of public interest in the area of public health in accordance with Art. 9 (2) lit. h and i and Art. 9 (3) GDPR.
- to assert, exercise or defend legal claims.
- to fulfill a legal obligation that requires processing under Union or Member State law to which the controller is subject, or to perform a task that is in the public interest or in the exercise of official authority that has been delegated to the controller.
- for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Article 89 paragraph 1 GDPR, insofar as the law referred to in paragraph 1 is likely to make it impossible to achieve the objectives or seriously impair this processing;
- or to exercise the right to freedom of expression and information.
5. Right to rectification
You have the right to request the immediate correction of incorrect personal data concerning you. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data – also by means of a supplementary declaration.
6. Right to restriction of processing
You have the right to request us to restrict the processing of your personal data if one of the following conditions is met:
a. the processing is unlawful and the data subject refuses to have the personal data erased and instead requests that their use be restricted.
b. the controller no longer needs the personal data for the purposes of processing, but the data subject needs the data to assert, exercise or defend legal claims.
c. the data subject has lodged an objection to the processing pursuant to Article 21 Paragraph 1 GDPR, as long as it is not certain whether the legitimate reasons of the person responsible outweigh those of the data subject.
d. or the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data
If the processing has been restricted according to the aforementioned conditions, this personal data – apart from its storage – may only be processed with the consent of the person concerned or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons an important public interest of the Union or of a Member State. In order to assert the right to restriction of processing, the person concerned can contact us at any time using the contact details given above.
7. Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 (1) (e) or (f) GDPR, including the profiling based on this these provisions. In the event of an objection, the person responsible will no longer process the personal data unless the person responsible can demonstrate compelling legitimate grounds for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend of legal claims.
In the event that personal data is processed in order to operate direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising. This also applies to profiling insofar as it is associated with such direct advertising. If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
In connection with the use of information society services, you can – notwithstanding Directive 2002/58/EC – exercise your right to object by means of automated procedures using technical specifications.
You have the right to object to the processing of personal data relating to you for scientific or historical research purposes or for statistical purposes pursuant to Article 89 paragraph 1 for reasons arising from your particular situation, unless the processing is required to perform a task that is in the public interest.
You can exercise your right to object at any time by contacting the controller.
8. Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer this data to another person responsible without hindrance by the person responsible for the personal data, provided to be transmitted, insofar as:
a. the processing is carried out using automated procedures and
b. the processing is based on consent pursuant to Article 6 Paragraph 1 Letter a or Article 9 Paragraph 2 Letter a or on a contract pursuant to Article 6 Paragraph 1 Letter b GDPR.
When exercising your right to data portability in accordance with paragraph 1, you have the right to have the personal data transmitted directly from one controller to another controller, insofar as this is technically feasible. Exercising the right to data portability does not affect your right to erasure (“right to be forgotten”). This right does not apply to processing that is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been assigned to the controller.
9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:
a. is permissible on the basis of Union or Member State legislation to which the person responsible is subject and which also provides for appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject.
b. is based on the explicit consent of the data subject, or
c. is necessary for entering into, or the performance of, a contract between the data subject and the controller.
The controller shall implement appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision. The person concerned can exercise this right at any time by contacting the controller.
10. Right to effective judicial remedy
Without prejudice to any other available administrative or judicial remedy, including the right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR, you have the right to an effective judicial remedy if you consider that your rights under this Regulation have been breached as a result of the processing of your personal data in violation of this regulation.
11. Right to lodge a complaint with a supervisory authority
You also have, without prejudice to any other administrative or judicial remedy, the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you serve us as a data breacher and the data subject believes that the processing of your personal data violates this regulation.
Contact form and email contact
1. Description and scope of data processing
There is a contact form on our website which can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved. These dates are:
1) User’s name
2) User’s email address
3) User address
4) Date and time of contact
Your consent will be obtained for the processing of the data during the sending process and reference will be made to this data protection declaration. Alternatively, you can contact us via the email address provided. In this case, the user’s personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The data will only be used to process the conversation.
2. Legal basis for data processing
The legal basis for processing the data is Article 6(1)(a) GDPR if the user has given their consent. The legal basis for the processing of data transmitted in the course of sending an email is Article 6 Paragraph 1 Letter f GDPR. If the e-mail contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
3. Purpose of data processing
The processing of the personal data from the input mask serves us solely to process the contact. If contact is made by e-mail, this is also the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the facts in question have been finally clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5. Possibility of objection and elimination The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. Storage and consent can be revoked by sending an email to info(at)the-tennis-circle.com. All personal data that was saved in the course of making contact will be deleted in this case.
Social – network integrations
1. Online presence in social media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to be able to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in our data protection declaration, we process user data if they communicate with us within social networks and platforms, e.g. write posts on our online presence or send us messages.
2. Integration of third-party services and content
We use content or service offers from third-party providers within our online offer on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. DSGVO) in order to improve their content and Integrate services such as videos or fonts (hereinafter uniformly referred to as “content”). This always presupposes that the third-party providers of this content perceive the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is therefore required for the display of this content. We endeavor to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and contain, among other things, technical information about the browser and operating system, referring websites, visiting times and other information on the use of our online offer, as well as being linked to such information from other sources.
1) Vimeo
We embed the videos from the “Vimeo” platform provided by Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy Policy: https://vimeo.com/privacy.
2) Youtube
We embed the videos from the “YouTube” platform provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
3) Google Maps
We integrate the maps of the “Google Maps” service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
4) Google ReCaptcha We integrate the function for detecting bots, e.g. when making entries in online forms (“ReCaptcha”) from the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
5) Use of Facebook Social Plugins
On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. DSGVO) we use social plugins (“plugins”) of the social network facebook.com, which operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white “f” on a blue tile, the terms “Like”, “I like” or a “thumbs up” sign ) or are marked with the addition “Facebook Social Plugin”. The list and appearance of the Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
If a user calls up a function of this online offer that contains such a plugin, his device establishes a direct connection with the Facebook servers. The content of the plugin is transmitted directly from Facebook to the user’s device, which integrates it into the online offer. User profiles can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge. By integrating the plugin, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged into Facebook, Facebook can assign the visit to his Facebook account.
If users interact with the plugins, for example by pressing the Like button or making a comment, the corresponding information is sent directly from your device to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save their IP address. According to Facebook, only an anonymous IP address is stored in Germany. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the relevant rights and setting options for protecting the privacy of users can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy/ .
If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and link it to his member data stored on Facebook, he must log out of Facebook before using our online offer and delete his cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info /choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
6) Twitter
Within our online offer, functions and content of the Twitter service can be integrated, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. This can include, for example, content such as images, videos or text and buttons with which users can express their interest in the content, the authors of the content or subscribe to our posts. If the users are members of the Twitter platform, Twitter can assign the above-mentioned content and functions to the user profiles there. Instgram privacy policy: https://twitter.com/de/privacy. Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.
7) Instagram
Functions and content of the Instagram service, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, can be integrated within our online offer. This can include, for example, content such as images, videos or text and buttons with which users can express their liking for the content, the authors of the content or subscribe to our posts. If the users are members of the Instagram platform, Instagram can assign the above-mentioned content and functions to the user profiles there. Instagram privacy policy: http://instagram.com/about/legal/privacy/
Automatic decision-making
We do not use any automated decision making or profiling.