Privacy Policy

Datenschutzerklärung

Welcome to the Internet site www.novatec-gmbh.de of Novatec Consulting GmbH. The protection of your personal data is really important to us. For this reason, we comply strictly with the relevant legislation when collecting and processing your personal data. Below, we provide details on the scope and purpose of data collection on our website.

information obligations

Controller’s contact details

Novatec Consulting GmbH

Bertha-Benz-Platz 1

D-70771 Leinfelden-Echterdingen

Geschäftsführung: Rita Ehses, Dominik Meyer and Michael Schuchart

Data protection officer’s contact details

If you have any questions regarding the processing of your personal data, you can contact our external data protection officer directly. This also applies if you wish to request information, make claims, or lodge complaints:

Personal/confidential
FAO: Data Protection Officer
c/o Novatec Consulting GmbH
Bertha-Benz-Platz 1
D-70771 Leinfelden-Echterdingen

E-Mail: datenschutz@novatec-gmbh.de

Legal bases for data processing

The processing of personal data can be based on different legal bases. If we need your data to perform a contract with you or to respond to inquiries from you regarding a contract, the legal basis for this data processing is Art. 6 (1) sentence 1 lit. b GDPR. If we obtain your consent for a specific data processing, the legal basis is Art. 6 (1) sentence 1 lit. a GDPR. We carry out some data processing based on our legitimate interests, always considering and balancing them against your protected interests. The legal basis for this is Art. 6 (1) sentence 1 lit. f GDPR. Insofar as processing is necessary to fulfill a legal obligation to which we are subject, the legal basis is Art. 6 (1) sentence 1 lit. c GDPR.

The following notes provide a overview of what happens to your personal data when you visit this website.

Use of the website for information purposes

When the website is used purely for information purposes and no registration or transmission of information occurs (such as through a contact form), we collect the following technical information (log file data):

– operating system of the end device with which you visit our website

– browser (type, version & language settings)

– the amount of data retrieved

– the current IP address of the end device with which you visit our website

– date and time of access

– the URL of the previously visited website (referrer)

– the URL of the (sub-)page that you retrieve on the website

– the internet service provider of the accessing system

The collection of this data is technically necessary for displaying our website and ensuring its stability and security. Neither we nor our service provider are regularly aware of the identity behind an IP address. We do not combine the data listed above with other data.

The legal basis of the data processing is Art. 6 (1) sentence 1 lit. f GDPR. Since the collection of data for the provision of the website and the storage in log files are necessary for the operation of the website and protection against misuse, our legitimate interests in data processing override in this regard.

Contact

When you contact us by e-mail, telephone or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions and process your requests. This data is stored and processed in a customer relationship management system (CRM), for which we use Microsoft Dynamics. The legal basis for this data processing is Art. 6 (1) sentence 1 lit. f GDPR. If we ask for any information through our contact form that is not necessary for contacting us, we have always marked this as optional. This additional information helps us understand and address your specific request and improve our handling of your given concern. This data processing is based on your consent, Art. 6 (1) sentence 1 lit. a GDPR. Insofar as this involves information on communication channels (for example, e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to respond to your request. Of course, you can revoke this consent at any time for the future.

Your data, which we have received in the course of contacting you, will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.

As the data controller, our company has implemented numerous technical and organizational measures to ensure the highest level of protection for the personal data processed through this website. Nevertheless, internet-based data transmissions can generally have security vulnerabilities. Absolute protection cannot be guaranteed; in any case, sending unencrypted e-mails is not secure. We therefore ask you not to send sensitive data by unencrypted e-mail, but to use either encrypted communication channels (e.g. our contact form) or the postal route for this purpose.

Training

You can register for seminars or workshops via our website. For this, we need your title, name, business address, phone number, and e-mail address. Mandatory fields have been marked as such.

We use the above-mentioned data solely for the purpose of conducting the webinar. The legal basis for free webinars Art. 6 (1) sentence 1 lit. f) GDPR, and for paid webinars additionally Art. 6 (1) sentence 1 lit. b) GDPR. An encrypted connection is established between you and the online tool provider to ensure secure transmission of data. During and after the webinar, we collect statistical data. In addition to your registration data we receive information about the duration of participation, questions asked or answers given. This data is collected for the purpose of providing further customer support.

After the webinar, we will send you a one-time e-mail that includes a reference to our services and the most important information covered in the webinar.

You have the right to object to the processing of your personal data under the legal conditions (Art. 21 GDPR).

In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or for the establishment, exercise or defence of legal claims. We point out that in the case of an objection, participation in a webinar may not be possible.

By clicking on ‘Participate,’ you confirm that you will not create any recordings or screenshots of this session.

Newsletter

You have the option to subscribe to various newsletters on some of our websites. Through these newsletters, we provide information about our company’s activities, current updates on our services, special offers, promotions, events, and prize competitions. A brief description of the content of each newsletter is provided during the subscription process. The legal basis for sending the respective newsletter is your consent under Art. 6 (1) sentence 1 lit. a GDPR in conjunction with § 7 (2) no. 3 UWG or the legal permission under § 7 (3) UWG.

For the registration of our newsletters, we use the so-called double opt-in procedure. This means that after you register, we will send an email to the email address you provided, asking you to confirm your subscription to the newsletter. If you do not confirm your registration, your information will be automatically deleted after 3 days.

The only mandatory information required for sending the newsletter is your email address. Providing additional data is voluntary and is used to personalize the newsletter content. Once you confirm your subscription, we will store your email address for the purpose of sending the newsletter until you decide to unsubscribe. We also retain your IP address current at the time of registration, and the time of registration as well as confirmation, for up to three years after registration (statute of limitations). This procedure serves the purpose of being able to provide evidence of your registration in case of any uncertainty and to investigate any potential misuse of your personal data. The legal basis for logging the registration is our legitimate interest under Art. 6 (1) sentence 1 lit. f GDPR, which allows us to prove a previously given consent as specified in Article 7(1) of the GDPR.

You have the right to revoke your consent to receive the newsletter and unsubscribe at any time. You can do so by clicking on the unsubscribe link provided in each newsletter email or by sending an email to xyz@company.de.

This website uses the “MailChimp” service of the provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA, for sending newsletters. MailChimp is a service that allows for the organization and analysis of newsletter campaigns. Data necessary for newsletter subscription, such as your email address, are stored on MailChimp’s servers in the USA. MailChimp enables us to analyze our newsletter campaigns. For example, when you open an email sent through MailChimp, a web beacon (a file included in the email) connects to MailChimp’s servers in the USA to determine if a newsletter message has been opened and which links, if any, have been clicked. Additionally, device-specific information such as the time of access, IP address, browser type, and operating system are recorded. This information cannot be attributed to individual newsletter recipients and is used solely for statistical analysis of newsletter campaigns. The results of these analyses can be used to tailor future newsletters to better suit the recipients’ interests. For more details, please refer to MailChimp’s privacy policy at: https://mailchimp.com/legal/terms/.

Data transfers by MailChimp to the USA are based on EU standard contractual clauses to ensure compliance with European data protection standards in the USA.

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g. email addresses for the member area) remains unaffected by this.

If you do not want any analysis by MailChimp, you should unsubscribe from the newsletter. In each newsletter, we provide a link for this purpose. You have the right to revoke your consent and unsubscribe from the newsletter at any time. Please note that the legality of any data processing activities that have already been carried out will not be affected by your revocation.

Cookies

Cookies are data that are stored on your computer by a website you visit and enable your browser to be reassigned. Cookies transmit information to the entity that sets the cookie. Cookies can store various information, such as your language setting, the duration of your visit to our website, or your entries made there. This avoids having to re-enter necessary form data each time you use it. The information stored in cookies can also be used to recognize preferences and customize our services based on your preferred areas of interest.

There are different types of cookies: Session cookies are sets of data that are only temporarily held in memory and deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a specified duration, which can vary depending on the cookie. The information can also be stored in text files on your computer with this type of cookies. However, you can also delete these cookies at any time through the settings of your browser.

First-party cookies are set by the website you are currently visiting. Only that website is allowed to read information from these cookies. Third-party cookies are set by organizations that are not the operator of the website you are visiting. These cookies are used, for example, by marketing companies.

The legal bases for possible processing of personal data through cookies and their storage duration can vary. Insofar as you have given us your consent, the legal basis is Art.6 (1) sentence 1 lit. a GDPR. If data processing is based on our overriding legitimate interests, the legal basis is Art. 6 (1) sentence 1 lit. f GDPR. The stated purpose then corresponds to our legitimate interests.

We use cookies to ensure the proper operation of the website, provide essential functionalities, measure reach, and, with your consent, to customize our services based on your preferred areas of interest.

The cookies used on this website are:

[Name]: [Persistent/Session] [First-party/Third-party] [Purpose] [Storage duration]

Example: _ga: Persistent third-party cookie for the purpose of distinguishing users as part of tracking by Google Analytics. The storage duration is X months.

OR

Table: Name  Provider  Purpose  It should be deleted after X

You can delete cookies already stored on your end device at any time. If you want to prevent the storage of cookies, you can do this through the settings in your internet browser. Instructions for common browsers can be found here: Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge Browser, Safari, Safari mobile. Alternatively, you can also install so-called ad-blockers. Please note that individual features of our website may not function if you have disabled the use of cookies.

When accessing our website, all users of our website are also informed by an information banner about our use of cookies and referred to this data protection policy. As a user, you will also be asked for your consent to the use of certain cookies, in particular for the personalization of services and for marketing measures. Once you have given your consent, you can revoke it at any time with future effect by…[Description of the revocation option; example: by calling up the cookie administration via the following link and unchecking the box next to the processing to which you had consented].

Advertising

We use cookies for marketing purposes to target our users with interest-based advertising. In addition, we use the cookies to limit the likelihood of an ad being played and to measure the effectiveness of our advertising efforts. This information may also be shared with third parties, such as ad networks. The legal basis for this is Art. 6 sentence 1 lit. and lit. f of the GDPR. There is a legitimate interest in conducting direct marketing for the purposes pursued through the data processing. You have the right to object to the processing of your data for the purpose of such advertising at any time. For this, we provide you with opt-out options of the respective services below. Alternatively, you can prevent the setting of cookies in your browser settings.

Google Ads (formerly Google AdWords), Remarketing, and Conversion Tracking

We use the Google Ads service. Google Ads is an online advertising program from Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The controller for users in the EU/EWR and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

This means that we place Google Ads and also use Google Remarketing and Conversion Tracking as part of this. The ads are displayed after search queries on websites of the Google advertising network. In addition, we use Ads Remarketing Lists for search ads. This allows us to customize search ad campaigns for users who have visited our website before. Through these services, we have the possibility to combine our ads with certain search terms or to display ads for previous visitors in which, for example, services are advertised that the visitors have viewed on our website. This enables us to deliver interest-based advertising to users of our website on other websites within the Google advertising network (such as a ‘Google ad’ within Google Search or on other websites).

An analysis of online user behavior is necessary for interest-based offers. Google uses cookies to perform this analysis. When clicking on an ad or visiting our website, a cookie is set on the user’s computer by Google. These cookies have a term of 90 days. The information collected by means of the respective cookie is used to target the visitor in a subsequent search query. Further information on the cookie technology used can also be found in Google’s notes on website statistics and in the privacy policy. With the help of this technology, Google and we as a customer receive information about the fact that a user has clicked on an advertisement and has been redirected to our web pages. The information obtained in this way is used exclusively for statistical evaluation for ad optimization. We do not receive any information with which visitors can be personally identified. Your IP address is transmitted to Google, but since we use Google Analytics IP masking on this website, your IP address is anonymized. The statistics provided to us by Google include the total number of users who clicked on one of our ads and, if applicable, whether they were redirected to a page on our website that is tagged with a conversion tag. Based on these statistics, we can track which search terms were clicked on our ad particularly often and which ads lead to the user contacting us via the contact form.

Insofar as data is processed outside the EEA, where there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish a secure level of data protection.

You can find more information on data protection in the context of Google Ads at: https://policies.google.com/technologies/ads?hl=de

The data collection and storage only takes place after explicit consent according to Art. 6 (1) sentence 1 lit. a) GDPR. This consent can be revoked at any time with effect for the future.

If you do not want your visit to be included in the user statistics, you can prevent this by preventing the storage of the cookies required for these technologies, for example, via the settings of your browser.

You also have the option to select the types of Google ads or disable interest-based ads on Google via the ads setting. Alternatively, you can disable the use of cookies by third parties by accessing the Network Advertising Initiative’s deactivation guide.

However, both we and Google still receive statistical information about how many users have visited this page and when. If you also do not want to be included in these statistics, you can prevent this with the help of additional browser programs (for example, the Ghostery add-on)

Google Analytics

As far as you have given your consent, Google Analytics, a web analysis service from Google LLC, is used on this website. The controller for users in the EU/EWR and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Scope of Processing

Google Analytics uses cookies that are stored on your computer and that enable the analysis of your website usage. The information collected by the cookie on your usage of this Website is generally transmitted to a Google server in the USA and is stored there.

In Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The IP address transmitted by your browser within the context of Google Analytics will not be merged with other Google data.

During your website visit, your user behavior is recorded in the form of “events”. Events can be:

• Page views
• First visit to the website
• Start of session
• Your “click path”, interaction with the website
• Scrolls (whenever a user scrolls to the bottom of the page (90%))
• Clicks on external links
• Internal search queries
• Interaction with videos
• Viewed/clicked ads

In addition, the following is recorded:

• Your approximate location (region)
• Your IP address (in shortened form)
• Technical information about your browser and the devices you use (e.g., language setting, screen resolution)
• Your Internet provider
• The referrer URL (via which website/advertising medium you came to this website)

Purposes of Processing

On behalf of the operator of this Website, Google uses this information to evaluate your (pseudonymous [NOT WHEN USING USER-ID]) usage of the Website, compile reports on Website activities. The reports provided by Google Analytics serve to analyze the performance of our website [OPTIONAL] and the success of our marketing campaigns.

Recipients

The recipients of the data are/may be

• Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as data processor under Art. 28 GDPR)
• Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
• Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be guaranteed that U.S. authorities will not access the data stored by Google.

Transfer to Third Countries

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A transfer of data to the USA and access by US authorities to the data stored by Google cannot be ruled out. The USA is currently considered a third country from a data protection perspective. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

Duration of Storage

The data that we send and link to cookies are automatically deleted after 2 or 14 months. Data whose retention period has been reached is deleted automatically once a month.

Legal Basis

The legal basis for this data processing is your consent according to Art. 6 (1) sentence 1 lit. a GDPR.

Revocation of Consent

You can revoke your consent at any time with effect for the future by accessing the cookie settings HERE and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

Alternatively, you can prevent cookies from being stored in the first place by setting your browser software accordingly. However, if you set your browser to refuse all cookies, you may experience limitations in functionality on this and other websites. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google, by

a. not giving your consent to the setting of the cookie or

b. downloading and installing the browser add-on to deactivate Google Analytics HERE.

For more information on Google Analytics’ terms of use and Google’s privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.

Google Tag Manager

For the sake of transparency, we would like to point out that we use the Google Tag Manager of the provider Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

The Google Tag Manager itself does not collect any personal data. Google Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements used for various purposes, including measuring traffic and visitor behavior, assessing the impact of online advertising and social channels, establishing remarketing and targeting, and testing and optimizing websites. We use the Tag Manager for the Google Analytics service. If you have chosen to deactivate it, Google Tag Manager will respect this deactivation. For more information about the Google Tag Manager, please visit: https://www.google.com/intl/de/tagmanager/use-policy.html.

Facebook Conversion Tracking Pixel

We use the Custom Audiences service of Meta Platforms, Inc., 1601 S. California Avenue, Palo Alto, CA 94304, USA (hereinafter referred to as “Facebook”) as part of our usage-based online advertising. For this purpose, we define target groups of users in the Facebook Ads Manager based on certain characteristics, who are subsequently shown ads within the Facebook network. Users are selected by Facebook based on the profile information they provide, and other data provided through their use of Facebook. If a user clicks on an advertisement and subsequently arrives on our website, Facebook receives the information that the user has clicked on the advertising banner via the Facebook pixel embedded on our website.

In general, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which is transmitted to Facebook for analysis and marketing purposes. A Facebook cookie is set in the process. This collects information about your activities on our website (e.g., surfing behavior, subpages visited, etc.). Your IP address is also stored and used for the geographic targeting of advertising.

We do not use Facebook Custom Audiences via customer lists, nor do we use the ‘Advanced Match’ feature.

For more information about the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your settings options for protecting your privacy, please refer to Facebook’s privacy policy. You can make settings regarding which advertisements are displayed to you on Facebook under this link and in the Facebook account settings.

You can prevent data collection by the Facebook pixel by clicking on the following link: [Disable Tracking]

An opt-out cookie (persistent HTML5 storage object) is set to prevent the future collection of your data when visiting this website.

You can also prevent the storage of cookies altogether by selecting the appropriate settings on your browser software. However, we would like to point out that in this case you may not be able to use all functions of our website to their full extent. You can find further options for deactivating cookies by third-party providers at www.networkadvertising.org/managing/opt_out.asp or on the Digital Advertising Alliance Opt-Out Platform at http://optout.aboutads.info/?c=2&lang=en.

Microsoft Dynamics

We use the Microsoft Dynamics 365 Cloud for Marketing tool provided by Microsoft (Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland) to carry out marketing activities, for analysis purposes as well as for targeting customers and potential customers. Microsoft Dynamics uses the following cookies:

• Long-term behavioral-analysis cookie: The cookie enables Marketing to score leads based on their level of interaction with a given website. The cookie contains no personal information but does uniquely identify a specific browser on a specific machine, and Marketing can use it to correlate this ID with an actual contact in the Marketing database. The cookie remains active for two years.

• Short-term, single-visit cookie: Dynamics 365 Marketing uses this cookie to all page loads by a given visitor that are recorded by the same behavioral-analysis script and that occur within the configured time frame. The cookie will consider all of these as part of a single “visit” to the website.

The legal basis is your consent in accordance with Article 6 para. 1 lit. a) GDPR. You can find more information on data protection in Microsoft’s privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

Users can find more information on the use of cookies in connection with the system at https://docs.microsoft.com/de-de/dynamics365/customer-engagement/marketing/cookies.

Podigee

We use the podcast hosting service Podigee of the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany on our website to display podcasts and make them available. The podcasts are thereby loaded by Podigee or transmitted via Podigee.

In this context, Podigee processes IP addresses and device information to facilitate podcast downloads/playbacks and to generate statistical data, such as retrieval figures. This data is anonymized or pseudonymized before being stored in Podigee’s database unless it is required for podcast provision.

The legal basis for this processing is your consent, in accordance with Art. 6 (1) sentence 1 lit. a of the GDPR.

The processed data will be deleted in accordance with legal requirements as soon as the purpose for storage has expired or you have withdrawn your consent. For further information and options to object, please refer to the privacy policy of Podigee: https://www.podigee.com/de/about/privacy/.

Snapaddy

We use the software “snapADDY” provided by snapADDY GmbH, Haugerkirchgasse 7, 97070 Würzburg, for more efficient lead generation.

With the assistance of the software, potential contacts from potentially interested companies are identified. This is done automatically; profiles on the business networks Xing and LinkedIn are scanned and transferred to our CRM system. Publicly available data that you have published in your Xing and/or LinkedIn profile is processed. These data may be supplemented by company data from the Impressum of your company’s website or other public sources.

The legal basis for the processing is your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR and § 25 (1) TTDSG. You can revoke your consent at any time with effect for the future.

The processing of personal data takes place exclusively within the EEA. The collected data is not shared with other companies or used to build a contact database. We have concluded a data processing agreement with snapADDY and fully implement the strict requirements of the German data protection authorities when using snapADDY.

The data will be stored for a period of (xx).

You can find more information about data protection at snapADDY at https://www.snapaddy.com/de/legal/datenschutz.html.

Transmission of data to third parties

Your personal data will not be transferred to third parties unless we are legally obligated to do so, or the data transfer is necessary to fulfill our contractual relationship with you, or you have previously expressly consented to the transfer of your data.

External service providers and partner companies, such as online payment providers or a shipping company commissioned with delivery, only receive your data to the extent to which this is required in order to handle your inquiry. In such cases, the scope of transmitted data is kept to the minimum required. Insofar as our service providers process your personal data on our behalf, we ensure in the context of order processing according to Art. 28 GDPR that they comply with the provisions of the data protection laws in the same way. Please also note the data privacy policy of the respective providers. The respective service provider is responsible for the content of third-party services, whereby we check the services for compliance with the legal requirements within the scope of reasonableness.

We strive to process your data within the EU/EEA. However, there may be cases where we use service providers that process data outside the EU/EEA. In such cases, we ensure that an adequate level of data protection, comparable to the standards within the EU, is established with the recipient before transferring your personal data. This can be achieved through means such as EU standard contractual clauses, Binding Corporate Rules, or special agreements to which the company may be subject.

Data Security

We have taken technical and organizational security measures to protect your data managed by us from accidental or deliberate manipulation, loss, destruction, or access by unauthorized persons. Our security measures are improved constantly in accordance with Internet technological development.

Your Rights

You have the right to obtain from us confirmation as to whether we are processing personal data concerning you. If we have processed data about you, you are entitled to further rights of access as specified in Article 15 GDPR. Additionally, you have the right to rectification (Article 16 GDPR), the right to restriction of processing (Article 18 GDPR), the right to erasure (Article 17 GDPR), and the right to data portability (Article 20 GDPR) under the respective legal conditions.

Under the legal requirements, you have the right to object to the processing (Art. 21 GDPR).

To exercise your above rights, please contact us by email at datenschutz@novatec-gmbh.de or by mail at the company address. The exercise of your above rights is free of charge for you.

Without prejudice to another administrative or judicial remedy, you have the right at any time to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes upon the General Data Protection Regulation (Art. 77 GDPR).

The supervisory authority responsible for us is the Baden-Wuerttemberg State Commissioner for Data Protection and Freedom of Information. You can reach them at the following contact details:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg

Lautenschlagerstraße 20
70173 Stuttgart

poststelle@lfdi.bwl.de

Telefon:           0711/61 55 41 – 0; Telefax:    0711/61 55 41 – 15

August 2023