3. GENERAL INFORMATION AND MANDATORY DISCLOSURES

Data protection
We treat your personal data confidentially and in accordance with statutory data protection regulations. This privacy policy explains what data we collect, how and why we do so. Please note that internet-based data transmission (e.g. email communication) may have security vulnerabilities; complete protection against third-party access is not possible.

Controller
hiconiQ
Heiner Offenbächer
Goethestrasse 15
40237 Düsseldorf
Germany

Telephone: +49 156 78684038
Email: contact@hiconiq.com

Storage period
Unless a specific storage period is stated, personal data is stored until the purpose of processing no longer applies. If you request deletion or revoke consent, data will be deleted unless retention is required by law (e.g. tax or commercial law).

Legal bases for processing
We process personal data on the basis of:
• Art. 6(1)(a) GDPR – consent
• Art. 6(1)(b) GDPR – performance of a contract or pre-contractual measures
• Art. 6(1)(c) GDPR – legal obligation
• Art. 6(1)(f) GDPR – legitimate interests

Additional bases may apply where special categories of data are processed.

Recipients of personal data
We may share data with external parties where necessary for contractual performance, legal obligations or legitimate interests. When using processors, data is shared only under a valid processing agreement.

Revocation of consent
You may revoke previously given consent with future effect. Processing carried out prior to revocation remains lawful.

Right to object (Art. 21 GDPR)
You may object at any time to processing based on Art. 6(1)(e) or (f) GDPR for reasons arising from your particular situation, including profiling. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling related to direct marketing. If you object, your personal data will no longer be used for direct marketing.

Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your residence, workplace or the place of the alleged infringement. This right exists without prejudice to other administrative or judicial remedies.

Right to data portability
You can request that data processed automatically based on consent or contract be transferred to you or a third party in a machine-readable format. Where technically feasible, you may request direct transfer to another controller.

Right of access, rectification, deletion
Within the scope of the applicable legal provisions, you may request access to your stored personal data, their origin, recipients and purpose of processing. You may also request correction or deletion of this data.

Right to restriction of processing
You may request restriction of processing if:
• you dispute the accuracy of the data (for the duration of verification)
• processing is unlawful but you request restriction instead of deletion
• we no longer need the data, but you require it for legal claims
• you have objected under Art. 21(1) GDPR and a balancing of interests is pending

If processing is restricted, such data may only be processed (excluding storage) with your consent or for the establishment, exercise or defence of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a member state.

SSL/TLS encryption
This website uses SSL/TLS encryption for security and to protect the transmission of confidential content. You can recognise an encrypted connection by the “https://” prefix and the lock symbol in your browser. If SSL/TLS is active, data transmitted to us cannot be read by third parties.