Privacy Policy
The controller in accordance with data protection laws is:
Tell Us GmbH
Managing Director: Mr. Marwin Gansauge
Email Address:
info@tell-us.media
Phone: +49 170 3162806
Holter Str. 16, 33415, Verl, Germany
These data protection notices inform you (hereinafter also referred to as "user" or "data subject") about our data processing in general, during a visit to our website, and when contacting us via email or telephone. We also inform you about your rights regarding the processing of your data. The term "data processing" always refers to the processing of personal data.
General Notes on Data Processing
1.1 Categories of Personal Data
We process the following categories of personal data:
Inventory data (e.g., names, addresses, functions, organizational affiliation, etc.);
Contact data (e.g., email, telephone/fax numbers, etc.);
Content data (e.g., text entries, image files, videos, etc.);
Usage data (e.g., access data);
Meta/communication data (e.g., IP addresses).
1.2 Recipients or Categories of Recipients of Personal Data
If, in the course of our processing, we disclose data to other persons and companies such as web hosts, processors, or third parties, this is done on the basis of legal permission (e.g., if the transmission of data to third parties according to Art. 6 Para. 1 lit. b GDPR is necessary for contract performance), if data subjects have consented or if a legal obligation provides for this.
1.3 Duration of Storage of Personal Data
The criterion for the duration of storage of personal data is the respective statutory retention period. After the period has expired, the relevant data is deleted, provided it is no longer necessary for the achievement of objectives, contract fulfillment, or contract initiation.
1.4 Transfers to Third Countries
If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or this occurs in the context of the use of third-party services or disclosure or transmission of data to third parties, this only occurs if it is necessary to fulfill our (pre)contractual obligations, based on your consent, due to a legal obligation, or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special conditions of Art. 44 et seq. GDPR, i.e., processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU or compliance with officially recognized specific contractual obligations (so-called "standard contractual clauses").
Data Processing During the Visit of Our Website
2.1 Log Files
Every time a data subject accesses our website, general data and information are stored in the log files of our system:
Date and time of access (timestamp);
Request details and destination address (protocol version, HTTP method, referrer, UserAgent string);
Name of the retrieved file and transferred data volume (requested URL including query string, size in bytes);
Message whether the retrieval was successful (HTTP status code).
We do not draw any conclusions about the data subject when using this general data and information. There is no personal evaluation or evaluation of the data for marketing purposes or profiling. The IP address is not stored in this context.
The legal basis for the temporary storage of the data is Art. 6 Para. 1 lit. f GDPR. The collection of data for the provision of the website and the storage of the data in log files is mandatory for the secure operation of our website. Consequently, there is no possibility of objection on the part of the data subject.
2.2 Malware Detection and Log Data Analysis
We collect log data generated during the operation of communication technology of our office and evaluate it automatically to the extent necessary to detect, limit, or eliminate disruptions or errors in communication technology or to defend against attacks on our information technology or the detection and defense of malware.
The legal basis for the temporary storage and evaluation of the data is Art. 6 Para. 1 lit. f GDPR. The storage and evaluation of the data are mandatory for the provision of the website and for its secure operation. Consequently, there is no possibility of objection on the part of the data subject.
2.3 Cookies
Our website uses so-called cookies. Cookies are small text files exchanged between the web browser and the hosting server. Cookies are stored on the user's computer and transmitted from there to our site. In the web browser you use, you can restrict or generally prevent the use of cookies by setting it accordingly. Stored cookies can be deleted at any time. If cookies are disabled for our website, it may result in the website not being displayed or used to its full extent.
The legal basis for the processing of personal data using cookies is Art. 6 Para. 1 lit. f GDPR.
2.4 Hosting
The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space, and database services, security services, and technical maintenance services, which we use for the purpose of operating our website.
In this context, we or our processor process inventory data, contact data, content data, contract data, usage data, meta, and communication data of users of our website based on our legitimate interests in an efficient and secure provision of this online offer according to Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of a contract concerning processing).
Data Processing During Contact
3.1 Contacting Us by Email
Contacting us is possible via the email address published on our website.
As far as you use this contact option, the data transmitted by you (e.g., name, first name, address), at least however the email address, and the information contained in the email including the personal data transmitted by you for the purpose of contacting and processing your concern are stored. In addition, the following data are collected by our system:
IP address of the calling computer;
Date and time of the email.
The legal basis for the processing of personal data in the context of emails transmitted to us is Art. 6 Para. 1 lit. b or lit. f GDPR.
3.2 Contact by Letter and/or Fax
If you send us a letter or a fax, the data transmitted by you (e.g., name, first name, address) and the information contained in the letter or fax including the personal data transmitted by you for the purpose of contacting and processing your concern are stored.
The legal basis for the processing of personal data in the context of letters and faxes transmitted to us is Art. 6 Para. 1 lit. b or lit. f GDPR.
3.3 Contact by Letter and/or Fax
In the context of using our online contact form, certain personal data are collected, the extent of which is apparent from the input mask under https://www.tell-us.media/contact. These data are used exclusively for the purpose of answering your concern or for contact and the associated technical administration. The legal basis for processing these data is our legitimate interest in responding to your concern according to Art. 6 Para. 1 lit. f GDPR. If your contacting aims at concluding a contract, then an additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR. Your data will be deleted after your request has been finally processed. This is the case if it can be inferred from the circumstances that the relevant matter has been finally clarified and provided that no legal retention obligations are opposed.
Your Rights
As a data subject, you have the following rights in connection with the processing of your personal data:
4.1 Right to Information
(1) The data subject has the right to request confirmation from the controller as to whether personal data concerning them are being processed; if this is the case, they have the right to information about this personal data and to the following information:
a) the purposes of the processing;
b) the categories of personal data being processed;
c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
d) if possible, the planned duration for which the personal data will be stored, or, if this is not possible, the criteria for determining that duration;
e) the existence of the right to request rectification or deletion of personal data concerning them or restriction of processing by the controller or a right to object to such processing;
f) the existence of a right to lodge a complaint with a supervisory authority;
g) if the personal data are not collected from the data subject, all available information about the origin of the data;
h) the existence of automated decision-making, including profiling, according to Art. 22 Para. 1 and 4 GDPR and – at least in these cases – meaningful information about the involved logic as well as the significance and the envisaged consequences of such processing for the data subject.
(2) If personal data are transferred to a third country or to an international organization, the data subject has the right to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
4.2 Right to Rectification
The data subject has the right to request the controller to rectify inaccurate personal data concerning them without undue delay. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
4.3 Right to Erasure
(1) The data subject has the right to request the controller to erase personal data concerning them without undue delay, and the controller is obliged to erase personal data without undue delay where one of the following grounds applies:
a) The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
b) The data subject withdraws consent on which the processing is based according to Art. 6 Para. 1 lit. a or Art. 9 Para. 2 lit. a GDPR, and where there is no other legal ground for the processing.
c) The data subject objects to the processing pursuant to Art. 21 Para. 1 GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21 Para. 2 GDPR.
d) The personal data have been unlawfully processed.
e) The erasure of personal data is necessary for compliance with a legal obligation in Union or Member State law to which the controller is subject.
f) The personal data have been collected in relation to the offer of information society services referred to in Art. 8 Para. 1 GDPR.
(2) Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers that are processing the personal data that a data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
(3) Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:
a) for exercising the right of freedom of expression and information;
b) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
c) for reasons of public interest in the area of public health in accordance with Art. 9 Para. 2 lit. h and i and Art. 9 Para. 3 GDPR;
d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 Para. 1, insofar as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
e) for the establishment, exercise or defense of legal claims.
4.4 Right to Restriction of Processing
(1) The data subject has the right to request the controller to restrict processing if one of the following conditions applies:
a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data,
b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise, or defense of legal claims;
d) the data subject has objected to processing pursuant to Art. 21 Para. 1 GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
(2) Where processing has been restricted under paragraph 1, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
4.5 Right to Data Portability
(1) The data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format, and they have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as
a) the processing is based on consent pursuant to Art. 6 Para. 1 lit. a or Art. 9 Para. 2 lit. a GDPR or on a contract pursuant to Art. 6 Para. 1 lit. b GDPR and
b) the processing is carried out by automated means.
(2) In exercising their right to data portability pursuant to paragraph 1, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible.
The right referred to in paragraph 1 must not adversely affect the rights and freedoms of others.
This right does not apply to a processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
4.6 Right to Object
The data subject has the right, on grounds relating to their particular situation, to object at any time to processing of personal data concerning them which is based on Art. 6 Para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise, or defense of legal claims.
In connection with the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject may exercise their right to object by automated means using technical specifications.
4.7 Right to Withdraw Consent
The data subject has the right to withdraw their data protection consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
4.8 Right to Lodge a Complaint with a Supervisory Authority
Every data subject has the right to lodge a complaint with a supervisory authority, particularly in the Member State of their habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to them infringes this regulation.