Privacy Policy

Contact Forms and Email Contact

You have the option to send us a message via our websites or by email. We consider data protection important and take it very seriously. We have strict data protection agreements with our staff.

Your data will only be used to respond to your questions regarding augmentative and alternative communication, symbol-based communication, and symbol boards, or to schedule and conduct an on-site consultation and/or trial of symbol communication systems upon request.

If you consent to being informed about updates related to symbol boards / symbol communication, we will notify you accordingly. You may revoke your consent at any time. You can find more information about your rights below.

If you consent to us contacting you to learn more about your experience with the symbol boards, you may receive messages from us in that regard. You may revoke your consent at any time. You can find more information about your rights below.

Your data will be automatically deleted once the consultation or trial and further communication are concluded. Communication is considered concluded when it can be inferred from the circumstances that the relevant matter has been fully resolved.

By actively and voluntarily submitting the contact form and accepting the privacy policy, you consent to the processing of your data, thus allowing us to process and respond to your request. The legal basis for processing the data, when user consent is given, is Art. 6(1)(a) GDPR. The legal basis for data transmitted through voluntary submission is Art. 6(1)(f) GDPR. If the request aims to conclude a contract, the additional legal basis is Art. 6(1)(b) GDPR.

As a user, you can revoke your consent to the processing of personal data at any time and object to its storage. In such cases, further consultation or device trials will no longer be possible. You can submit your revocation and objection via phone, email, or postal mail. Contact details can be found in the “Controller” section. All personal data stored in the course of communication will be deleted in such cases.

The same strict data protection rules apply if you contact us via email. Naturally, you provide personal data such as your name and email address. We use this data solely to respond to your questions and send the requested information. Your data may be stored for follow-up questions. This data is not passed on to third parties without your explicit consent.

Please note that data transmission over the internet (e.g., communication via email or web form) may have security vulnerabilities. A complete protection of data from third-party access is not possible. Therefore, please do not send sensitive data via email or contact form.

If you commission us to provide a service, your data will not be stored or passed on without your explicit consent, unless it is necessary for service provision and billing.

- Legal Basis for Data Processing

The legal basis for processing data, when user consent is given, is Art. 6(1)(a) GDPR.

The legal basis for processing data transmitted via email is Art. 6(1)(f) GDPR. If the email contact aims at concluding a contract, the additional legal basis is Art. 6(1)(b) GDPR.

- Purpose of Data Processing

The processing of personal data from the input form is solely for handling the contact request. In the case of contact via email, this also constitutes the necessary legitimate interest in processing the data.

Other personal data processed during the submission process is used to prevent misuse of the contact form and to ensure the security of our IT systems.

- Duration of Storage

Data is deleted as soon as it is no longer needed to achieve the purpose for which it was collected. For data from the contact form and emails, this is the case when the respective conversation with the user is concluded. A conversation is considered concluded when it can be inferred that the relevant matter has been fully resolved.

- Objection and Removal Option

The user may revoke their consent to the processing of personal data at any time. If the user contacts us by email or web form, they may object to the storage of their personal data at any time. In such cases, the conversation cannot be continued.

You may submit your revocation and objection via phone, email, or postal mail. Contact details can be found in the “Controller” section above.

All personal data stored during the communication will be deleted in such cases.

Data Processing for Control Purposes

For control purposes, parts of the information you provide (possibly shortened) may be stored to ensure proper delivery and handling of requests through our website. Our legitimate interest under Art. 6(1)(f) GDPR lies in ensuring the intended purpose of this portal. Data stored for control purposes will be automatically deleted after the control process is complete. You may request free information at any time regarding your stored personal data (e.g., content, origin, and use of the data). You also have the right at any time to correct, block, or delete the data stored for control purposes. This will not result in any disadvantages to you. Simply contact us—contact details can be found in the “Controller” section below.

Right to Information and Revocation

You may request free information at any time regarding your stored personal data (e.g., content, origin, and use of the data). Furthermore, you have the right to correct, block, or delete this data at any time. To do so, simply contact us—see the "Controller" section below. Further information about your rights can be found in the “Your Rights” section.

Controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Dietmar Golf
HMNW / symbolboard.com
Frankfurter Str. 39
64739 Höchst i. Odw.
Germany

Tel.: +49 (6163) 914 9332
Email: info@symbolboard.com

Scope of Processing of Personal Data

We generally process personal data of our users only to the extent necessary to provide a functional website and our content and services. The processing of personal data of our users is regularly carried out only on the basis of legal permission and/or with the consent of the user.

Legal Basis for the Processing of Personal Data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data necessary for the performance of a contract to which the data subject is a party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.

If processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6(1)(d) GDPR serves as the legal basis.

If processing is necessary for the purposes of the legitimate interests pursued by our company or a third party, and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6(1)(f) GDPR serves as the legal basis.

Data Deletion and Storage Period

The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may be extended if this is required by European or national legislators in EU regulations, laws, or other legal provisions to which the controller is subject. Blocking or deletion of the data will also take place if a storage period prescribed by the aforementioned regulations expires, unless there is a necessity for further storage of the data for the conclusion or fulfillment of a contract.

Provision of the Website and Creation of Log Files

Each time our website is accessed, our system automatically collects data and information from the computer system of the requesting computer.

On the internet, data packets are transmitted from one computer to another—for example, from the server of this website to your computer. This happens as soon as your browser requests a webpage or another file. For these data packets to reach you, your device, like any end device, has an IP address by which it can be uniquely identified and to which the requested data can be addressed and sent.

Depending on your internet service provider, these IP addresses are assigned dynamically, which means your IP address may change each time you connect to the internet.

Your IP address is stored (possibly in shortened form) for (billing) technical purposes, but we cannot associate it with your person and it is never merged with other data by us.

Each time a webpage or an associated object is requested, the following access data is automatically transmitted by your browser and stored by the hosting provider in so-called server log files:

- the date and time of the request
- the IP address of the requesting computer
- the name of the requested file
- the amount of data transferred
- the response status (successful, unsuccessful, etc.)
- the address (URL) of the webpage from which the file was requested
- a description of the browser type / operating system used

This data is generally not attributable to a specific person and is collected exclusively for technical purposes, possibly stored, and regularly deleted automatically.

- Legal Basis for Data Processing

The legal basis for the temporary storage of data and log files is Art. 6(1)(f) of the GDPR.

- Purpose of Data Processing

The temporary storage of the IP address by the system is necessary to deliver the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

Storage in log files is carried out to ensure the functionality of the website. In addition, the data helps us optimize the website and ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context.

These purposes also constitute our legitimate interest in data processing according to Art. 6(1)(f) of the GDPR.

- Duration of Storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of data collected for providing the website, this is the case when the respective session ends. Further storage is possible. In such cases, the users' IP addresses are regularly deleted or anonymized so that identification of the accessing client is no longer possible.

- Possibility of Objection and Removal

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Therefore, there is no possibility for the user to object.

Your Rights

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

- Right to Access

You may request confirmation from the above-mentioned controller as to whether personal data concerning you is being processed.

If such processing exists, you can request the following information from the controller:

the purposes for which the personal data is being processed;
the categories of personal data being processed;
the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
the planned duration of the storage of your personal data or, if specific information is not available, the criteria used to determine the storage duration;
the existence of the right to rectification or erasure of your personal data, a right to restriction of processing by the controller, or a right to object to such processing;
the right to lodge a complaint with a supervisory authority;
all available information about the origin of the data if the personal data was not collected from you directly;
the existence of automated decision-making, including profiling, pursuant to Art. 22(1) and (4) GDPR and—at least in such cases—meaningful information about the logic involved and the significance and envisaged consequences of such processing for the data subject.

You also have the right to be informed whether your personal data is transferred to a third country or an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

This right of access may be restricted insofar as it is likely to render impossible or seriously impair the achievement of research or statistical purposes and such restriction is necessary for the fulfilment of those purposes.

- Right to Rectification

You have the right to obtain from the controller the rectification and/or completion of personal data concerning you if it is inaccurate or incomplete. The controller must rectify the data without undue delay.

Your right to rectification may be restricted if it is likely to render impossible or seriously impair the achievement of research or statistical purposes and such restriction is necessary for the fulfilment of those purposes.

- Right to Restriction of Processing

You may request restriction of processing of your personal data under the following conditions:

if you contest the accuracy of the personal data concerning you, for a period enabling the controller to verify the accuracy of the data;
the processing is unlawful and you oppose the erasure of the data and request restriction of its use instead;
the controller no longer needs the data for the purposes of processing, but you require it for the establishment, exercise, or defense of legal claims; or
you have objected to processing pursuant to Art. 21(1) GDPR and it has not yet been determined whether the legitimate grounds of the controller override yours.

Where processing has been restricted, such data shall—apart from storage—only be processed with your consent or for the establishment, exercise, or defense of legal claims or to protect the rights of another person or for reasons of important public interest of the Union or a Member State.

If the restriction of processing has been obtained under the conditions above, you will be informed by the controller before the restriction is lifted.

Your right to restriction of processing may also be limited if it is likely to render impossible or seriously impair the achievement of research or statistical purposes and such restriction is necessary to fulfil those purposes.

- Right to Erasure ("Right to be Forgotten")

Obligation to Erase

You may request the controller to erase personal data concerning you without undue delay, and the controller is obliged to erase such data without undue delay if one of the following reasons applies:

The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
You withdraw your consent on which the processing is based according to Art. 6(1)(a) or Art. 9(2)(a) GDPR and there is no other legal ground for the processing.
You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object pursuant to Art. 21(2) GDPR.
The personal data concerning you has been unlawfully processed.
The erasure is required to comply with a legal obligation under Union or Member State law to which the controller is subject.
The personal data was collected in relation to the offer of information society services pursuant to Art. 8(1) GDPR.

Information to Third Parties

If the controller has made the personal data public and is obliged to erase it pursuant to Art. 17(1) GDPR, they shall take reasonable steps, including technical measures, considering available technology and implementation costs, to inform controllers processing the personal data that you as the data subject have requested erasure of all links to or copies of the data.

Exceptions

The right to erasure does not apply where processing is necessary:

for exercising the right of freedom of expression and information;
for compliance with a legal obligation that requires processing by Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Art. 89(1) GDPR, where the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
for the establishment, exercise, or defense of legal claims.

- Right to Notification

If you have exercised your right to rectification, erasure, or restriction of processing against the controller, they are obliged to notify all recipients to whom your personal data has been disclosed, unless this proves impossible or involves disproportionate effort.
You also have the right to be informed about these recipients by the controller.

- Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit that data to another controller without hindrance from the original controller, provided that:

the processing is based on consent pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR, and
the processing is carried out by automated means.

You also have the right to have your personal data transmitted directly from one controller to another, where technically feasible, provided this does not adversely affect the rights and freedoms of others.

The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

- Right to Object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is based on Art. 6(1)(e) or (f) GDPR; this also applies to profiling based on those provisions.

The controller will no longer process your personal data unless they can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling to the extent it is related to such direct marketing.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for those purposes.

You have the option to exercise your right to object in connection with the use of information society services—regardless of Directive 2002/58/EC—by means of automated procedures using technical specifications.

You also have the right to object, on grounds relating to your particular situation, to the processing of your personal data for scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) GDPR.

This right to object may be restricted if it is likely to render impossible or seriously impair the achievement of research or statistical purposes and such restriction is necessary to fulfil those purposes.

- Right to Withdraw Consent

You have the right to withdraw your consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

- Automated Individual Decision-Making, Including Profiling

You have the right not to be subject to a decision based solely on automated processing—including profiling—which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:

1. is necessary for entering into or the performance of a contract between you and the controller,

2. is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or

3. is based on your explicit consent.

Such decisions may not be based on special categories of personal data referred to in Art. 9(1) GDPR unless Art. 9(2)(a) or (g) GDPR applies and suitable measures have been taken to protect your rights and freedoms and legitimate interests.

In cases (1) and (3), the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain human intervention, to express your point of view, and to contest the decision.

- Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or the place of the alleged infringement, if you believe that the processing of personal data relating to you violates the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

End of Privacy Policy.