Privacy

We, Boerse Stuttgart cats GmbH, are part of the Boerse Stuttgart Group and are pleased to welcome you to our websites as well as your interest in the Boerse Stuttgart trading venue. The protection of your personal data is an important concern for us. For this reason, our business processes are conducted in accordance with applicable data protection regulations. Below, we would like to inform you about how we use the personal data you provide, which information we may collect, how we handle it, and to whom we may potentially disclose it.

I. RESPONSIBLE ENTITY UNDER THE GENERAL DATA PROTECTION REGULATION

Boerse Stuttgart cats GmbH, Börsenstraße 4, 70174 Stuttgart

Phone: +49 (0) 711 222985 250

E-Mail: bscats-info@boerse-stuttgart.de

Website: https://www.bs-cats.com

II. CONTACT DETAILS OF THE DATA PROTECTION OFFICER

Ms. Yvonne Piater

By Mail: Datenschutzbeauftragte, Boerse Stuttgart cats GmbH, Börsenstraße 4, 70174 Stuttgart

E-Mail: dsb@boerse-stuttgart.de

III. PURPOSES, LEGAL BASIS OF DATA PROCESSING, DELETION

1. Use of Our Website

You can access our websites without identifying yourself or logging in. On a technical level, we process log data, during which the following information is collected:

IP address, Date and time, Accessed page/name of the retrieved file, Amount of data transferred, HTTP referrer, Byte size of the server response, Browser and version used, Operating system and version used, Time zone difference to Greenwich Mean Time (GMT), Notification of whether the access/retrieval was successful

These data are also stored in the log files of our system. This data is not stored together with other personal data of the user.

Purpose of Data Processing

The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session. Storage in log files is done to ensure the functionality of the website. Additionally, the data is used to optimize the website and to ensure the security of our information technology systems. An analysis of the data for marketing purposes does not take place in this context.

Legal Basis for Data Processing

The legal basis is Article 6(1)(f) GDPR, which allows us to provide the website to you technically. Our legitimate interest lies in providing you with an appealing, technically functioning, and user-friendly website, as well as taking measures to protect our website from cyber risks. If the presentation serves the preparation of a contract, the legal basis for data processing is Article 6(1)(b) GDPR.

Duration of Data Storage

The data is deleted when it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for providing the website, this occurs when the respective session has ended. In the case of data storage in log files, this occurs after a maximum of seven days. Further storage is possible. In such cases, the users' IP addresses are deleted or anonymized so that it is no longer possible to associate them with the accessing client. The temporary storage of seven days in log files ensures the functionality of the website. Additionally, the data is used to optimize the website and to ensure the security of our information technology systems.

Recipients of the Data

Your data is not shared with third parties.

Right to Object

The collection of data for providing the website and the storage of data in log files is essential for the operation of the website. Therefore, the user does not have the option to object.

2. Contact

When you contact us, we collect your contact details. Depending on how you get in touch with us (e.g., by phone or email), your contact details may include your name, postal address, telephone number, email address, as well as the information you provide to us. We use your data solely to process your inquiry or to follow up with additional questions regarding your concern.

Legal Basis for Data Processing

The legal basis for handling your inquiry is Article 6(1)(f) GDPR (legitimate interest in satisfactorily responding to our customers' or prospects' inquiries, based on your and our mutual interest), or Article 6(1)(b) GDPR (inquiries within the context of a contractual relationship), or Article 6(1)(a) GDPR (based on your consent, if it is necessary to forward your inquiries to third parties).

Recipients of the Data

In answering your inquiries, your data will only be processed within the Boerse Stuttgart Group. If it is necessary to forward your inquiry to contractual partners for processing, we will anonymize your inquiry. If, in exceptional cases, it seems necessary to share your personal data, we will inform you in advance and ask for your consent. Without your consent, we do not share your data with third parties for these purposes.

Duration of Data Storage

We store your data until the purpose of the contact has been achieved (end of the conversation). The conversation is considered ended when it can be inferred from the circumstances that the matter has been fully resolved. If your inquiry includes information relevant to a contract, it may be necessary to store this personal data to comply with contractual or legal obligations.

IV. YOUR RIGHTS AS A DATA SUBJECT

Under the statutory conditions, you have the following rights as a data subject, which you may assert against us. As a data subject, you have the right to obtain information about your personal data according to Article 15 GDPR. You can request the correction of your data under Article 16 GDPR or, if the conditions of Article 17 GDPR are met, request its deletion. You also have the right to restrict the processing of your data (Article 18 GDPR). If you can assert a specific personal situation, you can object to the processing of your data in general or in specific areas (Article 21 GDPR). For data you have provided to us, you can request a copy in a commonly used format (Article 20 GDPR). Consent you have given for the processing of your data can be withdrawn at any time. Please contact us at dsb@boerse-stuttgart.de. Additional contact options are listed above under “Contact Details of the Data Protection Officer.” Please note that the withdrawal will only take effect for the future and does not affect the legality of any processing carried out before the withdrawal. You are also entitled, under the conditions of Article 77 GDPR, to lodge a complaint with a supervisory authority, particularly in the member state of your residence, your workplace, or the place of the alleged infringement, if you believe that the processing of your personal data infringes the GDPR. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

Right to Object

You have the right to object at any time to the processing of your data that is carried out based on Article 6(1)(f) GDPR (balancing of interests), if there are reasons arising from your particular situation. If you file an objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims. We will respect this objection for the future.

We will no longer process your data for direct marketing purposes if you object to the processing for these purposes. The objection can be made informally and should preferably be directed to:

Ms. Yvonne Piater

By Post: Data Protection Officer

Boerse Stuttgart GmbH, Börsenstraße 4, 70174 Stuttgart

E-Mail: dsb@boerse-stuttgart.de

Automated Decision-Making / Profiling

We do not use automated decision-making or profiling (automated analysis of your personal circumstances).

V. CATEGORIES OF RECIPIENTS

We refrain from any commercial disclosure of your data (sale, rental) to third parties. Only authorized employees have access to your personal data. This may also include authorized employees of our service providers who process or have access to the data on our behalf. We limit the disclosure of your personal data to what is necessary, and authorized employees of our service providers are strictly bound by our instructions when handling your personal data.

VI. DATA TRANSFER TO A THIRD COUNTRY

As a rule, our external service providers process your personal data within the European Union (EU) or the contracting states of the Agreement on the European Economic Area (EEA). However, in the context of using various tools, personal data may be transferred to the USA. In the event that your personal data is transferred to and processed by a service provider located in a third country, we ensure the protection of your personal data through appropriate safeguards, such as the conclusion of standard data protection clauses, or you have consented to the data transfer.

VII. LINKS

Links to content on third-party websites are subject to their own privacy policies. We are not responsible for their operation, including data handling. If you send information to or through such third-party sites, you should review the privacy policies of these sites before providing them with information that could be attributed to you.

VIII. Security

We implement technical and organizational security measures to protect your data managed by us against manipulation, loss, destruction, and unauthorized access. Our security measures are continuously improved in line with technological developments. These measures are adjusted according to the current state of technology. To secure the personal data you provide on the website, we use the standard Secure Sockets Layer (SSL), which encrypts the information you enter.