Data Protection Declaration

We are pleased that you are visiting our website prof-schumann.de and are interested in our company.

The protection of your personal data, for example your name, date of birth, telephone number, address etc. is an important issue for us.

The purpose of this data protection declaration is to inform you about the processing of the personal data that we collect from you when you visit our website. Our data protection practices conform to the legal regulations of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). The following data protection declaration serves to fulfil the requirements to provide information that result from the GDPR. These can be found, for example, in Art. 13 and Art. 14 onward GDPR.

The responsible person in the sense of Art. 4 No. 7 GDPR is the person who, alone or together with others, decides on the purpose of, and methods used for, the processing of person-related data.

In relation to our website, responsibility lies with:

Prof. Schumann GmbH
Jutta-Limbach-Straße 1
37073 Göttingen
E-mail: info@prof-schumann.de
Tel.: +49 (0) 551 - 383150
Fax: +49 (0) 551 - 3831520

We have appointed a Data Protection Officer according to Art. 37 GDPR. Our Data Protection Officer can be contacted using the following contact data:

Thomas Floß
Parkstr. 1a
33775 Versmold
E-mail: info@floss-consult.de
Tel.: +49 5423 964 900
Fax: +49 5423 964 9030
Website: http://www.floss-consult.de/

Every time our internet site is called up, our system automatically compiles data and information about the device calling up the website (e.g. computer, mobile telephone, tablet, etc.).

(1) Information about the browser type and version in use;

(2) The operating system of the device calling up the website;

(3) Host name of the device calling up the website;

(4) The IP address of the device calling up the website;

(5) Date and time of access to the website;

(6) Web pages and resources (pictures, data, further page content) that are called up from our internet site;

(7) Website from which the user's system accesses our internet site (referrer tracking);

(8) Message as to whether access was successful;

(9) Quantity of data transferred

This data is stored in the log files of our system. Storage of this data together with person-related data about a specific user does not take place, so that the identification of individual website visitors does not happen.

Art. 6 Para. 1 lit. f GDPR (legitimate interest). Our legitimate interest lies in enabling the achievement of the following purposes.

The temporary (automated) storage of the data is necessary for the procedure of visiting the website in order to make the delivery of the website possible. The storage and processing of the person-related data also takes place in order to maintain the compatibility of our internet site for as many visitors as possible, to combat misuse and for the removal of problems. For this purpose it is necessary to log the technical data of the computer calling up the website in order to be able to react as soon as possible to presentation errors, attacks on our IT systems and/or errors in the functionality of our internet site. Furthermore, the data serves to help us with the optimization of the website and the general security of our information technology systems.

The deletion of the technical data detailed above takes place as soon as it is no longer needed to guarantee the compatibility of our internet site for all visitors, but at the latest three months after our internet site was called up.

You can object to this processing according to Art. 21 GDPR at any time and demand deletion of the data according to Art. 17 GDPR. Which rights you have and how you can assert these rights can be found in the lower area of this data protection declaration.

Our site offers you various functions through which, when they are used, we collect, process and store person-related data. What happens to this data is explained in the following:

• Which person-related data is collected and to what extent is this data processed?

The data entered by you in our contact forms, which you have entered in the entry fields of the respective contact form will be processed by us in order to fulfil the purpose given below.

• Legal basis for the processing of person-related data

Art. 6 Para. 1 lit. a GDPR (consent through clearly confirmatory actions or behaviour).

• Purpose of the data processing

We will only use the data collected via our contact form or forms for the processing of the specific inquiry received via the contact form. Please note that for the fulfilment of your inquiry we may send E-mails to the address you have entered.

• Duration of data storage

After processing your inquiry the data collected will be deleted immediately insofar as there is no legal requirement to store the data for a particular period of time.

• Possibility for objections and deletion

The possibilities for objections and deletion of data are regulated according to the general regulations for the right to objection and deletion according to data protection legislation that are explained in the following in this data protection declaration.

• Necessity of providing person-related data

The use of the contact forms takes place on a voluntary basis and is neither contractually nor legally compulsory. You are not obliged to make contact with us using the contact form but can also use the other contact possibilities detailed on our website. If you wish to use our contact form, you need to fill in the fields that are designated as mandatory. If you do not fill in the necessary entries on the contact form, then either you will be unable to send the inquiry or we are unfortunately not able to process your inquiry.

• Which person-related data is collected and to what extent is this data processed?

We only process the data you entered in the input mask during registration on the SCHUMANN portal.

• Legal basis for the processing of person-related data

Art. 6 Para. 1 lit. a GDPR (consent through clearly confirmatory actions or behaviour).

• Purpose of the data processing

The information you provide for registration on the SCHUMANN portal is collected and stored electronically to enable you to participate in the portal. We use the data provided for the manual release of the specific registration request. In addition, a confirmation email will be sent to your email address when you send your registration.

• Duration of data storage

Your data will be stored until the purpose of the processing ceases to apply or until you object to further processing or exercise your right to deletion. This applies insofar as there are no statutory retention periods.

• Possibility for objections and deletion

The possibilities for objections and deletion of data are regulated according to the general regulations for the right to objection and deletion according to data protection legislation that are explained in the following in this data protection declaration.

• Necessity of providing person-related data

The provision of your data is voluntary and is neither contractually nor legally required. However, if you wish to use the login-protected area of our website (e.g. for conference stream, current product information), the fields marked as mandatory must be filled in by you. If you do not fill in the required information in the registration form, you will not be able to use our login area.

• Passing on of data

The information provided on the SCHUMANN portal will not be passed on to third parties.

When this internet site or individual files from this internet site are called up, we collect, process and store the following data: IP address, website from which the file was called up, name of the file, date and time it was called up, quantity of data transferred and notifications regarding the success of this action (so-called web-log). We use this data on internet access exclusively in non-personalized form for the continual improvement of our internet presence and for statistical purposes. For the evaluation of visits to our internet site we also use the following web trackers:

• Which person-related data is collected and to what extent is it processed?

On our website we use the service of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (referred to in the following as: Google Tag Manager). Google Tag Manager offers a technical platform for running and controlling other web services and web tracking programs using so-called "tags". In this context Google Tag Manager stores cookies on your computer and performs analyses of your surfing behaviour whenever web tracking tools are run using Google Tag Manager (so-called "tracking"). This data, which is sent by individual tags integrated into Google Tag Manager, is amalgamated, stored and processed by Google Tag Manager using a single user interface. All the integrated tags are also listed separately in this data protection declaration. Further information regarding data protection in relation to the tools connected with Google Tag Manager can be found in the respective section of this data protection declaration. Within the framework of using our website with activated integration of Google Tag Manager tags, data, in particular your IP address and your user activities, are transmitted to the servers of Google Ireland Limited.

In relation to the web services integrated via Google Tag Manager, the details in the respective section of this data protection declaration apply. By means of IP anonymization of the source code, the tracking tools used in Google Tag Manager ensure that the IP address is anonymized by Google Tag Manager before being transmitted. This means that it is only possible for Google Tag Manager to compile anonymized IP addresses (so-called IP-masking).

• Legal basis for the processing of person-related data

The legal basis for the data-processing is your consent according to Art. 6 Para. 1 lit. a GDPR via our notification banner relating to the use of cookies and web tracking (consent through clearly confirmatory actions or behaviour).

• Purpose of data processing

On our behalf, Google will use the information collected by Google Tag Manager to evaluate your visit to this internet site, to compile reports about website activities and to provide further services to us connected with websites and internet usage.

• Duration of storage

Google will store the data relevant for the functioning of Google Tag Manager for as long as is necessary to fulfil the booked web service. Data collection and storage take place in anonymized form. Insofar as a connection to particular persons exists, the data will be deleted without delay as long as there is no legal obligation to store the data. In every case deletion takes place after the storage obligation expires.

• Possibilities for objection and deletion

You can prevent the collection of your person-related data and its transmission to Google (especially your IP address) as well as the processing of this data by Google by deactivating the running of script code in your browser, installing a script blocker in your browser or by activating the "do not track" settings of your browser. Furthermore, you can prevent the collection and transmission to Google of the data relating to your use of the website (including your IP address) created by the Google cookie as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link http://tools.google.com/dlpage/gaoptout?hl=de. The security and data protection policy of Google can be found at https://policies.google.com/privacy.

• Extent of processing of person-related data

On our website we use the web tracking service of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (referred to in the following as: Google Analytics). In the context of web tracking Google Analytics uses cookies, which are stored on your computer and make possible the analysis of the use of our website and your internet surfing behaviour (so-called tracking). We perform this analysis on the basis of the tracking services from Google Analytics in order to optimize our internet presence constantly and to improve its availability. In the context of the use of our website data, in particular your IP address and your user activities, is transmitted to servers of the company Google Ireland Limited. We perform this analysis on the basis of the tracking services of Google in order to optimize our internet presence constantly and to improve its availability. We also need web tracking for security reasons. Through web tracking we can investigate whether third parties have attacked our website. Through the information from the web tracker we can take suitable defensive measures and protect the person-related data processed by us from these cyber attacks. Through the activation of the IP anonymization within the Google Analytics tracking code of this internet site, your IP address is anonymized by Google Analytics before being transmitted. This website uses a Google Analytics tracking code that has been extended with the operator gat._anonymizeIp(); to enable only the anonymized collection of IP addresses (so-called IP masking).

• Legal basis for the processing of person-related data

The legal basis for the data-processing is your consent according to Art. 6 Para. 1 lit. a GDPR via our notification banner relating to the use of cookies and web tracking (consent through clearly confirmatory actions or behaviour).

• Purpose of data processing

On our behalf, Google will use this information to evaluate your visit to this internet site, to compile reports about website activities and to provide further services to us connected with websites and internet usage. We also need web tracking for security reasons. Through web tracking we can investigate whether third parties have attacked our website. Through the information from the web tracker we can take suitable defensive measures and protect the person-related data processed by us from these cyber attacks.

• Duration of storage

Google will store the data relevant for the provision of web tracking for as long as is necessary to fulfil the booked web service. Data collection and storage take place in anonymized form. Insofar as a connection to particular persons exists, the data will be deleted without delay as long as there is no legal obligation to store the data. In every case deletion takes place after the storage obligation expires.

• Possibilities for objection and deletion

You can prevent the collection of your person-related data and its transmission to Google (especially your IP address) as well as the processing of this data by Google by deactivating the running of script code in your browser or by activating the "do not track" settings of your browser. Furthermore, you can prevent the collection and transmission to Google of the data relating to your use of the website (including your IP address) created by the Google cookie as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=de). The security and data protection policy of Google can be found at https://policies.google.com/privacy?hl=de.

On our website we use the service LinkedIn Analytics of the company LinkedIn Ireland Unlimited Company, Wilton Place, 2 Dublin, Ireland, E-mail: info_impressum@cs.linkedin.com, website: https://www.linkedin.com/. The processing takes place in a third-party country for which there is no adequacy resolution of the European Commission. Therefore, the level of protection that is usual for the GDPR cannot be guaranteed because it cannot be ruled out, for example, that authorities in the third-party country can access the data collected.

The legal basis for the transmission of person-related data is your consent according to Art. 6 para. 1 lit. a GDPR and/or Art. 9 para. 2 lit. a GDPR, which you have given on our internet site.

This service is a plug-in, which we need in order to be able to present you all of the content of our website. The service may also be used for tracking and/or for the inclusion of advertising.

You can withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent function itself or at the end of this data protection declaration.

Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.

Additionally, at https://www.linkedin.com/help/linkedin/answer/68763?lang=de the provider offers an opt-out possibility.

On our internet site we use active content from external providers, so-called web services. When our internet site is called up, these external providers may receive person-related information about your visit to our internet site. Processing of data outside the EU is hereby possible. You can prevent this by installing a suitable browser plug-in or by deactivating the running of scripts in your browser. This can, however, lead to the limitation of functions on internet sites that you visit.

We use the following external web services:

On our website we use the service Doubleclick of the company Google Ireland Ltd., Gordon House, Barrow Street, 4 Dublin, Ireland,, E-mail: support-deutschland@google.com, website: http://www.google.com/. The processing takes place in a third-party country for which there is no adequacy resolution of the European Commission. Therefore, the level of protection that is usual for the GDPR cannot be guaranteed because it cannot be ruled out, for example, that authorities in the third-party country can access the data collected.

The legal basis for the transmission of person-related data is your consent according to Art. 6 para. 1 lit. a GDPR and/or Art. 9 para. 2 lit. a GDPR, which you have given on our internet site.

DoubleClick is a service from Google, through which digital advertising in the internet is offered and provided. It enables us to present individual advertising to visitors to the website.

Within the framework of contracted data processing, person-related data may also be transferred to the servers of the company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.

You can withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent function itself or at the end of this data protection declaration.

Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://policies.google.com/privacy.

On our website we use the service HubSpot of the company HubSpot, Inc, 25 First Street, 2141 Cambridge MA, United States, E-mail: privacy@hubspot.com, website: https://www.hubspot.de/. The processing takes place in a third-party country for which there is no adequacy resolution of the European Commission. Therefore, the level of protection that is usual for the GDPR cannot be guaranteed because it cannot be ruled out, for example, that authorities in the third-party country can access the data collected.

The legal basis for the transmission and processing of data is Art. 6 para. 1 lit. c GDPR. The use of the service supports as in fulfilling our legal obligations.

This service enables the tracking of individual users on our website.

Your rights in relation to processing can be found at the end of this data protection declaration.

Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://legal.hubspot.com/de/privacy-policy.

On our website we use the service LinkedIn of the company LinkedIn Ireland Unlimited Company, Wilton Place, 2 Dublin, Ireland, E-mail: info_impressum@cs.linkedin.com, website: https://www.linkedin.com/. The processing takes place in a third-party country for which there is no adequacy resolution of the European Commission. Therefore, the level of protection that is usual for the GDPR cannot be guaranteed because it cannot be ruled out, for example, that authorities in the third-party country can access the data collected.

The legal basis for the transfer of this person-related data is your consent according to Art. 6 Para. 1 lit. a GDPR and Art. 9 Para. 2 lit. a GDPR, which you have given on our internet site.

When using the LinkedIn plug-in, we create a connection to the LinkedIn platform in order to give logged-in members of LinkedIn the possibility to interact with us.

You can withdraw your consent at any time. Further information on withdrawing your consent can be found either in the consent function itself or at the end of this data protection declaration.

Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.

The supplier offers an additional opt-out possibility at https://www.linkedin.com/help/linkedin/answer/68763?lang=de .

On our website we use the service Website-Check Siegel (seal) of the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany, E-mail: support@website-check.de, website: http://www.website-check.de/. The transmission and processing of person-related data takes place exclusively on servers located in the European Union.

The legal basis for the transfer of this person-related data is our legitimate interest in this processing according to Art. 6 Para. 1 lit. f GDPR. Our legitimate interest lies in achieving the aim indicated in the following.

The script from Website-Check GmbH constitutes the technical integration of the Website-Check Siegel (seal). With this seal we would like to show you that we take the theme of data protection very seriously. The transfer of data to Website-Check GmbH takes place to enable the supply and presentation of the seal on our website.

With regard to the processing, you have the right of objection detailed in Art. 21 GDPR. You will find more information at the end of this data protection declaration.

Further information on the handling of the transmitted data can be found in the data protection declaration of the provider at https://www.website-check.de/datenschutzerklaerung/.

To improve the quality of our work and to learn more about the wishes and requirements of our customers, we conduct surveys on our website. For the technical implementation of these surveys we use the survey tool LamaPoll from Lamano GmbH & Co. KG, (Prenzlauer Allee 36G, 10405 Berlin). The Lamano GmbH & Co. KG processes the data on our behalf within the scope of order processing. The processing takes place on servers in Germany. For further information, you will find the LamaPoll data protection declaration here: https://www.lamapoll.com/Suppo...

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 letter a DSGVO. Your data will be deleted as soon as the purpose for their collection no longer applies.

On various pages we integrate and use cookies to enable the use of particular functions of our website and to integrate external web services. The so-called "cookies" are small text files that your browser can place on your computer. These text files contain a chain of characters that clearly identify the browser when you come back to our website again. The process of storing a cookie file is also known as "setting a cookie". Cookies can be set by the website itself or by external Web services. The cookies are set by our website or the external web services in order to obtain the full functionality of our website, to improve user-friendliness or to pursue the purpose stated with your consent. The cookie technology also enables us to identify individual users on the basis of pseudonyms, e.g. individual or random IDs, so that we can offer more individual services. The details are contained in the table below.

Insofar as the cookies are processed on the basis of consent according to Art. 6 Para. 1 lit. a GDPR, this consent will also be deemed to be consent in the sense of Section 25 Para. 1 TTDSG (Telecommunications Telemedia Data Protection Act) for the setting of the cookie on the user's device. Insofar as another legal basis is mentioned in accordance with the GDPR (e.g. for the fulfilment of a contract or for the fulfilment of legal obligations), the storage or setting of cookies is carried out on the basis of an exception in accordance with Section 25 Para. 2 TTDSG. This is the case "if the sole purpose of storing information in the end-user's equipment or the sole purpose of accessing information already stored in the end-user's equipment is to carry out the transmission of a communication over a public telecommunications network" or "if the storage of information in the end-user's equipment or the access to information already stored in the end-user's equipment is strictly necessary to enable the provider of a telemedia service to provide a telemedia service explicitly requested by the user". Which legal basis applies can be determined from the cookie table shown later in this section.

The cookies are set by our website or the external web services in order to maintain the full functionality of our internet site, improve user-friendliness or to pursue the purpose agreed to with your consent. The cookie technology also makes it possible for us to recognize individual users through pseudonyms, e.g. an individual arbitrary ID, so that it is possible for us to offer more Individual services. Details are shown in the table below.

The storage of our cookies takes place until deletion in your browser or, in the case of a session cookie, until the session ends. The details are shown in the table below.

You can set up your browser so that the setting of cookies is prevented in general. You can then decide from case to case whether to accept cookies or you can generally accept cookies. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected with our website (permanent cookies) or to store recently viewed content (session cookies). If you have specifically given your consent to the processing of your person-related data, you can withdraw this consent at any time. Please be aware that the legality of the processing performed before the withdrawal of consent is not affected by this withdrawal.

Your person-related data is protected by technical and organizational measures in the collection, storage and processing so that it is not accessible to third parties. In the case of unencrypted communication via E-mail we cannot guarantee complete data security during transmission to our IT systems so that for information with a high necessity for secrecy we recommend encrypted communication or the use of postal services.

• Extent of processing of person-related data

We specifically inform you that our E-mail system disposes of an automated archiving procedure. All incoming and outgoing E-mails are archived digitally in a manner that is secure for auditing.

• Legal basis for the processing of person-related data

Art. 6 Para. 1 lit. c GDPR (legal obligation). The legal obligation lies in the observation of taxation and trade legislation (e.g. §§ 146, 147 AO, §§ 238, 257 HGB).

• Purpose of the data processing

The purpose of the archiving lies in the observation of taxation legislation (e.g. §§ 146, 147 AO – obligation to keep taxation-relevant E-mails) and trade legislation (e.g. §§ 238, 257 HGB – obligation to archive business correspondence).

• Duration of data storage

The storage of our E-mail communication takes place until the expiry of the storage obligations according to the taxation and trade legislation. The duration of storage can be up to 10 years.

• Objection and data deletion possibilities

You can object to this processing according to Art. 21 GDPR at any time and demand deletion of the data according to Art. 17 GDPR. Which rights you have and how you can assert these rights can be found in the lower area of this data protection declaration.

• Handling of job application documents

If you have questions relating to our E-mail archiving system, please contact our Data Protection Officer. In addition, we would like to point out that we only accept application documents in PDF file format. Zipped files (WinZip, WinRAR, 7Zip, etc.) are filtered out by our security systems and are not delivered. We do not accept applications in Word file format or other file formats and delete them unread. Please note that application documents sent unencrypted by E-mail could possibly be opened by third parties before they reach our IT systems. We assume that unencrypted application E-mails may also be answered in an unencrypted manner. If you do not wish this to happen, please inform us of this in your application E-mail.

You have the right to demand confirmation as to whether we process/store person-related data from you. If this is the case, you have the right to information as described in Art. 15 Para. 1 GDPR insofar as the rights and freedoms of other persons are not impaired (see Art. 15 Para. 4 GDPR). We would be pleased to make a copy of the data available to you.

According to Art. 16 GDPR you have the right to have corrections made to any person-related data stored by us that is incorrect (e.g. address, name etc.) at any time. You can also demand the completion of the data stored by us at any time. Corresponding changes will be made without delay.

According to Art. 17 Para. 1 GDPR you have the right that we delete the person-related data that we have collected about you if

• the data is no longer needed;
• due to the withdrawal of your consent the legal basis for processing the data has become invalid, without any replacement;
• you have objected to the processing and there is no legitimate reason for the processing;
• your data is being processed illegally;
• a legal obligation makes this necessary or data collection took place according to Art. 8 Para. 1 GDPR.

According to Art. 17 Para. 3 GDPR this right does not exist if

• the processing is necessary in order to exercise the right to freedom of speech and information;
• your data was collected on the basis of a legal obligation;
• processing is necessary for reasons of public interest;
• the data is necessary for the assertion, exercise or defence of legal rights.

According to Art. 18 Para. 1 GDPR in individual cases you have the right to demand the limitation of the processing of your person-related data.

This is the case if

• the correctness of the person-related data is disputed by you;
• the processing is illegal but you do not agree to deletion;
• the data is no longer needed for the processing purpose but the collected data serves to facilitate the assertion, exercise or defence of legal rights;
• an objection to processing according to Art. 21 Para. 1 GDPR has been made and it is not yet clear which interests predominate.

Insofar as you have given us specific consent to the processing of your person-related data (Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit a GDPR) you can withdraw this consent at any time. Please note that this does not affect the legality of the processing that took place on the basis of this consent until it was withdrawn.

According to Art. 21 GDPR you have the right to object at any time to the processing of person-related data that relates to you and was collected on the basis of Art. 6 Para. 1 lit. f (in the context of a legitimate interest). You only have this right when there are special circumstances opposing the storage and processing.

You can exert your rights at any time using the following contact data:

Prof. Schumann GmbH
Jutta-Limbach-Straße 1
37073 Göttingen
E-mail: info@prof-schumann.de
Tel.: +49 (0) 551 - 383150
Fax: +49 (0) 551 - 3831520

According to Art. 20 GDPR you have the right to the communication of your person-related data. We will make the data available in a structured, accessible and machine-readable format. You may choose whether the data is sent directly to you or to a responsible third party named by you.

Upon inquiry we will make the following data available to you according to Art. 20 Para. 1 GDPR:

• Data collected on the basis of specific consent according to Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR;
• Data that we have obtained from you according to Art. 6 Para. 1 lit. b GDPR within the framework of existing contracts;
• Data that was processed within the framework of an automated procedure.

We will perform the transfer of the person-related data directly to a responsible third party desired by you insofar as this is technically possible. Please note that we are not allowed to communicate data that affects the rights or freedoms of other persons according to Art. 20 Para. 4 GDPR.

If you have the suspicion that your data has been illegally processed on our website, you can of course obtain clarification of the problem through the courts of law at any time. In addition, all other legal possibilities are open to you. Independently of this, you have the possibility to contact a regulatory authority according to Art. 77 Para. 1 GDPR. The right to lodge a complaint according to Art. 77 GDPR is available to you in the EU member state in which you are residing, in which your place of work is located and/or the location of the alleged violation, meaning that you can select the regulatory authority you wish to contact in any of the aforementioned locations. The regulatory authority to which you make the complaint will then inform you about the status and the results of your submissions, including the possibility of obtaining legal help through the courts according to Art. 78 GDPR.