Data privacy statement
Any collection, processing and use (hereinafter “use”) of data is solely for the purpose of providing our services. The services of HPBA have been designed to use as little personal information as possible. For that matter, “personal data” is understood as all individual details about a person or factual circumstances of an identifiable natural person (so-called “affected person”).
The following statements on data protection describe what types of data are collected when accessing our website, what happens with these data and how you may object to data usage.
Person Responsible (controller)
Responsible within the meaning of the EU General Data Protection Regulation (GDPR) is:
Tel.Nr.: 030 8871 338 – 0
Data Security Officer
The data security officer is:
Christian Scholtz of Webersohn & Scholtz GmbH
If you have questions about data protection, you can contact Webersohn & Scholtz at the following e-mail address:
or by mail:
WS Datenschutz GmbH
– Datenschutz –
Which data will be used
When visiting our website, our web servers temporarily store every access in a log file. The following data is collected and stored until automated deletion:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Detection data of the browser and operating system used
- Website from which access is made
- Host name of your computer
- Other data may be retrieved by our partners. You will find information about this below
The processing of this data serves: the purpose of enabling the use of the website (connection establishment), the system security, the technical administration of the network infrastructure, as well as to optimize the Internet site. The legal basis is Art. 6 para. 1 s. 1 lit. f) GDPR. The IP address is evaluated only in case of attacks on our network infrastructure or the network infrastructure of our Internet provider.
Furthermore, no input of your personal data is required to use our website.
Protection of your data
We have taken technical and organizational measures to ensure that the requirements of the EU General Data Protection Regulation (GDPR) are met by us, as well as, by external service providers working for us.
If we work with other companies to provide our services, such as email and server providers, this will only be done after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in terms of technical and organizational data protection skills. This selection procedure will be documented in writing and an agreement on the order processing of data (order processing contract) will only be concluded if the third party complies with the requirements of Art. 28 GDPR.
Your information will be stored on specially protected servers. Access to it is only possible for a few specially authorized persons. If you send us data via web forms, the data is always transmitted via an encrypted connection (128-bit TLS).
In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you use. Through this the stored information flows to HPBA or the party that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. Cookies are used to analyze the use of www.hpba.eu in anonymized or pseudonymized form. Also cookies enable personalized advertisements on this website.This website uses persistent cookies.Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie.You can delete the cookies in the security settings of your browser at any time. Please be aware that you may not be able to use all features of this site, when deleting the cookies from your browser history. The setting of cookies can be prevented by appropriate settings in the user’s Internet browser at any time.The cookies used on this website enable us to track user behavior on our website. Cookies enable us to understand for how long you remain on our website and which links are clicked. Also, we identify if you were directed to our website via a search engine.This processing is legally based on Art. 6 para. 1 s. 1 lit. f) GDPR. Our legitimate interests are to provide a stable connection and an easy, uninterrupted user experience for the visitors of our website. Also, we evaluate all visits of our website. This happens for safety, improvement and stability reasons.
Deletion of personal data
HPBA processes the personal data only if necessary. As soon as the purpose of the data processing is fulfilled, deletion of the data is carried out according to the standards of the deletion concept, unless legal regulations oppose this.
Via the website www.hpba.eu it is possible to contact us via e-mail. This will require us to process your email address. Your email address will not be passed on to third parties, unless you have given your consent.
The legal basis depends on what the reason for your request is: Therefor data processing will be based on Art. 6 para. 1 s. 1 lit. a) GDPR or Art. 6 para. 1 p. 1 lit.b) GDPR.
Tracking and analytics
For the continuous improvement of our website www.hpba.eu we use the following tracking and analysis tools. Which personal data is processed in each case and how you can reach the respective service providers, you will find below:
Other tools of third-party providers
We also use third-party providers to help us with the site’s appearance and functionality. These are listed below:
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The legal basis is Art. 6 para. 1 s.1 lit. f) GDPR. The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. Further information about handling user data, can be found in the data protection declaration of Google at: https://www.google.de/intl/de/policies/privacy/.
Service providers from third countries
In order to be able to provide our services, we use the support of service providers from third party countries (non EU countries). In order to ensure the protection of your personal data in this case, we conclude processing contracts with each – carefully selected – service provider. All of our processors provide sufficient guarantees to implement appropriate technical and organizational measures. Our third country data processors are either located in a country with an adequate level of data protection (Art. 45 GDPR) or provide appropriate safeguards (Art 46 GDPR). Below you may find our categories of processors, the country they are located at and the safeguards or guarantees they provide.
We use the support of the following providers:
- Tracking service and Analysis Service, USA, member of the EU-US Privacy Shield
EU-US Privacy Shield: The Privacy Shield is an agreement between the United States of America and the European Union to ensure compliance with European privacy standards. For more information, see:
How you perceive these rights
To exercise these rights, please contact our data security officer:Christian Scholtz from Webersohn & Scholtz GmbH firstname.lastname@example.org or by mail:WS Datenschutz GmbH Meinekestraße 13D-10719 Berlin
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority in the Member State of its residence, place of work or place of alleged infringement, if you believe that the processing of your personal data infringes on the GDPR.The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy according to Article 78 GDPR.
This website uses Sendinblue for the sending of newsletters. The provider is the Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Sendinblue services can, among other things, be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter are archived on Sendinblue’s servers in Germany.
Data analysis by Sendinblue
Sendinblue enables us to analyze our newsletter campaigns. For instance, it allows us to see whether a newsletter message has been opened and, if so, which links may have been clicked. This enables us to determine, which links drew an extraordinary number of clicks.
Moreover, we are also able to see whether once the e-mail was opened or a link was clicked, any previously defined actions were taken (conversion rate). This allows us to determine whether you have made a purchase after clicking on the newsletter.
Sendinblue also enables us to divide the subscribers to our newsletter into various categories (i.e., to “cluster” recipients). For instance, newsletter recipients can be categorized based on age, gender, or place of residence. This enables us to tailor our newsletter more effectively to the needs of the respective target groups.
If you do not want to permit an analysis by Sendinblue, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also unsubscribe from the newsletter right on the website.
For detailed information on the functions of Sendinblue please follow this link: https://www.sendinblue.com/newsletter-software/.
The data is processed based on your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.
The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.
For more details, please consult the Data Protection Regulations of Sendinblue at: https://de.sendinblue.com/datenschutz-uebersicht/.
Execution of a contract data processing agreement
We have executed a contract with Sendinblue, in which we require Newsletters2Go to protect our customers’ data and to refrain from sharing such data with third parties.
Subject to change