1. Name and contact data of the responsible person

Responsible person in the sense of Article 13(1)(a) GDPR is

Dr. Ulrike Kornmesser

CATHI GmbH

Weinheimer Straße 62

D-68309 Mannheim

Phone 0049 621 71 32 9560

2. Contact data of data protection commissioner

Please contact our data protection commissioner using our contact form.

3. Purpose and legal basis of data processing

Personal data from our website are processed as follows:

- Processing of IP address

The purpose of processing the IP address is to make the website available. The legal basis for processing are the provisions of GDPR in regard to duties and powers of the controlling institutions in Articles 57 and 58 in conjunction with Article 6(1)(e). We don’t store any IP addresses; we don’t use any third-party cookies or other tracking methods in order to evaluate the utilization of this website.

- Personal data are processed as follows:

Contact by letter/facsimile/email/telephone/contact form

The purpose of offering all the communication channels is to enable contact with CATHI GmbH: to ask questions; to apply for jobs; to inform employees. Surname, first name and address of the person making contact are processed on a regular basis. The legal basis for processing are the provisions of GDPR in regard to duties and powers of the controlling institutions in Articles 57 and 58 in conjunction with Article 6(1)(e).

4. Recipient of personal data

The recipient of the personal data is CATHI GmbH.

Our website is hosted by IONOS by 1&1.

5. Duration of retention

The data are retained until an application to change or delete by the reporting person/agency obligated to report.

The IP addresses processed on retrieving our website are not stored.

6. Rights of persons involved

You are entitled to the right of being informed (Article 15 GDPR), as well as to correction (Article 16 GDPR) or deletion (Article 17 GDPR) or restriction of processing (Article 18 GDPR) or the right to file an objection against processing (Article 21 GDPR), as well as the right to transferability of data (Article 20 GDPR).

Please find additional information in regard to the right to be informed and the right to deletion here:

https://www.baden-wuerttemberg.datenschutz.de/wp-content/uploads/2013/02/DSK-Kurzpapier-6-Auskunftsrecht.pdf

https://www.baden-wuerttemberg.datenschutz.de/wp-content/uploads/2017/08/DSK_KPNr_11_Recht-auf-Vergessenwerden.pdf

You are entitled to revoke your declaration of consent in regard to data protection at any time. By revoking the consent, the lawfulness of the processing until revocation won’t be affected.

7. Duty to make the data available

The naming of the data protection commissioner pursuant to Article 37(7) GDPR is statutory. Pursuant to Article 83(4)(c) GDPR, violation of Article 37(7) GDPR can result in a fine of maximum EUR 10,000,000 or maximum 2% of the global annual sales of the previous business year in case of a corporation, whichever amount is higher.

To report violations in regard to the protection of personal data to the competent supervisory agency pursuant to Article 33(1) GDPR is statutory. Pursuant to Article 83(4)(a) GDPR, violation of Article 33(1) GDPR can result in a fine of maximum EUR 10,000,000 or maximum 2% of the global annual sales of the previous business year in case of a corporation, whichever amount is higher.