General InformationProtection of your personal data is very important to PRISMA; we want to inform you about which personal data will be collected and in what ways it will be used when visiting our website and in which way you can influence on personal data collection.
Public Processing RegisterIn terms of sec. 4g II BDSG (German Federal Data Protection Act) and upon request, data in terms of sec. 4 sentence 1 no. 1-8 BDSG must be provided in an appropriate manner.
- Data Processor’s Company Name
PRISMA European Capacity Platform GmbH
registered with the District Court of Leipzig
Commercial register number: HRB 21361
VAT ID: DE 241 646 520
- Managing Director and Data Processing Officer
- Data Processor’s Address
- Data Collection, Processing or Usage Purposes
- Description of Data Subjects and Related Data and Data Categories
The below individuals are affected by data collection, processing and usage:
- Employees (names, addresses, salary and social security data);
- Job applicants (names, addresses and application data);
- Platform users (names, access data)
- Shareholders (names, ID data).
- Recipients or Recipient Categories to who data may be disclosed
- Data Transmission to Third Countries
- Standard Data Deletion Periods
Dr Götz Lincke
PRISMA European Capacity Platform GmbH
The Company’s purpose includes the development and/or provision of an electronic platform for primary and secondary gas transport capacities trade. It collects, processes and uses per-sonal data only for that exact purpose.
Data in terms of a) to d) under no. 5 above will be disclosed to the below groups of persons only for fulfilling the purpose of no 4 mentioned above:
|regarding a)||Internal offices (Human Resources, Accounting, Legal departments) and ex-ternal offices (wages office, travel agencies, IT service providers, tax authori-ties, health insurances, social security agencies);|
|regarding b)||Internal offices (Human Resources, company management)|
|regarding c)||Internal offices (platform management);|
|regarding d)||Internal offices (company management, platform management, Legal/Accounting departments) and external offices (notaries public, consultancy firms, IT service providers).|
Personal data will not be transmitted to third countries.
Pursuant to statutory data retention obligations and periods, personal data will be regularly deleted at the end of the relevant periods. In addition, personal data will be deleted if no longer required for fulfilling the purpose under no. 4 above. Personal data will be deleted in no case later than:
|regarding a)||after 10 years, unless financial year tax evaluation has not yet been completed;|
|regarding b)||upon recruitment process termination;|
|regarding c)||upon platform usage termination;|
|regarding d)||after 10 years, unless financial year tax evaluation has not yet been completed.|
Data Collection and ProcessingWhich Data will be stored from you?
- Technical features: We collect computer domain names or IP addresses, clients file requests (file name and URL), http response codes and the relevant website, names of requested files, the date, the period and the size of the transferred file, the access status and, additionally, the browser type.
- We create usage profiles to which you may object at any time.
What will data be used for? For technical website administration and provision.
We also use your data, in a legally admissible manner,
- for misuse recognition and troubleshooting purposes;
- information provision to public authorities;
- information provision to owners of (ancillary) copyrights.
Data Protection Notices
When visiting our website, we collect your computer domain name and IP address, the client file request (file name and URL), the http response code and the website from which you visit us.
For protecting your data from unauthorised access and misuse, we implemented comprehensive technical and operational security measures. The below technical and organisational measures were implemented in particular:
- Data processing systems security is guaranteed through an Information Security Management System (ISMS) pursuant to ISO27001:2013.
- Physical and logical third-party access authorisations for data processing systems were limited in terms of security instructions and will be audited once a year.
- Regular virus scans, firewalls and a “Network Intrusion Prevention System” were im-plemented for preventing unauthorised access.
- Each software release is subject to automated pre-installation security tests which are constantly adjusted to new hazards. Each year, the Company performs a comprehensive penetration test.
- Personal data will be encrypted for electronic transmission based on HTTPS, AS2, sFTP, FTPS and e-mail.
Yes, some data must be transferred subject to strict contractual and statutory regulations
- to external data processing service providers: Service providers have access to person-al data only in the context of contract data processing which is expressly provided by the law (sec. 11 BDSG ); in this case, PRISMA is still responsible for protecting your da-ta. Service providers only act upon our instructions which we guarantee through tech-nical/organisational measures and additional checks;
- due to statutory obligations: In certain cases, the law requires us to transfer data to requesting government offices.
Pursuant to legal provisions, PRISMA analyses platform usage behaviour using the results for continued platform and related services enhancement. It is not possible to directly relate the results to you and profile data will not be connected to any other information on you.
Lucky OrangeThis website employs the “Lucky Orange” analysis services for user-friendliness and customer experience improvement purposes. It is possible that clicking or scrolling (mouse) movements will be stored. Also, keyboard entries on the website might be stored, but not on a personal-ised basis and in each case anonymously. Lucky Orange does not collect entries from websites which do not employ this analysis service. You can deactivate the Lucky Orange services at http://www.luckyorange.com/disable.php.
Your e mail address will be used for delivering information on PRISMA through newsletters. You may object to e mail address usage at any time by clicking on the “Unsubscribe” link at the end of each newsletter.
You may request free-of-charge information on the data scope, origin and recipients and on the storage purpose.
You may request, at any time, to have your data corrected.
If you have any questions or comments, please write an e-mail to firstname.lastname@example.org, call us at +49 (0) 341 699 2990 0 or send a letter to PRISMA European Capacity Platform GmbH, Schillerstraße 4, 04109 Leipzig, Germany.