Privacy policy

Leyboldstr. 1
D-50354 Hürth
Phone: +49 2233 604-0
Fax: +49 2233 604-222

We welcome your registration to „CASSY.App Web“ ("Website"). Your privacy and protection of personal data are important to us. Therefore, our business activities are conducted in accordance with with the applicable legal provisions, such as the German Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG) on data protection and data security. It is very important to us that you feel safe with us. For this reason, we and our data protection officer ensure compliance with data protection regulations. We are aware of the importance of the data you entrust us with and would like to would like to inform you about this in the following:

Please read the following carefully. If you have any questions, you can contact our data protection officer. The contact details can be found further down in this data protection statement.

1. Definitions

Data protection is a complex subject. In order to make it easier for you to understand some basic meanings in this privacy statement, we have compiled them for you.

Pursuant to Art. 4 GDPR, the "controller" is any natural or legal person, public authority, agency or other body which determines, alone or jointly with others, the purposes and means of the processing of personal data; where the purposes and means of where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation under Union or Member State law may be specified. criteria for its designation may be provided for under Union or Member State law.

Personal data means any information relating to an identified or identifiable natural person. An identifiable is any natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, to an identification number, to location data, to an online identifier or to one or more special features which are an expression of the physical, physiological, genetic or mental characteristics of an individual, physiological, genetic, mental, economic, cultural or social identity of that natural person. cf. Art. 4 GDPR.

"Processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, organisation, filing, storage, adaptation or alteration. personal data, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, processing or otherwise alteration. the use, disclosure by transmission, dissemination or any other form of making available, alignment or combination, restriction, integration or alteration of personal data. linking, restriction, deletion or destruction, cf. Art. 4 GDPR.

The term "commissioned processing" within the meaning of Article 28 of the GDPR is understood to mean, in simple terms, a service in which personal data is collected, processed and/or used by a service provider on behalf of and in accordance with the instructions of the so-called controller. Before such a contract is awarded to a service provider, we, as the responsible body, conclude a special contract with the service provider and ensure further measures to protect your personal data.

"Cookies" are small text files that are downloaded and stored on the end device you are using (e.g. computer or smartphone) and that store certain settings and data for exchange with our system via your browser. A cookie usually contains the name of the visited website from which the cookie data was sent, information about the age of the cookie and an alphanumeric identifier. Cookies enable the systems to recognise the user's device and make any preferences immediately available.

Third party means a natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons who, under the direct responsibility of the controller or the processor, are authorised to process the personal data, cf. Art. 4 GDPR.

IP addresses are sequences of digits that can be assigned to individual IT devices or a group. The IP is used to, similar to postal addresses, to be able to assign data to the correct recipient.

2. Responsible body

The responsible body within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature in relation to your personal data on this website is the:

Leyboldstr. 1
D-50354 Hürth
Phone: +49 2233 604-0
Fax: +49 2233 604-222
You can contact our data protection officer directly at any time with all questions and suggestions regarding data protection.

The data protection officer of LD is:
Dr. Werner Bietsch
LD Didactic GmbH
Leyboldstr. 1
D-50354 Hürth
Phone: +49 2233 604-0
Fax: +49 2233 604-222

If another body -other than the aforementioned- is the "responsible body" within the meaning of the GDPR, you will be explicitly and separately informed of this, unless this is obvious.

3. Use of the website

We collect, process and use personal data if and to the extent necessary to ensure the function/security of the website or for troubleshooting.

A further use of your personal data will only be made if a legal provision allows it or you have consented.

3.1 Collection of general data and information

The website collects a series of general data and information each time you or an automated system access the website. This general data and information is stored in the server's log files. The following data may be collected: (1) the browser types and versions, (2) the operating system used by the accessing system, (3) the internet page from which an accessing system our website (so-called referrer), (4) the subpages which are accessed via an accessing system on our website, (5) the date and time of an access to the website, (6) an Internet protocol address (IP address), (7) the result code of the access, and (8) the size of the response in bytes.

When using these general data and information, the LD does not draw any conclusions about the data subject. This information is (1) to deliver the contents of our website correctly, (2) to optimise the contents of our website, (3) to ensure the permanent operability of our information technology systems and the technology of our online platform, as well as (4) to enable law enforcement authorities the information necessary for prosecution in the event of a cyber attack. This collected data and information is therefore evaluated statistically by LD on the one hand and on the other hand with the aim of increasing data protection and data security in our company in order to ultimately improve data security. In the long run, this ensures an optimal level of protection for the personal data we process. The data of the server log files are stored separately from any personal data provided by a data subject. The legal basis for the data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case after seven days at the latest.

3.2 Logging and use of cookies

Data is logged every time you access the website. In doing so, we use your IP address or set cookies to collect data, this is done, among other things, about your browser, your computer and the sub-pages you have visited.

When calling up this website, no permanent cookies are used. This means that the cookie set is automatically deleted after you close the browser, a so-called session cookie. This cookie enables you to set the language of the website. The information that the cookie is assigned to the current session of your browser and is deleted when you close the browser.

The legal basis for the processing of the cookies is based on Art. 6 (1) lit. f GDPR. LD has both a legitimate interest in analysing user behaviour in order to optimise the website as well as to technically enable the functions you have requested, such as setting the language, technically error-free and optimised.

You can prevent the setting of cookies by our website at any time by means of a corresponding setting of the browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via a browser or other software programmes. This is possible in all common browsers. If you deactivate the setting of cookies in the browser you are using, you may not be able to use all the functions of our website. not be able to use all the functions of our website to their full extent.

You consent to the use of cookies if you continue to use the website.

3.3 Third-party websites

We use links on our website to external sites whose content is not located on our server. The forwarding is done because we have a legitimate interest in enriching our content with others and thus relating it to them. The LD does not give any makes no representations or warranties with respect to such third party websites. You should be aware that the owners and operators of such third party websites may collect, use and disclose personal information under different terms than LD. may collect, use or disclose personal information on terms different from those of the LD. When accessing a link to another website, you should check the privacy policy of that website. You should be aware of the privacy policies of such third party websites. Furthermore, you should be aware that Third party websites may use cookies. This privacy policy only applies to content stored on our servers.

4. Disclosure of your data, use of service providers

We collect and use your data in accordance with the legal requirements and only for our own purposes. We do not pass on your data to so-called third parties, unless there is a legal obligation to do so or you have consented to the disclosure.

We use service providers to help us operate the website. For example, we use hosting services and IT support service providers. In terms of data protection law, these service providers are order processors pursuant to Art. 28 of the General Data Protection Regulation (GDPR), who process the personal data provided by us only on our behalf and in accordance with our instructions. Our service providers are also contractually obliged by us to take sufficient technical and organisational measures to ensure the protection of your personal data. personal data.

5. Duration of data use / retention

Your personal data will be deleted if there are no legal obligations to retain it and if you have asserted a claim for deletion, if the data is no longer required to fulfil the purpose for which it was stored or if its storage is not permitted for other legal reasons.

The criterion for the duration of storage of personal data is the respective statutory retention period. After expiry of the period the corresponding data will be routinely deleted, provided that they are no longer required for the fulfilment of the contract or the initiation of the contract.

6. Place of data use

As a rule, your data will be processed in Germany. In exceptional cases, information that you submit to us may be stored on servers within the the European Union (EU). Should we deviate from this as the "responsible party", we will notify you of this.

7. Data security / secure data transmission

We would like to inform you that security gaps can occur during data transmission on the Internet (e.g. via e-mail). A complete protection against access by third parties is therefore not possible. We secure our IT systems (including the website) by means of so-called technical and organisational measures against unauthorised access: Access, disclosure, entry, loss and dissemination, as well as destruction and modification by unauthorised persons.

Your personal data is transmitted securely over the Internet using the Transport Layer Security coding system (TLS encryption).

For the purposes of data security, your IP address and the date and time of your visit are also logged.

8. Data subjects' rights / data protection officer

All rights are to be initiated and carried out by us without delay. If you wish to exercise your rights, you can contact our data protection officer or another contact our data protection officer or another employee of the LD. To do so, use the contact information for the LD or the data protection officer.

8.1 Overview of your rights:

Right to confirmation and information pursuant to Art. 15 of the GDPR

You have the right to request confirmation from us as to whether we are processing personal data about you. In addition, you can obtain free of charge information about the personal data stored about you and receive a copy of this information free of charge. This also includes the purpose of processing or how long we expect to store your data and where we got your data from. You also have the right to receive the data in a structured, commonly used and machine-readable format.

Right to rectification, erasure, restriction of processing and objection under Articles 16, 17, 18 and 21 of the GDPR

Likewise, you have the right to have inaccurate personal data corrected, blocked or, apart from the mandatory data storage for business processing or for the fulfilment of a legal obligation to which the LD is subject, to have your personal data deleted. In addition, you have the right to request a restriction of processing if this is not necessary for the fulfilment of the contract, or to object to the processing.

Right to data portability according to Art. 20 GDPR

You have the right to have data that you have provided to us handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done insofar as it is technically feasible.

Right not to be subject to an exclusively automated decision pursuant to Art. 22 DPA

You may, under certain conditions, exercise your rights in relation to automated decisions, i.e. not to be subject to a distinction based solely on automated processing, including profiling.

Right to withdraw consent under data protection law pursuant to Art 21 GDPR

You can revoke consent you have already given at any time. An informal communication by e-mail to us is sufficient for this purpose. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.

Right of appeal to the competent supervisory authority pursuant to Art. 77 GDPR

In the event of violations of data protection law, you have a right of appeal to the competent supervisory authority. Competent supervisory authority in matters of data protection law is the State Data Protection Commissioner of the federal state in which our company is based. The competent supervisory authority for North Rhine-Westphalia is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia.

8.2 Data protection officer

If you have any questions about data protection, please write us an e-mail or contact our data protection officer directly:

Leyboldstr. 1, 50354 Hürth, Germany
Phone: +49 2233 604-0, Fax: +49 2233 604-222, E-Mail:

The LD data protection officer is:
Dr Werner Bietsch
Leyboldstr. 1, 50354 Hürth, Germany
Phone: +49 2233 604-0, Fax: +49 2233 604-222, E-Mail:

9. Changes to the privacy policy

Advances in technology, legal requirements or changes in procedures may also have an effect on this data protection declaration, among other things. We therefore reserve the right to change this data protection declaration at any time with effect for the future. The current version of the data protection declaration can be found on this website. Please visit this sub-page of the website regularly to inform yourself about the applicable provisions.

As of: 2023/02/15