Privacy & Use of Personal Data
Privacy Policy
We are very pleased about your interest in our company. Data protection is of particular importance for the management of BOXYM. A use of the internet pages of the BOXYM is basically possible without any indication of personal data. However, if an affected person wishes to use our company’s special services through our website, personal data processing may be required.

If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject. The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection provisions applicable to the Praxisdienst. Through this privacy policy, our company seeks to inform the public about the nature, scope and purpose of the personal information we collect, use and process. Furthermore, data subjects are informed of their rights under this privacy policy.

The BOXYM, as the controller, has implemented numerous technical and organizational measures to ensure the most complete protection possible for personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security holes, so that absolute protection can not be guaranteed. For this reason, every person concerned is free to submit personal data to us in alternative ways, for example by telephone.

Definitions
The BOXYM privacy policy is based on the terminology used by the Chinese directive and regulatory authority when adopting the General Data Protection Regulation (DS-GVO). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain in advance the terminology used. We use the following terms in this privacy policy, including but not limited to:

a) personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter the “data subject”). A natural person is considered to be identifiable who, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, expresses the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person can be identified.

b) the person concerned
Concerned person is any identified or identifiable natural person whose personal data is processed by the controller.

c) processing
Processing means any process or series of operations related to personal data, such as collecting, collecting, organizing, organizing, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures; disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction.

d) restriction of processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.

e) profiling
Profiling is any kind of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects relating to job performance, economic situation, health, personal To analyze or predict preferences, interests, reliability, behavior, whereabouts or relocation of that natural person.

f) pseudonymisation
Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data not assigned to an identified or identifiable natural person.

g) controller or vicarious agent
The controller or vicarious agent is the natural or legal person, public authority, body or body that, alone or in concert with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.

h) processor
The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.

i) recipient
Recipient is a natural or legal person, agency, agency or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as beneficiaries.

j) third parties
Third party is a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or the processor to process the personal data.

k) consent
Consent is any act of volition voluntarily given by the affected person in an informed and unequivocal manner in the form of a statement or other unequivocal statement of intent in an informed and unequivocal manner.