Data Protection Declaration


Data protection declaration / duty to provide information according to §5 TMG & Art. 13/14 GDPR

At PAUL IT-Service GmbH, we believe the protection of personal data involves far more than just complying with legislation. We are therefore happy that you are interested in how we handle personal data.

We always process personal data such as a person’s name, address, e-mail address, or phone number in accordance with applicable privacy law.

With this privacy notice, we would like to inform everyone about the nature, scope, and purpose of the personal data that we collect, use, and process. Furthermore, we would like to explain to the persons concerned the rights to which they are entitled.

PAUL IT-Service GmbH has implemented numerous technical and organizational measures to ensure that the personal data processed via this Web site is protected as comprehensively as possible.

Despite the care we take, Internet-based data transmission is vulnerable to security flaws and, consequently, absolute protection can never be guaranteed. For this reason, you of course have the option of transmitting your personal data by alternative means, for example, by telephone or post.

Obligation to inform:

Name, Address, and Contact Details of the Entity Responsible

PAUL IT-Service GmbH

Petra Ebeling, Patrick Kümmel
Rückertstraße 5
10627 Berlin
Tel.: +49 (30) 450 874 910

Registered at Berlin – Amtsgericht Charlottenburg under HRB 135149
VAT no.: DE 815 300 158

Privacy Officer Contact Details
The Privacy Officer for the data controller is:

DDI – Deutsches Datenschutz Institut GmbH

You can contact our Privacy Officer by sending a letter to the attention of “Privacy Officer” at the address above or by sending an e-mail to: datenschutz (at)

Purposes and Legal Grounds for Processing Data – When Visiting Our Web Site in General
Should you use our Web site purely for informational purposes, not register yourself, or convey information to us in some other way (e.g. by e-mail), we will only collect the data that your browser transfers to our server (“server log files”). This data is processed in accordance with GDPR art. 6(1)(f) on the basis of our legitimate interest in improving the stability and functionality of our Web site. This data is not used in any other way and in no way shared with third parties. However, we do reserve the right to analyze log files at a later date if there are reasons to suspect unlawful usage.

Purposes and Legal Grounds for Processing Data – Contact Form
When you contact us (e.g. using our contact form or by e-mail), we collect personal data. This data is stored and used exclusively for the purposes of answering your inquiry and for the associated technological administration. Our legitimate interest in responding to your inquiry forms the legal grounds for processing this data, in accordance with GDPR art. 6(1)(f). If you contact us for the purpose of entering into a contract, there are additional legal grounds for processing provided in GDPR art. 6(1)(b). Your data will be erased once your inquiry has been conclusively resolved. This is the case if it can be assumed that the relevant matter has been completely resolved and if there are no statutory retention periods barring us from erasing the data.

Notice About Profiling and Scoring
Profiling and scoring does not take place.

Recipients or Categories of Recipients
Your personal data may be transferred to the following third parties depending on the tools used:

  • IT-Services
  • Google Inc.
  • Facebook Inc.

Detailed information is listed below under “Data Protection Provisions for the Use of …”.

Transfer to Non-EU/EEA Country
Data transfer to a third country depends on the tools used: USA and Ireland.

Deletion Dates
The controller processes and stores the data subject’s personal data only for the period of time required to achieve the purpose for which it is stored or only if the controller is required to store data on account of legislation or regulations that are passed by European Union legislators and regulators, or other legislators, and the controller is subject to this legislation or these regulations.

Should there no longer be any reason to store the data or if a retention period prescribed by a European Union directive or regulation or by other relevant law expires, the personal data will be restricted from processing or deleted as a matter of routine and in accordance with statutory regulations.

Rights of the Data Subject

You can request information about the personal data concerning you that we have stored by writing to the above address. Moreover, in certain situations you can request to have your data rectified or erased.

You may additionally have the right to have the processing of your data restricted as well as the right to obtain the data you have provided in a structured, commonly used, and machine-readable format.

Notice of Right to Object When Consent Is Selected as Legal Grounds
You have the right at any time to withdraw any consent given to the processing of your data. If you withdraw your consent, we will immediately delete the data concerned, provided there are no other legal grounds to support further processing. If you withdraw your consent, it will not affect the legality of the processing operations conducted until the time of the withdrawal.

Right to Complain to Data Protection Supervisory Authority
If you believe that the processing of your personal data violates the GDPR, GDPR art. 77 provides you the option of filing a complaint with the Privacy Officer named above or with a supervisory authority for data protection. The supervisory authority with jurisdiction over us is:

Die Berliner Beauftragte für Datenschutz und Informationssicherheit
Friedrichstr. 219
10969 Berlin

Further Information


The Web site for PAUL IT-Service GmbH uses cookies. Cookies are text files that are downloaded and stored on a computer system through a Web browser.
There are numerous Web sites and servers that use cookies. Many cookies contain what is called a cookie ID, which acts as a unique identifier for the cookie. The ID consists of a sequence of characters through which Web sites and servers can recognize the specific Web browser in which the cookie was saved. This makes it possible for the visited Web sites and servers to differentiate between the data subject’s individual browser and other browsers that receive other cookies. Specific Web browsers can thus be recognized and identified using the unique cookie ID.
By using cookies, PAUL IT-Service GmbH can provide Web site users with more user-friendly services that would otherwise not be possible.
The use of cookies optimizes the information and offerings on our Web site for the user’s benefit. Cookies enable us to recognize the people using our Web site, as described above. The reason we seek to recognize users is so that we can make it easier for them to use our Web site. A person who uses a Web site that saves cookies, for example, does not have to repeatedly log in every time he/she visits the site, as the Web site and the cookie saved on the user’s computer take care of it for him/her. Another example is the cookie saved for a shopping basket in an online shop. The online shop remembers the items the customer puts in his/her virtual basket by using a cookie.
The data subject can at any time stop cookies being saved by our Web site by activating the corresponding settings in his/her Web browser and, in doing so, permanently object to cookies being saved. Furthermore, cookies that have already been saved can be deleted at any time using the Web browser or other software programs. This is a function available in all common Web browsers. If the data subject deactivates his/her Web browser’s cookie-saving function, it may in some cases no longer be possible to use the complete functionality of our Web site.

Privacy policy for the use and Application of Google Maps
The data controller has integrated Google Maps on this website.
Google Maps (API) is a web service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) to display interactive (land) maps for visual representation of geographical information. By using this service, visitors to the website are shown the company’s location and any directions are made easier.
Information about the use of the respective website (such as the IP address) is transmitted to and stored by Google on servers in the USA as soon as the sub-pages into which the Google Maps map is integrated are accessed. This happens regardless of whether Google provides a user account through which the person concerned is logged in, or whether no user account exists. If the person concerned is logged in to Google, their data will be assigned directly to their account. If this assignment is not desired, the person concerned must log out before activating the button. Google saves the data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation takes place in particular according to art. 6 para. 1 lit. f GDPR on the basis of the legitimate interests of Google in the insertion of personalised advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
Google LLC, based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU.
If the person concerned does not agree to the future transmission of his/her data to Google as part of the use of Google Maps, it is also possible to completely deactivate the Google Maps web service by switching off the JavaScript application in the browser. Google Maps and therefore also the map display on this website cannot be used.
Google’s terms of use can be viewed at, the additional terms of use for Google Maps can be found at
Detailed information on data protection in connection with the use of Google Maps can be found on Google’s website (“Google Privacy Policy”):

Data Protection Provisions for the Use of Google Fonts
The controller has integrated Google Fonts into this Web site. Google provides free fonts that can be used when designing Web sites.
So that fonts can be displayed consistently, this Web site uses Web fonts that are provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). When visiting a page on our Web site, the data subject’s browser loads the required Web fonts into its cache so that it can display text and fonts correctly.

For this purpose, the browser used by the data subject must establish a connection with Google’s servers. This process informs Google of the corresponding page being visited from the data subject’s IP address. We use Google Web fonts in the interest of presenting our online offering consistently and appealingly. This represents a legitimate interest as provided in GDPR art. 6(1)(f). If the data subject’s browser does not support Web fonts, the data subject’s computer will use a default font.
Google LLC., based in the United States, has been certified for the purposes of the U.S.-EU “Privacy Shield” data protection framework, which ensures compliance with the level of privacy required in the EU.
You can find more information about Google Fonts at and in Google’s privacy policy at

Data Protection Provisions for the Use of Facebook
The controller has integrated components from Facebook, Inc. into this Web site. Facebook is a social network.
A social network is a social meeting place and online community run on the Internet that usually enables users to communicate with each other and interact in a virtual setting. A social network can be used as a platform to exchange opinions and experiences or it enables the online community to provide personal or commercial information. Facebook enables the social network’s users to do things such as create private profiles, upload photos, and network with each other through friend requests.
The company operating Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. The entity controlling the processing of data, if the data subject is not resident in the United States or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Every time an individual page is visited on this Web site, the latter being operated by the controller and featuring an integrated Facebook component (Facebook plug-in), the relevant Facebook component automatically causes the Web browser on the data subject’s information technology system to download a rendering of the corresponding Facebook component from Facebook. You can see an overview of all Facebook plug-ins at This technological process involves Facebook receiving knowledge of the particular sub-site on our Web site that the data subject is visiting.
Every time the data subject visits our Web site and for the entire length of time he or she spends on our Web site, Facebook will identify the specific sub-site on our Web site that the data subject visits if he or she is simultaneously logged in to Facebook. This information is collected by the Facebook component and matched with the data subject’s Facebook account by Facebook. If the data subject clicks on one of the Facebook buttons integrated into our Web site, for example the “Like” button, or if the data subject leaves a comment, Facebook will match this information with the data subject’s personal Facebook account and store this personal data.
The Facebook component always informs Facebook of the data subject visiting our Web site if the data subject is simultaneously logged in to Facebook at the time of visiting our Web site, irrespective of whether the data subject clicks on the Facebook component. If the data subject does not want this information to be transferred to Facebook in the described manner, he or she can prevent it being transferred by logging out of his or her Facebook account before visiting our Web site.
The Data Policy published by Facebook, available at, provides information about Facebook’s collection, processing, and usage of personal data. Furthermore, it explains the settings that Facebook offers to protect the privacy of data subjects. Additionally, there are various applications available that make it possible to stop data from being transferred to Facebook. Data subjects can use these applications to prevent data from being transferred to Facebook.

Effective 25.05.2018