Home E Data pro­tec­tion E Data pro­tec­tion Website

Data pro­tec­tion decla­ra­ti­on (Web­site)

In the fol­lowing Data pro­tec­tion decla­ra­ti­on we, hot­splots GmbH, will be tel­ling you about the pro­ces­sing of your per­so­nal data (e.g. name, address, e‑mail address or usa­ge data) on our web­site. We pro­cess per­so­nal data at all times in con­for­mi­ty with the EU Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR). The trans­mis­si­on of your per­so­nal data will always be car­ri­ed out using SSL encryp­ti­on (inclu­ding user­na­me and pass­word and the rema­in­der of the data rela­ting to the cus­to­mer area and shop of www.hotsplots.de).

You can print out or save this Data Pro­tec­tion Noti­ce by using your browser’s nor­mal func­tions. You can also down­load and archi­ve this Data Pro­tec­tion Noti­ce as a PDF file by cli­cking here [PDF].

If you are not inte­res­ted in the data pro­ces­sing of our web­site but in that of our pro­ducts, you will find here infor­ma­ti­on on data pro­tec­tion and data secu­ri­ty for the usa­ge of our hot­spots, e.g. for data cap­tu­re when using (WLAN) hot­spots and data cap­tu­re in VPN rou­ting. Other­wi­se sin­ce 2005 HOTSPLOTS has been regis­tered with the Ger­man Federal Net­work Agen­cy for its sup­ply of com­mer­cial telecom­mu­ni­ca­ti­on ser­vices to the public. Inso­far as the law requi­res, the­re also exists a regis­tra­ti­on in other coun­tries whe­re HOTSPLOTS operates.

1. Con­trol­ling body

The con­trol­ling body for the data pro­ces­sing set our below under the terms of the GDPR is

hot­splots GmbH
Rother­stra­ße 22
10245 Ber­lin

Tele­pho­ne: +49 (0)30 — 29 77 348–0
Fax: +49 (0)30 — 29 77 348–99

Email: datenschutz(at)hotsplots.de


2. Data Pro­tec­tion Officer

Should you have any ques­ti­ons about data pro­tec­tion, you can con­ta­ct our Data Pro­tec­tion Offi­cer at any time. He can be reached under the fore­go­ing e‑mail address and under the pos­tal address (to be hea­ded: “FAO HOTSPLOTS Data Pro­tec­tion Officer”).

3. Gene­ral use of the website

You can visit our web­site without tel­ling us who you are. You can then use the web­site in order only to find out about our com­pa­ny and our pro­ducts. In this case we shall only collect per­so­nal data inso­far as this is necessa­ry for tech­ni­cal rea­sons in order to use our web­site. When anyo­ne visits our web­site, our web­ser­ver auto­ma­ti­cal­ly and tem­pora­ri­ly stores, in so-cal­led log files, some con­nec­tion data which your brow­ser trans­mits to us. The­se are e.g. brow­ser type and ver­si­on, ope­ra­ting sys­tem, URL of last site visi­ted (refer­rer URL) and time. The infor­ma­ti­on stored in log­files does not allow of any direct con­clu­si­on to be drawn about your per­son. IP addres­ses are cap­tu­red in the webserver’s inter­nal log and era­sed after a maxi­mum of 24 hours. The pro­ces­sing of the­se con­nec­tion data takes place for pur­po­ses of enab­ling use of the web­site, of sys­tem secu­ri­ty and of tech­ni­cal admi­nis­tra­ti­on of the net­work infra­st­ruc­tu­re, and for opti­mi­sing our inter­net faci­li­ties. The legal basis for this data pro­ces­sing is Arti­cle 6(1)(b) of the GDPR.

No mer­ger takes place of the­se data with other data sources. The log files are stored for two mon­ths and then auto­ma­ti­cal­ly erased.

4. Use of con­ta­ct forms

We offer you a faci­li­ty to send us messages direct­ly via a con­ta­ct form. As part of our con­ta­ct form we record the cate­go­ry of your inte­rest, your name and first name, your e‑mail address and the actu­al mes­sa­ge. Fur­ther infor­ma­ti­on is optio­nal. The legal basis for this is Arti­cle 6(1)(b) of the GDPR. We shall only use the data recor­ded via our con­ta­ct forms in order to pro­cess enqui­ries; after­wards they will be era­sed after six months.

If you wish to beco­me an instal­la­ti­on part­ner of HOTSPLOTS, we shall pro­vi­de you with a con­ta­ct faci­li­ty via our web­site. Sin­ce the accounts in the cus­to­mer area (see below) and the accounts of instal­la­ti­on part­ners are lin­ked, we request the HOTSPLOTS user­na­me as a com­pul­so­ry field. All fur­ther data, such as per­so­nal con­ta­ct or tra­ding name, are optional.

5. Use of cookies

We use so-cal­led coo­kies on our web­pages. The­se are small text files which are stored on your device as soon as you visit one of our web­sites. If you visit this web­site again, the coo­kie indi­ca­tes that the visit is a repeated visit. We use coo­kies in order to store your pre­fe­ren­ces on our web­site, for instance lan­guage set­tings, or in order for tech­ni­cal rea­sons to rea­li­se the log-in func­tion to the pro­tec­ted cus­to­mer area. The­se ser­vices are groun­ded on our legi­ti­ma­te inte­rests. The legal basis is Arti­cle 6(1)(f) of the GDPR. In this way we aim to make a more con­ve­ni­ent and more indi­vi­du­al use of our web­site pos­si­ble for you.

Of cour­se you can also visit our web­site without coo­kies. You can so con­fi­gu­re your brow­ser that the accep­t­ance of coo­kies is nor­mal­ly rejec­ted or you are infor­med in advan­ce if a coo­kie is stored.

If you do not accept any coo­kies, this may lead to restric­tions on the use of our web­site. Coo­kies are necessa­ry for regis­tra­ti­on in the cus­to­mer area on www.hotsplots.de.

6. Cus­to­mer area and shop

To ope­ra­te hot­spots yourself, to beco­me an instal­la­ti­on part­ner, or to upload credits for the use of hot­spots, you must regis­ter for the pro­tec­ted cus­to­mer area. When regis­tering, collec­tion is made of the user­na­me and pass­word which the user free­ly choo­ses. The pass­word is not stored en clair, but only encryp­ted, as a so-cal­led hash value. Fur­ther collec­tion is made of your name and address, which are necessa­ry for the pro­duc­tion of cor­rect vou­chers, and of your e‑mail address, which is par­ti­cu­lar­ly necessa­ry for HOTSPLOTS, in order to sup­ply man­da­to­ry infor­ma­ti­on to cus­to­mers in case of amend­ments to the Gene­ral Terms & Con­di­ti­ons of Busi­ness, and for the cus­to­mer, in order to be able to use the “Pass­word for­got­ten” func­tion. You have the opti­on of sta­ting a tele­pho­ne num­ber for tele­pho­ne sup­port. Fur­ther optio­nal infor­ma­ti­on, such as fax num­ber, URL of your own web­site and VAT Num­ber, are only of impor­t­ance for the loca­ti­on owner or hot­spot ope­ra­tor. The legal basis for this pro­ces­sing is Arti­cle 6(1)(b) of the GDPR.

In our shop we offer you a selec­tion of pro­ducts and instal­la­ti­ons for ope­ra­ting WLAN hot­spots. If you set up a user account in our shop, you will be taken more rapidly through the order pro­cess, be able to store several dis­patch addres­ses, fol­low the pro­gress of your order so far, and much more.

When you regis­ter for the shop and under­ta­ke the sub­se­quent order pro­cess, we collect com­pul­so­ry data nee­ded for hand­ling the con­tract (name and first name, e‑mail address, pass­word, invoice and dis­patch address). Infor­ma­ti­on such as tele­pho­ne and fax num­ber is optio­nal. The legal basis for this is like­wi­se Arti­cle 6(1)(b) of the GDPR.

We store the data collec­ted in the cus­to­mer area and shop only as long as necessa­ry for per­forming con­trac­tu­al or sta­tu­to­ry duties for which we have collec­ted the data. After­wards we era­se the data immedia­te­ly, unless we still need the­se data until expi­ry of the sta­tu­to­ry peri­od of limi­ta­ti­on for pur­po­ses of evi­dence in civil pro­cee­dings or due to sta­tu­to­ry duties of storage.

7. Fur­ther trans­mis­si­on and recipients

Every usa­ge of your per­so­nal data is made only for the fore­go­ing pur­po­ses and to the extent necessa­ry in order to achie­ve the­se same pur­po­ses. We will not pass on your per­so­nal data to our ser­vice pro­vi­ders or to third par­ties unless this is necessa­ry for pur­po­ses of con­ta­ct hand­ling or you have express­ly con­sen­ted thereto.

To sup­ply our ser­vice, it is necessa­ry in cer­tain busi­ness tran­sac­tions to pass on per­so­nal data to selec­ted exter­nal ser­vice providers:

  1. For dis­patch of goods, the ship­per employ­ed to make the deli­very (usual­ly DHL Paket GmbH).
  2. For pay­ment by credit card, the credit orga­ni­sa­ti­on employ­ed to pro­cess the pay­ment (usual­ly Wire­card AG, cf. infor­ma­ti­on of the Wire­card AG).
  3. For hot­spot-pro­vi­si­on con­tracts, the sup­plier of the preli­mi­na­ry work, DSL/SIM card pro­vi­der, etc.
  4. For hot­spot instal­la­ti­ons, the local instal­la­ti­on partner.
  5. In case of pay­ment default, we avail our­sel­ves of exter­nal collec­tion ser­vices and, if necessa­ry, legal counsel.

Inso­far as we pass on data to ser­vice pro­vi­ders, the­se pro­vi­ders must use the said data sole­ly for per­for­mance of their com­mis­si­on. All ser­vice pro­vi­ders are care­ful­ly selec­ted and com­mis­sio­ned by us. They are con­trac­tual­ly bound to fol­low our inst­ruc­tions, have a duty of con­fi­den­tia­li­ty, and are regu­lar­ly moni­to­red by us. In all cases the extent of data trans­mit­ted is restric­ted to the requi­si­te minimum.

Trans­mis­si­on of per­so­nal data to government insti­tu­ti­ons and aut­ho­ri­ties is made only pur­suant to com­pul­so­ry natio­nal legal regu­la­ti­ons, or if such trans­mis­si­on is requi­red, in case of attacks upon our net­work infra­st­ruc­tu­re, for legal reme­dy and prosecution.

8. Goog­le Maps

To dis­play hot­spots in Euro­pe or as a gui­de to our com­pa­ny loca­ti­ons, we use the map ser­vice Goog­le Maps pro­vi­ded by Goog­le Inc., 1600 Amphi­theat­re Park­way, Moun­tain View, CA 94043, USA (“Goog­le”). In order for the Goog­le Maps mate­ri­al used to be incor­po­ra­ted and dis­play­ed on your web brow­ser, cal­ling up the con­ta­ct page your web brow­ser must make a con­nec­tion to a ser­ver of Goog­le in the USA. In this way Goog­le recei­ves the infor­ma­ti­on that the cor­re­spon­ding page on our web­site has been cal­led up from your device’s IP address. If you call up Goog­le Maps on our web­site while you are log­ged into your Goog­le pro­fi­le, Goog­le may addi­tio­nal­ly link this event with your Goog­le pro­fi­le. If you do not wish this allo­ca­ti­on to your Goog­le pro­fi­le, it will be necessa­ry for you to log out at Goog­le befo­re cal­ling up our con­ta­ct page. Goog­le will store your data and use them for pur­po­ses of adver­ti­sing, mar­ket rese­arch and per­so­na­li­sed dis­play of Goog­le Maps. You can object to this data collec­tion by con­ta­c­ting Goog­le. You will find fur­ther infor­ma­ti­on in Google’s Pri­va­cy Poli­cy and the Addi­tio­nal Terms of Ser­vice for Goog­le Maps/Google Earth. Goog­le will also pro­cess your per­so­nal data in the USA and has acce­ded to the EU-US Pri­va­cy Shield: www.privacyshield.gov/EU-US-Framework.

9. News­let­ter

Cus­to­mers and hot­spot ope­ra­tors can find out about your pro­ducts and ser­vices regu­lar­ly via a news­let­ter. To send the news­let­ter, your e‑mail address is pro­ces­sed in our sys­tems. You can can­cel rece­i­pt of the news­let­ter again at any time. To unsub­scri­be from the news­let­ter for cus­to­mers and hot­spot ope­ra­tors, you will find a link at the end of each news­let­ter. You can also deselect the appro­pria­te but­ton in the cus­to­mer area. A noti­ce to the con­ta­ct data given abo­ve or in the news­let­ter (e.g. by e‑mail or let­ter) is of cour­se like­wi­se suf­fi­ci­ent for this pur­po­se. The legal basis for this data pro­ces­sing for pur­po­ses of the news­let­ter is Arti­cle 6(1)(a) of the GDPR.

In our news­let­ters we use nor­mal mar­ket tech­no­lo­gies by which inter­ac­tions with the news­let­ters can be mea­su­red (e.g. ope­ning of the e‑mail, links cli­cked). We use the­se data in pseud­ony­mi­sed form for gene­ral sta­tis­ti­cal eva­lua­tions and to opti­mi­se and fur­ther deve­lop our con­tents and cus­to­mer com­mu­ni­ca­ti­on. This is done with the aid of small gra­phics which are embed­ded in the news­let­ter (so-cal­led pixels). The­se data are collec­ted sole­ly in pseud­ony­mi­sed form, nor are they com­bi­ned with your other per­so­nal data. The legal basis for our legi­ti­ma­te inte­rest in this mat­ter is Arti­cle 6(1)(f) of the GDPR. Via our news­let­ter we aim as far as pos­si­ble to share infor­ma­ti­on which is rele­vant to our cus­to­mers and to under­stand what our rea­ders are actual­ly inte­res­ted in. If you do not wish the­se user pat­terns to be ana­ly­sed, you can can­cel rece­i­pt of the news­let­ter or dis­able gra­phics as stan­dard in your e‑mail pro­gram. The­se data on inter­ac­tion with our news­let­ters are stored in pseud­ony­mi­sed form for 30 days and then com­ple­te­ly anonymised.

10. Your rights

You have the right to recei­ve infor­ma­ti­on about the pro­ces­sing of your per­so­nal data by us at any time. In this con­text we shall exp­lain the data pro­ces­sing to you and pro­vi­de you with an over­view of the data rela­ting to your per­son which have been saved.

Should data which we have stored be erro­ne­ous or no lon­ger up to date, you enjoy the right to have the­se data cor­rec­ted. You can also requi­re that your data be era­sed. Should such era­su­re be impos­si­ble in the excep­tio­nal case due to other legal regu­la­ti­ons, the­se data will be blo­cked, so that they are only avail­ab­le for this sta­tu­to­ry pur­po­se. You can also restrict the pro­ces­sing of your per­so­nal data, if e.g. doubts exist on your part as to whe­ther the­se data are correct.

You also have the right of data trans­fe­ra­bi­li­ty, i.e. you may requi­re us to send you a digi­tal copy of the per­so­nal data which you have provided.

Inso­far as we pro­cess your data pur­suant to legi­ti­ma­te inte­rests under Arti­ca­le 6 (1)(f) of the GDPR, under Arti­cle 21 of the GDPR, you have the right to lodge objec­tion to the pro­ces­sing of your data and to sta­te to us such grounds ari­sing from your par­ti­cu­lar situa­ti­on as, in your opi­ni­on, must allow your pro­tec­ted inte­rests to be over­ri­ding. Should your objec­tion be an objec­tion to data pro­ces­sing for pur­po­ses of direct adver­ti­sing, you have a gene­ral right of objec­tion, which will be imple­men­ted by us also without grounds being stated.

To exer­cise your rights as set out here, you can com­mu­ni­ca­te at any time with the fore­go­ing con­ta­ct details. You also have the right to lodge a com­p­laint to the data-pro­tec­tion aut­ho­ri­ty to which we are sub­ject (Ber­lin Com­mis­sio­ner for Data Pro­tec­tion and Free­dom of Infor­ma­ti­on, Fried­rich­stras­se 219, 10969 Ber­lin). You can also con­ta­ct the data-pro­tec­tion aut­ho­ri­ty at your place of resi­dence, which will then pass your app­li­ca­ti­on on to the com­pe­tent authority.

Ver­si­on 2.3, sta­tus: March 2019