Imprint
Legal Notice
Data Protection Declaration
ImprintLegal Notice

General

This data protection declaration serves to fulfil the obligation under Article 13 GDPR to provide information to visitors to the website.

The aim is to inform users about how their personal data is processed when they visit our website.

1. Controller and Data Protection Officer

The controller for this website is:

Baader Bank AG
Weihenstephaner Str. 4
85716 Unterschleissheim
Germany
Email service@baaderbank.de

If you have any questions about how your personal data is processed or about data protection in general, you can contact the Data Protection Officer at any time:

Baader Bank AG
Weihenstephaner Str. 4
85716 Unterschleissheim
Germany
Email: datenschutz@baaderbank.de

2. What data is processed for what purposes?

Each time you access the website, data is temporarily stored that could be used to identify you.

The following data is collected:

  • Date and time of access
  • IP address
  • Hostname of the accessing computer
  • Website from which the website was accessed
  • Websites accessed via the website
  • Pages visited on our website
  • Confirmation of whether the information retrieval was successful
  • Volume of data transferred
  • Information about the browser type and the version used
  • Operating system


We need to temporarily store this data when you visit the website in order to make the website available to you. The data is also stored in log files in order to deliver the website functionality, ensure that the information technology systems are secure and carry out user analyses. These purposes also constitute our legitimate interest in processing your data.

Please note there is a contact form on our website, which can be used to contact us electronically. If you send us an enquiry via this form, your details, including your contact details provided in the form, will be stored by us for the purpose of processing your enquiry and responding to any follow-up questions. 

Alternatively, you can contact us via the email address provided. In this case, we will store your personal data that is transmitted with the email.

This data will not be passed on to third parties. We will only use the data to process your enquiry.
Please note that unencrypted communication via email is not secure, so we do not assume any liability for messages sent in this way.

When using the contact form, the following data will also be processed:

  • First name, last name, email address and, if applicable, reference number
  • Information entered in the free text field


Baader Bank uses Usercentrics as a consent management platform for storing and documenting cookie consents. Within the scope of subcontracting, Baader Bank transmits personal data (consent data in the cookie banner such as date and time of visit or consent/rejection, device information, anonymised IP address) to Usercentrics GmbH [Sendlingerstr. 7, 80331 München].

3. What is the legal basis for processing the data?

Data processing is carried out on the basis of Article 6(1)(f) GDPR - legitimate interest. The legitimate interests are outlined in point 2.

The processing of data when using the cookie banner is carried out for the purpose of complying with legal obligations (duty of proof pursuant to Art. 7(1) GDPR) and the associated documentation of consent and is therefore based on Art. 6(1)(c) GDPR.

The relevant legal basis for our use of the contact form also constitutes our legitimate interest in accordance with Article 6(1)(f) GDPR. The data entered in the contact form may also be processed on the basis of Article 6(1)(b) GDPR, insofar as your enquiry is related to the fulfilment or initiation of a contract.

4. With whom will we share your data?

The website is hosted by &why GmbH [Tegernseer Landstraße 36, 81541 München. Subcontractors are also used within the scope of this data processing. Usercentrics GmbH and Posthog Inc. receive the above-mentioned data as subcontractors for the storage and documentation of cookie consents and user analysis. A corresponding agreement is in place with the service providers.

No data is transferred to other third parties and outside the EU/EEA.

5. For how long will the data be stored?

The data will be deleted once it is no longer required in order to fulfil the purpose for which it was collected. In the context of making the website available, this will be the case once the website session in question has ended. The log files are deleated after 30 days. The user analysis data will be retained for a maximum of 10 working days after the order and then permanently deleted. The data you enter in the contact form will be retained by us until the purpose for which it was collected no longer applies, unless statutory retention periods in accordance with Section 257 HGB (Handelsgesetzbuch - German Commercial Code) and Section 147 AO (Abgabenordnung - German Fiscal Code) prevent deletion (retention period between six and ten years).

6. Your rights as a data subject

As a data subject, you have the following rights:

  • Right of access pursuant to Article 15 GDPR
  • Right to rectification pursuant to Article 16 GDPR
  • Right to erasure of your data pursuant to Article 17 GDPR
  • Right to restriction of data processing pursuant to Article 18 GDPR
  • Right to data portability pursuant to Article 20 GDPR

If you wish to exercise these rights, please contact: datenschutz@baaderbank.de

In addition, you have the right to lodge a complaint with a data protection supervisory authority in accordance with Article 77(1) GDPR.

The following data protection supervisory authority is responsible for the controller:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach
Tel. +49 (0) 981 53 1300
Fax +49 (0) 981 53 98 1300
Email: poststelle@lda.bayern.de
Online complaints: www.lda.bayern.de

7. Right to object pursuant to Article 21(1) GDPR

In accordance with Article 21(1) GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Article 6(1)(f) GDPR. You must give reasons for your objection.

Once an objection is lodged, the controller will no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

The collection of data to make the website available and the storage of log files is essential for the operation of the website.

8. Cookies

Our website uses cookies, which are small text files that are stored on your end device and saved by your browser. They help to make our website user-friendly, efficient and secure. Cookies do not store passwords.

Some cookies are necessary to provide the basic functionalities of the website (known as technical, functional cookies). These cookies are stored on the basis of Article 6(1)(f) GDPR, as we have a legitimate interest in the technical and error-free provision of our services.

Other cookies (e.g. for user analysis and marketing purposes) are only set with your express consent, in accordance with Article 6(1)(a) GDPR. These cookies will only be activated if you give your consent via our cookie banner. You can delete these cookies yourself at any time.

9. Outgoing hyperlinks to social media networks

Our website contains simple links to the following social networks: Xing and LinkedIn. Data is only exchanged with these social networks when you click on one of the links. In this case, another browser window will usually open, in which you can then share or publish information in accordance with the terms and conditions of the respective social network.