The Joint Audit Initiative JAVfX takes the protection of your personal data very seriously and wants to ensure that your privacy is protected at all times when using our services. Therefore, we collect and process your personal data only for the purposes stated in this privacy policy. Your personal data will also be transferred to third parties exclusively for the purposes described. The processing of personal data always takes place in compliance with the applicable data protection regulations, in particular the EU Data Protection Basic Regulation (EU-DSGVO).

Unless otherwise stated, all articles mentioned are those of the European Data Protection Basic Regulation (EU-DSGVO). This can be viewed at https://dsgvo-gesetz.de/.


The Joint Audit Initiative JAVfX GbR, Tannenweg 14, 55218 Ingelheim, legally represented by Dr. Bernhard Feil, Managing Partner, is responsible in the sense of Art. 4 para. 7. If you have any questions on the subject of data protection, in particular with regard to the exercise of your rights, please do not hesitate to contact us:

Joint-Audit-Initiative JAVfX GbR
c/o Herrn Friedemann Paulus
Tannenweg 14, 55218 Ingelheim
+49 6132 87704


3.1 Access data
The software used to provide the offers collects data about access to the resources provided and saves these as "server logfiles". The logging includes the following data:
  • IP address
  • Address called up
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Response code of the server to the request
  • Browser identification used ("User Agent")
  • Source/reference from which you came to the page

The data collected are used to correctly deliver the requested content. They inevitably arise when using the Internet with web browsers and are processed for the following purposes due to our legitimate interest (Art. 6 Para. 1 lit. f) in making our services available, optimizing and securing them:
  • Protection of a trouble-free connection to the website
  • Ensure a smooth use of our website
  • Evaluation of system safety and stability
  • Defence against attacks on the technical infrastructure
  • Statistical evaluations for the improvement of our offers

After 28 days, the last two blocks of digits (so-called "octets") are replaced by "0", whereby the IP addresses stored in the log files are actually anonymized. The creation of a personal reference is then no longer possible. 6 months after the end of the calendar month of recording, the logfiles are finally deleted.


When using our services, a so-called session cookie ("PHPSESSID") is generated. This serves the web server to assign user requests to server-side session data such as a shopping cart. This cookie expires after the end of the session, for example by closing the browser.

A complete deactivation of cookies can be set in the configuration menus of most common web browsers. Please note that some components of our offer may depend on cookies and can therefore no longer be used - or no longer fully used.


You can exercise the following rights at any time under the contact data of our contact person for data protection questions mentioned at the beginning:

5.1 Right to information (Art. 15)
Information about your data stored with us and their processing

5.2 Right of rectification (Art. 16)
Correction of incorrect personal data

5.3 Right to cancellation (Art. 17)
Deletion of your data stored with us ("right to be forgotten")

5.4 Right to limitation of processing (Art. 18)
Restriction of data processing, insofar as your data may not yet be deleted due to legal obligations

5.5 Right of opposition (Art. 21)
Objection to the processing of your data stored by us

5.6 Right to data transferability (Art. 20)
Provision and transmission of your data in a machine-readable format to another responsible person, as far as this is technically feasible.

5.7 Right of withdrawal (Art. 7 para. 3)
Revocation of a given consent with effect for the future

To exercise your right of appeal (Art. 77), please contact the competent supervisory authority. The jurisdiction depends on the federal state of your residence, your work or the place of the alleged violation.

You will find a list of the supervisory authorities (for the non-public sector) with their addresses at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.


We make every effort to ensure the security of your data within the framework of legal provisions and technical possibilities. All communication between you and our servers is encrypted using SSL (Secure Socket Layer). Nevertheless, data transmission on the Internet (e.g. communication by e-mail) may have security gaps that are beyond our control. A complete protection of the data against access by (unauthorized) third parties is not possible.

To secure your data stored by us, we maintain technical and organizational security measures in accordance with Art. 32, which we regularly check for effectiveness and compliance and adapt to the state of the art. These help to protect your data from access by unauthorized third parties as well as from unintentional modification or loss.

If the services of third parties are used in the manner described above to process your personal data, this is done within the framework of contracts for order data processing. These contracts specify the type and scope of processing as well as the obligations of the commissioned data processor to comply with strict standards with regard to data protection and data security.


GLAMUS Gesellschaft für moderne Kommunikation mbH, Gartenstraße 24, 53229 Bonn, https://www.glamus.de/ is the technical service provider responsible for the operation and maintenance of the hardware and software and for making the services available.

Cbb_Stand: 07.05.2019