With this declaration, we inform you about the type and scope, as well as the purpose and legal basis of the processing of personal data on this website and on any online presences in social networks. In addition, we communicate here our information and notification obligations for the use of personal data in our company.
Name and address of the person responsible
The responsible body within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Basic information on the processing of personal data
We collect and process personal data of our users only insofar as this is necessary for the provision of a functional website or the provision of services of our company. Processing is only carried out with your consent or if permitted or required by law.
In doing so, the security of your personal data has a high priority for us. We therefore protect your data by technical and organisational measures to prevent misuse of the use. We regularly review the measures taken and adapt them to current technical conditions. Furthermore, we commit all employees to confidentiality in accordance with §28 GDPR.
Purposes and legal basis of processing, transfer to third parties and parties abroad
We process your data for the following purposes:
- Fulfilment of new or existing contractual relationships or for the implementation of pre-contractual measures, e.g. the preparation of offers
- Sending marketing information
- Processing enquiries, e.g. as part of our core activity or for application letters
- Provision of telemedia, e.g. our website or e-mail
In doing so, we process the data on the legal basis of Art. 6 (1) GDPR:
- Art. 6 (1) a) GDPR: Processing operations based on your consent
- Art. 6 (1) b) GDPR: Processing operations for the performance of a contract or pre-contractual measures, e.g. a purchase or service contract or the request for a quote
- Art. 6 (1) c) GDPR: Processing operations to which we are legally obliged, e.g. storage for tax reasons
- Art. 6 (1) f) GDPR: Processing operations that we carry out on the basis of our legitimate interests, e.g. the transfer of your data to postal service providers for the purpose of sending mail or to a tax advisor. This includes storing information on website usage for the purpose of optimising our website.
The disclosure of your data to third parties is also based on the above permissions and only takes place within the framework of a contract processing agreement or if other confidentiality obligations exist, such as professional secrecy carriers or shipping service providers. If a transfer to third countries outside the European Economic Area takes place, the recipients have corresponding guarantees in accordance with Art. 44 et seq. of the GDPR, e.g. certification under the Privacy Shield.
Duration of storage, deletion of personal data
Personal data shall be processed and stored only for the period necessary to fulfil the purposes of the processing. After the purpose has been fulfilled, your data will be deleted or blocked by us, provided that we are no longer subject to a legal storage obligation.
Contacts at trade fairs and events
If you have given us your contact details, e.g. in the form of a business card at trade fairs or other events, we will use these to contact you. This includes sending a catalogue and/or being contacted by our sales department. You will receive a separate confirmation email when your data is collected in our CRM system, informing you of this collection and providing you with an easy way to object to the processing. Contacting us after handing over a business card is a pre-contractual measure for us according to Art. 6 (1) b) GDPR, i.e. an expression of interest in an offer. You can object to the processing of data for the above-mentioned purposes at any time.
When contact is made (e.g. via contact form, e-mail, telephone or via social networks), the user’s personal data is used to process the contact enquiry in accordance with Art. 6 (1) b GDPR, i.e. processed for the performance of a contract or pre-contractual measures. For this purpose, your data may be transferred to a customer management programme (CRM system). Please note that we are obliged to archive e-mails in accordance with the GoBD*; it is therefore not possible to completely delete e-mails sent to us (from our archiving system). Information transmitted via our contact form on our website is protected in accordance with the provisions of TMG** §13 (7) securely encrypted.
Embedding Google Fonts and YouTube
To improve our online offer, we integrate fonts (“Google Fonts”) from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Through the use of Google Fonts, data on the use of the fonts is also collected and possibly stored by Google. We also include videos from the YouTube video platform on our website. YouTube belongs to the provider Google LLC. The data protection declaration can be found at: https://www.google.com/policies/privacy/, an opt-out option can be found at: https://www.google.com/policies/privacy/ The integration of the videos is done to optimise our online experience. The legal basis for the integration of the above-mentioned fonts and videos is the protection of our legitimate interest in accordance with Art. 6 (1) f) GDPR. Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Collection of access data and log files
We collect access data (log files) about every server access on the basis of our legitimate interests pursuant to Art. 6 (1) f) GDPR. This includes the name of the website accessed, the date and time of the access, the file and data volume transferred, the message about the success or failure of the access, the browser type and version, the operating system, the referrer URL (the previously visited page) and your IP address.
Log files are collected for security reasons (e.g. to investigate criminal offences) and stored for a period of seven days, after which they are deleted. If data is still required for evidentiary purposes, it will be exempted from deletion until the respective incident has been finally clarified.
To ensure a fast and stable connection, we have outsourced the hosting to an external service provider. This processes the above log data according to our specifications. The disclosure is made on the basis of our legitimate interest pursuant to Art. 6 (1) f) GDPR in conjuction with Art. 28 GDPR.
Cookies are files that are stored by the internet browser on the user’s computer system. When this website is called up, cookies are stored in the browser memory of the person concerned.
You can prevent cookies from being stored in your browser, but the site may then only function to a limited extent. At this point, it makes more sense to delete all cookies after the end of the respective browser session, which works without restriction on our site and prevents recognition on your next visit with all the positive and negative consequences for you.
We use technical cookies as this is technically necessary for the operation of the service offered in accordance with Art. 6 (1) f) GDPR, i.e. to safeguard our legitimate interest.
Technical cookies are used to recognise a user when the website is called up again and thus, for example, to save language settings made, a shopping basket or similar beyond a surfing session.
In addition, we use tracking cookies to obtain statistical evaluations of the usage behaviour of our website. The legal basis for this is also the protection of our legitimate interest according to Art. 6 (1) f) GDPR. Tracking cookies include:
Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
We have concluded the mandatory data protection agreement with Google in written form. See also www.google.de/analytics/terms/de.html
Reference to the data subject rights
If we process your personal data, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
Right of access and data portability
You have the right to request information about the data stored about you.
You have the right to receive the requested data in a common, machine-readable format.
Right of rectification
You have the right to request the controller to correct any inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data.
Right of limitation
You may request the restriction of the processing of personal data concerning you under the following conditions:
1) The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.
2) The processing is unlawful and the data subject objects to the erasure of the personal data and requests instead the restriction of the use of the personal data.
3) The controller no longer needs the personal data for the purposes of the processing, but the data subject needs them for the establishment, exercise or defence of legal claims, or if
4) the data subject objects to the processing as long as it is not yet established whether the legitimate grounds of the controller override those of the data subject.
Where processing has been restricted, those personal data may be processed, apart from being stored, only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or of a Member State. We will inform you before the restriction is lifted.
Right to deletion
You may request the erasure of the processing of personal data concerning you under the following conditions:
1) The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
2) The data subject revokes consent and there is no other legal basis for the processing.
3) The data subject objects to the processing and there are no overriding legitimate grounds for the processing.
4) The personal data have been processed unlawfully.
5) The deletion of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
6) The personal data was collected in relation to the use of web services.
Right to revoke a declaration of consent
You have the right to withdraw consent to the processing of personal data at any time. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
Right to information
If you have exercised the right to rectification, erasure or restriction of processing, we are obliged to inform all recipients to whom this data has been disclosed of the rectification, erasure or restriction of the data as well, unless this involves a disproportionate effort or is impossible.
Right of appeal
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you; this also applies to profiling based on these provisions. The controller shall no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.
If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is associated with such direct marketing.
Automated decision in individual cases including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision
1) is necessary for the conclusion or performance of a contract between you and the responsible person,
2) is authorised by Union or Member State legislation to which the controller is subject and that legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
3) is done with your express consent.
Decisions pursuant to paragraph 2 may not be based on special categories of personal data pursuant to Art. 9 (1) GDPR unless Art. 9 (2) a) or g) GDPR and appropriate measures have been taken to protect the rights and freedoms as well as the legitimate interests of the data subject.
With regard to the cases referred to in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms of, and your legitimate interests, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.
Right to complain to a supervisory authority
You have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
Failure to provide personal data
If you do not provide us with personal data that we require for contractual purposes, this failure to provide will generally result in the contract not being concluded. We can inform you in individual cases whether provision is legally obligatory or contractually required and what the consequences of non-provision would be in individual cases.
This website uses technology provided by Zendesk International Ltd, 55 Charlemont Place, Saint Kevin’s, Dublin, D02 F985 Ireland. Data collected to operate the live chat system to respond to live support requests. The entry of personal data on the part of the user, such as email address and name, is expressly on a voluntary basis. The information about your use of the live chat will be used in the context of responding to your enquiry in accordance with. Art 13 (1) b) GDPR processed and deleted after the conclusion of the chat.
Phone: + 49 2154 9460 10
Fax: +49 2154 9460 98
*GoDP: Principles for the proper keeping and storage of books, records and documents in electronic form and for data access. German Record Keeping Act.
**TMG: German Telemedia Act