This data protection declaration informs you about the type, scope and purpose of the processing of personal data within our online offer and the associated websites, functions and contents (hereinafter jointly referred to as "online offer" or "website").
With regard to the terms used, such as "personal data" or their "processing", we refer to the definitions in Art. 4 of the General Data Protection Regulations (GDPR).
Data collection and processing
You can visit our site without providing any personal information. We only store access data without personal reference such as the name of your Internet service provider, the page from which you are visiting us or the name of the requested file. These data are evaluated exclusively for the improvement of our offer and do not allow any conclusion on your person.
The personal data of users processed within the scope of this online offer, i.e. of interested parties and visitors to our online offer, includes master data (first and last name, e-mail address, telephone, IP address) and content data (your details in the contact form).
We process personal data of users only in compliance with the relevant data protection regulations. This means that user data will only be processed if a legal permission has been obtained. This means, in particular if data processing is necessary for the provision of our contractual services (e.g. processing of enquiries) and online services, or is required by law, if the user has given his or her consent, as well as if our legitimate interests (i.e. interest in the analysis, optimisation and economic operation and security of our online services within the meaning of Art. 6 para. 1 lit. f. GDPR, in particular for range measurement, collection of access data and use of third-party services.
We point out that the legal basis of the consents Art. 6 para. 1 lit. a. and Art. 7 GDPR, the legal basis for the processing for the fulfilment of our services and implementation of contractual measures Art. 6 para. 1 lit. b. GDPR, the legal basis for processing to fulfil our legal obligations Art. 6 para. 1 lit. c. GDPR, and the legal basis for processing to protect our legitimate interests Art. 6 para. 1 lit. f. GDPR is.
We take organizational, contractual and technical security measures in accordance with the state of the art in order to ensure that the regulations of data protection laws are observed and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
Disclosure of data to third parties
Data will only be passed on to third parties within the framework of legal requirements. We only disclose user data to third parties on the basis of a consent granted pursuant to Art. 6 para. 1 lit. a) GDPR or if this is required on the basis of Art. 6 para. 1 lit. b) GDPR for contractual purposes or on the basis of justified interests pursuant to Art. 6 para. 1 lit. f. GDPR on the economic and effective operation of our business operations.
If we use subcontractors to provide our services, we take appropriate legal precautions as well as appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.
If content, tools or other means from other providers (hereinafter jointly referred to as "third providers") are used within the scope of this data protection declaration and their named registered office is in a third country, it is to be assumed that data is transferred to the countries in which the third providers have their registered office. Third countries are countries in which the GDPR is not directly applicable law, i.e. in principle countries outside the EU or the European Economic Area. The transfer of data to third countries takes place either if an appropriate level of data protection, user consent or other legal permission is available.
Performance of contractual services
We process inventory data (e.g., names and addresses as well as contact data of users) and content data (information in the contact form) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. GDPR.
When using our online services, we store the IP address and the time of the respective user action. The data is stored on the basis of our legitimate interests as well as the user's protection against misuse and other unauthorized use. This data is passed on to third parties if there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c GDPR or on the basis of justified interests pursuant to Art. 6 para. 1 lit. f. GDPR on the economic and effective operation of our business operations.
When contacting us (via contact form), the user's details are processed for processing the contact enquiry and its handling in accordance with Art. 6 para. 1 lit. b) GDPR.
If users leave comments or other contributions, their IP addresses will be used on the basis of our legitimate interests within the meaning of Art. 6 (1) (f). GDPR is saved.
This takes place for our safety, if someone leaves illegal contents in comments and contributions (insults, forbidden political propaganda, etc.). In this case we can be prosecuted ourselves for the comment or contribution and are therefore interested in the identity of the author.
Furthermore, we use the plugin Antispam Bee, which compares the IP addresses of commentators with known spam emails and filters them out.
Collection of access data and log files
We collect data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR data on each access to the server on which this service is located (so-called server log files). Access data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for a maximum of seven days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.
Cookies are information that is transferred from our web server or third party web servers to the user's web browser and stored there for later retrieval. Cookies can be small files or other types of information storage.
If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
The information received via cookies and web beacons, your IP address and the delivery of advertising formats are transmitted to a Google server located in the USA and stored there. Google may disclose this collected information to third parties where required to do so by law or where Google has requested third parties to do so. However, Google will merge your IP address together with the other stored data.
By making the appropriate settings in your Internet browser, you can prevent these cookies from being stored on your PC. However, this may mean that the content of this website may no longer be used to the same extent. By using this website, you consent to the processing of your personal data by Google in the manner and for the purposes described above.
Rights of users
Users have the right, upon request and free of charge, to receive information about the personal data that we have stored about them.
In addition, users have the right to correct inaccurate data, to limit the processing and deletion of their personal data, if applicable, to assert their rights to data portability and, in the event of the assumption of unlawful data processing, to file a complaint with the competent supervisory authority.
Likewise, users can revoke consents, in principle with effect for the future.
Deletion of data
The data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to keep it in safekeeping. If the user's data are not deleted because they are necessary for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial or tax reasons.
In accordance with statutory requirements, the records are kept for 6 years in accordance with § 257 (1) HGB (= German trade laws) (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 (1) AO (= German tax code) (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
Right of objection
Users can object to the future processing of their personal data in accordance with legal requirements at any time.