Privacy Policy

Introduction

Thank you for visiting our website and for your interest in our broad range of products. To help us provide you with the best possible service, personal data are collected, processed and transmitted on our web pages.

Personal data (e.g. the name, postal address, email address and telephone number of a data subject) are always processed in accordance with the EU’s General Data Protection Regulation (GDPR) as well as with the specific national data protection rules applicable to us.

As the controller responsible for data processing, we have implemented numerous technical and organisational measures to ensure the fullest possible protection for all personal data which is processed on our website. However, no data transmission over the Internet can be guaranteed to be one hundred percent secure and vulnerabilities can never be completely ruled out.

1. Key concepts and definitions

This Privacy Statement is based on the key concepts and definitions as used by the Community legislature and regulatory authority at the time the GDPR was adopted (Art. 4 GDPR). This Privacy Statement is written in plain language, so that it can be easily understood by anyone. To make doubly sure of this, we shall begin by explaining and defining a few key concepts. The following key concepts and definitions are used in this Privacy Statement:

  1. Personal data“:
    Any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, geographical location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  2. Data subject“:
    Any identified or identifiable natural person whose personal data are processed by the controller responsible for processing;
  3. Processing“:
    Any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  4. Restriction of processing“:
    The marking of stored personal data with the aim of limiting its processing in the future;
  5. Profiling“:
    Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, geographical location or movements;
  6. Controller“:
    The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  7. Recipient“:
    A natural or legal person, public authority, agency or other body, to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of such data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
  8. Third party“:
    A natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
  9. Consent
    Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Contact

Responsible controller

NORRES Schlauchtechnik GmbH
CEO: Albert Cordewener
Am Stadthafen 12-16
45881 Gelsenkirchen
GERMANY
Telefon +49 209 8 00 00 0
Phone info(at)norres.com

External Data protection officer

As data protection officer is ordered from us:

Mr. Dipl.-Inform. Olaf Tenti
GDI Gesellschaft für Datenschutz und Informationssicherheit mbH
Körnerstraße 45
58095 Hagen
Phone +49 2331 356 832 0
E-Mail datenschutz(at)gdi-mbh.eu

3. Hosting

External Hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.
The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data.
We use the following hoster:
HostPress GmbH
Bahnhofstraße 34
66571 Eppelborn

Collection and storage of personal data and nature and purpose of its processing

When you visit the website

We may, to a limited extent, collect information automatically when you visit the website. These data help us to focus on improving your experience of our website, and we will always use them in a responsible way. Such information is automatically collected and stored in log files on the server of our provider. The data thus collected include:

  • Name of the website you accessed
  • Date and time of the access
  • Volume of data transmitted
  • Confirmation that the access was successful
  • Type of browser
  • Browser version
  • Patch level of the browser
  • Site you visited previously
  • Requesting provider
  • IP addresses [anonymised]

We will process this information for the following purposes:

  • To improve our website
  • To ensure IT security
  • To improve our services

The legal basis for processing on our website is Art. 6(1) sentence 1(f) GDPR. Our legitimate interests are derived from the aforementioned data collection purposes.

Duration of retention of your data:

Any data stored by us will be deleted after the legal retention periods.

Before initiating a business relationship:

We store your contact details (title, first and last name, postal address, email address, landline and / or mobile telephone number and fax number) to enable us to contact you in the course of present or future dealings. These data which we have collected about you are stored until such time as the establishment or continuation of a business relationship is no longer realistic.

We use information held about you in the following ways:

  • For the performance of a contract
  • For the purpose of sending you an offer

We will process this information for the following purposes:

  • To facilitate the maintenance of business relationships
  • To facilitate the proper execution of a contract
  • To facilitate the proper and efficient processing of your enquiry

The legal basis for processing is Art. 6(1) sentences 1(b) and (f) GDPR and is derived from the aforementioned purpose.

4. When do we store personal information?

We collect personal information about you whenever you:

  • Use our website
  • Open a personal customer account
  • Subscribe to our newsletter
  • Fill in a request or quotation form
  • Contact us by email
  • Share such information with us in conversation provided you have given us your consent

5. Who do we share your personal information with?

We share your personal information with the following business partners:

  • Episerver GmbH, Wallstraße 16, 10179 Berlin, Germany
  • Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) (Google Analytics, Google Tag Manager)

To our knowledge, our business partners apply all the required data protection standards and demonstrate compliance with data protection principles.

6. Cookies

How you can contact us

Our website offers you the opportunity to contact us, either by sending us an email or using the contact form. You may want to contact us for the following reasons:

  • Requirements
  • Offer
  • Enquiry

We provide various forms for this purpose in which all required information is recorded.

Your personal data are stored and processed in this connection for the purpose of communication. We do not share the data thus collected ([title, first and last name, telephone number, email address, IP address]) with third parties.

Your data will not be associated with other data collected on this website.

If you are already a customer of our company, these data may be stored for the purpose of customer relationship management (CRM).

The contact form is transmitted using TLS encryption, which serves to protect your personal data against unauthorised access.

The basis for data collection pursuant to Art. 6(1) sentence 1 GDPR is, where applicable, the consent you have given us (point a), the processing of data for the purpose of performing a contact or in order to take steps prior to entering into a contract (point b) as well as the legitimate interests of our company in the communication initiated by you (point f).

The data will be erased as soon as the purpose for which they have been stored no longer applies.

7. Data protection

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as any purchase orders or enquiries which you send to us as the site operator. You can recognise an encrypted connection in your browser when the address changes from “http://” to “https://” and a locked padlock is displayed in the address line.

If SSL or TLS encryption is enabled, the data you transfer to us cannot be read by third parties (end-to-end encryption). The protocols provide authentication of the communication partner and secure the integrity of the data transmitted.

8. Rights of the data subject

Your rights / exercise of rights

You are entitled to the rights set out below. You may exercise these rights against us. To exercise your rights, please use the aforementioned contact methods or send an email to datenschutz@gdi-mbh.eu

  1. Right of access under Art. 15 GDPR:
    You have the right to request information about your personal data processed by us, in particular about the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored or, if not possible, the criteria used to determine that period, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data as well as to object to such processing, the right to lodge a complaint with a supervisory authority, the origin of your data if they were not collected by us, the existence of automated decision-making including profiling and, where applicable, meaningful information about the logic involved as well as the significance and the envisaged consequences of such processing for you, and finally, where personal data are transferred to a third country, the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.
  2. Right to rectification under Art. 16 GDPR:
    You have the right to demand the rectification of inaccurate personal data concerning you and / or the right to have incomplete personal data completed without undue delay.
  3. Right to erasure under Art. 17 GDPR::
    You have the right pursuant to Art. 17(1) GDPR to demand the erasure of personal data concerning you. This right shall not apply to the extent that processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.
  4. Right to restriction under Art. 18 GDPR:
    You have the right to demand the restriction of processing of your personal data as long as the accuracy of the personal data is contested by you, the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead, we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims or if you have objected to processing for reasons arising from your particular situation, pending the verification whether our legitimate grounds override your own as the data subject.
  5. Notification obligation under Art. 19 GDPR:
    If you have asserted the right of rectification, erasure or restriction of processing vis-à-vis the controller, the controller is obliged to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom your personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.
  6. Right to data portability under Art. 20 GDPR:
    You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to have that personal data transmitted directly to another controller, where technically feasible.
  7. Right to withdraw consent under Art. 7(3) GDPR
    If our processing of personal data is based on your consent, you have the right to withdraw your consent to future processing at any time. If you withdraw your consent, we will cease processing of the data for which you have withdrawn consent, unless we have a legal obligation to keep some or parts of your data. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
  8. Right to lodge a complaint under Art. 77 GDPR
    Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

9. Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6(1) sentence 1(e) or (f) GDPR, including profiling based on those provisions.

The controller shall no longer process personal data concerning you unless the controller demonstrates compelling, legitimate reasons for continuing data processing which override your interests, rights and freedoms or, alternatively, for the establishment, exercise or defence of legal claims.

Where personal data concerning you are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent it is related to such direct marketing.

If you object to processing for direct marketing purposes, personal data concerning you will no longer be processed for such purposes.

In the context of the use of information society services, and notwithstanding EU Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

10. Storage period for personal data

The storage period for personal data is determined by the respective legal retention period. After expiry of this period, the data concerned will be routinely deleted, provided they are no longer necessary for the performance or initiation of the contract and / or there is no longer any legitimate interest on our part in further storage.

11. Updates and changes to this Privacy Statement

This Privacy Statement is regularly reviewed and was last updated in February 2020.
We reserve the right to change this Privacy Statement without prior notice to reflect improvements to our website, or to the services offered on our website, as well as legal and regulatory changes. The most current version of the Privacy Statement can be reviewed on our website and printed out at any time by following this link:

https://www.norres.com/en/legal/privacy-statement/

Privacy policy

1. Data protection at a glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the “Information on the controller” section of this privacy policy.

How we collect your data

On the one hand, your data is collected when you provide it to us. This may be data that you enter in a contact form, for example.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.

What we use your data for

Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyse your user behaviour.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the rectification or erasure of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time if you have any further questions on the subject of data protection.

Analysis tools and tools from third-party providers

When you visit this website, your surfing behaviour may be statistically analysed. This is primarily done using analysis programmes.

Detailed information on these analysis programmes can be found in the following privacy policy.

2. hosting

We host the content of our website with the following provider

External hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the hoster(s). This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.

External hosting is carried out for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Our host(s) will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data.

We use the following host(s):
HostPress GmbH
Bahnhofstraße 34
66571 Eppelborn

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which guarantees that the service will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

3. General notes and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Note on the responsible body

The party responsible for data processing on this website is:

NORRES Schlauchtechnik GmbH
Managing Director: Engelbertus H. Cordewener
Am Stadthafen 12-16
45881 Gelsenkirchen
Telephone +49 209 8 00 00 0
E-Mail info(at)norres.com

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).

External data protection officer

We have appointed the following data protection officer

Herr Dipl.-Inform. Olaf Tenti
GDI Gesellschaft für Datenschutz und Informationssicherheit mbH
Körnerstraße 45
58095 Hagen (NRW)
Telephone +49 2331 356 832 0
E-Mail datenschutz(at)gdi-mbh.eu
Internet: www.gdi-mbh.eu

Storage period

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion will take place after these reasons no longer apply.

General information on the legal basis for data processing on this website

If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, insofar as special categories of data are PROCESSED in accordance with Art. 9 para. 1 GDPR. In the event of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 para. 1 lit. a GDPR.
If you have consented to the storage of cookies or access to information in your end device (e.g. via device fingerprinting), data processing is also carried out on the basis of Section 25 (1) TDDDG. Consent can be revoked at any time. Insofar as your data is required to fulfill a contract or to carry out pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. In addition, we process your data if this is necessary to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also take place on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Information on the respective legal bases in individual cases can be found in the following sections of this privacy policy.

Recipients of personal data

As part of our business activities, we work together with various external organisations. In some cases, it is also necessary to transfer personal data to these external organisations. We only pass on personal data to external bodies if this is necessary for the fulfilment of a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in passing on data in accordance with Art. 6 Para. 1 lit. f GDPR or if another legal basis permits the passing on of data. When using processors, we only pass on our customers’ personal data on the basis of a valid contract for order processing. In the case of joint processing, a joint processing agreement is concluded.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to the collection of data in special cases and to direct marketing (Art. 21
GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of infringements of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

Information, rectification and erasure

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time regarding this and other questions data, you can contact us at any time.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do this.
The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we generally need time to check this. You have the right to request the restriction of the processing of your personal data for the duration of the review.
  • If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of erasure.
  • If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
  • If you have lodged an objection pursuant to Art. 21 (1) GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data collection on this website

Cookies

Our Internet pages use so-called “cookies”. Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); the consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser.
If cookies are deactivated, the functionality of this website may be restricted.

You can find out which cookies and services are used on this website in this privacy policy.

Consent with Complianz

Our website uses the consent technology of Complianz to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Complianz B.V., Kalmarweg 14-5, 9723 JG Groningen, Netherlands (hereinafter “Complianz”).

Complianz is installed locally on our servers, so no connection is established to the servers of the provider of Complianz. Complianz stores a cookie in your browser in order to be able to assign the consents you have given or revoke them. The data collected in this way is stored until you ask us to delete it, delete the Complianz cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

Complianz is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – the server log files must be recorded for this purpose.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Request by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; the consent can be revoked at any time.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after completed processing of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

5. Analysis tools and advertising

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is summarised in a user ID and assigned to the respective end device of the website visitor.

We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modelling approaches to supplement the data records collected and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

IP anonymisation

Google Analytics IP anonymisation is activated. As a result, your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

6. Plugins and Tools

Google Fonts (local hosting)

This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. Google Fonts are installed locally. There is no connection to Google servers.

Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Font Awesome (local hosting)

This site uses Font Awesome for the uniform display of fonts. Font Awesome is installed locally. There is no connection to the servers of Fonticons, Inc.

Further information about Font Awesome can be found in the Font Awesome privacy policy at: https://fontawesome.com/privacy.

OpenStreetMap

We use the OpenStreetMap (OSM) map service.

We integrate OpenStreetMap on our own (tile) server. When the map material is called up, there is therefore no connection to the servers of third parties.

The use of OpenStreetMap is in the interest of an appealing presentation of our online offers and an easy findability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

SolidWP

We have integrated SolidWP on this website. The provider is iThemes Media LLC, 1720 South Kelly Avenue Edmond, OK 73013, USA (hereinafter “SolidWP”).

SolidWP serves to protect our website from unwanted access or malicious cyberattacks. For this purpose, SolidWP records, among other things, your IP address, the time and source of login attempts and log data (e.g. the browser used). SolidWP is installed locally on our servers.

The use of SolidWP is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website as effectively as possible against cyberattacks. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Source: https://www.e-recht24.de