1. Basic information on data processing and legal base
1.1. This data protection declaration informs you about the type, scope and purpose of the processing of personal data within our online offer/range of products and services and the websites, functions and contents connected with it (hereinafter jointly referred to as „online offer“ or „website“). The data protection declaration applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) on which the online range is displayed.
1.2. The terms used, such as „personal data“ or their „processing“ refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
1.3. The personal data of users processed within the scope of this online range includes contact data (names, e-mail addresses), meta/communication data (IP addresses) and content data (entries in the contact form).
1.4. The term ‚user‘ covers all categories of data subjects. These include interested parties and other visitors to our online offerrange. The terms used, e.g. „user“, are to be understood in a gender-neutral way.
1.5. We process personal data of users only in compliance with the relevant data protection regulations. This means that the data of the users is only processed if legal permission exists. This means, in particular, if the data processing is necessary for the provision of our contractual services (e.g. processing of orders) as well as online services and/or if it is required by law, the consent of the user is present, as well as on the basis of our legitimate interests (i.e. interest in the analysis, optimisationoptimization and economic operation and security of our online offer in the sense of Art. 6 sec. f. GDPR.
1.6. We would like to point out that the legal basis of the consents is Art. 6 sec. 1 lit. a. and Art. 7 GDPR, the legal basis for processing for the purpose of fulfilling our services and implementing contractual measures is Art. 6 sec. 1 lit. b. GDPR, the legal basis for processing for the fulfilment of our legal obligations Art. 6 sec. 1 lit. c. GDPR and the legal basis for processing to safeguard our legitimate interests is Art. 6 sec. 1 lit. f. GDPR.
2. Security measures
2.1. We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection laws are complied with and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction and/or access by unauthorized persons.
3. Data transfer to third parties and third-party provider
3.1. Data will only be passed on to third parties within the framework of the legal requirements. We will only pass on user data to third parties if this is necessary for contractual purposes, e.g. on the basis of Art. 6 sec. 1 lit. b) GDPR or on the basis of our justified interests according to Art. 6 sec. 1 lit. f. GDPR in the economic and effective operation of our business operations.
3.2. If we use subcontractors to provide our services, we take appropriate legal precautions as well as appropriate technical and organizational measures to mensure the protection of personal data in accordance with the relevant legal provisions.
3.3. If content, tools and/or other means from other providers (hereinafter collectively referred to as „third parties“) are used within the scope of this data protection declaration and their registered office is located in a third country, it is to be assumed that data is transferred to the countries in which the third parties are based. Third countries are countries in which the GDPR is not directly applicable law, i.e. countries outside the EU or the European Economic Area. Data is transferred to third countries either if there is an appropriate level of data protection, user consent or other legal permission.
4. The processing of user da
4.1. We process content data (e.g. entries in the contact form) to help users with their request.
5.1. When contacting us (via contact form or e-mail), the user’s details are processed for the purpose of handling the contact request and its processing in accordance with Art. 6 sec. 1 lit. b) GDPR.
5.2. The users’ details may be stored in our email program.
6. Collection of access data and log files
6.1. On the basis of our legitimate interests within the meaning of Art. 6 sec. 1 lit. f GDPR data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited site), IP address and the requesting provider.
6.2. Log file information is stored for security reasons (e.g. to clarify acts of abuse or fraud) for a maximum of seven days and then deleted. Data whose further storage is required for evidentiary purposes is exempt from deletion until final clarification of the respective incident.
7. Cookies & range measurement
8. integration of third-party services and content
8.1. Within our online offerrange, we use content and service offers ranges from third parties on the basis of our legitimate interests (i.e. interest in the analysis, optimisationoptimization and economic operation of our online offer range within the meaning of Art. 6 sec. 1 lit. f. GDPR), in order to integrate their content and services, such as videos and/or fonts (hereinafter uniformly referred to as „content“). This always presupposes that the third-party providers of such content are aware of the IP address of the users, as without the IP address they would not be able to send the content to their browsers. The IP address is therefore required to display this content. We make every effort to use only such content whose respective providers use the IP address only to deliver the content. Third- party providers may also use so-called pixel tags (invisible graphics, also known as „web beacons“) for statistical or marketing purposes. Pixel tags“ can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information on the browser and operating system, referring web pages, visiting time and other details on the use of our online offer, as well as being able to be linked to such information from other sources.
8.2. The following presentation offers an overview of third-party providers and their contents, together with links to their data protection declarations, which contain further information on the processing of data and the possibility to object (so- called opt-out) as already mentioned here in some cases:
9. Users‘ rights
9.1. Users have the right to request information free of charge about the personal data we have stored about them.
9.2. In addition, users have the right to correct inaccurate data, restrict processing and delete their personal data, if applicable, to assert their rights to data portability and, in the event of suspected unlawful data processing, to lodge a complaint with the competent supervisory authority.
9.3. Users may also revoke their consent, generally with consequences for the future
10. Data deletion
10.1 The data stored with us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any legal storage obligations. If the user data is not deleted because it is required for other and legally permissible purposes, its processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial and/or tax law reasons.
11. Right of objection
11.1 Users can object to the future processing of their personal data in accordance with the legal requirements at any time.
12.2. The users are asked to inform themselves regularly about the content of the data protection declaration.