1. Controller for the Processing of Your Personal Data
1.2. "Controller" for the processing of your personal data as defined in Art. 4 (7) GDPR is
You can reach our data protection officer, Chris Watson, at firstname.lastname@example.org or at our postal address with the addition "the data protection officer.
2. Personal Data
The term personal data includes, inter alia, your personal data (for example your name, your date of birth, your address, your nationality), your legitimation details (for example your identity card data), your contract and order data including your e-mail address, your technical connection data such as your IP address, advertising and sales data as well as other comparable data.
3. Collection of Your Personal Data
When processing your personal data, we distinguish between data that we collect directly from you and data that we receive from other sources.
3.1. Personal data that we collect from you:
3.1.1. If you are our customer, we process the personal data which you provide to us within the framework of your contact to us (e.g. via contact form, per e-mail or through your customer account). This includes e.g. your name and e-mail address. This takes place according to Art. 6 (1) (b) GDPR for the purpose of performance of the contract concluded with you.
3.1.2. Insofar as you access and use our website purely for informational purposes, we only collect such data which is automatically transmitted by your Internet browser. This includes e.g. the date and time of the inquiry to the website, the respective quantity of data transmitted, the website from which the access took place, browser type, browser settings and your IP address. This access data shall be evaluated exclusively for the purpose of ensuring a trouble-free operation of the site as well as improvement of our offering. This takes place according to Art. 6 (1) (f) GDPR on the basis of our legitimate interest in a correct presentation of our offering.
3.1.3. If you are a legal representative or employee of one of our customers, your personal data can be collected insofar as you act in the name of or on behalf of our customer in the business relationship existing with us. This occurs for the purpose of the initiation or, respectively, performance of the contract concluded with you, Art. 6 (1) (b) GDPR.
3.2. Personal data which we obtain from external sources
We may also refer to personal data which is legally collected by another controller and which are also legally transmitted to us such as e.g. publicly accessible information. This includes, inter alia, records of debtors, public registries such as e.g. insolvency notifications or information from the commercial registry as well as from the press or Internet.
4. Transmission of Your Personal Data to Third Parties
We transfer your personal data to processors engaged for this purpose domestically and abroad insofar as this is necessary for commercial or technical reasons. For this purpose, we carefully select the respective processor with which a contract is agreed for processing data on behalf of the controller according to Art. 28 GDPR as well as monitor it carefully. For the purpose of outsourcing of certain business processes, we have a legitimate interest in the conclusion of contracts for processing of data on behalf of the controller with the respective processor in accordance with Art. 6 (1) (f) GDPR.
4.1. We transfer your data for purposes of performance of a contract according to Art. 6 (1) (b) GDPR e.g. to the shipping company entrusted with the delivery of the relevant goods
4.2. We may also transfer your personal data to companies affiliated with us, i.e. group companies. For the purpose of internal administration, we have a legitimate interest in the transfer of data to our Group companies pursuant to Art. 6 (1) (f) GDPR.
4.3. For purposes of performance of a contract according to Art. 6 (1) (b) GDPR, we can transmit your personal data in addition to all parties to whom we have assigned rights which result from the contract relationship with you.
5. Transfer of Your Personal Data to a Third Country
Should your data be transferred to a third country, we ensure that the transmission occurs only in such countries which have a level of protection respective to that as defined in Art. 45 (1) GDPR or the controller located in the respective third country has ensured appropriate data protection guarantees. These guarantees can, e.g. be comprised of:
5.1. binding, internal data protection regulations pursuant to Art. 47 GDPR, or
5.2. standard protection clauses which were issued by the European Commission according to the examination procedure according to Art. 93 (2) GDPR.
6.1. In addition, cookies are stored on your computer when you use our website. Cookies are small text files which are stored on your hard drive in a way referring to the browser you are using and which provide certain information to the party placing the cookie (in this case: to us). Cookies cannot execute programs or transmit viruses to your computer. They are used to make the Internet more user-friendly and more efficient as a whole.
6.2. This website uses transient as well as persistent cookies. The scope and functionality of these cookies are explained in the following:
6.2.1. Transient cookies are automatically erased when you close your browser. These include, in particular, session cookies which store a so-called session ID that can be used to assign different requests from your browser to the same session. This enables your computer to be recognised when you return to our website. Session cookies are erased when you log off or close your browser.
6.2.2. Persistent cookies are automatically erased after a defined time which may vary depending upon the cookie. You can erase the cookies at any time in the security settings of your browser.
6.3. You can configure your browser settings as desired and, e.g., reject acceptance of third party cookies or all cookies. However, we must point out that this action could have the consequence that you may not be able to use all the functions of this website.
7. Web Analytics Tools and Internet Advertising
7.1. Google Analytics
7.1.1. This website uses Google Analytics, a web analysis service provided by Google Inc. („Google“). Google Analytics uses so-called "cookies", text files which are stored on your computer and enable an analysis of the use of our website by you. The information on your use of the website generated by the cookies is usually transmitted to a Google server in the USA and stored there. If IP anonymisation is activated on this website, Google will, however, shorten your IP address prior to transmission within the Member States of the European Union or in other contracting states of the Treaty on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information to evaluate your use of the website, to compile reports of the website activities and to provide additional services associated with website use and Internet use.
7.1.2. The IP address transmitted by your browser in the context of Google Analytics will not be combined with other Google data.
7.1.3. You can prevent the cookies from being stored by making an appropriate setting in your browser software. However, we point out that if you do this, you may not be able to use all the functions of the website to the full extent. In addition, you may prevent acquisition of the data generated by the cookie by Google that relate to your use of the website (including your IP address) and the processing of the data by Google by downloading and installing the browser plug-in provided at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
7.1.4. This website uses Google Analytics with the extension "_anonymizeIp()". Herewith, IP addresses are shortened before further processing so that direct reference to a person can be ruled out. Insofar as a direct reference to you occurs through the data collected about you, this shall therefore be immediately ruled out and the personal data therewith immediately erased.
7.1.5. For the exceptional case in which personal data is transmitted to the USA, Google complies with the EU-US Privacy Shield. You can obtain information hereon under https://www.privacyshield.gov/EU-US-Framework.
7.2.1. To display videos we use "Vimeo" on our website. This is a service of Vimeo, LL C, 555 West 18 th Street, New York, New York 10011, USA.
7.2.2. If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. Here the Vimeo server is informed about which of our pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when you visit our website or do not have a Vimeo account. The information is transmitted to a Vimeo server in the USA, where it is stored. Some of the user data is processed on Vimeo servers in the USA. With respect to the EU-US Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt00000008V77AAE&status=Active) Vimeo, however, guarantees that the data protection requirements of the EU will also be complied when processing data in the USA. If you are logged in to your Vimeo account, Vimeo allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.
7.2.3. The legal basis for the use of Vimeo is Art. 6 (1) (f) GDPR. Our legitimate interest lies in improving the quality of our website.
7.2.4. Vimeo offers further information on the collection and use of the data as well as on your rights and opportunities to protect your privacy under http://vimeo.com/privacy.
7.3. Google Maps
7.3.1. On this website we use the offer of Google Maps. This enables us to display interactive maps directly on the website and enables you to use the map function conveniently.
7.3.3. The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.
8. Storage Periods and Criteria for the Storage of Your Personal Data
All processed personal data shall only be stored no longer and to the extent than is necessary for us to perform our contractual and statutory obligations. Among other things, data storage is necessary for the performance and execution of the contract including the defence and enforcement of civil law claims within the relevant statute of limitations time periods. In order not to violate the statutory regulations or to lose the possibility of enforcing a claim or to defend ourselves against such a claim, we reserve the right to first erase the data after expiry of the last time period which legitimizes the data storage. All technical access data for purely information visits shall be erased at the latest [seven days] after the end of your visit to the page. Data collected via the analysis service Google Analytics is deleted by default after [26 months].
9. Your Rights
9.1. You have the following rights in dealings with us with regard to your personal data:
- Right to information (Art. 15 GDPR)
- Right to rectification or erasure (Art. 16, Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
You have the right to lodge an objection at any time insofar as reasons exist relating to your particular situation against the processing of your personal data by us which occurs on the basis of Art. 6 (1) (f) GDPR (data processing due to a legitimate interest). If you lodge an objection, we shall no longer process your personal data unless we can prove compelling legitimate grounds requiring protection in favour of processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.
Furthermore, you have the right to lodge an objection at any time against the processing of your personal data for direct marketing purposes, Art. 21 (2) GDPR. If you lodge an objection to processing for purposes of direct marketing, we shall no longer process your personal data for such purposes.
9.2. In order to exercise your rights under Section 9.1., please send an e-mail to email@example.com.