We place great importance on the protection of personal data. For this reason, personal data are processed in accordance with the valid European and national legislation.
You can of course withdraw your declaration(s) of consent at any time with effect for the future. To do this, please consult the responsible party in accordance with § 1.
The personal data of the party concerned are deleted or blocked as soon as the purpose of their storage ceases to apply. Storage beyond this may be carried out if this is intended by the European or national legislator in Union directives, laws or other regulations by which we are governed. Blocking or deletion of the data is also carried out if a storage period specified by the stipulated standards expires unless it is necessary to continue to store the data in order to conclude or fulfil an agreement.
§ 1 The responsible party and the Data Protection Officer
(1) Name and address of the responsible party
The responsible party pursuant to the General Data Protection Regulation and other national data protection laws of the member states as well as other legal data protection regulations is:
ALLMATIC-Jakob Spannsysteme GmbH
Tel.: +49 8377 929-0
(2) Name and address of the Data Protection Officer
The Data Protection Officer of the responsible party is:
PCK IT Solutions GmbH
§ 2 Definitions
The data protection declaration is based on the definitions used by the European regulatory authority in accordance with the decree of the General Data Protection Regulation of the EU (referred to in the following as “GDPR”). The Data Protection Regulation should be easily legible and understandable. To ensure this, the main terms are described in the following:
a) Personal data designates all information relating to an identified or identifiable natural person (referred to in the following as the “party concerned”). A natural person is considered as identifiable if he or she can be identified directly or indirectly, in particular by assignment to an identifier such as a name, identification number, location details, online identification or to one or more particular characteristics which are an expression of the physical, physiological, genetic, psychic, economic, cultural or social identity of this natural person.
b) The party concerned is every identified or identifiable natural person whose personal data are processed by the party responsible for processing.
c) Processing is any procedure carried out with or without the aid of automated processes or any such series of procedures in connection with personal data, such as the collection, logging, organisation, classification, storage, adjustment or alteration, reading out, querying, use, publication via transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction.
d) Profiling is any type of automated processing of personal data which consists of these personal data being used to evaluate certain personal aspects which refer to a natural person, in particular to analyse or predict aspects with regard to work performance, economic situation, health, personal preferences, interests, reliability, conduct, place of abode or relocation of this natural person.
e) Pseudonymisation refers to processing of personal data in such a way that the personal data can no longer be assigned to a specific party concerned insofar as this additional information is stored separately and is subject to technical and organisational measures which ensure that the personal data are not assigned to an identified or identifiable natural person.
f) The person responsible or the person responsible for processing is the natural or legal entity, authority, institution or other office which decides solely or together with others on the purposes and means of processing of personal data. If the purposes and means of this processing are stipulated by European Union law of the member states, the responsible party or the certain criteria of his / her nomination can be stipulated in accordance with European Union law or the law of the member states.
g) The order processor is a natural person or legal entity, authority, institution or other office which processes personal data on behalf of the person responsible.
h) The recipient is a natural person or legal entity, authority, institution or other office to whom personal data are divulged, regardless of whether this is a third party or not. However, authorities which may receive personal data in the course of a certain inspection order in accordance with European Law or the law of member states are not deemed to be recipients.
i) A third person is a natural person or legal entity, authority, institution or other office apart from the party concerned, the person responsible, the order processor and the persons who are authorised under the direct responsibility of the party responsible or of the order processor to process the personal data.
j) Permission is every declaration of intent voluntarily issued by the party concerned for the relevant case in an informed manner and unambiguously in the form of a declaration or any other clear confirmatory action with which the party concerned indicates that he / she agrees to processing of his or her personal data.
§ 3 Provision of the website and creation of logfiles
(1) In the event of use of the website for information purposes only, i.e. without subscribing or providing us with other information, we automatically collect the following data and information from the computer accessing the website:
- the IP address of the user,
- information on the browser type and version used,
- the operating system of the user,
- date and time of access,
- websites from which the system of the user accesses the website.
The data are stored in the logfiles of our server. These data are not stored together with other personal data of the user.
When using these data, we do not draw any conclusions with regard to the party concerned. The data are only evaluated for statistical purposes.
(2) The legal basis for temporary storage of the logfiles is Art. 6 Section 1 sentence (f) GDPR..
(3) Temporary storage of the data by the system is necessary in order to
a) deliver the website to the computer of the user. To this end, the IP address of the user must remain stored for the duration of the session.
b) optimise the contents of our website and advertising thereof
c) ensure operability of our IT systems and the technology of our website
d) provide law enforcement agencies with the necessary information for prosecution in the event of a cyber-attack.
For these purposes, our legitimate interest also lies in data processing pursuant to Art. 6 Section 1 sentence 1 (f) GDPR.
(4) The data are deleted as soon as they are no longer required to achieve the purpose of their collection - in this case when no longer used. In the case of storage of the data in logfiles, this is after a maximum of seven days. Storage is possible beyond this. In this case, the IP addresses are deleted or anonymised so that it is no longer possible to assign them to the calling client.
(5) Data logging to provide the website and storage of the data in logfiles is essential to operate the website, for which reason it cannot be withdrawn.
(1) This website uses so-called cookies. Cookies are small text files which are transmitted by a server to your browser as soon as you visit a website and are stored locally on your terminal (PC, notebook, tablet, smartphone etc.) and filed on your computer and provide the user (i.e. us) with certain information. Cookies do not damage the computer and do not contain any viruses. Every cookie contains a characteristic string (so-called cookie ID) which allows a clear identification of the browser when called again.
- which enable an analysis of your surfing habits,
- to include user-oriented advertisements as well as for market research purposes.
(4) The legal basis for processing personal data using technically necessary cookies is Art. 6 Section 1 sentence 1 (f) GDPR. With the consent of the user, the legal basis for processing personal data using cookies for the purposes of analysis and advertising is Art. 6 Section 1 sentence 1 (a) GDPR.
§ 5 Contact form and e-mail contact
(1) Our website contains a contact form which can be used for making contact in electronic form. For this, you must first decide which means of communication you prefer. According to this type of communication, the data entered in the input mask are sent to us and stored. These data are:
- e-mail address
- form of address
- Optional as per version: address, telephone, fax
(2) When the message is sent, the following data are also stored:
- date and time
For processing of data, your permission is obtained during the sending process and reference is made to this data protection declaration. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the personal data transmitted with the e-mail are stored. If these represent information on communication channels (for example e-mail address, telephone number), you also agree to be contacted by us via this communication channel in order to respond to your enquiry. The data are not transmitted to third parties in this connection. The data are only used for processing the conversation.
(3) With the consent of the user, the legal basis for processing of the data is Art. 6 Section 1 sentence 1 (a) GDPR. The legal basis for processing the data which are transmitted by sending an e-mail is Art. 6 Section 1 sentence 1 (f) GDPR. If contact by e-mail is aimed at concluding an agreement, the additional legal basis for processing is Art. 6 Section 1 sentence 1 (b) GDPR.
(4) Personal data from the input mask are only used by us to facilitate communication. Naturally, we will only use the data from your e-mail enquiries for the purpose for which you provide them when contacting us. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our IT systems. This is also in line with our legitimate interest.
(5) The data are deleted as soon as they are no longer required to achieve the purpose of their collection. For the personal data from the input mask of the contact form and those sent via e-mail, this is the case when the individual conversation with the user is ended. The conversation is ended when the circumstances indicate that the matter concerned has been conclusively clarified. The personal data additionally collected during the sending process are deleted after six months at the latest. If the objective of the e-mail is to conclude an agreement, the data are deleted after expiry of the statutory storage periods (according to commercial or tax law).
(6) You can withdraw your permission to process the e-mail and its contents at any time. In such a case, the conversation cannot be continued. To do this, please consult the responsible party in accordance with § 1. However, this right of withdrawal only exists if the e-mail contact does not serve to prepare or implement an agreement.
§ 6 Newsletter
(1) With your permission, you can subscribe to our free newsletter, with which we inform you of current interesting offers. The goods and services advertised are specified in the declaration of consent. For subscriptions to our newsletter, we use the so-called double opt-in process. This means that after you subscribe, we send you an e-mail to the specified e-mail address asking you to confirm that you wish to receive the newsletter. If you do not confirm your subscription within 7 days, your information is blocked and automatically deleted after one month. In addition, we store each of the IP addresses you use and times of subscription and confirmation. The purpose of the process is to prove your subscription and if necessary resolve a possible misuse of your personal data. If you purchase goods or services from our website and give your e-mail address for this, this may subsequently be used by us to send a newsletter. In such a case, the newsletter serves exclusively to directly advertise our own similar goods or services.
The only mandatory disclosure for sending the newsletter is your e-mail address. The disclosure of further data [form of address, name] is voluntary and is used to be able to address you personally.
The data are not forwarded to third parties.
(3) With the consent of the user, the legal basis for processing of the data after subscribing to the newsletter is Art. 6 Section 1 sentence 1 (a) GDPR. The legal basis for sending the newsletter based on a previous agreement is Art. 7 Section 3 UWG (“Gesetz gegen unlauteren Wettbewerb” = “Act against Unfair Competition”). Use of the technology service provider CleverReach, performance of statistical surveys and analysis as well as logging of the subscription process are carried out on the basis of our legitimate interests in accordance with Art. 6 Section 1 sentence 1 (f) GDPR.
(4) The e-mail address of the user is collected in order to send the newsletter. Other personal data (IP address, time of subscription / confirmation) in the course of the subscription process are used to prevent misuse of the services or of the e-mail address used. Any further information provided is only used to be able to address you personally in the newsletter.
(5) The data are deleted as soon as they are no longer required to achieve the purpose of their collection. Your e-mail address and your other personal data are thereafter only stored as long as you are still subscribed to the newsletter. The other personal data collected during the subscription process (IP address, time of subscription / confirmation) are generally deleted after a period of six months.
(6) You can cancel subscription to our newsletter at any time and thus withdraw your permission by clicking the box “Unsubscribe from newsletter” in our newsletter boilerplate or by sending us an e-mail to firstname.lastname@example.org or sending a message to the contact details given on the Site Notice page. This also enables withdrawal of the permission to store the personal data collected during the subscription process (IP address, time of subscription / confirmation). When you unsubscribe from the newsletter, we simultaneously delete your data in CleverReach and the statistical analyses. Unfortunately, a separate cancellation of dispatch by CleverReach or statistical analysis is not possible.
§ 7 Registration
(1) We offer you possibilities to register on our website by submitting personal data. The data are entered in the input mask and sent to us and stored. These data are generally not forwarded to third parties if there is no legal obligation to forward them or forwarding involves criminal or legal proceedings.
The following data are collected in the course of the registration process:
- e-mail address
- personally selected password
- Optional: form of address, position, VAT ID, telephone, fax, mobile
- IP address
- date and time of registration
(2) For registration, we use the so-called double opt-in process. This means that after you subscribe, we send you an e-mail to the specified e-mail address asking you to confirm that you wish to register. If you do not confirm your subscription within 7 days, your information is blocked and automatically deleted after one month. In addition, we store each of the IP addresses you use and times of subscription and confirmation. The purpose of the process is to prove your subscription and if necessary resolve a possible misuse of your personal data.
(3) With the consent of the user, the legal basis for processing of the data is Art. 6 Section 1 sentence 1 (a) GDPR. If subscription serves to fulfil an agreement to which you are a contractual partner or to implement pre-contractual measures, the additional legal basis for the processing of data is Art. 6 Section 1 sentence 1 (b) GDPR.
(4) Registration is necessary for provision of certain contents and services on our website and to prevent misuse and if necessary to investigate criminal offences. (further description of contents and services) Registration is necessary to fulfil the agreement or to carry out pre-contractual measures. (further description of the agreement; standards as per EGBGB = Introductory Act to the German Civil Code and BGB = German Civil Code)
(5) The data are deleted as soon as they are no longer required to achieve the purpose of their collection. This is the case for the data collected during the registration process as soon as you delete your access. We also store the data submitted voluntarily for the time up to deletion of the account if you do not delete these previously. This is the case during the registration process to fulfil an agreement or to implement pre-contractual measures if the data are no longer required for implementation of the agreement. It may also be necessary to store personal data of the contractual partner after conclusion of an agreement in order to fulfil contractual or legal obligations. Long-term commitments require storage of personal data during the term of the agreement. In addition, warranty periods must be observed and the data stored for tax purposes. The storage periods to be observed cannot be generally defined but must be determined in each case for the individual agreements and contractual parties.
(6) If the data are required to fulfil an agreement or to carry out pre-contractual measures, advance deletion of the data is only possible if contractual or legal obligations do not prevent deletion. Otherwise you are free to have all personal data disclosed on registration deleted from the database of the person responsible for processing by declaring your withdrawal to the person responsible by e-mail or by post in accordance with § 1. In this case, your data are immediately deleted.
§ 8 SSL encryption
Our website uses SSL encryption in cases where confidential or personal data are transferred. This encryption is used, for example, in the event of payment transactions and enquiries addressed to us via this website. To ensure that this encryption is also actually active, this must be monitored by you. The status of encryption is displayed in the browser. In the event of encryption, this changes from “http://” to “https://”. In the case of encryption, your data cannot be read by third parties. If encryption is not active, please contact us in confidence via another means.
§ 9 E-Commerce
(1) If you would like to order from our online shop, you will be required to provide your personal details to conclude an agreement so that we can process your order. Compulsory information required for processing the agreements is marked separately. All other information is voluntary. The data are entered in the input mask and sent to us and stored. The following data are collected when using the internet shop:
- e-mail address
- VAT ID if foreign EU country is selected
- Optional: form of address, position, telephone, fax, mobile number
- IP address
- date and time of order
Data are only forwarded to third parties if this is necessary for the purpose of processing the agreement, invoicing or for collection of the payment or if you have expressly given your permission. In this regard, we only forward the data required in the individual case. The data recipients are:
- the individual delivery / shipping company (forwarding of name and address)
- banks (for collecting debts if you have selected direct debit as your form of payment)
- payment service provider - depending on selection of means of payment.
You can voluntarily open a customer account via which we can store your data for further purchases in future. When you open an account under “My account”, the data provided by you are revocably stored.
(2) The legal basis for this is Art. 6 Section 1 sentence 1 (b) GDPR. The legal basis for processing the voluntary data is Art. 6 Section 1 sentence 1 (a) GDPR.
(3) The obligatory information collected is required to fulfil the agreement with the user (for the purpose of sending the goods and confirming the content of the agreement). We therefore use the data to reply to your enquiries, to process your order, if necessary to check creditworthiness or to collect a debt as well as for technical administration of the websites. Voluntary information is given to prevent misuse and if necessary to investigate criminal offences. We can also process the data provided by you to inform you of other interesting products from our range or to send you e-mails with information.
(4) The data are deleted as soon as they are no longer required to achieve the purpose of their collection. Due to commercial and tax law, we are obliged to store your address, payment and order details for a period of ten years after execution of the agreement. If a long-term commitment exists between us and the user, we store the data for the complete term of the agreement and for a period of ten years thereafter (see above).With regard to the data voluntarily given, we will carry out another necessity test of the data five years after the execution of the agreement has expired if no further agreement is concluded with the user within this period.
(5) If the data are required to fulfil an agreement or to carry out pre-contractual measures, advance deletion of the data is only possible if contractual or legal obligations do not prevent deletion. Otherwise you are free at any time to have all personal data submitted on registration deleted from the database by the responsible party in accordance with § 1. With regard to the voluntary data, you can declare your withdrawal to the responsible party at any time in accordance with § 1. In this case, the voluntary data are immediately deleted.
§ 10 Payment services
1. Credit card
(1) On this website, we have integrated components for payment by credit card which enable cashless payment for products and services on the internet. The operating companies are MasterCard Europe SA and Visa Europe Services Inc.
(2) If you select the payment option “Credit card” in our web shop during the order process, your data are automatically transmitted to the credit card company. By selecting this payment option, you agree to transfer of your personal data required to effect payment..
(3) When purchasing by credit card, you provide your name, your credit card number, the check digit and expiry date of the credit card to the credit card company. This is processed in encrypted form. Following technical verification, the credit card company then effects payment to us..
(4) Data are only transmitted to process payments.
(5) Further information is available at www.mastercard.de and www.visa.de.
(1) We have integrated components of PayPal on this website. PayPal is an internet payment service provider. Payments are processed via virtual private or business accounts. Via PayPal it is also possible to effect virtual payments via credit cards if you do not have a PayPal account. A PayPal account is managed via an e-mail address and therefore there is no traditional account number. PayPal enables payments to be effected to third parties or to be received via the internet. PayPal also functions as a trustee and offers customer protection services.
(2) The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxemburg.
(3) If you select the payment option “PayPal” in our web shop during the order process, your data are automatically transmitted to PayPal. By selecting this payment option, you agree to transfer of your personal data required to effect payment.
(4) In the case of personal data sent to PayPal, these are generally first name, surname, address, e-mail address, IP address, telephone number, mobile phone number or other data required for processing payments. To conclude the purchase agreement, personal data connected to the individual order are also required.
(5) Data are only transmitted to process payments and prevent fraud. We will in particular send personal data to PayPal if there is a justified interest in sending them.
(6) PayPal may forward the personal data to affiliated companies and service providers or sub-contractors if this is necessary to fulfil the contractual obligations or the data are to be processed under instruction.
(7) The party concerned can withdraw the permission of PayPal to process the personal data at any time. A withdrawal does not apply to personal data which must be processed, used or transmitted for handling payments (in accordance with the agreement).
(8) The valid data protection regulations of PayPal can be consulted at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
(1) We have integrated components of Heidelpay on this website. Heidelpay is an internet payment service provider which accepts payments via credit card and PayPal. Payments are processed via virtual private or business accounts. Via Heidelpay it is also possible to effect virtual payments if you do not have a Heidelpay account. Heidelpay enables payments to be effected to third parties or to be received via the internet.
(2) The European operating company of Heidelpay is Heidelpay GmbH, Vangerowstr. 18, 69116 Heidelberg, Germany, www.heidelpay.de.
(3) If you select the payment option “Heidelpay” in our web shop during the order process, your data are automatically transmitted to Heidelpay. By selecting this payment option, you agree to transfer of your personal data required to effect payment.
(4) In the case of personal data sent to Heidelpay, these are generally the address, e-mail address, IP address, payment details, account details or other data required for processing payments. To conclude the purchase agreement, personal data connected to the individual order are also required.
(5) Data are only transmitted to process payments and prevent fraud. We will in particular send personal data to Heidelpay if there is a justified interest in sending them.
(6) Heidelpay may forward the personal data to affiliated companies and service providers or sub-contractors if this is necessary to fulfil the contractual obligations or the data are to be processed under instruction.
(7) The party concerned can withdraw the permission of Heidelpay to process the personal data at any time. A withdrawal does not apply to personal data which must be processed, used or transmitted for handling payments (in accordance with the agreement).
§ 11 Forwarding to third parties
1. Links to external websites
This website contains links to external sites. We are personally responsible for our contents. We have no influence on the contents of external links and are therefore not responsible for these. In particular, we do not take ownership of such contents. If you are redirected to an external site, the data protection declaration provided there is valid. If you notice illegal activities or contents on this site, please inform us. In this case we will examine the contents and react accordingly (notice and take-down process).
2. Rented server space
We point out that we use rented server space of the provider Continum AG, Bismarckallee 7bd, 79098 Freiburg, Germany, www.continum.net. When you visit the website, the provider of the server space receives the following information:
- browser type
- operating system used
- address of origin
- time of the server enquiry and host name of the accessing computer
3. Integration of YouTube videos
(1) We have integrated YouTube videos on our website which are stored at http://www.YouTube.com and can be played directly from our website. The operator of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. You Tube LLC is a subsidiary of Google Inc. These are all integrated in “extended data protection mode”, i.e. no data on you as a user are transmitted to YouTube if you do not view the videos. If you view the videos, the following data are transmitted. We have no influence on this data transmission. When you visit the website, YouTube receives information that you have accessed the relevant sub-page of our website.
The following data are then transmitted:
- device-specific information, for example the hardware used; the version of the operating system; clear device identification and information on the mobile phone network including your telephone number.
- Protocol data in the form of server logs. These include details on the way in which the services are used, such as search enquiries; IP address; hardware settings; browser type; browser language; data and time of your request; source page; cookies via which your browser or your Google account can be clearly identified
- location-based information. Google may record information on your actual location. This includes, for example, your IP address, your WLAN access points or mobile phone masts.
- Further information on the data collected by Google Inc. is available at the following link: https://policies.google.com/privacy?hl=de&gl=de.
This is carried out regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data are directly assigned to your account.
(2) The legal basis for processing the personal data is Art. 6 Section 1 sentence. 1 (f) GDPR. Google also processes your personal data in the USA and has subscribed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
(3) Integration of the videos serves to make the website clearer to users and increase the search engine ranking of the website on Google. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and/or needs-based design of its website. Such analysis is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network of your activities on our website. This is also in line with our legitimate interest..
(4) If you do not wish your profile to be assigned on YouTube, you must log out before activating the button.
(5) The period of storage is based on the storage periods of YouTube.
(6) You have the right to withdraw the compilation of these user profiles, but for this you have to contact YouTube to assert this right.
(7) Further information on the purpose and scope of data collection and processing by YouTube is available in the data protection declaration of YouTube. There you can also obtain further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy.
AllLite nutzt auf der Webseite alllite.de einen Live-Chat des Unternehmens Userlike UG (haftungsbeschränkt), Probsteigasse 44-46, 50670 Köln, Deutschland. Der Live-Chat kann wie ein Kontaktformular genutzt werden, um in nahezu Echtzeit mit unseren Mitarbeitern zu chatten. Beim Start des Chats fallen personenbezogene Daten an.
• Datum und Uhrzeit des Aufrufs
• Browsertyp/ -version
• verwendetes Betriebssystem
• URL der zuvor besuchten Webseite
• Menge der gesendeten Daten
• Vorname, Name
• E-Mail Adresse
Je nach Gesprächsverlauf mit unseren Mitarbeitern, können im Chat weitere personenbezogene Daten anfallen, die durch Sie eingetragen werden. Die Art dieser Daten hängt stark von Ihrer Anfrage ab oder dem Problem, welches Sie uns schildern.
Alle unsere Mitarbeiter wurden und werden zum Thema des Datenschutzes geschult und zum sicheren und vertrauensvollen Umgang mit Kundendaten unterrichtet. Alle unsere Mitarbeiter sind zur Vertraulichkeit verpflichtet und haben entsprechend in ihren Mitarbeiterverträgen einen Zusatz zur Verpflichtung zur Wahrung der Vertraulichkeit und zur Beachtung des Datenschutzes unterschrieben.
Darüber hinaus speichert AllLite den Verlauf der Live-Chats. Dies dient dem Zweck, Ihnen unter Umständen umfangreiche Ausführungen zur Historie Ihrer Anfrage zu ersparen sowie zur beständigen Qualitätskontrolle unseres Live-Chat-Angebots. Sofern Sie dies nicht wünschen, können Sie uns dies gerne unter den weiter unten aufgeführten Kontaktdaten mitteilen. Gespeicherte Live-Chats werden dann unverzüglich von uns gelöscht.
§ 12 Web analysis by Google Analytics
(1) We use the service of Google Inc. on our website (Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyse the surfing behaviour of our users. The software installs a cookie on your computer (for cookies, see § 4). If individual pages of our website are accessed, the following data are stored:
- aTwo bytes of the IP address of the calling system of the user
- The accessed website
- Entry pages, exit pages
- The length of stay on the website and the opt-out rate
- The frequency of visits to the website
- The country and region of origin, language, browser, operating system, screen resolution, use of Flash or Java
- search engines and search terms used.
The information generated by the cookie on the use of this website by the user is generally transmitted to a server of Google in the USA and stored there. This website uses Google Analytics with the extension “_anonymizeIp()”. The software is set such that the IP addresses are not fully stored but only in abbreviated form. In this way, assignment of the abbreviated IP address to the calling computer is no longer possible. The full IP address is only transmitted to the server of Google in the USA and shortened there in exceptional cases. However, the IP address sent from your browser to Google Analytics is not combined with other data of Google.
(2) The legal basis for processing personal data is Art. 6 Section 1 sentence 1 (f) GDPR. For exceptional cases in which personal data are transmitted to the USA, Google has subscribed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
(3) Google will use this information in order to analyse your use of the website and to compile reports on the website activities. By analysing the data obtained, we are able to compile information on the use of the individual components of our website. This helps us to continually improve our website and its user-friendliness. For these purposes, our legitimate interest also lies in data processing.
Anonymisation of the IP address sufficiently takes into account the interest of the users in protection of their data.
(4) The data are deleted as soon as they are no longer required for our logging purposes. In our case this is after 14 months.
(7) The third-party provider is Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Further information is available in the user terms at http://www.google.com/analytics/terms/de.html, in the data protection overview at http://www.google.com/intl/de/analytics/learn/privacy.html and in the data protection declaration at http://www.google.de/intl/de/policies/privacy.
§ 13 Google Adwords Conversion Tracking
(1) On our website we use the Google Conversion Tracking service to analyse Google AdWords. This is an analysis service of Google Inc. (Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyse the surfing behaviour of our users. The software installs a cookie on your computer (for cookies, see § 4), so-called “Conversion Cookie”. If individual pages of our website are accessed, information is stored by Google. The information generated by the cookie on the use of this website by users is generally transmitted to a server of Google in the USA and stored there. If you visit certain pages of ours and the cookie has not yet expired, we and Google can detect that the advertisement has been clicked on and that you were thus redirected to our site.
(2) However, we do not receive any personal data ourselves.
(3) The information obtained with the aid of the conversion cookie is used to produce statistics for us. We can thus receive information on the number of users who have clicked on our advertisement and were forwarded to a page with a conversion tracking tag. By analysing the data obtained, we are able to compile information on the use of our advertisements. For these purposes, our legitimate interest also lies in data processing.
(4) The legal basis for processing the personal data is Art. 6 Section 1 sentence 1 (f) GDPR. For exceptional cases in which personal data are transmitted to the USA, Google has subscribed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
(5) The cookie expires after 30 days. As we do not collect any data ourselves, we do not store any data either. If Google Inc. collects data, we have no influence on the deletion periods.
(7) The third-party provider is Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Further information is available in the user terms at http://www.google.com/analytics/terms/de.html, in the data protection overview at http://www.google.com/intl/de/analytics/learn/privacy.html and in the data protection declaration at http://www.google.de/intl/de/policies/privacy.
§ 14 Lead Inspector
(1) For statistical analysis of visitor access, data are collected, processed and stored with technologies of Lead Inspector GmbH. The provider is Lead Inspector GmbH, Theodor-Heuss-Anlage 12, 68165 Mannheim, Germany, www.leadinspector.de.
(2) This is carried out for marketing purposes and to identify visitors to the website. Based on these data, Lead Inspector GmbH technology determines the address but only in cases in which it can ensure that the visitor is a company and not an individual. For this purpose, so-called cookies may be used (cf. § 4). The company details collected by Lead Inspector GmbH may also include personal data. Lead Inspector GmbH may use information left on visiting the web pages in order to produce anonymised usage profiles. If IP addresses are collected, these are immediately anonymised after collection by deleting the last number block. This is also in our legitimate interest, but the data of users are protected by anonymisation.
(3) Data collection is carried out on the basis of our legitimate interests in accordance with Art. 6 Section 1 sentence (f) GDPR.
(4) As the data are collected in anonymous form, no personal data are stored.
(5) Data collection and storage by Lead Inspector GmbH for this website can be withdrawn at any time with future effect at www.leadinspector.de/widerspruch.
§ 15 Google DoubleClick
(1) This website uses Google DoubleClick. This is a service to integrate advertisements of Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. DoubleClick transfers data to the DoubleClick server with each impression and also with clicks or other activities. Each of these data transmissions triggers a cookie request to your browser. If the browser accepts this request, DoubleClick installs a cookie (for cookies, see § 4). Your browser is then assigned a pseudonymous identification number (ID) to check which advertisements were shown in your browser and which advertisements were viewed. The cookies enable Google and its partner websites, i.e. also us, to publish advertisements based on previous visits to our or other websites. With each access to one of our individual pages on which a DoubleClick component has been integrated, the internet browser is automatically prompted to send data for the purpose of online advertising and settling of commissions to Google.
(2) It is also possible for DoubleClick to record conversions with the cookie ID. Conversions are recorded, for example, if you have previously been shown a DoubleClick advertisement and as a consequence you conclude a purchase on the website of the advertiser with the same internet browser.
(3) The cookies do not collect personal data. However, a DoubleClick cookie may contain additional campaign IDs. A campaign ID serves to identify the campaigns which you have already contacted.
(4) We have no influence over the data collected, nor do we know the full extent of the data collection and duration of storage. Your data are transmitted to the USA and analysed there. If you are logged in with your Google account, your data may be assigned to this.
(5) The purpose of the cookie is to optimise and display advertisements which may be of interest to you, to make our website more interesting for you and to finance it. In this way, reports on advertising campaigns can also be produced or improved as well as to prevent multiple displays of the same advertising.
(6) The legal basis for processing your data is Art. 6 Section 1 sentence 1 (f) GDPR. For exceptional cases in which personal data are transmitted to the USA, Google has subscribed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
(7) You can prevent the installation of cookies from Google DoubleClick in various ways:
a) with a corresponding setting in your browser software. In particular, blocking third-party cookies means that you do not receive advertisements from third-party providers; however, in this case you may not be able to use all functions of our web pages;
b) by permanently disabling in your browsers Firefox, Internet Explorer or Google Chrome under the link https://www.google.com/settings/ads/plugin. We point out that, in this case, you may not be able to use all functions of this site.
(8) Further information on the purpose and scope of data collection and processing as well as further information on your rights and setting options to protect your privacy in this respect is available from Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; for further information on the data protection conditions for advertising, see http://www.google.de/intl/de/policies/privacy.
§ 16 Google Adwords Conversion with Remarketing
(1) This website uses Google AdWords. This is a service to integrate advertisements of Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
(2) Google AdWords enables an advertiser to define key words with which an advertisement in the search engine results of Google is only displayed if a search result relevant to the key word is accessed. In the Google advertising network, the advertisements are distributed via an automatic algorithm and in accordance with the previously defined key words on websites relevant to the subject.
(3) Google AdWords is aimed at promotion of our website by displaying advertising on third-party sites which is relevant to interests, in the results of the Google search engine and through third-party advertisements on our site. We thus pursue the interest of displaying advertising to you which is relevant to your interest to make our website more interesting for you and to achieve a fair calculation of advertising costs. These advertising materials are provided by Google via so-called “Ad Servers”. For this, we use ad server cookies via which certain parameters for measuring success, such as the insertion of advertisements or clicks by users can be measured. If you access our website via a Google ad, Google AdWords stores a cookie on your PC. These cookies usually expire after 30 days. For this cookie, the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (mark that the user no longer wishes to be addressed) are usually stored as analysis values.
(4) These cookies enable Google to recognise your internet browser (see also § 4). If a user visits certain pages of an AdWords customer's website and the cookie stored on their computer has not expired, Google and the customer can recognise that the user has clicked on the advertisement and has been redirected to this page. Each AdWords customer is assigned a different cookie. Cookies cannot therefore be traced via the websites of AdWords customers. We only receive statistical evaluations from Google. On the basis of these evaluations we can recognise which of the used advertising measures are particularly effective. We do not receive any further data from the use of advertising material; in particular, we cannot identify users on the basis of this information. If you are registered with a Google service, Google may associate your visit with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address. We do not collect and process any personal data in the specified advertising measures.
(5) Due to the marketing tools used, your browser automatically establishes a direct connection to the server of Google. We have no influence over the data collected, nor do we know the full extent of the data collection and duration of storage. Your data are transmitted to the USA and analysed there. By the integration of AdWords Conversion, Google receives the information that you accessed the appropriate part of our website or clicked on one of our advertisements. In addition, both Google and we receive information via the conversion cookie whether you generated turnover if you accessed our website via an AdWords advertisement.
(6) Remarketing: In addition to AdWords Conversion, we use the Google Remarketing application. This is a function which enables us to display advertising to those users who have previously visited our website. This should display advertisements which are relevant to your interests. This is carried out via cookies stored in your browser via which your usage behaviour is recorded and evaluated by Google when various websites are visited. With every access to a website on which Google Remarketing has been integrated, the browser of the party concerned automatically identifies itself to Google. Google can thus identify your previous visit to our website. With this technical process, Google receives information on personal data, i.e. on your IP address or surfing behaviour. According to Google, the data collected in the context of remarketing is not linked to your personal data which may be stored by Google. However, these data are also transmitted to Google in the USA and stored there.
(7) The legal basis for processing personal data is Art. 6 Section 1 sentence 1 (f) GDPR. For exceptional cases in which personal data are transmitted to the USA, Google has subscribed to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
(8) You can prevent participation in this tracking process in various ways:
a) via a corresponding setting in your browser software. In particular, blocking of third-party cookies means that you do not receive advertisements from third party providers; in this case, however, you may not be able to use all functions of our web pages;
b) by disabling the cookies for conversion tracking by setting your browser so that cookies are blocked from the domain “www.googleadservices.com”, https://www.google.de/settings/ads, whereby this setting is deleted when you delete your cookies;
c) by disabling the interest-based advertisements which are part of the self-regulation campaign “About Ads”, via the link http://www.aboutads.info/choices, whereby this setting is deleted when you delete your cookies;
d) by permanent disabling in your browsers Firefox, Internet Explorer or Google Chrome under the link http://www.google.com/settings/ads/plugin. We point out that, in this case, you may not be able to use all functions of this site.
(9) Further information on data protection at Google is available here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the website of Network Advertising Initiative (NAI) at http://www.networkadvertising.org.
§ 17 Rights of the party concerned
If personal data of yours is processed, you are a party concerned pursuant to GDPR and you have the following rights to the person responsible in accordance with § 1:
- Right to information
- Right to correction
- Right to restriction of processing
- Right to deletion
- Right to consultation
- Right to data transferability
- Right to objection to processing
- Right to withdraw the declaration of consent
- Right to non-application of an automated decision
- Right of complaint to a supervisory body
1. Right of information
(1) You can demand confirmation from the person responsible as to whether personal data are processed by us. If such processing is carried out, you can receive information free of charge from the person responsible on the personal data which relate to you and request the following information:
a) the purposes for which the personal data are processed;
b) the categories of personal data which are processed;
c) the recipients or the categories of recipients to whom the relevant personal data were or will be disclosed;
d) the planned storage period of the personal data relating to you or, if concrete information on this is not possible, criteria for definition of the storage period;
e) the existence of a right to correct or delete personal data relating to you, of a right to restrict processing by the person responsible or a right of withdrawal from this processing;
f) the existence of a right of complaint to a supervisory body;
g) all available information on the origin of the data if the personal data are not collected from the party concerned;
h) the existence of automated decision-making including profiling pursuant to Art. 22 Sections 1 and 4 GDPR and – at least in these cases – clear information on the logic involved and the scope and intended effects of such processing for the party concerned.
(2) You have the right to request information on whether the relevant personal data are sent to a third-party country or to an international organisation. In this regard, you can demand to be informed of the suitable guarantees pursuant to Art. 46 GDPR in connection with data transfer.
2. Right to correction
You have a right to immediate correction and / or completion against the person responsible insofar as the processed personal data relating to you are incorrect or incomplete.
3. Right to restriction of processing
(1) Under the following conditions, you can demand from the person responsible the immediate restriction of processing of the personal data relating to you:
a) if you dispute the correctness of the personal data relating to you for a period which enables the responsible party to check the correctness of the personal data;
b) processing is unlawful and you reject deletion of the personal data and instead demand restriction of the use of the personal data;
c) the person responsible no longer requires the personal data for processing purposes but you require them for the assertion, exercise or defence of legal claims, or
d) if you have raised an objection to processing pursuant to Art. 21 Section 1 GDPR and it is not yet clear whether justified reasons of the person responsible outweigh you reasons.
(2) If processing of the personal data relating to you is restricted, these data - apart from their storage - may only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural person or legal entity or for reasons of significant public interest of the Union or of a member state. If the restriction of processing is limited according to the above-mentioned conditions, you will be informed by the person responsible before the restriction is cancelled.
4. Right to deletion
(1) You can demand that the person responsible delete the personal data relating to you without delay if one of the following reasons applies:
a) The personal data relating to you are no longer required for the purposes for which they were collected or were processed otherwise;
b) you withdraw your consent on which processing was based in accordance with Art. 6 Section 1 (a) or Art. 9 Section 2 (a) GDPR and there is no further legal basis for processing;
c) You raise an objection to processing in accordance with Art. 21 Section 1 GDPR and there are no overriding reasons for processing, or you raise an objection to processing in accordance with Art. 21 Section 2 GDPR;
d) the personal data relating to you were processed unlawfully;.
e) deletion of the personal data relating to you is necessary to fulfil a legal obligation according to Union law or the law of the member states to which the person responsible is subject;
f) the personal data relating to you were collected in relation to services offered by information society in accordance with Art. 8 Section 1 GDPR.
(2) If the party responsible has published the personal data relating to you and is obliged to delete them in accordance with Art. 17 Section 1 GDPR, he takes appropriate measures, also of a technical nature, based on the available technology and the implementation costs to inform the parties responsible for data processing of the personal data that you as the party concerned have demanded deletion of all links to these personal data or of copies or replications of these personal data.
(3) No right to deletion exists if processing is necessary:
a) to exercise the right to freedom of expression and information;
b) to fulfil a legal obligation which requires processing in accordance with the law of the Union or member states to which the responsible party is subject, or to carry out a task which is in the public interest or in the exercise of official authority which was transferred to the responsible party;
c) for reasons of the public interest in the area of public health in accordance with Art. 9 Section 2 (h) and (i) as well as Art. 9 Section 3 GDPR;
d) for archiving purposes which lie in the public interest, scientific or historic research purposes or for statistical purposes in accordance with Art. 89 Section 1 GDPR, insofar as the right specified under a) is likely to render achievement of the aims of this processing impossible or seriously impairs it, or
e) for the purpose of asserting, exercising or defending legal claims.
5. Right to consultation
If you have asserted the right to correction, deletion or restriction of processing against the responsible party, the latter is obliged to inform all recipients to which they divulged the personal data relating to you of this correction / deletion / restriction unless this proves to be impossible or is associated with disproportionate expense or effort. You have the right to be informed of these recipients by the party responsible.
6. Right to data transferability
(1) You have the right to receive the personal data relating to you which you have provided to the party responsible in a structured, conventional and machine-readable format. You also have the right to send these data to another party responsible without obstruction by the party responsible to whom the data were provided, if
a) processing is based on consent in accordance with Art. 6 Section 1 (a) GDPR or Art. 9 Section 2 (a) GDPR or on an agreement in accordance with Art. 6 Section 1 (b) GDPR and
b) processing is carried out with the aid of automated processes.
(2) In exercising this right, you also have the right to ensure that the personal data relating to you are directly transmitted from one responsible party to another responsible party if this is technically feasible. This must not impair freedoms and rights of other persons.
(3) The right to data transferability does not apply to the processing of personal data which are required to carry out a task which lies in the public interest or in assertion of official authority which was transferred to the party responsible.
(4) To assert the right to data transferability, the party concerned can apply to the party responsible for processing at any time.
7. Right of objection
(1) You have the right, for reasons arising from your particular situation, to raise an objection at any time to processing of personal data relating to you, which is carried out on the basis of Art. 6 Section 1 (e) or (f) GDPR; this also applies to profiling based on these regulations.
(2) The responsible party no longer processes the personal data relating to you unless he can provide evidence of compelling legitimate grounds for processing which outweigh your interests, rights and freedoms, or processing serves to assert, exercise or defend legal claims.
(3) If the personal data relating to you are processed for purposes of direct marketing, you have the right to raise an objection at any time against processing of personal data relating to you for the purpose of such marketing; this also applies to profiling insofar as it is associated such direct marketing. If you object to processing for purposes of direct marketing, the personal data relating to you are no longer processed for these purposes.
(4) You can exercise your right of objection in connection with the use of services of information society- irrespective of Directive 2002/58/EC - by means of automated processes in which technical specifications are used.
(5) To assert the right to object, the person concerned can apply to the party responsible for processing at any time.
8. Right of withdrawal of the declaration of consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. By withdrawing consent, the legality of the processing carried out on the basis of consent up to withdrawal remains unaffected. To do this, please consult the responsible party.
9. Automated decision-making in individual cases including profiling
(1) You have the right not to be bound by a decision exclusively based on automated processing - including profiling - which has a legal effect on you or significantly impairs you in a similar way. This does not apply if the decision
a) is necessary to conclude or fulfil an agreement between you and the responsible party,
b) is permitted on the basis of legal regulations of the Union or member states to which the party responsible is subject and these legal regulations contain appropriate measures to protect your rights and freedoms as well as your justified interests or
c) is taken with your express permission.
(2) However, these decisions must not be based on particular categories of personal data pursuant to Art. 9 Section 1 GDPR insofar as Art. 9 Section 2 (a) or (g) GDPR applies and appropriate measures have been taken to protect rights and freedoms and your justified interests.
(3) With regard to the cases described in (1) and (3), the party responsible takes appropriate measures to protect the rights and freedoms and your justified interests, which at least includes the right to bring about the intervention of a person on the part of the responsible party, to put forward your own point of view and to contest the decision.
(4) If the party concerned wishes to assert rights in relation to automated decisions, it can consult the party responsible for processing at any time in this regard.
10. Right of complaint to a supervisory body
Irrespective of any other administrative and judicial proceedings, you have the right to complain to a supervisory body, in particular in the member state of your place of residence, place of work or place of the alleged infringement if you are of the opinion that processing of the personal data relating to you contravenes the GDPR. The supervisory body to which the complaint has been submitted informs the complainant of the status and results of the complaint including the possibility of judicial proceedings in accordance with Art. 78 GDPR.
§ 18 Amendments to the data protection directive
We reserve the right to alter our data protection practices and these provisions in order to adapt them where necessary to amendments to relevant laws or regulations or to better meet your needs. Possible amendments to our data protection practises will be announced accordingly at this place. In this respect, please observe the current version date of the data protection declaration.