The use of our website is generally possible without disclosure of personal data. If at any point personal data (e.g. name, postal address or e-mail address) is requested on our pages, disclosure will always be made – wherever possible – on a voluntary basis. This data will not be passed on to any third parties without your express permission.
We would like to point out that any data transmission done over the internet (e.g. when communicating via e-mail) can expose vulnerability of data. A complete protection from third parties accessing that data is not possible.
We hereby expressly object to the third party use of contact data published in line with the legal obligations known as Impressumspflicht, for the transmission of not expressly solicited advertising and information materials. The owners of these webpages explicitly reserve the right to take legal action in case of any unsolicited advertising material, such as spam emails, being sent.
Source: eRecht24 Disclaimer
(German language only)
This website uses the product Google Maps by Google Inc. Through use of this website you agree with the collection, processing and use of the automatically obtained data through Google Inc, their representatives and third parties. The Google Maps terms of service can be found here
When visiting our website, the Google Servers (Google Service: Google Fonts) will load fonts to display them on our website if you do not already have the font pre-loaded in your browser cache. Google are responsible for the processing of the data you submit through your browser connection.
Types of Data processed
Basic personal information (e.g. name, addresses)
Contact data (e.g., e-mail, telephone numbers)
User data (e.g. websites visited, interest in content, times accessed)
Meta/communications data (e.g. access device information, IP addresses)
Processing of Special Categories of Personal Data
No special categories data will be processed.
Hereinafter we will collectively refer to data subjects as “User”
Purpose of processing
To make available the online offer, its content and functions
To provide services and customer care
To respond to contact requests and communication with users
In line with article 13 DSGVO we communicate the legal basis of our data processing. Whenever the legal basis is not explicitly mentioned in the data protection policy, the following applies: The legal basis for obtaining consent is art. 6 paragraph 1 item a and art. 7 DSGVO, the legal basis for processing to fulfil our services and execution of contractual arrangements as well as responding to queries is art. 6 paragraph 1 item b DSGVO, the legal basis for processing to fulfil our legal obligations is art. 6 paragraph 1 item c DSGVO, and the legal basis for processing to maintain our legitimate interests is art 6 paragraph 1 item f DSGVO. In case of an urgent requirement to process personal data due to vital interest of a data subject or another natural person, the legal basis is art. 6 paragraph 1 item d DSGVO.
Changes and Updates to the Data Protection Policy
We would like to ask that you regularly check the content of our data protection policy. We will adjust the data protection policy whenever changes to the way we process data make it necessary. We will inform you as soon as any changes require an action from your end (e.g. consent) or whenever an individual notification is necessary.
According to art. 32 DSGVO, having regard to the state of the art, the implementation cost and the nature, amount, circumstances and purposes of processing, as well as different likelihood of occurrence and magnitude of risks for the rights and freedom of natural persons, we take appropriate technical and organisational measures which shall ensure a level of security appropriate to the risks; these measures specifically include securing the confidentiality, integrity and availability of data by controlling physical access to the data as well as access affecting the data such as input, transmission, securing its availability and its separation. In addition, we have established procedures to assure exercise of rights of data subjects, deletion of data and reaction to threats to the security of data. We also take into account the protection of personal data as early as during the development phase, respectively the selection of hardware, software and processes, in accordance with the principles of data protection through technical development and through data pre-settings that align with data protection principles (Art. 25 DSGVO). The security measures specifically include encrypted transmission of data between your browser and our servers.
Cooperation with Processors and Third Parties
If, during our processing activities, we disclose, transfer or allow access to any data to other persons or companies (processors or third parties), we solely do this on the basis of a legal permission (e.g. when a transfer of data to third parties, like a payment service, is necessary for contractual reasons, according to art. 6 paragraph 1 item b DSGVO), when you have given your consent, when a legal obligation requires thus activity or on the basis of our legitimate interests.
If we engage third parties for the processing of data on the basis of a Data Processing Agreement, we do this on the basis of art. 28 DSGVO.
Data Transfers to Third Countries
If we process data in a third country (i.e. outside of the European Union (EU) or the European Economic Area (EEA)) or if this processing occurs in the context of using services of third parties or disclosure/transfer of data to third parties, we solely do this to fulfil our (pre)contractual obligations on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process data or allow data to be processed in a third country only when the specific conditions of art. 44 et seq DSGVO are met. This means that the processing takes place e.g. on the basis of special guarantees, such as the officially recognised implementation of an EU compliant level of data protection (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognised special contractual obligations (so-called “standard contractual clauses”).
Rights of Data Subjects
You have the right to ask for a confirmation about whether relevant data is being processed. You further have the right to disclosure about this data and any further information and to a copy of this data according to art. 15 DSGVO.
According to art. 16 DSGVO, you have the right to ask for completion of data or correction of any incorrect data affecting your person.
Pursuant to art. 17 DSGVO, you have the right to ask for immediate deletion or alternatively according to art. 18 DSVGO a restriction in processing of any relevant data.
In accordance with art. 20 DSGVO, you have the right to receive any data affecting your person that you have previously submitted to us and demand its transfer to other officials.
You also have the right, according to art. 77 DSGVO, to make a formal complaint with the relevant regulatory authorities.
Right of Withdrawal
You can withdraw your consent to processing any data concerning your person at any one time, in accordance with art. 21 DSGVO. The withdrawal can especially be made against data processing with the purpose of direct advertising.
You have the right to withdraw any given consent with future effect pursuant to art. 7 paragraph 3 DSGVO.
Cookies and Right to Object to Direct Advertising
The data that we process is deleted or its handling restricted in accordance with art. 17 and 18 DSGVO. Unless explicitly mentioned in this data protection policy, the data saved by us will be deleted as soon as it is no longer required for its original purpose and there are no legal requirements for it to be kept. If the data is not deleted because it is required for other and legally allowed purposes, its handling will be restricted, i.e. the data will be locked and not processed for any other purposes. This is valid, for example, for data that has to be kept due to trade or tax related legal reasons.
As required by law, the data is usually kept for 6 years pursuant to § 257 item 1 HGB (trading books, inventories, opening balance sheets, annual accounts, commercial letters, booking receipts, etc) or for 10 years pursuant to § 147 item 1 AO (accounts, written records, status reports, booking receipts, trade and commercial letters, tax relevant documents etc.)
Data Capture on our Website
We process personal information data (e.g. names and addresses as well as contact data of users) in order to fulfil our contractual obligations and service provision as per art. 6 paragraph 1 item b DSGVO. The fields marked as mandatory in online forms are required for a seamless handling of the request. We process user data (e.g. the websites visited within our online provision, interest in our products) and content data (e.g. input in contact forms) for the optimisation of our website.
Data deletion occurs after expiry of legal guarantee and equivalent obligations, the necessity of data retention is checked every three years; in case of legal retention requirements, data deletion occurs after its expiry (end of trade related legal retention requirement (6 years) and tax related retention requirement (10 years)).
Establishment of Contact
When establishing contact with us (via contact form or e-mail), the user details will be processed to handle the request pursuant to art. 6 paragraph 1 item b) DSGVO.
User data can be saved in our Customer Relationship Management (CRM) system or similar request organisation software.
We will delete the requests when they are no longer required. We check the requirement for retention every two years. In case of legal retention requirements, data deletion occurs after its expiry (end of trade related legal retention requirement (6 years) and tax related retention requirement (10 years)).
Collection of Access Data and Logfiles
On the basis of our legitimate interests in line with art. 6 paragraph 1, item f DSGVO, we collect data about every access to the server that hosts this service (so-called Server Log Files). The access data consists of name of the visited website, file, date and time of the visit, amount of data transferred, notice of successful access, browser type and version, operating system of the user, referrer URL (the previously visited site), IP address and the requesting provider.
For security purposes (e.g. to support investigations into acts of abuse or fraud), log file information will be saved for a maximum of seven days and then deleted. Data which needs to be kept for evidence purposes is exempt from deletion until the respective investigation has been completed.
Cookies & Reach Measurement
Cookies are information that our internet server or third party servers transfer to the users’ web browser and save them there for later retrieval. Cookies can be small files or other means of information storage.
We use “session cookies” that are only placed for the duration of the actual visit of our online presence (e.g. to save your login status or the shopping basket function and thus to make the use of our online offer possible in the first place). A session cookie contains a randomly generated unique identification number, a so-called Session ID. The cookie also contains information about its origin and retention period. These cookies cannot store any other data. Session cookies are deleted as soon as the use of our online offer is completed and e.g. you log out or close your browser. Customers of our online shop can opt in to store a persistent (permanent) cookie which allows several convenience options (e.g. automatic login). The unrestricted use of our online shop is also possible without this cookie.
If users do not wish to have cookies stored on their device, we kindly ask to deactivate the respective option in the system settings of their browser. Stored cookies can be deleted in the system settings of any browser. Opting out of cookies can lead to functional restrictions of this online offer.
Google is certified under the Privacy Shield agreement and hence offers a guarantee to comply with the European Data Protection Law (www.privacyshield.gov/participant). Google will use this information on our behalf to evaluate the use of our online offer through the users, to compile reports about the activity within this online offer and to offer other services to us that are related to the use of the online offer and the internet. During this process, they may make use of user data to set up pseudonymous user profiles.
We only use Google Analytics with activated IP-anonymization. This means that Google shortens IP addresses of users within member states of the European Union and in other parties of the Agreement on the European Economic Area. A full IP address is only in exceptional circumstances transferred to Google’s US servers to be shortened there.
The IP address transmitted by the user’s browser is not merged with other Google data. Users can avoid the storage of cookies through enabling respective settings in their browser software; additionally, users can avoid the collection of data generated by the cookie and the processing of this data through Google by downloading and installing the following hyperlinked browser plugin: tools.google.com/dlpage/gaoptout.
Alternatively, you can set a so-called opt-out cookie via the following link which inhibits tracking by Google Analytics through a stored cookie. Please note that you must re-set this opt-out cookie in your browser whenever you delete the cookies.
Inhibit tracking by Google Analytics
Further information about data usage through Google, possible settings and opt-out procedures can be found on Google’s websites: https://policies.google.com/technologies/partner-sites?hl=en (“How Google uses information from sites or apps that use our services”)
adssettings.google.com/authenticated (“Manage information that Google uses for ad personalisation”)
Embedding Services and Contents from Third Parties
On the basis of our legitimate interests (i.e. interest in analysis, optimisation and cost-effective operation of our online offer pursuant to art. 6 paragraph 1 item f DSGVO), we use, as part of our online offer, contents and service offers from third party providers, in order to embed their contents and service offers, e.g. videos or fonts (herewith referred to as “contents”). This always requires the transmission of the user’s IP address to these third parties without which their offered contents could not be sent to the user’s browser. The IP address is therefore needed for the display of these contents. We make every effort to use only those contents whose provider solely uses the IP address for the purpose of transmitting the contents. Third party providers can further make use of so-called pixel tags (invisible graphics) for statistical or marketing purposes. These pixel tags can be used to evaluate visitor traffic on the individual website pages. The pseudonymous information can further be stored in cookies on the user device and contain, amongst other data, technical information about browser and operating system, referring website, time of access and further details about the use of our online offer, as well as it can be linked to such information from other sources.
Should you have any questions about data protection, please do not hesitate to write to our data protection officer Mr Klaus-Jürgen Berens by post or via email to firstname.lastname@example.org
Valid as of 23 May 2018