A. BODY RESPONSIBLE FOR DATA PROCESSING
The body responsible for processing personal data as part of this website in accordance with the directives in the General Data Protection Regulation (GDPR) is:
Unter Hasslen 20
Our Data Protection Officer:
In this data protection statement, we would like to give you information about the scope of processing with regard to personal data (in the following simply “data”).
B. DATA PROCESSING
We process data as part of operation of our website. Processing data also includes publication by transmission.
For data transmission to the USA, there is a EU Commission suitability resolution, the EU US Privacy Shield. In this, the Commission has certified that the guarantees for transmission of data to the USA correspond to the data protection standards in the EU based on the EU US Privacy Shield. Where we transfer data to the USA, we have identified the participation of our service providers in the EU US Privacy Shield.
The details of the data affected, the purpose of the processing, legal basis, recipients and transfer to third party countries are listed in the following:
a) Log file
We log your visit to our website. The following data is processed: the name of the website visited, the date and time of the visit, the volume of data transferred, the browser type and version, the operating system of the user, the referring URL (previously visited site), your IP address and the requesting provider. This is required to guarantee the security of the website. We process the data in accordance with the principle of our legitimate interest as per Art. 6 para. 1 lit. f of the GDPR. After a period of seven days, the log file is deleted, unless they are needed to resolve or prove concrete violations of rights which are made known within the storage term.
As part of hosting, all data to be processed as part of operating this website is saved. This is necessary to facilitate operation of the website. We process the data in accordance with the principle of our legitimate interest as per Art. 6 para. 1 lit. f of the GDPR. To deliver our online presence, we use services from web-hosting service providers, to whom we transfer the data stated above.
When you make contact with us, your data (name, contact data, where indicated by you) and your message will be used exclusively for purposes of processing and handling your query. We process this data based on Art. 6 Para, 1 b) GDPR or Art. 6 Para.1 f) GDPR for handling your query.
When you contact us by email or via the contact form to send us an application as an employee, your data (e.g. name, email address, desired location where indicated by you), your message, and any application documents sent will be used exclusively for purposes of processing and handling your application query. The legal basis for this data processing is § 26 BDSG (new) and Art. 6 para. 1 b) of the GDPR.
The application data will be deleted 2 months after the end of the application process, or at the latest, 6 months after receipt of the application. If an employment relationship is initiated, the data will be transferred to your Human Resources file. The legal basis for this is also Art. 6 para. 1 b) of the GDPR.
To allow us to send you regular information about our company and our services, we offer a newsletter despatch service. When you register for the newsletter, we will process the data you give us (email address and any other voluntary information). Sending the confirmation email for your registration is based on our legitimate interest in proving your proper registration in accordance with Art. 6 Para. 1f) GDPR, despatch of the newsletter based on your consent as per Art. 6 para. 1 a) of the GDPR).
We use a double opt-in process when users subscribe to the newsletter. To avoid misuse, after you register, we send you an email, in which we ask you to confirm your registration. In order to verify that the subscription process complies with the legal requirements, your registration will be logged. This involves storing the IP address and the time at which the new user registers and confirms the subscription. We use service providers to send the newsletter, to whom we transfer the data stated above.
The data will be transferred to the servers of the following service providers in Germany:
Rapidmail: rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i.Br., Germany
2015 certification (92.3 KB)
Further information on data protection can be found at:
f) Login area
If you use our login area, you give consent for your user data (user name, password) to be saved. This allows us to identify you as a customer and gives you the option to manage your orders. Your data is processed based on your consent in accordance with Art. 6 para. 1 a) of the GDPR.
g) Purchase process
We process your order data in order to process your purchase contract. Your data is processed in accordance with the principles of Art. 6 para. 1 b) GDPR.
We transfer your address data to the company engaged to carry out delivery. Where required for processing your contract, we also send your email address or your telephone number to arrange a delivery time (notification) to the company engaged to carry out delivery.
We send your transaction details (name, order date, payment method, date of despatch and/or receipt, amount and recipient of payment, possibly bank details or credit card data) to the payment service provider engaged to process the payment.
h) Website analysis and marketing
To facilitate the use of certain functions, we use “cookies”. These are short data packages which are saved on your device and exchanged with other service providers. Some of the cookies we use are deleted when you close your browser, (“session cookies”). Other cookies remain stored on your device and allow us to recognise your browser when you next visit (persistent cookies).
You can delete all the cookies saved on your device and set your usual browser to stop cookies being saved.
In this case, you may have to reset some settings every time you visit the website, and accept that some functions may be negatively affected.
We use Google Analytics, a service from Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043 USA. Google embeds certain cookies for this. The information on your use of this website (including your IP Address) gathered by the cookie is transmitted to a Google server in the USA and stored there. We use the stored information to evaluate your use of the website in order to generate reports on website activity for the website provider and to perform additional services related to the use of the website. We process the data obtained in this way based on our overwhelming legitimate interest in optimising the marketing of our online services in accordance with Art. 6 Para. 1 f) GDPR. Google will never associate your IP address with any other Google data.
We would like to point out that this website uses Google Analytics with the “_anonymizeIp()” extension. As part of this, IP addresses are truncated before transfer to a server in the USA. This generally excludes a direct personal association with the data stored. Only in exceptional cases is the full IP address sent to a server in the US and truncated there.
You may withdraw consent for data collection at any time, effective for the future, by activating the deactivation add-on for browsers for Google Analytics at
http://tools.google.com/dlpage/gaoptout?hl=deverwenden or by activating the following opt-out link: Click here to deactivate Analytics for this page.
Please note the supplementary notes on use of data by Google Analytics in the Google partner network at:
Google is certified under:
You will find further information on data protection at: https://policies.google.com/privacy?hl=de&gl=de
i) Inclusion of external content
We use external dynamic content to optimise the presentation and services on our website. When you visit our website, API automatically creates a query to the server of the content provider in question, in which certain log data (e.g the user IP address) is transferred. The dynamic content is then sent to our website and shown there.
We use external content with regard to the following functions:
aa) Google Maps
We use the Google Maps mapping service from Google on our website in order to give you an interactive map. When showing the map, certain data, including your IP address and your location, is sent to a Google server in the USA and stored there. This processing is carried out based on our overwhelming legitimate interest in proper marketing of our services in accordance with Art. 6 para. 1 f) of the GDPR.
bb) Google Fonts
In order to make your visit to our website more attractive, we use external fonts from Google Fonts. These are loaded when visiting the pages of servers of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) Google does not store any cookies in your browser in relation to this. However, according to our information, the IP address of the user’s device is transferred to Google and stored. This processing is carried out based on our overwhelming legitimate interest in proper marketing of our services in accordance with Art. 6 para. 1 f) of the GDPR.
cc) Google Translate
To allow us to provide our website in various languages, we use the Google Translate service. The corresponding texts are loaded when visiting the pages of servers of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) Google does not store any cookies in your browser in relation to this. However, according to our information, the IP address of the user’s device is transferred to Google and stored. This processing is carried out based on our overwhelming legitimate interest in proper marketing of our services in accordance with Art. 6 para. 1 f) of the GDPR.
Google is certified under:
You will find further information on data protection at: https://policies.google.com/privacy?hl=de&gl=de
We use “cookies” on different pages in order to make our website more attractive to visitors and to facilitate the use of certain functions. Cookies are small text files which are stored on your device. Some of the cookies we use are deleted at the end of your browser session, i.e. when you close your browser (these are known as session cookies). Other cookies remain stored on your device and allow us or our associates to recognise your browser when you next visit us (persistent cookies).
You can delete all the cookies saved on your device and set your usual browser to stop cookies being saved. Find out how to do this here:AllAboutCookies.org.
In general, web browsers are currently set as standard to accept cookies automatically. Here you can find out how to amend this default setting and block cookies – from this website too:
In this case, you may have to reset some settings manually every time you visit the website, and accept that some functions may be negatively affected.
b) Details about embedded cookies
_ga, _gid, _gat_gtag_UA_109717004_1, NID, CONSENT, ga-disable-*
These cookies are embedded by Google. You will find more comprehensive information in section B.h.i. or at the following link: https://www.google.com/policies/technologies/types/.
Your consent for cookies is documented in this cookie.
This cookie saves your language settings for the website.
This cookies stores the session ID, a randomly generated identification number for your session. Depending on your browser settings, this cookie is deleted when you close a tab or window which this cookie has set. This means it is possible, for example, for your browser to automatically complete fields in a form.
D. DURATION OF DATA STORAGE
We only save personal data for as long as it is required for the purposes it is processed for, or consent you have given is withdrawn. Where statutory storage obligations must be fulfilled, the duration of storage for certain data, regardless of the processing purpose, may amount to up to 10 years.
E. YOUR RIGHTS AS A DATA SUBJECT
On request, we can provide you, at any time and free of charge, with information about all the personal data we hold on you.
b) Rectification, deletion, restricting how the data is processed (blocking), objection
If you are no longer in agreement with our storage of your personal data, or if this data is no longer correct, we shall undertake the deletion or blocking of your data in accordance with your instructions, or shall make the necessary corrections (insofar as this is possible under the applicable law). The same applies where we are only to process data in future to a limited extent.
c) Data transferability
On request, we can provide you with your data in a common, structured, machine-readable format, so that you may transfer your data, if asked, to another responsible party.
d) Right to complain
You have the right to lodge a complaint with a supervisory authority:
e) Right to withdraw consent effective for the future
You may withdraw such consent at any time with effect for the future. Your withdrawal of consent does not affect the legality of the processing up to the time of withdrawal.
Data, from which we are not able to identify the affected person, for example, when this has been anonymised for purposes of analysis, is not affected by the rights above. Information, deletion, blocking, correction or transfer to another company may be possible with regard to this data, if you give us additional information which allows us to identify it.
g) Asserting your rights as an affected person
If you have any questions with regard to your personal data, or regarding information, rectification, blocking, revocation or deletion of data, or if you want to transfer your data to another company, please contact firstname.lastname@example.org.