The protection of your data is very important to us! That is why we follow the legal provisions on data protection (GDPR) and also do everything to protect your data. In order to protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS. The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union (EU) as well as other data protection regulations is:
Michael Fritz Loderer
- What data is it about?
- Why do we process personal data?
- When and to what extent do we process personal data?
Below you will find an overview of all processes in which your personal data may be processed.
3.1 To provide contractual services / registration
We process inventory data and contract data in order to be able to fulfill our contractual obligations and services. (Art. 6 para. 1 lit. b GDPR).
3.2 Establishing contact
If you contact us by e-mail, the information will be processed to the extent necessary to answer your questions.
3.3 Visiting our website
- Legal basis for the processing of personal data
Insofar as we obtain the data subject’s consent for the processing of personal data, Art. 6 para. 1 lit. a General Data Protection Regulation (GDPR) serves as the legal basis. When processing personal data, which is necessary for the performance of a contract to which the data subject is party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis. If processing is necessary to safeguard the legitimate interests of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.
- Data deletion and storage duration
The data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention requirements. If the user’s data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data will be blocked and not processed for other purposes. This applies e.g. for user data that must be kept for commercial or tax reasons.
- Can minors use our services?
In short: No. Our website and services may not be used by people who are not yet of legal age. We do not knowingly collect any information from minors or others who are not legally able to use our services. If we become aware that we have collected personal data from minors, we will delete it immediately; unless we are legally obliged to keep the data. Please contact us if you suspect that we accidentally or incorrectly collected information from a minor.
- How do we protect your personal data?
We carry out physical, technical and administrative security measures to adequately protect your personal data against loss, misuse, unauthorized access, disclosure and modification. These security measures include firewalls, data encryption, and we choose our server locations very carefully. It is also your responsibility to check that the personal information we hold about you is correct and up to date. We are not liable for the protection of personal data that we pass on to third parties on the basis of an account link authorized by you.
- When do we share your information?
First of all, we would like to assure you that we will not sell, lend or rent your personal data. Data will only be passed on if e.g. is essential for the fulfillment of our contractual obligations, we have a legitimate interest or we have your consent. Each of our contractual partners is conscientiously and carefully selected and we oblige them to protect all data in accordance with the legal regulations. For this reason, we also conclude a data processing agreement with the processor in accordance with Art. 28 GDPR.
Our website may contain links to websites of other providers, the content of which we are not responsible for and to which this data protection declaration does not extend.
- Provision of the website and creation of log files
10.1 Description and scope of data processing
As soon as you access our website, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:
- The user’s IP address
- Date and time of access
- Websites from which the user’s system reaches our website
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
10.2 Legal basis
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
10.3 Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. To do this, your IP address must remain stored for the duration of the session. The log files are saved to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. Those purposes also constitute our legitimate interest in data processing in accordance with Art. 6 Para. 1 lit. f GDPR. The data is not evaluated for marketing purposes in this context.
10.4 Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that it is no longer possible to assign the calling client.
10.5 Objection and removal options
The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is consequently no possibility for the user to object.
11.1 Description and scope of data processing
- Session cookies expire at the end of your browser session and allow us to link your actions during this particular browser session.
- Permanent cookies are stored on your device between browser sessions and enable us to document your priorities or actions across multiple pages.
- First-party cookies are stored by the page you just accessed.
- Third party cookies are placed by a third party site that is different from the page you are visiting.
- Language settings
- Log-in information
11.2 Legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR.
11.3 Purpose of data processing
- Acceptance of language settings
- Remembering search terms
The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimize our offer.
11.4 Duration of storage, objection and removal options
- Contact forms, contact email
12.1 Description and scope of data processing
There are forms on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and saved. When the message is sent, the following data is also saved:
- Email address of the user
- The user’s IP address
12.2 Legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR. The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If the email contact is aimed at the conclusion of a contract, then an additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
12.3 Purpose of data processing
The processing of personal data from the input mask serves us only to process the establishment of contact. If you contact us by email, this constitutes also the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
12.4 Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
12.5 Objection and removal options
The user has the possibility to revoke his consent to the processing of personal data at any time. If users contact us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. A description follows of how the withdrawal of consent and the objection to storage is made possible. In this case, all personal data saved in the course of contacting us will be deleted.
- Integration of services and content from third parties
We use content or service offers from third-party providers within our online offer based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f GDPR) to include their content or services such as videos or fonts (hereinafter referred to as “content”). This always presupposes that the third-party providers of this content perceive the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information on the use of our online offer, as well as being linked to such information from other sources. The following illustration provides an overview of third-party providers and their content, along with links to their privacy policies, which include further information on the processing of data and, in part already mentioned here, options for objection (so-called opt-out):
- Your rights
As soon as your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible (i.e. us):
- Right to information,
- Right to correction or deletion,
- Right to restriction of processing,
- Right to object to processing,
- Right to data portability.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.