Data protection declaration
The protection and security of the processing of personal data are very important to us. We therefore adhere strictly to the legal provisions that are specified in the EU General Data Protection Regulation (EUGDPR) as well as the German Federal Data Protection Act (BDSG) and other legal provisions. We take all the state-of-the-art technological and organisational measures that are necessary in order to ensure the secure processing of personal data.
The gathering and processing of personal data on this website is carried out by:
19357 Karstädt / Brandenburg
Tel: +49 (0) 38797 743 30
Fax: +49 (0) 38797 743 33
Authorised representative(s) -incl. job title, e.g. Managing Director
Data Protection Officer:
Below we provide the details of our Data Protection Officer, Ms Sylvana Schreiber, who can be contacted as follows by email or by submitting an enquiry via a contact form:
Data protection and security advice
Data Protection Officer, Technical Inspection Association
Data Protection Auditor, Technical Inspection Association
Contact details: https://www.externedatenschutzbeauftragte.de/kontakt-datenschutzbeauftragter/
Purpose of data processing:
In this paragraph we provide you with information about the data that is gathered, and for what purpose.
Automated processing/transmission of data
When you visit our website, data is automatically processed for technical reasons which does not however enable any inference to be made regarding the identity of the data subject, i.e. you. This data is stored in server log files and is processed purely for anonymised statistical purposes. This data contains information relating, among other things, to the time when access is gained, the browsers used, the referrer URL (previously visited website), and other purely technical information relating to your hardware, the operating system used, and browser information. This data is not passed on to third parties.
Anonymising of the IP address (PRIVACY FIRST)
Protecting your privacy is a matter of great importance to us. Therefore on our web server we use the module for masking IP addresses as recommended by the Arbeitskreises Vorratsdatenspeicherung (AK-Vorrat) (data retention working group) – http://www.wirspeichernnicht.de. Consequently it is not possible to draw any conclusions about the requesting client PC or the requesting person or company – even if a static IP address is used.
Gathering of personal data
The processing of personal data and information is carried out exclusively in order to perform order-related processes and to undertake contractually necessary processes.
The processing of personal data is only carried out in relation to enquiries or contractual transactions which the data subject him/herself, or a third party commissioned by the data subject, has sent to us, e.g. for the drawing up of a tender.
If you send or have sent us your personal data we guarantee that it will not be passed on to third parties unless it is necessary to do so in order to process the order, or unless the passing on of it is stipulated on the basis of legislation or a legal provision.
Security notice relating to the online transfer of data
In spite of all the technical and organisational measures that are used, no guarantee of complete security can be provided in relation to the processing of your personal data via our website. We therefore advise you to send especially sensitive personal information to us by post or by means of a telephone call if the data is required for the fulfilling of the order by us.
Legal basis for the processing of personal data
The processing of personal data is undertaken primarily on the basis of Article 6 paragraph 1. (b) of the GDPR – in order to perform a contract and/or carry out pre-contractual measures. Alternatively it is undertaken in a non-contractual context if the data subject has provided his/her explicit consent in accordance with Article 6 paragraph 1. (a) of the General Data Protection Regulation.
Duration of data storage
Personal data is stored by us in connection with contractual processing in accordance with the statutory rules relating to retention periods. In the case of exclusively pre-contractual processing, the personal data will be deleted after a period of 4 weeks – following the last correspondence relating to the matter in question. An exception to this is a request from the data subject for deletion: this is complied with immediately unless there is a legal impediment to doing so or unless a government agency has submitted a request for information.
Passing on of personal information – categories of recipients
Personal data is only passed on to third parties insofar as this is essential for the fulfilling of our contractual obligations to the data subject. For example, it may be necessary to use the services of one or more subcontractors, such as shipping companies, in order to perform parts of the contract – such as the delivery of goods to the data subject – and this necessitates the passing on of his/her name and address.
Your rights as a data subject
Below we provide clarification of your rights as a data subject in accordance with the statutory data protection provisions of the GDPR and the BDSG.
We wish to uphold your legal rights in every case, and we point out that in the case of a request for information or an enquiry relating to the deletion or correction of information your enquiry may take some time to process – but that we will strive to process it within the legally permitted period of 4 weeks.
As the data subject you have the right to be provided – at any time and free of charge – with information about the data which we have stored in relation to you. The information that we provide will inform you of the purpose of the data storage, the type and scope of any personal data, and of any potential recipients, and the reason for passing the data on.
Furthermore, as the data subject you may demand that we correct or delete your personal data, and we will of course comply with this demand insofar as it is legally possible to do so.
You may withdraw your consent to the future processing of your personal data and/or revoke any consent that has been given. The opportunities to withdraw/revoke consent are derived from the provisions of the GDPR.
If you should wish to be provided with the data relating to you which is stored by us in accordance with the law on transferability, we will provide it to you in a CSV file because there is no prescribed, standardised format for providing it.
We do not use any automated decision-making systems or profiling systems.
Establishing of identity for the protection of the data subject
In order to avoid any misuse of personal data by unauthorised third parties we use suitable means to carry out an identity check in relation to the person making the request for the provision of information or the deletion or correction of data, or a request for the passing on of personal data.
Right to make a complaint to the supervisory authority
If you think that despite our bests efforts we have not acted correctly and/or your personal data has not been correctly processed or has undergone unauthorised processing, please submit a corresponding factual notification of this fact, or a complaint, to our data protection officer – Sylvana Schreiber: her contact details can be found in the introductory section of this data protection declaration.
Irrespective of this, as the data subject you have the right to submit a complaint to the data protection supervisory authority which is the body responsible for us.