Data protection declaration
This data protection declaration explains to you the type, scope and purpose of the processing of personal data (after referred to as "data") within our online offer and the associated
websites, functions and contents as well as external online presences (hereinafter jointly referred to as "online offer"). With regard to the terms used, such as "processing" or "person
responsible", we refer to the definitions in Art. 4 of the Basic Data Protection Ordinance (DSGVO). With the following declaration on the following pages we comply with our legal
obligation to provide information and inform you about the storage of data, the type of data, its purpose and our identity. We will also inform about of the first transmission and the type of
1. subject of data protection Subject of data protection are personal data. These are individual details about personal or factual circumstances of a specific or identifiable natural person.
Such as name, postal address, e-mail address but also usage data such as the IP address of a computer.
2. automatic anonymous data collection, processing and use We automatically collect, process or use non-personal information that your browser transmits to us (cookies). This
information includes: Browser type/ version, Operating system, Referrer URL (source of a link), IP address (host name of the computer used), Time of the server request With most web
browsers, it is possible to select a setting using the "Settings" function in the menu bar so that your browser does not accept any new cookies in the future or switches off cookies already
you work with has the desired level of protection.
3. initiated personal data collection, data processing and data use In principle, the collection, use or utilization of personal data is not required for the use of the website. We do not do this
either. Data is only collected, processed or used if you voluntarily provide your personal data.
This may be necessary in the following cases, for example:
(1) Contract execution It may be necessary to disclose your personal data to companies that we use to provide the service or to process the contract. These are, for example, transport
companies or other service providers. The data will not be passed on to third parties outside of what is necessary for the processing of business transactions.
(2) Passing on to third parties and passing on to state institutions and authorities In other cases, the data will only be passed on to third parties if you have given your prior consent. You
have the right to revoke your consent at any time with effect for the future. We pass on data to state institutions and authorities entitled to receive information only within the framework of
legal obligations or on the basis of a court decision. The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried
out in accordance with the Basic Data Protection Regulation and in accordance with the applicable country-specific data protection regulations. By means of this data protection
declaration we would like to inform the public about the type, scope and purpose of the personal data collected, used and processed by us. Furthermore, data subjects will be informed
about their rights by means of this data protection declaration. However, we would like to point out that complete protection of data from access by third parties is not possible. On the
following pages the data protection declaration is listed in detail.
Person in charge
Managing Director: Rüdiger Metternich
Commercial register HRB 206640
District Court: Tostedt VAT-ID: DE317309681
21244 Buchholz i.d.N.
Phone: +49(0) 4181 92 30 78 00
Types of data collection and processed data:
Our website collects a series of general data and information each time a person or an automated system accesses the website. This general data and information is stored within the log
files of the server.
The following may be collected:
(1) used browser types and versions,
(2) the operating system used by the accessing system,
(3) the website from which an accessing system reaches our website (so-called referrer),
(4) the subwebsites, which are accessed via an accessing system on our website,
(5) the date and time of access to the Website,
(6) an Internet Protocol address (IP address),
(7) the Internet service provider of the accessing system and
(8) other similar data and information used for security purposes in the event of attacks on our information technology systems.
When using this general data and information, no conclusions can be drawn about the person concerned.
Rather, this information is needed to
(1) to deliver the contents of our website correctly,
(2) to optimize the contents of our website as well as the advertising for them,
(3) to ensure the long-term functionality of our information technology systems and the technology of our website, and
(4) to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack.
This data and information is collected anonymously.
- Inventory data (e.g., names, addresses).
- Contact details (e.g., e-mail, telephone numbers).
- Content data (e.g., text input, photographs, videos).
- Usage data (e.g., visited websites, interest in content, access times).
- Meta/communication data (e.g., device information, IP addresses).
Categories of persons concerned
Visitors and users of the online offer (hereinafter referred to as "users").
Purpose of processing
- Provision of the online offer, its functions and contents.
- Answering of contact requests and communicate with users.
- Security measures.
"Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be
identified, directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more
special features that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. "Processing" means any operation carried out
with or without the aid of automated procedures or any such series of operations in connection with personal data. The term is extensive and covers practically every handling of data.
“Person responsible" means the natural or legal person, authority, institution or other body that alone or together with others decides on the purposes and means of processing personal
Applicable legal bases
In accordance with Art. 13 DSGVO, we inform you of the legal basis of our data processing. If the legal basis is not mentioned in the data protection declaration, the following applies: The
legal basis for obtaining consents is Art. 6 para. 1 lit. a and Art. 7 DSGVO, the legal basis for processing for the performance of our services and performance of contractual measures as
well as for answering inquiries is Art. 6 para. 1 lit. b DSGVO, the legal basis for processing to fulfil our legal obligations is Art. 6 para. 1 lit. c DSGVO, and the legal basis for processing to
protect our legitimate interests is Art. 6 para. 1 lit. f DSGVO. In the event that the vital interests of the data subject or another natural person require the processing of personal data,
Article 6(1)(d) DSGVO serves as the legal basis.
Cooperation with contract processors and third parties
If we disclose data to other persons and companies (contract processors or third parties) within the scope of our processing, transmit it to them or otherwise grant them access to the
data, this shall only take place on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as payment service providers, in accordance with Art. 6 Para. 1 lit.
b DSGVO for contract fulfilment is necessary), if you have consented, if a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts,
etc.). If we commission third parties with the processing of data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 DSGVO.
Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or
disclosure or transfer of data to third parties, this only takes place if it occurs for the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal
obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or leave the data in a third country only if the special requirements of Art. 44
ff. Process DSGVO. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognised determination of a data protection level
corresponding to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").
Rights of data subjects You have the right to request confirmation as to whether the data concerned are being processed and to request information about these data as well as further
information and a copy of the data in accordance with Art. 15 DSGVO. In accordance with Article 16 of the DSBER, you have the right to request the completion of data concerning you or
the correction of inaccurate data concerning you. In accordance with Art. 17 DSGVO, you have the right to demand that relevant data be deleted immediately or, alternatively, to demand
a restriction on the processing of the data in accordance with Art. 18 DSGVO. You have the right to request that the data concerning you that you have provided to us be received in
accordance with Art. 20 DSGVO and to request its transmission to other persons responsible. In accordance with Art. 77 DSGVO, they also have the right to file a complaint with the
competent supervisory authority.
Right of revocation
You have the right to revoke consents granted pursuant to Art. 7 para. 3 DSGVO with future effect.
Right of objection
You can object to the future processing of the data concerning you in accordance with Art. 21 DSGVO at any time. The objection may be lodged in particular against processing for direct
Cookies and right of objection in direct advertising “Cookies" are small files that are stored on the user's computer. Different data can be stored within the cookies. A cookie is
primarily used to store information about a user (or the device on which the cookie is stored) during or after his or her visit to an online offer. Temporary cookies, or "session cookies" or
"transient cookies", are cookies that are deleted after a user leaves an online offer and closes his browser. In such a cookie, for example, the content of a shopping basket can be stored
in an online shop or a login jam. Cookies are referred to as "permanent" or "persistent" and remain stored even after the browser is closed. For example, the login status can be saved
when users visit it after several days. Likewise, the interests of users used for range measurement or marketing purposes may be stored in such a cookie. Third-party cookies" are
cookies that are offered by providers other than the person responsible for operating the online offer (otherwise, if they are only its cookies, they are referred to as "first-party cookies").
We may use temporary and permanent cookies and clarify this within the framework of our data protection declaration. If users do not want cookies to be stored on their computer, they
are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies
may lead to functional limitations of this online offer.
Deletion and blocking of data
The data processed by us will be deleted or its processing will be restricted in accordance with the DSGVO. Unless expressly stated in this data protection declaration, the data stored by
us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory storage obligations. If the data are not deleted because
they are necessary for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies for
example, to data that must be retained for commercial or tax reasons. We process and store personal data of the data subject only for the period necessary to achieve the storage
purpose or insofar as this has been provided for by the European Directive and Regulation Giver or another legislator in laws or regulations to which the controller is subject. If the storage
purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Giver or another competent legislator expires, the personal data is routinely blocked
or deleted in accordance with the statutory provisions. In accordance with statutory requirements in Germany, the records are kept in particular for 6 years in accordance with § 257 (1)
HGB (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 (1) AO
(books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and
technical maintenance services that we use for the purpose of operating this online offering. We or our hosting provider process inventory data, contact data, content data, contract data,
usage data, meta- and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of
this online offer according to Art. 6 Para. 1 lit. f DSGVO in conjunction with. Art. 28 DSGVO (conclusion of order processing contract).
Collection of access data and log files We, or our hosting provider, collect the following data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. DSGVO
data on each access to the server on which this service is located (so-called server log files). Access data includes the name of the accessed website, file, date and time of access,
transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the
requesting provider. Log file information is stored for a maximum of 7 days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is
required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.
SSL encoding This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as a site operator. When SSL
encryption is enabled, the data you send us has a high security standard.
Performance of contractual services We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact
persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. DSGVO. The entries marked as obligatory in online forms
are required for the conclusion of the contract. When using our online services, we store the IP address and the time of the respective user action. The data is stored on the basis of our
legitimate interests as well as the user's protection against misuse and other unauthorized use. A passing on of this data to third parties does not take place in principle unless it is
necessary for the pursuit of our claims or there is a legal obligation according to Art. 6 Abs. 1 lit. c DSGVO. We do not process the usage data (e.g., the websites visited within our online
offer, interest in our products). The data will be deleted after the expiry of statutory warranty and comparable obligations that require the data to be entered into a database. The data will
be deleted after the expiry of statutory warranty and comparable obligations; the necessity of storing the data will be reviewed every three years; in the case of statutory archiving
obligations, the data will be deleted after their expiry. Information in the possible customer account remain up to its deletion.
Contacting When contacting us (e.g. via contact form, e-mail, telephone or social media), the user's details are processed for processing the contact enquiry and its processing in
accordance with Art. 6 para. 1 lit. b) DSGVO. User information can be stored in a customer relationship management system ("CRM system") or comparable request organization. We
delete the requests if they are no longer necessary. We check the necessity every two years; furthermore, the legal archiving obligations regarding storage and also deletion apply.
Integration of third-party services and content.
Integration of services and third-party contents Within our online offer, we make no representations or warranties of any kind based on our legitimate interests (i.e. interest in the
analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) content or service offerings of third parties to incorporate their content
and services, such as videos or fonts (hereinafter uniformly referred to as "content"). This always presupposes that the third-party providers of this content perceive the IP address of the
users, since without the IP address they could not send the content to their browser. The IP address is therefore required for the display of this content. We make every effort to use only
those contents whose respective providers use the IP address only for the delivery of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also known
as "web beacons") for statistical or marketing purposes. “Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous
information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time and other
information about the use of our online offer, as well as be linked to such information from other sources.
https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated. Google Fonts Occasionally we include fonts ("Google Fonts") from Google LLC, 1600
Note: In the event of changes in the legally prescribed data protection declaration, we will update it immediately. We have the complete agreement for data order processing with the
provider according to Art. 28 para. 3 of the DSGVO. May 2018