This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
I. Name and Address of the Controller and Data Protection Officer:
The controller within the meaning of the applicable data privacy regulations is:
Managing Director
The company’s Data Protection Officer is:
Data Protection Officer
II. General Information on Data Processing
1. The scope of personal data processing
As a general rule, we collect and use the personally identifiable information (“personal data”) of our users only to the extent that doing so is necessary
or if we have received the user’s consent.
An exception is made in situations where it is not possible to obtain consent in advance for practical reasons and processing the data is permitted in accordance with statutory provisions.
2. The legal basis for processing personal data
You will find the various legal bases provided under the EU General Data Protection Regulation (GDPR) regarding the processing of personal data below:
When personal data is processed
3. Erasure of data and duration of retention
As a general rule, we erase or block personal data as soon as there is no longer any purpose for storing it. If we are obligated by law to retain data, it will be blocked or erased once the statutory retention obligation has expired, except where entering into a contract or the performance of a contract necessitates the continued retention of the data.
4. The recipient of the data collected
The sole recipient of data collected via the website is the specified controller. As a rule, no data is transmitted to third parties.
Because no contracts are entered into via our website, as a rule there is no legal or contractual obligation to provide personal data.
III. Provision of the Website and Creation of Log Files
1. The scope of data processing
Every time our website is accessed, our system automatically records data and certain items of information from the computer system accessing the website.
During this process, the following information is collected:
The data is also stored in our system’s log files (these contain a record of all or certain computer system processes). This data is not saved together with any of the user’s personal data.
2. The legal basis for the data processing
The legal basis for temporarily storing data and for the log files is Art. 6 (1) (f) of the GDPR.
3. The purpose of the data processing
The system needs to temporarily store the IP address in order to be able to make the website accessible to the user’s computer. To ensure that this is possible, the user’s IP address must remain stored for the duration of the session.
This storage is accomplished by way of log files, which allow us to ensure the functionality of the website. Additionally, the data serves to assist us in optimising the website and ensuring the security of our IT systems.
These purposes also comprise our legitimate interest in data processing as set out in Art. 6 (1) (f) of the GDPR. Because we are not able to trace an IP address to a natural person without extensive effort, furthermore because an IP address is not considered sensitive data, and because this is immediately deleted after the visit to the website and we require it in order to provide our website, our interests override the interests of the data subject.
4. How long we store data
Once the data collected is no longer required to achieve the purpose for which it was collected (providing the website), it is deleted. In situations in which data is stored in log files, this occurs no later than seven days afterwards. It is possible that data will be stored for a longer period. In such case, however, users’ IP addresses are deleted or scrambled so that it is no longer possible to associate them with the accessing clients.
5. Opting out and removal
It is absolutely necessary to record data in order to provide the website, and it is absolutely necessary to store the data in log files to ensure the operation of the website. Because of this, users do not have an opt-out option.
IV. E-Mail Contact/Contact Form
1. The scope of data processing
When you are on our website, you can contact us by using the contact form or the e-mail addresses provided. The data is used solely to handle the conversation or inquiry.
2. Description and scope of data processing
If a user decides to use the contact form, the information entered into the input screen is sent to us and saved. Such data includes:
Required information:
Optional information:
At the time the message is sent, the following data is stored:
Alternatively, we can also be contacted using the e-mail addresses provided. In this case, the user’s personal data communicated with the e-mail will be saved.
This information will be used solely to handle the conversation or your inquiry. You will need to provide your postal address in order to request our catalogue.
3. The legal basis for the data processing
The legal basis for processing the data is Art. 6 (1) (f) of the GDPR. If the e-mail contact is aimed at entering into a contract, Art. 6 (1) (b) is also a legal basis for the processing.
4. The purpose of the data processing
Processing personal data from the input screen and the e-mail serves solely to allow us to address your contact request. In this regard, the required information allows us to protect against abuse. The foregoing also comprises a legitimate interest for us. Because you are the initiator of the contact, because this is done at your discretion and we inform you in advance how the data sent will be handled by us, our legitimate interest overrides your right to privacy in this regard.
The other personal data processed during the sending process helps us prevent abuse of the contact form and ensure the security of our IT systems. In this regard as well, our legitimate interest is overriding.
5. How long we store data
Once the data is no longer required to achieve the purpose for which it was collected, it is deleted. For the personal data from the contact form input screen and sent via e-mail, this is the case once
the respective conversation with the user has ended. The conversation has ended once it can be determined based on the circumstances that the issue in question has been settled in its entirety.
The personal data collected during the sending process (e.g., IP addresses) is deleted no later than after a period of seven days has elapsed.
6. Opting out and removal
The user can object to the storage of personal data at any time. In such case, the conversation cannot be continued. The objection can be lodged by e-mail, postal mail, or fax.
In such case, all personal data stored over the period of contact with us will be deleted.
V. Login Area Support (Service Center)
1. Description and scope of data processing
On our website, we provide our existing customers with a login to the support area, which they can use to reach our Service Center. The login area can only be used by customers whose personal data we have collected when establishing the contractual relationship, whom we have informed in this regard of the collection of their data and provided with corresponding login details. When customers use the login screen, we collect only the previously registered user name, password, IP address, and access date.
2. The legal basis for the data processing
In this respect, the legal basis for processing the data is Art. 6 (1) (b) of the GDPR.
3. The purpose of the data processing
Data is collected in the login area solely to facilitate the performance of the existing contract with the user.
4. How long we store data
Once the data is no longer required to achieve the purpose for which it was collected, it is deleted. This is the case when the data is no longer required for the performance of the contract. It may also be necessary to store the other party’s personal data after the contract has been entered into in order to satisfy duties under the contract or those prescribed by law.
5. Opting out and removal
Because the data facilitates the performance of a contract and is absolutely necessary for that purpose, deleting the data at an earlier date is possibly only if obligations under the contract or the law do not present an obstacle to deletion.
VI. The Data Subject’s Rights
If your personal data is processed, you are a “data subject” within the meaning of the GDPR, and you are entitled to the following rights:
1. Right to information
You can request that we provide you with confirmation as to whether personal data concerning yourself is processed by us.
If such processing takes place, you can request information from us regarding the following points:
Additionally, you have the right to request information as to whether the personal data in question will be transmitted to a non-EU country or international organisation. In this connection, you may request that you be informed of the appropriate safeguards associated with the transmission pursuant to Art. 46 of the GDPR.
2. Right to rectification
Where the processed personal data concerning yourself is incorrect or incomplete, you have the right to have this rectified and/or completed. We must then carry out the rectification without undue delay.
3. Right to restriction of processing
If the following conditions have been met, you can request that the processing of the personal data concerning yourself be restricted:
Where the processing of personal data concerning yourself has been restricted, with the exception of its storage, such data may be processed only with your consent or for purposes of establishing, exercising, or defending against legal claims, or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing in accordance with the foregoing conditions has been limited, you will be informed by us prior to the restriction being lifted.
4. Right to erasure
a) Obligation to erase
You may request that we erase your personal data without undue delay. We are required to erase such data without undue delay if one of the following grounds applies:
b) Notifying third parties
Where we have made your personal data public and we are obligated under Art. 17 (1) of the GDPR to its erasure, we will take reasonable steps (also technical measures) to notify controllers that process the personal data that you have requested the erasure of all links to such personal data, copies, or replications of such personal data.
c) Exceptions
There is no right to erasure in situations in which processing is necessary
5. Right to notification
Where you have asserted to us the right of rectification, erasure, or restriction of processing, we are obligated to notify all recipients to whom your personal data has been disclosed of the rectification, erasure of data, or restriction of processing unless this proves impossible or involves disproportionate effort for us.
You have the right to be notified by us of those recipients.
6. Right to data portability
You have the right to receive the personal information concerning yourself in a structured, commonly-used, and machine-readable format. Additionally, you have the right to transmit such data to another controller without hindrance by us, provided
In this regard, you have the right to have us transmit your data to another controller, provided doing so is technically feasible. However, this must not adversely affect the rights and freedoms of other individuals.
The exercise of the right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
7. Right to object
You have the right to object, at any time, to the processing of personal data concerning yourself performed based on Art. 6 (1) (e) or (f) of the GDPR on grounds relating to your particular situation; this also applies to profiling based on those provisions.
We will no longer process the personal data concerning yourself unless we can demonstrate compelling, legitimate grounds for the processing that override your interests, rights and freedoms or which facilitate the establishment, exercise, or defence of legal claims.
8. Right to withdraw consent granted under data privacy law
Where statements of consent have been made in accordance with data privacy law, you have the right to withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent performed before its withdrawal.
9. Right to lodge a complaint with a supervisory authority
Any further administrative or judicial remedies notwithstanding, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data concerning yourself infringes the GDPR.
The supervisory authority with which the complaint has been lodged will inform you as the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 of the GDPR.