DECLARATION OF PROTECTION ***Name and address of the data controller
The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data. The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (DSGVO) is: Mr. Stefan Heidler, IT Security Officer (IHK) VdS Consultant for Cyber-Security from the company IFS Engineering GmbH, An der Leite 16, 96193 Wachenroth, Germany, e-mail: stefan.heidler(at)ifs-infoweb.de. When you call up our website, we use the widespread SSL procedure (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser. We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
This website uses so-called cookies. Cookies are text files that explicitly do not contain any personal data and that are placed on your computer and stored by the browser you are using. By using cookies, our systems can recognize your browser and offer you additional useful information. Insofar as personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Article 6 (1) (b) DSGVO either for the performance of the contract or in accordance with Article 6 (1) (f) DSGVO to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the visit to this website operated by us. However, you can set up the configuration of your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. For details, please refer to the description of the browser you are using. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
Information about the processing of your personal data by Albacross
We inform you about the processing of personal data on behalf of Albacross Nordic AB ("Albacross"). Information collected from cookies set on your device that is considered personal data is processed by Albacross, a company that provides lead identification and ad targeting services with offices in Stockholm and Krakow. Full contact details can be found below. The purpose for processing the personal data is to enable Albacross to improve a service provided to us and our website (e.g. the Lead Generation service) by adding data to their database about businesses. In addition to the Lead Generation service, the Albacross database is also used for targeted advertising to businesses and data is transferred to third party data service providers for this purpose. For clarity, targeted advertising refers to businesses, not individuals.
The data Albacross collects and uses for this purpose is information about the IP address from which you visited our website and technical information that enables Albacross to distinguish different visitors from the same IP address. Albacross stores the domain from form submissions to correlate the IP address with your employer.
Albacross Nordic AB
Company registration no. 556942-7338
111 52 Stockholm, Sweden
www.albacross.com - firstname.lastname@example.org
Collection of general data and information
Collection of data
When you access our website, information is automatically sent to us by the browser on your terminal device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:
- IP address of the requesting computer,
- date and time of the access,
- amount of data sent in bytes
- name and web address of the file accessed,
- source/reference from which you accessed the page
- website from which the access was made,
- browser used and, if applicable, the operating system of your computer and the name of the provider.
The above data is processed by us for the following purposes:
- Ensuring a smooth connection setup of the website,
- ensuring a comfortable use of our website,
- evaluating the system security and stability of our website,
- for further administrative purposes.
The legal basis for data processing is Article 6 (1) sentence 1 lit. f DSGVO.
Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
Transfer of collected data
We do not transfer your personal data to third parties for purposes other than those listed below.
We will only pass on your personal data to third parties if:
- you have given your express consent to do so in accordance with Article 6 (1) sentence 1 lit. a DSGVO,
- the disclosure is necessary in accordance with Article 6 (1) sentence 1 lit. f DSGVO for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
- in the event that there is a legal obligation for the disclosure pursuant to Article 6 (1) sentence 1 lit. c DSGVO, as well as
- this is legally permissible and required under Article 6 (1) sentence 1 lit. b DSGVO for the performance of a contract to which the data subject is a party, or for the performance of pre-contractual measures which are carried out at the request of the data subject.
Data processing in the context of registration on our website
The data subject has the opportunity to register on the website of the controller by providing personal data. Which personal data are transmitted to the controller in the process results from the respective input mask used for the registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for the data to be transferred to one or more processors, for example one or more parcel service providers, who will also use the personal data exclusively for an internal use attributable to the controller.
By registering on the website of the controller, the IP address assigned by the internet service provider of the data subject, the date as well as the time of registration are furthermore stored. The storage of this data takes place against the background that only in this way can the misuse of our services be prevented and, if necessary, this data makes it possible to clarify criminal offences that have been committed. In this respect, the storage of this data is necessary for the protection of the data controller. As a matter of principle, this data will not be disclosed to third parties unless there is a legal obligation to disclose it or the disclosure serves the purpose of criminal prosecution.
The registration of the data subject by voluntarily providing personal data serves the purpose of the controller to offer the data subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to modify the personal data provided during registration at any time or to have them completely deleted from the data base of the controller.
The controller shall provide any data subject at any time, upon request, with information on what personal data is stored about the data subject. Furthermore, the controller shall correct or delete personal data at the request or indication of the data subject, provided that this does not conflict with any statutory retention obligations. All employees of the controller are available to the data subject as contact persons in this context.
Data processing in the context of order processing
The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. If the delivery is carried out by one or more transport companies, we will pass on your e-mail address to them in accordance with Article 6 (1) a DSGVO before the delivery of the goods if you have given your express consent to this. Otherwise, in accordance with Article 6 (1) (b) DSGVO, we will only pass on the name of the recipient and the delivery address to the transport company or companies, insofar as this is necessary for the delivery of the goods. Any consent given can be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the transport service provider(s).
We pass on your payment data to the commissioned credit institution within the framework of payment processing, solely to the extent that this is necessary for payment processing.
In the case of payment by credit card via PayPal or by direct debit via PayPal, the customer's payment data will be passed on to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, within the processing procedure, in accordance with Article 6 Paragraph 1 lit. b DSGVO and only to the extent that this is necessary for the processing of the payment. After complete processing of the contract, the customer's data will be blocked with regard to tax and commercial law retention periods and deleted after expiry of these aforementioned periods, if the customer has not expressly consented to the further use of the data. Further information on data protection law can be found in the PayPal data protection principles at https://www.paypal.com/de/webapps/mpp /ua/privacy-full. The legal basis for the transfer of data is Article 6 (1) b DSGVO.
Payment by "Sofort
If you select payment with the payment method "Sofort", hereinafter "Sofort", as payment method, your contact details will be transmitted to the service provider Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden , as part of the order processing. However, we reserve the right to change this service provider. The transmitted personal data are in particular first name, last name, address, telephone number, IP address, e-mail address, or other data that are required for order processing, as well as data related to the order, such as item description, item number, number of items ordered, invoice amount, etc.. Personal data can be passed on on the part of Sofortüberweisung also to service providers, to subcontractors or other connected enterprises, if this is necessary for the fulfilment of the contract obligations, and/or if the personal data are to be processed in the order. Under certain circumstances, the personal data transmitted to the service provider will be transferred by the service provider to credit agencies. This transmission serves to check your identity and creditworthiness in relation to the order you have placed. The data protection information of "Sofort" will also be displayed to you during the payment process. If you have any questions about the use of your personal data, please contact the current service provider. The contact details can be found in the imprint of the URL https://www.klarna.com/sofort/impressum/.
Duration of storage of personal data
The duration of the storage of personal data depends on the corresponding legal retention period. After expiry of the respective period, the corresponding data will be deleted if they are no longer required for the fulfilment or initiation of the contract and/or there is no justified interest on our part in continued storage.
Contact option via the website
Our website contains data that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or by using a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller will be stored for the purposes of processing or contacting the data subject. No disclosure of this personal data to third parties will take place.
Data subject rights
With regard to the processing of your personal data, you are entitled to the following data subject rights. You have a:
- Right to information, Article 15 DSGVO: This includes the right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or. the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it has not been collected from you by us, the existence of automated decision-making, including profiling, and, where applicable, meaningful information about the logic involved and the implications for you and the intended effects of such processing, as well as your right to be informed about the guarantees pursuant to Article 46 DSGVO in the event of onward transfer of your data to third countries;
- Right to rectification, Article 16 GDPR: This includes the right to have inaccurate data relating to you corrected without delay and/or to have incomplete data held by us completed;
- Right to restriction of processing, Article 18 DSGVO: This includes the right to request the restriction of the processing of your personal data while the accuracy of your data that you dispute is being verified, if you object to the erasure of your data because of unlawful data processing and instead request the restriction of the processing of your data, if you need your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved, or if you have objected on the grounds of your particular situation, as long as it has not yet subsequently been determined whether our legitimate grounds prevail;
- Right to erasure, Article 17 DSGVO: This includes the right to request that we delete your personal data if the conditions of Article 17 (1) DSGVO are met. However, this right does not exist in particular if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- Right to information, Article 19 GDPR: If you have asserted your right to rectification, erasure or restriction of processing against the designated controller, the controller is under an obligation to you to inform all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients by the controller.
- Right to data portability, Article 20 GDPR: This includes the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller, where this is technically feasible;
- Right to withdraw consent given, Article 7(3) DSGVO: This includes the right to revoke consent to the processing of data, once given, at any time with effect for the future. In the event of the declared revocation, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation;
- Right to lodge a complaint, Article 77 GDPR: You have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the provisions of the GDPR, irrespective of any administrative or judicial remedies that may exist alongside it.
RIGHT TO OBJECT
INSOFAR AS YOUR PERSONAL DATA IS PROCESSED ON THE BASIS OF LEGITIMATE INTERESTS PURSUANT TO ARTICLE 6 PARA. 1 P. 1 LIT. F DSGVO, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING OF YOUR PERSONAL DATA IN ACCORDANCE WITH ARTICLE 21 DSGVO WITH EFFECT FOR THE FUTURE, INSOFAR AS THERE ARE GROUNDS FOR DOING SO WHICH ARISE FROM YOUR PARTICULAR SITUATION. THE CONTROLLER WILL THEN NO LONGER PROCESS THE PERSONAL DATA UNLESS IT CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE THE INTERESTS, RIGHTS AND FREEDOMS OF THE DATA SUBJECT, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS. IF YOUR OBJECTION IS TO DIRECT MARKETING, YOU HAVE A GENERAL RIGHT TO OBJECT, WHICH WILL BE IMPLEMENTED BY US WITHOUT SPECIFYING ANY PARTICULAR SITUATION. IF YOU WISH TO EXERCISE YOUR RIGHT OF OBJECTION, PLEASE SEND AN E-MAIL TO THE E-MAIL ADDRESS GIVEN IN THE IMPRINT.
Information and contact
You have the right at any time to receive information free of charge from the user about your stored data and, if necessary, the right to correct, block or delete this data. You can therefore request information about the data stored by us free of charge at any time. At this point, we would like to expressly point out the right of objection granted above.
Information text for the online data protection information, for example, of the advertising partner for Gautzsch Select (advantage offers)
Online data protection information (of the advertising partner)
Advantage offers of Gautzsch GmbH: For the selection of an advantage offer that is currently of interest to you regionally, we transmit your title, year of birth, country, postcode, hash value of the e-mail address and your IP address to Gautzsch GmbH in a pseudonymised and encrypted form (Art. 6 Para. 1 f DSGVO). The pseudonymised hash value of the e-mail address is also used to take into account a possible objection to advertising by Sovendus (Art. 21 para.3, Art. 6 para.1 c DSGVO). The IP address is used by Gautzsch exclusively for data security purposes and is usually anonymised after seven days (Art. 6 para.1 f DSGVO). As far as necessary for the respective advantage offer, your name, your address data, your e-mail address and/or your telephone number are transmitted encrypted by us to Gautzsch when you click on the advantage offer in order to prepare the personalized request for the advantage offer from the product provider (Art. 6 para.1 b, f DSGVO).
Data processing with the USA
The EU/US Privacy Shield has been declared invalid by the ECJ with immediate effect. As far as possible, we now use European service providers and/or servers. In the case of data exchange with the United States, only companies whose standard contractual clauses have been checked to ensure that their level of data protection is actually maintained will be considered.
Use of a live chat system
Userlike (Userlike UG (haftungsbeschränkt))
On this website, anonymized data may be collected and stored using technologies, for example, by Userlike UG (haftungsbeschränkt), Deisterweg 7, 51109 Cologne, (www.userlike.com) for the purpose of web analysis and to operate the live chat system for answering live support requests. Usage profiles can be created from this anonymised data under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of the site visitor's Internet browser. The cookies enable the recognition of the Internet browser. If the information collected in this way has a personal reference, the processing is carried out in accordance with Art. 6 Para. 1 lit. f DSGVO on the basis of our legitimate interest in effective customer service and the statistical analysis of user behaviour for optimisation purposes.
The data collected with Userlike technologies will not be used to personally identify the visitor to this website without the separately granted consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. In order to avoid the storage of Userlike cookies, you can set your internet browser in such a way that no cookies can be stored on your computer in the future or that cookies that have already been stored are deleted. However, switching off all cookies may mean that some functions on our Internet pages can no longer be carried out. You can object to the collection and storage of data for the purpose of creating a pseudonymised user profile at any time with effect for the future by sending us your objection informally by e-mail to the e-mail address given in the imprint.