With the following information, we would like to give you an overview of the collection, use and processing of your personal data by us and your rights under the data protection regulations. If you wish to use special services of our company through our website, it is necessary to process your personal data. If the processing of personal data is required and there is no legal basis for such processing, we will generally obtain your consent.
The processing of personal data, such as your name, address or e-mail address, is always in accordance with the General Data Protection Regulation (GDPR) and in accordance with the rules of the „EUROMUG“ applicable data protection regulations. By means of this data protection policy we would like to inform you about the scope and purpose of the personal data collected, used and processed by us.
As controllers we have implemented many technical and organisational measures in order to ensure the most complete protection possible for personal data processed through this website. Nevertheless, internet-based data transmissions can generally have security holes, so that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us in alternative ways, such as by phone or by post.
2. Name and address of the controller
The privacy statement is based on the terminology used by the European legislature in the adoption of the General Data Protection Regulation (GDPR). Our data protection policy should be easy to read and understand for the public as well as for our customers and business partners.
To ensure this, we would like to explain in advance the terminology used.
We use the following terms in this data protection policy, including but not limited to:
a. Personal data
Personal data is any information that relates to an identified or identifiable natural person. A natural person is considered to be identifiable, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, like the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
b. Affected person
Affected person is any identified or identifiable natural person whose personal data is processed by the controller (our company).
Processing means any process or series of operations related to personal data, such as collecting, collecting, organising, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures; disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction.
d. Restriction of processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.
Profiling is any kind of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects relating to job performance, economic situation, health, personal to analyse or predict preferences, interests, reliability, behavior, whereabouts or relocation of that natural person.
Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and is subject to technical and organisational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.
The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
Recipient is a natural or legal person, agency or other entity to whom personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as recipient.
i. Third party
A third party is a natural or legal person, public authority, agency or entity other than the data subject, the controller, the processor and the persons authorised under the direct responsibility of the controller or the processor to process the personal data.
Consent is any voluntarily given and unambiguously expressed form of a statement or other unambiguous confirmatory act by the data subject for the particular case, by which the data subject indicates that they consent to the processing of the personal data concerning him or her.
4. Legal basis of processing
Art. 6 Para. 1(a) GDPR serves our company as the legal basis for processing operations in which we obtain consent for a particular processing purpose.
If the processing of personal data is necessary to fulfill a contract of which you are a party, as is the case, in processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing is based on Art. 6 para. 1(b) GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services.
If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Art. 6 Para. 1(c) GDPR.
In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. For example, this would be the case, if a visitor to our premises were injured and his or her name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party. Then processing would be based on Art. 6 Para. 1(d) GDPR.
Finally, processing operations could be based on Art. 6 Para. 1(f) GDPR, if the processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person concerned prevail. Such processing operations are particularly allowed to us because they have been specifically mentioned by the European legislator. In that regard, he considered that a legitimate interest could be assumed if you are a customer of our company (Recital 47 GDPR).
This site uses an SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login details or contact requests that you send to us as the operator. An encrypted connection can be recognised by the fact that the address bar of the browser contains an „https: //“ instead of an „http: //“ and the lock symbol in your browser bar.
If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.
5.2 Data collection when visiting the website
In the case of merely informative use of our website, that is if you do not register or otherwise provide us with information, we will only upload data that your browser transmits to our server (in so-called „server log files“). Our website collects a series of general data and information each time a page is accessed by you or an automated system. This general data and information is stored in the log files of the server. The following data are collected:
1. used browser types and versions,
2. the operating system used by the accessing system,
3. the website from which an accessing system comes to our website (so-called referrers),
4. the sub-web pages, which are accessed via an accessing system on our website,
5. the date and time of access to the website,
6. a shortened Internet Protocol address (anonymised IP address),
7. The Internet service provider of the accessing system.
When using this general data and information, we draw no conclusions about your person. Rather, this information is needed
1. to deliver the contents of our website correctly,
2. to optimise the content of our website as well as the advertising for it,
3. to ensure the long-term functionality of our IT systems and the technology of our website as well
4. to provide law enforcement with information necessary for law enforcement in the event of a cyberattack.
This collected data and information is therefore statistically evaluated by us with the aim of increasing the data protection and data security in our company in order to ultimately ensure an optimum level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.
The legal basis for data processing is Art. 6 Para. 1(f) GDPR. Our legitimate interest follows from the data collection purposes listed above.
6. Contents of our website
6.1 Data processing when opening a customer account and for contract execution
According to Art. 6 Para. 1(b) GDPR we collect and process personal data when you provide it to us for the purpose of concluding a contract or opening a customer account. Which data are collected, can be seen from the respective input forms. A deletion of your customer account is possible at any time and can be done by sending a message to the above mentioned address of the person responsible. We save and use the data you have provided for the execution of the contract. After completion of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial retention periods and deleted after expiration of these periods, unless you have expressly consented to a further use of your data or a legally permitted further data use by our side of which we will inform you accordingly below.
6.2 Data processing for order processing
The personal data collected by us will be passed on to the transport company commissioned with the delivery within the scope of the contract, insofar as this is necessary for the delivery of the goods. We will pass on your payment details to the commissioned bank as part of the payment process, if this is necessary for the payment process. If payment service providers are used, we will inform you explicitly below. The legal basis for the transfer of the data is Art. 6 Para. 1(b) GDPR.
6.3 Contracts with online shop, dealer, and shipping
We only transfer personal data to third parties if this is necessary in the course of the contract, for example to the companies entrusted with the delivery of the goods or the bank responsible for processing the payment. A further transmission of the data does not take place or only if you have expressly consented to the transmission. A transfer of your data to third parties without explicit consent, such as for advertising purposes, does not occur.
The basis for data processing is Art. 6 Para. 1 (b) GDPR, which allows the processing of data to fulfill a contract or precontractual measures.
6.4 Contact / contact form
When contacting us (for example via contact form or e-mail), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used solely for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for processing the data is our legitimate interest in answering your request in accordance with Art. 6 Para. 1(f) GDPR. If your contact is aimed at concluding a contract, then additional legal basis for the processing is Art. 6 Para. 1(b) GDPR. Your data will be deleted after final processing of your request. This is the case if it can be inferred from the circumstances that the matter in question is finally clarified and provided that no statutory storage requirements are in conflict.
7.1 General information on cookies
The data processed by these technically necessary cookies is required for the fulfilment of our and the legitimate interests of third parties according to Art. 6 para. 1 lit. f GDPR, namely the optimised presentation of our website and providing you with all intended usage possibilities.
Most browsers accept cookies automatically. You may however configure your browser so that no cookies are stored on your computer or a note always appears before a new cookie is stored. However, disabling cookies completely may mean that you are not able use all features of our website.
7.2 Google Analytics
Our websites uses Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/de/about) (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereinafter „Google“). In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookie about your use of this website such as
1. browser type / version,
2. used operating system,
3. referrer URL (the previously visited page),
4. host name of the accessing computer (IP address),
5. time of server request, are transmitted to a Google server in the US and stored there.
The information is used to evaluate the use of our website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third parties if required by law or if third parties process this data in the order. Under no circumstances will your IP address be merged with any other data provided by Google. The IP addresses are anonymised, so that an assignment is not possible (IP masking).
You can prevent the installation of cookies by setting up your browser software accordingly; however, we point out that in this case you may not be able to use all features of this website.
We use Google Analytics in the interest of optimisation and needs-based design of our website. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1(f) GDPR.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent detection by Google Analytics by clicking on the following link: Deactivate Google Analytics. An opt-out cookie will be set that will prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must download the opt-out cookie again.
For more information about privacy related to Google Analytics, see the Google Analytics HelpCenter (https://support.google.com/analytics/answer/6004245?hl=de).
8. Rights of the data subject
If your personal data are being processed, you are the “data subject” as defined by the GDPR, and you are entitled to the following rights with respect to us as the controller. You may exercise your rights by contacting our data protection officer or the service centre staff, indicating your concerns.
8.1 Right to access
Any data subject affected by the processing of personal data has the right to obtain information about the personal data stored about them at any time, free of charge, as well as the right to access a copy of such data from the controller.You may request confirmation from the controller as to whether they are processing the personal data that relates to you.
8.2 Right to correction
Any data subject affected by the processing of personal data has the right to request the immediate correction of any incorrect personal data that relates to them. Furthermore, the data subject has the right to request the completion of incomplete personal data, including through a supplementary declaration, taking into account the purposes of the processing.
8.3 Right to restriction of processing
Any data subject affected by the processing of personal data has the right to request the controller immediately restricts processing if the conditions stipulated by Art. 18 Para. 1 GDPR are met.
8.4 Right to erasure
Any data subject affected by the processing of personal data has the right to request that the personal data regarding the data subject be erased if and insofar as one of the reasons stipulated in Art. 17 Para. 1 GDPR applies.