1. Home
  2. Privacy Policy

Privacy Policy SIEGENIA-AUBI KG

Privacy Policy

This privacy statement is valid for the Internet presence of Onlineshop by the SIEGENIA-AUBI KG. We take the protection of your personal data very seriously. We would therefore like to provide you with information regarding the data protection in our company.

The SIEGENIA-AUBI KG takes the protection of your personal data very seriously. We would like you to know when we store which data and how we use them. As a private-law company, we are subject to the provisions of the European General Data Protection Regulation (GDPR) or the German Federal Data Protection Act (BDSG) and the German Digital Services Act (DDG). We have taken both technical and organisation measures that ensure that the regulations concerning data protection are observed both by us and by external service providers.

We wish to point out that the data transmission in the Internet (e.g. with the communication via e-mail) can exhibit security gaps. Complete protection of data against access by third parties is not possible.

We only collect and use your personal data within the scope of the regulations of the Data Protection Act of the Federal Republic of Germany. Hereafter, we will inform you about the manner, extent and purposes of the collection and usage of personal data. You can retrieve this information from our website at any time.
 

1. General Information

1. General Information
Whenever you visit our website or retrieve a file, our web server or the page provider will collect and save log information about these procedures for statistical purposes and will store these as „server log files“ (e.g. data and time of access, URL the referring website, retrieved file, volume of sent data, browser type and version, operating system and your IP address ). These data are evaluated anonymously for statistical purposes and finally deleted. These are not personal data. Personal data, especially name, address, telephone number or e-mail address are collected on a voluntary basis. There will be no transfer to third parties. An assignment of these data to a specific person or linking these data with other data is not possible for us. SIEGENIA, however reserves the right to check the server log files subsequently if concrete -reference points should indicate unlawful usage.
 

2. Name and address of the person who is responsible for the processing

The responsible person in terms of the General Data Protection Regulation, other data protection laws that are valid in the member states of the European Union and other regulations with data protection character is SIEGENIA-AUBI KG. You will find the contact data listed in the disclaimer.
 

3. Name and address of the data protection officer

The data protection officer who is responsible for the processing:

VIA Consult GmbH & Co. KG
Ms. Dr. Hanni Koch
Kurfürst-Heinrich-Straße 10
57462 Olpe
Tel.: +49 2761/ 83668-0

Any person affected can contact our data protection officer directly at any time to ask questions or make comments with regard to data protection.
 

4. Personal data

Personal data comprise information which can be used to find out personal or factual circumstances about you (e.g. name, address, telephone number, date of birth or e-mail address). Information, with which we are unable to establish a relationship to your person (or only with an disproportionate amount of effort), e.g. due to the anonymization of the information, is not personal data.

Personal data, especially name, address, telephone number or e-mail address are collected only on a voluntary basis. We only collect personal data in compliance with the currently valid data protection regulations.
 

5. Processing of data for the performance of a contract and for communication purposes

5.1 Registering for a customer account

You have the option of registering for a customer account with us. We collect the following data from you for this purpose: first name, last name, country, house number, street, city, postcode and email address. There is also the option to enter your telephone number. We process this data in order to create a corresponding customer account for you. Your consent forms the legal basis for this data processing in accordance with Article 6(1)(a) of the GDPR.

We will check the e-mail address you have entered to ensure that you are actually the owner of the e-mail address you have stated. We will send you a verification e-mail for this purpose. We will store the data you provide when you register. You have the option to revoke your consent at any time. We will then delete your data.

5.2 Order request​​​

You have the option of generating and sending an order request via our online shop. In order to be able to place orders via this offering, each customer must enter the following personal data: title, first name, last name, email, address, postcode, country and a password of your choice, with which we will create a customer account for you. The personal data is collected, processed and used for the purpose that the personal data need not be re-entered for future orders. 

When you register on our site, we will also save your IP address and the date and time of your registration. This serves as security on our part if a third party misuses your data and registers on our site with this data without your knowledge. In addition, we need your agreement to the privacy policy.

After ordering, you will receive a confirmation email to the email address you have provided

We transmit the personal data associated with your order to the selected distributor for the purpose of fulfilling the contract.

No further data is collected on our part. The data collected in this way is stored in our internal database for processing with your order transaction.
 

6. Processing of data for payment processing

6.1 Payment methods

In our web shop, we offer you the following types of payment:

  • Invoice (SIEGENIA AUBI KG, Industriestraße 1-3, 57234 Wilnsdorf)
  • PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg), Privacy Policy
  • Instant bank transfer (Novalnet AG, Gutenbergstraße 7, 85748 Garching bei München, Deutschland), Privacy Policy
  • Credit card (Novalnet AG, Gutenbergstraße 7, 85748 Garching bei München, Deutschland), Privacy Policy
  • SEPA direct debit (Novalnet AG, Gutenbergstraße 7, 85748 Garching bei München, Deutschland), Privacy Policy

SIEGENIA has integrated components of Novalnet AG on this website for the processing. Novalnet AG is a full payment service provider, which undertakes payment transactions. If the person affected chooses a type of payment during the ordering process in the online shop, the automated data of the person affected will be transmitted to Novalnet AG. With the selection of a payment option, the person affected consents to the transmission of personal data for the processing of the payment on the basis of Art. 6 Section 1 lit. a DSGVO (consent). The personal data transmitted to Novalnet usually includes the first name, surname, address, gender, e-mail address, IP address and, if necessary, date of birth, telephone number, mobile phone number as well as other data that are required for the processing of a payment transaction. Data that are required for the processing of the purchasing contract also include personal data associated with the respective order. These will be collected on the basis of Art. 6 Section 1 lit. b DSGVO (processing for the fulfilment of a contract). This could mean, in particular, mutual exchange of payment information, like bank account details, card number, date of validity and CVC code, data on goods and services, prices. The purpose of the transmission of the data is particularly the identity check, the payment administration and the prevention of fraud. The person responsible for the processing will transmit personal data to Novalnet AG especially when there is a justified interest for the transmission. The personal data that is exchanged between Novalnet AG and the person responsible for the processing will be transmitted from Novalnet AG to credit agencies if necessary. The purpose of this transmission is the identity and credit rating check. Novalnet AG also transmits the personal data to service providers or subcontractors if this is necessary for the fulfilment of the contractual obligations or if the data is to be processed. The person affected has the possibility to revoke his/her consent to the handling of personal data by Novalnet AG at any time. A revocation has no effect on personal data, which must essentially be processed, used or transmitted for the payment transaction (according to contract).
You can find further information about payment with NovalnetAG in the general terms and conditions of business and the privacy policy of NovalnetAG at: www.novalnet.com/policies.

6.2 Transfer of data to debt collection service providers

We pass on your data to a commissioned debt collection service provider Novalnet AG, Gutenbergstraße 7, 85748 Garching near Munich, Germany, if our payment claim has not been settled despite a previous reminder. In this case, the debt will be collected directly by the debt collection service provider. This serves the fulfilment of the contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR and the protection of our legitimate interests in the effective assertion or enforcement of our payment claim pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, which predominate in the context of a weighing up of interests.
 

7. Data processing for the purpose of shipping

7.1 Sharing of data with shipping providers

We disclose personal data to third parties (service providers) for the delivery of goods, insofar as this is necessary in order to fulfil the contract, and only disclose the minimum information required. When we share your data with a shipping provider, this is done on the legal basis of Article 6(1)(b) of the General Data Protection Regulation (GDPR), which allows us to process data if this is necessary for the performance of a contract with you or in order to take specific steps prior to entering into a contract. You have the option to consent to the sharing of your e-mail address and/or telephone number to enable the shipping provider to notify you about delivery or to arrange delivery with you.

7. 2 DHL Paket

If your goods are delivered by the shipping provider DHL, and you have explicitly agreed to your e-mail address being shared during the ordering process, it will be disclosed to DHL (DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany) to notify you about delivery or contact you to arrange the delivery date. The legal basis for this data processing is Article 6(1)(a) of the General Data Protection Regulation (GDPR), which allows us to process data if you have consented to processing of your data. It is not possible for DHL to notify you about delivery or contact you to arrange a delivery date without your consent. Consent to the use of your data can be revoked at any time in the future. To do so, please contact the data controller or the shipping provider directly. For more information, please refer to the DHL privacy policy: DHL Package.

7. 3 UPS

If your goods are delivered by the shipping provider UPS, and you have explicitly agreed to your e-mail address being shared during the ordering process, it will be disclosed to UPS (United Parcel Service Deutschland S. à r.l. & Co. OHG, Görlitzer Straße 1, 41460 Neuss, Germany) to notify you about delivery or contact you to arrange the delivery date. The legal basis for this data processing is Article 6(1)(a) of the General Data Protection Regulation (GDPR), which allows us to process data if you have consented to processing of your data. It is not possible for UPS to notify you about delivery or contact you to arrange a delivery date without your consent. Consent to the use of your data can be revoked at any time in the future. To do so, please contact the data controller or the shipping provider directly. For more information, please refer to the UPS privacy policy: UPS.

7. 4 Kühne und Nagel

If your goods are delivered by the shipping provider Kühne und Nagel, and you have explicitly agreed to your e-mail address being shared during the ordering process, it will be disclosed to Kühne und Nagel (Kühne + Nagel AG & Co. KG, Wilhelm-Kaisen-Brücke 1, 28195 Bremen, Germany) to notify you about delivery or contact you to arrange the delivery date. The legal basis for this data processing is Article 6(1)(a) of the General Data Protection Regulation (GDPR), which allows us to process data if you have consented to processing of your data. It is not possible for Kühne und Nagel to notify you about delivery or contact you to arrange a delivery date without your consent. Consent to the use of your data can be revoked at any time in the future. To do so, please contact the data controller or the shipping provider directly. For more information, please refer to the Kühne und Nagel privacy policy: Kühne & Nagel.
 

8. Newsletter sign-up

We offer you the option to subscribe to our newsletter on our site. We use this newsletter to provide information about our products and services on a regular basis. For you to receive our newsletter, we need a valid e-mail address as well as the country and language so that we can send the newsletter in the correct language. You also have the option of entering your first and last names to allow us to address you personally in the newsletter. We will check the e-mail address you have entered to ensure that you are actually the owner of the e-mail address you have stated or that the owner of the e-mail address has given their consent to receive the newsletter. We will send you a verification mail for this purpose (double opt-in). By verifying your e-mail address, you consent to our use of the e-mail address to send you the newsletter and to inform you of any news. You can unsubscribe from this newsletter at any time. You can find details of how to do this in the verification email and in each newsletter, or you can contact us at: marketing@siegenia.com

We use the following service providers to distribute the newsletter:

Scnem

We use Scnem from SC-Networks GmbH, Würmstraße 4, 82319 Starnberg, Germany, to send our newsletter. This enables us to contact subscribers directly. In addition, we analyse your usage patterns to optimise what we offer.

The following personal data is also collected with the help of cookies and other tracking methods, in accordance with our service provider: information about your end device (IP address, device information, operating system, browser ID, information about the application you use to read your e-mails and other information about your hardware and internet connection. Usage data is also collected, such as the date and time when you opened the e-mail/campaign and what browser activities were performed. The service provider requires this data to guarantee the security and reliability of the systems, to ensure compliance with the terms of use and to prevent misuse. This constitutes a legitimate interest of the service provider (pursuant to GDPR Article 6(1)(f)) and is necessary for performance of the contract (pursuant to GDPR Article 6(1)(b)). Furthermore, the service provider analyses performance data, such e-mail delivery statistics and other communication data. This information is used to generate usage and performance statistics for the services.

For more information on your right to opt out and have your data held by the service provider deleted, visit:https://www.sc-networks.com/data-protection/


9. Use of cookies and other technologies

Our website uses cookies. They are small text files that enable the storage of specific user-related information on the end device of the user while he is using the website. Cookies enable the determination of the frequency of use and number of users visiting the pages, the analysis of the behaviour of page usage, but also to make our offer more customer-friendly. Cookies remain stored beyond the end of a browser session and can be reactivated if you visit the page again.

The data sets do not contain any personal information. There will be no merging with any personal data you have provided.

Cookies save you from having to enter data multiple times, facilitate the transmission of specific contents and are needed for the registration in the closed area. You can refuse to accept cookies in your browser if you wish to prevent the use of cookies. You can find out how this works in the instructions of your browser manufacturer. We would like to point out that the deactivation of cookies could lead to a restriction in the range of functions of our offer.

9.1 Use of Usercentrics

We use the consent management service Usercentrics from Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany (Usercentrics). This enables us to obtain and manage the consent of website users for data processing. The processing of data is necessary for compliance with a legal obligation (GDPR Article 7(1)) to which we are subject (GDPR Article 6(1)(1)(c)). Usercentrics will receive your personal data and process it for us. The Usercentrics consent management platform collects device information, browser information, opt-in and opt-out data, the date and time of visits, URL requests and website page paths, as well as cookie preferences. This data is deleted as soon as it is no longer needed for record-keeping purposes and there are no legal obligations to retain it. The consent data (consent and revocation of consent) is stored for three years. Data is processed in the European Union. For more information on your right to opt out and have your data held by Usercentrics deleted, visit: https://usercentrics.com/privacy-policy/

9. 2 Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. („Google“). Google Analytics uses so-called „Cookies“, Text files, which are stored on your computer and enable the analysis of your usage of the website. The information about your use of this website, created by the cookie, is usually transferred to a Google server in the USA where it is stored.

In case of the activation of the IP anonymization on this website, your IP address will be shortened beforehand, however, within the member state of the European Union or in other contracting states to the agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the provider of this website, Google will use this information to evaluate your use of the website, to compile reports about the website activities and to provide further services associated with website and Internet usage for the website providers.

The IP address transmitted from your browser in the scope of Google Analytics will not be merged with other data by Google. You can opt out of the storage of cookies by making a corresponding setting in your browser software; However, we wish to point out that you will not be able to use all functions of this website in this case. Moreover, you can prevent the recording of the data created by the cookie and related to your use of the website (incl. your IP address) to Google, as well as the processing of these data by Google, by downloading and installing the browser plugin, available from the following link.

You can prevent the collection by Google Analytics by clicking on the following link. An Opt-Out cookie will be set, which prevents the future collection of your data when you visit this website:

Google Analytics deactivate

We use Google Consent Mode on our website, a consent mode on websites and in apps of the web analysis service of Google LLC. The controller for users in the EU/EEA is Google Ireland Limited, Google Building Gordon House, 4 Borrow St, Dublin, D04 E5W5, Ireland.

As you can see from our privacy policy, we use Google Analytics and Google Tag Manager, which enables us to carry out tracking on our website. We use this to track user behaviour on the website. Tracking only takes place if you have given your consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR via the cookie banner. With Google’s Consent Mode, a non-personalised and cookie-free analysis based on pings takes place after consent to personalised tracking has not been given. We process this data on the legal basis of legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. The following data is processed.

  • Function-related information: Timestamp, user agent, referrer URL
  • Aggregated information: Indication of whether the current page or a previous page in the user’s navigation history on the website contains information on the ad click in the URL (e.g. GCLID/DCLID), Boolean information on consent status, random number generated on each page load and information on the consent management platform used by the website owner (e.g. developer ID)

Further information on the consent mode can be found here.

You will find more detailed information on the terms and conditions of use and data protection under www.google.com or under www.google.com/policies. We wish to point out that, on this website, Google Analytics has been extended by the code „anonymizeIp“ in order to ensure anonymized collection of IP addresses (so-called IP masking).

9. 3 Google Tag Manager

We use the Google Tag Manager service from Google. The Google Tag Manager is an auxiliary service and itself processes personal data only for technically necessary purposes. Google Tag Manager loads other components that may in turn collect data under certain circumstances. It does not access this data itself.

9. 4 Google Translate

The automated translation feature provided in the sidebar on this website is powered by Google Translate, a third-party provider over which we have no influence. The computer-generated translations are sometimes only an approximation of the original content of this website. The translations generated should not be regarded as accurate and may occasionally contain incorrect or even offensive terms. We do not guarantee the accuracy, reliability or up-to-dateness of any information translated by this system and do not accept any liability for damages that may arise from it. Furthermore, some applications, files or elements, including graphics, photos or PDFs, may not be translatable.

Google captures, stores and processes information in order to improve the services it provides to users. This information includes, for example, the language you speak, as well as your personal browsing and online behaviour.

More information about Google Translate can be found at: Weitere Informationen über Google Translate stehen auf folgenden Seiten: https://translate.google.com/ as well as http://translate.google.com/manager/website/?hl=en and https://policies.google.com/privacy?hl=en-GB.

9. 5 Google Ads

Google Ads is an online advertising tool provided by Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland. Google Ads allows us to display adverts in the Google search engine or on third-party websites when users enter certain search terms on Google (keyword targeting). Furthermore, the user data held by Google (e.g. location data and interests) can be used to display targeted adverts (target group targeting). As the website administrator, we can perform a quantitative evaluation of this data by analysing, for example, which search terms resulted in our adverts being displayed and how many of these adverts generated clicks. The use of this service is subject to your consent pursuant to GDPR Article 6(1)(a) and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG). You can revoke consent at any time. Data transmission to the US is governed by the standard contractual clauses of the European Commission. Details can be found at: https://policies.google.com/privacy/frameworks?hl=en-GB and https://privacy.google.com/businesses/controllerterms/mccs/.

9. 6 Google Fonts

We use Google Web Fonts from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States; hereinafter “Google”) on our website.

In order to present our content correctly and in a graphically appealing way across browsers, a connection to the Google server in the USA is established when you access our website.

The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the optimisation and economical operation of our website. By connecting to Google when you access our website, Google can determine the website from which your request was sent and the IP address to which the font should be sent.

Further information on Google Web Fonts can be found at https://developers.google.com and in Google’s privacy policy.

9.7 Amazon Web Services

The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter AWS). When you visit our website, your personal data is processed on AWS servers. Personal data may also be transmitted to the AWS parent company in the United States. Data transmission to the US is governed by the EU's standard contractual clauses. Details can be found here.

For more information, please see the AWS privacy policy.

The use of AWS is governed by GDPR Article 6(1)(f). We have a legitimate interest in ensuring that our website is displayed as reliably as possible. If the appropriate consent has been requested, the processing of this data is strictly in accordance with GDPR Article 6(1)(a) and TDDDG Section 25(1), provided that the consent granted includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) as per the TDDDG. You can revoke consent at any time. The company is certified according to the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States, which is designed to ensure compliance with European data protection standards when processing data in the United States. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information can be obtained from the provider at the following link:https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TOWQAA4&status=Active

9. 8 Adressvalidierung mit Loqate

We use the ‘Global Address’ service provided by GB Group PLC, The Foundation, Herons Way, Chester Business Park, Chester, CH4 9GB, United Kingdom (‘Loqate’) for data validation. The address data you enter in the forms on our website (during the ordering process, for example) can be checked in real time as you enter it using an online interface. When the address-checking function is used, the data entered is cross-checked against the Loqate database, which is located in the United Kingdom or the United States, and matching addresses are suggested accordingly. Your data is processed to ensure that the data entered is accurate and that no false data is stored in our system.

The recipient of the data is Loqate. The Commission has issued a corresponding adequacy decision for the United Kingdom pursuant to GDPR Article 45(1), which legitimises the transfer and processing of your data in the United Kingdom. Data transmission to the USA is legitimised on the basis of standard contractual clauses concluded with Loqate pursuant to GDPR Article 46. For more information on how Loqate processes personal data, please visit: https://www.loqate.com/en-gb/products-services-privacy-notice/.

The legal basis for this data processing is our legitimate interest pursuant to GDPR Article 6(1)(1)(f) and TDDDG Section 25(2), no. 2. We have a legitimate interest in ensuring that our systems contain accurate data so that we can guarantee that customer enquiries and orders are processed smoothly. The IP address must be stored in order to allow address suggestions to be generated. You can opt out of data processing at any time.

The IP address is stored on the Loqate servers as soon as an address request (Find Request) is made, is held for 30 days and is then deleted.

9. 9 LinkedIn Insight Tag

We use LinkedIn Insight Tag for marketing purposes. LinkedIn sets cookies in the user's browser. In addition, LinkedIn also collects data such as the URL, referrer URL, device properties, browser properties and IP address.

LinkedIn anonymises this data within seven days. After a period of 90 days, the provider deletes the data. As the site administrator, we do not collect any personal data. We only receive summarised reports about the demographics of our target group and the performance of our displayed ads. This provides us with information on criteria such as the industry, job title, company size, career level and location of the site visitor.

The processing of this is governed by GDPR Article 6(1)(a). We obtain your consent via the cookie banner. You can revoke your consent at any time by changing the cookie settings.

9.10 Facebook Pixel

This website uses the visitor activity tracker Pixel from Facebook/Meta to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Using this tool enables us to track the behaviour of site visitors after they have been redirected to the provider's website by clicking on an advert. This allows us to evaluate the effectiveness of the adverts for statistical and market research purposes and to optimise advertising measures in the future. The data collected is stored under a pseudonym for us as the operator of this website; we cannot use it to draw any conclusions about the identity of the user. The data is stored and processed by Facebook, however, which means that it is possible to link it to the respective user profile and Facebook can use the data for its own advertising purposes, in accordance with the Facebook data usage policy.

We process the data within the European Union. However, it is not possible to exclude the possibility that Meta may also process the data outside the European Union/European Economic Area. The use of this service is subject to your consent pursuant to GDPR Article 6(1)(a) and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG). You can revoke consent at any time. The cookie is stored for one year.

Insofar as personal data is collected on our website using the tool described here and is transmitted to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (GDPR Article 26). This joint responsibility is limited solely to the collection of data and the transmission of this data to Facebook. Any processing by Facebook that takes place after the data has been transmitted is not covered by this joint responsibility. The obligations to which we are jointly subject have been defined in a joint processing agreement. The wording of the agreement can be found at: https://www.facebook.com/legal/controller_addendum.

Under this agreement, we are responsible for providing data protection information when using the Facebook tool and for implementing the tool on our website in a manner that is secure under data protection law. Facebook is responsible for the data security of Facebook products. You can assert your rights as a data subject (e.g. requests for information) regarding the data processed by Facebook by contacting Facebook directly. If you assert your data subject rights with us, we are obliged to forward them to Facebook. Data transmission to the US is governed by the standard contractual clauses of the European Commission. For details see and also.

You can find more information about protecting your privacy in Facebook's privacy information.

You can also disable the ‘Custom Audiences’ remarketing function in the ad settings section at Facebook Ads Preferences.

You must be logged in to Facebook to do that. If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website.

The company is certified according to the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the United States, which is designed to ensure compliance with European data protection standards when processing data in the United States.

Every company certified according to the DPF undertakes to comply with these data protection standards. Further information can be obtained from the provider at the following link,


10. Social-Media

We create online presences within social networks in order to communicate with prospective customers and users who are active there and to provide them with information about us. This is a legitimate interest pursuant to GDPR Article 6(1)(f).

User data can be processed by the operator of the social media portal (service provider) outside the territory of the European Union. This may result in risks for users, for example because it could make it more difficult for users to exercise their rights.

Below, we explain how we process your personal data in the context of the online presences we provide. In its judgement of 5th June 2018, the ECJ (European Court of Justice) confirmed the joint responsibility of the service provider and the website administrator.

The social media sites you visit offer you the opportunity to react to our posts, comment on them, create a user post yourself and send us private messages with individual enquiries. The data you provide in this context, which may be accessible to us (e.g. username, images, interests, contact details), will be used by us solely for the purpose of communicating with customers and prospective customers. It is in our interest to provide you with a platform on which we can display up-to-date information, and which allows you to contact us with your enquiries so that we can respond as quickly as possible.

Our website contains links to social networks. These links are indicated by the logos of the respective networks. Only when you click on these links does the browser establish a connection with the service providers' servers and redirect you to their social media portal.

We maintain the following presences and use the following plugins on our website:

  • Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland) – Privacy policy
  • Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland) – Privacy policy
  • Google / YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Verantwortliche Stelle für Nutzer von Google-Diensten, die ihren gewöhnlichen Aufenthalt im Europäischen Wirtschaftsraum oder der Schweiz haben ist die Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland) – Privacy policy
  • Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland) – Privacy policy
  • LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland) – Privacy policy
 

11. Note on external links

This website contains links to websites of third parties ('external links'). These websites are subject to the liability of the respective provider. The provider has therefore checked the third party contents at the initial linkage of the external links for any legal violations. No legal violations were evident at this time. The provider has no influence at all on the current and future design nor on the contents of the linked pages. The setting of external links does not mean that the provider adopts the contents of the reference or link as his own. A continual check of the external links is unreasonable for providers unless there are concrete indications of legal violations. However, in case of the knowledge of legal violations, such links will be deleted without delay. 
 

12. Legal basis for the processing

If we obtain consents for specific processing procedures, these are based on Art. 6 I lit. a DS-GVO. If the processing of personal data is necessary for the fulfilment of a contract e.g. for a delivery of goods or for pre-contractual measures e.g. for inquiries, the processing is based on Art. 6 I lit. b DS-GVO. If our company is subject to a legal obligation that necessitates the processing of personal data, for example, for the fulfilment of fiscal obligations, the processing is based on Art. 6 I lit. c DS-GVO. Provided that the processing of personal data is not based on any of the aforementioned legal grounds, we process data in such a way that the justified interests of our company are safeguarded (enhancement of the performance of business activities). We always ensure that no legitimate interests of the person concerned, which take precedence over our justified interests, are in conflict.
 

13. Duration for which the personal data are stored

The duration of storage of personal data is based on the statutory retention periods. As soon as the purpose for which the data have been recorded ceases to be relevant, the data will be deleted after the expiry of this period.
 

14. Right to information and right of revocation, right to complaint and right to restriction of processing, to rectification and deletion

You have the right at any time to obtain information about data stored by us and the purpose of the storage. You can revoke your consent to the storage or usage of your personal data at any time in written form. Besides the right of revocation, you also have the right to demand the rectification as well as the restriction of the processing and blocking or deletion of your data.

Please refer to our data protection officer for further information.

You have the right to refer to the appropriate supervisory authority in case of complaint (for NRW: The State Officer for Data Protection and Freedom of Information North Rhine Westphalia in Düsseldorf).
 

15. The right of information, right of revocation, right of appeal and right to restriction of processing, to correction and deletion

Under GDPR Article 15, you have the right to request information about the data we have stored about you and the purpose of the storage. You can revoke your consent to the storage or use of your personal data in writing at any time. Furthermore, you have the right to revoke consent for processing based on a legitimate interest (GDPR Article 21). In addition to the right of revocation, you have the right to request the correction (GDPR Article 16), restriction of processing (GDPR Article 18) and blocking or deletion of your data (GDPR Article 17).

Under GDPR Article 77, you have the right to contact the relevant supervisory authority (for NRW: the State Officer for Data Protection and Freedom of Information for North Rhine-Westphalia in Düsseldorf) with complaints. You also have the right to receive the data you have submitted in a machine-readable format for transmission.

If you have any questions regarding the processing of your personal data, you can also contact us directly (data controller: see legal notice). You can also contact our external data protection officers directly with any questions, requests for information, applications or complaints.


16. Security

We employ technical and organisation security measures to protect um any personal data you have made available to us against incidental or intentional manipulation, loss, destruction or against access by unauthorised persons. Our security measures will be continually improved and adapted in accordance with state-of-the-art technology.