This data protection declaration clarifies the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the associated websites, functions and content (hereinafter jointly referred to as "online offer"). With regard to the terms used, such as "personal data" or their "processing", we refer you to the definitions in Art. 4 of the Data Protection Basic Regulation (DSGVO).
In accordance with Art. 13 DSGVO we inform you about the legal basis of our data processing. If the legal basis is not mentioned in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 DSGVO, the legal basis for processing in order to fulfil our services and carry out contractual measures as well as answer inquiries is Art. 6 para. 1 lit. b DSGVO, the legal basis for processing in order to fulfil our legal obligations is Art. 6 para. 1 lit. c DSGVO, and the legal basis for processing in order to safeguard our legitimate interests is Art. 6 para. 1 lit. f DSGVO. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.
Tübinger Str. 46
72379 Hechingen, Germany
Types of data processed:
In the unavoidable server statistics, data is automatically stored that your browser transmits to us.
As a rule, we cannot assign this data to specific persons. This data will not be merged with other data sources.
Purpose of processing:
We take appropriate technical and organisational measures in accordance with Art. 32 DSGVO, taking into account the state of the art, the implementation costs and the nature, extent, circumstances and purposes of the processing as well as the different probability of occurrence and severity of the risk to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk; these measures include in particular safeguarding the confidentiality, integrity and availability of data by controlling the physical access to the data as well as the access to, inputting, passing on, safeguarding the availability and separation of the data concerning them. In addition, we have established procedures to ensure the exercise of data subjects' rights, deletion of data and response to data breaches. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and processes, in accordance with the principle of data protection through technology design and data protection-friendly default settings (Art. 25 DSGVO).
Collection of access data and log files
On the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f., we collect DSGVO data on each access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for a maximum of seven days for security reasons (e.g. to clarify abuse or fraud) and then deleted. Data, the further storage of which is necessary for evidence purposes, is excluded from deletion until the respective incident has been finally clarified.
The hosting services used by us serve the provision of the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services which we use for the purpose of operating this online service.
Here we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors to this online service on the basis of our legitimate interests in the efficient and secure provision of this online service in accordance with Art. 6 Para. 1 lit. f DSGVO in connection with Art. 28 DSGVO (conclusion of an order processing contract).
When contacting us (via contact form or e-mail), the user's details will be processed in order to process the contact request and its processing in accordance with Art. 6 Para. 1 lit. b) DSGVO. User data can be stored in our Customer Relationship Management System ("CRM System") or a comparable enquiry organisation.
We delete the enquiries if they are no longer necessary. We check the necessity every two years; inquiries from customers who have a customer account are stored permanently and refer to the customer account details for deletion. In the case of statutory archiving obligations, deletion takes place after their expiration (end of commercial law (6 years) and tax law (10 years) retention obligation).
Comments and Contributions
If users leave comments or other contributions, their IP addresses will be used on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. of the German Data Protection Act. DSGVO for 7 days.
This is done for our security if someone leaves illegal contents (insults, forbidden political propaganda, etc.) in comments and contributions. In this case we can be prosecuted ourselves for the comment or contribution and are therefore interested in the identity of the author.
Deletion of data
The data processed by us will be deleted or their processing restricted in accordance with Art. 17 and 18 DSGVO. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them. If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons.
According to legal requirements in Germany, data is stored in particular for 6 years in accordance with § 257 para. 1 HGB (German Commercial Code) (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting records, etc.) and for 10 years in accordance with § 147 para. 1 AO (German Tax Code) (books, records, management reports, accounting records, commercial and business letters, documents relevant for taxation, etc.).
Disclosure of data to third parties and third-party providers
Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is necessary for contractual purposes, e.g. on the basis of Art. 6 Para. 1 lit. b) DSGVO or on the basis of legitimate interests pursuant to Art. 6 Para. 1 lit. f) DSGVO. DSGVO in the economic and effective operation of our business.
If we use subcontractors to provide our services, we will take appropriate legal precautions as well as appropriate technical and organisational measures to ensure the protection of personal data in accordance with the relevant statutory provisions.
If content, tools or other means from other providers (hereinafter jointly referred to as "third party providers") are used within the scope of this data protection declaration and their registered office is located in a third country, it is to be assumed that a data transfer to the registered office states of the third party providers takes place. Third countries are countries in which the DSGVO is not a directly applicable law, i.e. basically countries outside the EU or the European Economic Area. Data is transferred to third countries either if there is an appropriate level of data protection, user consent or other legal permission.
The Internet pages use so-called cookies in several places. They serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer by your browser. Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Cookies do not damage your computer and do not contain viruses.
Online presences in social media
We maintain online presences within social networks and platforms in order to be able to communicate with customers, interested parties and users active there and to inform them about our services. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.
Unless otherwise stated in our data protection declaration, we process the data of users who communicate with us within the social networks and platforms, e.g. write articles on our online presences or send us messages.
Your right of access
We will be happy to provide you with further information about the data stored about you, its origin and recipient as well as the purpose of storage. Please contact us in writing using the contact details provided in the imprint.