Data protection

Thank you for your interest in our company. We take data protection seriously.

You can use our website without providing any personal data. If a data subject wants to use services of our enterprise via our website, processing of personal data could become necessary. If processing of personal data is necessary and if there is no legal basis for such processing, we will always obtain the consent of the data subject.

The processing of personal data (e.g. the name, address, e-mail address, or telephone number of a data subject) shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to us.

With the following data protection declaration, we would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. This data protection declaration also informs data subjects of the rights to which they are entitled.

As the controller, we have implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through our website. However, data transmissions via the Internet can always contain security vulnerabilities. Therefore, we cannot guarantee a 100 %iger protection. Therefore, we cannot be held responsible for any data subject can of course also transmit personal data alternatively, e.g. by telephone.

1. definitions

This data protection declaration is based on the definitions used by the European Directive and Regulation Maker when adopting the DSGVO (Article 4 DSGVO). This data protection declaration should be both easy to read and easy to understand for any person. To ensure this, we would first like to explain the terms used. These definitions, among others, are used in this data protection declaration:

  • "personal data" any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • "person concerned" any identified or identifiable natural person whose personal data are processed by the controller.
  • "Processing" any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • "Restriction of processing" the marking of stored personal data with the aim of limiting their future processing;
  • "Profiling" any automated processing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location;
  • "Responsible"the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for by Union or Member State law;
  • "Receiver" means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients and the processing of such data by those authorities shall be carried out in accordance with the applicable data protection rules, in accordance with the purposes of the processing;
  • "Third" a natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor;
  • "ConsentAny freely given specific, informed and unambiguous indication of the data subject's wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to personal data relating to him or her being processed".

 

2. name and contact details of the controller

This privacy notice applies to data processing by:

ResponsibleG.J. Steingaesser & Comp. GmbH, represented by the Managing Director Mr. Christoph Stenger, e-mail: info@steingaesser.de, phone: +49 (0)9371 - 5060, fax: +49 (0)9371 - 506140

3. collection and storage of personal data and the nature and purpose of their use

a) When visiting the website

In principle, you can use our website without disclosing your identity. When you access our website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which the access is made (referrer URL),
  • The browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The above data will be processed by us for the following purposes:

  • Ensuring a smooth connection of the website,
  • Ensuring a comfortable use of our website,
  • Evaluation of system security and stability, and
  • for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.

In addition, we use cookies and analysis services when you visit my website. You can find more detailed explanations of this in sections 5 and 7 of this data protection declaration.

b) When using our contact form

For questions of any kind, we offer you the possibility to contact us via a form provided on our website. In doing so, it is necessary to provide a valid e-mail address so that we know who the enquiry is from and so that we can answer it. Further information can be provided voluntarily. It is your free decision whether you want to enter this data in the contact form.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO on the basis of your voluntarily given consent.

The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request.

c) For orders placed via our website

You can either place orders via our website as a guest without registering or register in our shop as a customer for future orders. The advantage of registering is that you can log in directly to our shop with your e-mail address and password in the event of a future order without having to enter your contact details again.

Your personal data is entered into an input mask and transmitted to us and stored. If you place an order via our website, we first collect the following data both in the case of a guest order and in the case of registration in the shop:

  • Salutation, first name, last name,
  • a valid e-mail address,
  • Address,
  • Telephone number (landline and/or mobile)

The collection of this data takes place,

  • to be able to identify you as our customer;
  • in order to be able to process, fulfil and handle your order;
  • for correspondence with you;
  • for invoicing;
  • for the settlement of any existing liability claims, as well as the assertion of any claims against you;
  • to ensure the technical administration of our website;
  • to manage our customer data.

As part of the ordering process, consent is obtained from you for the processing of this data.

The data processing is carried out in response to your order and/or registration and is necessary for the aforementioned purposes for the appropriate processing of your order and for the mutual fulfilment of obligations arising from the purchase contract in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO.

The personal data collected by us for the processing of your order will be stored until the expiry of the statutory storage obligation and then deleted, unless we are obliged to store the data for a longer period in accordance with Article 6 (1) sentence 1 lit. c DSGVO due to tax and commercial law storage and documentation obligations (from HGB, StGB or AO) or you have consented to storage beyond this in accordance with Article 6 (1) sentence 1 lit. a DSGVO.

4. disclosure of data

Your personal data will only be passed on to third parties by us to the service partners involved in the processing of the contract, such as the logistics company commissioned with the delivery and the credit institution commissioned with payment matters. In cases where your personal data is passed on to third parties, however, the scope of the transmitted data is limited to the necessary minimum.

 

When paying via PayPal, credit card via PayPal, direct debit via PayPal or purchase on account via PayPal, we pass on your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as „PayPal“) as part of the payment processing. PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal or purchase on account via PayPal. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values. Further information on data protection can be found in the PayPal data protection principles: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

 

Your personal data will not be transferred to third parties for purposes other than those mentioned above.

We will also only share your personal data with third parties if:

  • you have given your express consent in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO,
  • the disclosure is necessary in accordance with Art. 6 (1) p. 1 lit. f DSGVO for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO, as well as
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you.

As part of the ordering process, consent is obtained from you to pass on your data to third parties.

 

5. use of cookies

We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.

Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity.

The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to make use of our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you (see section 7). These cookies enable us to automatically recognise that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period of time.

The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 (1) sentence 1 lit. f DSGVO.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

6. links to third party websites

The links published on our website are researched and compiled by us with the greatest possible care. However, we have no influence on the current and future design and content of the linked pages. We are not responsible for the content of the linked pages and expressly do not adopt the content of these pages as our own. The provider of the linked website is solely liable for illegal, incorrect or incomplete content as well as for damages resulting from the use or non-use of the information. The liability of the person who merely refers to the publication by means of a link is excluded. We are only responsible for external references if we have positive knowledge of them, i.e. also of possible illegal or punishable content, and if it is technically possible and reasonable for us to prevent their use.

7. analysis and tracking tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 (1) sentence 1 lit. f DSGVO. With the tracking measures used, we would like to ensure a needs-based design and the ongoing optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

a) Google Analytics1

For the purpose of demand-oriented design and continuous optimisation of our pages, we use Google Analytics, a web analytics service of the Google Inc(https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymised usage profiles are created and cookies (see under point 5) are used. The information generated by the cookie about your use of this website such as

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • Time of the server request,

will be transmitted to and stored by Google on servers in the United States. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services associated with the use of the website and the internet for the purposes of market research and demand-oriented design of these internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that an assignment is not possible (IP masking).

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (incl. your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on the aforementioned link. An opt-out cookie will be set, which prevents the future collection of your data when visiting our website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found under the following link in the Google Analytics Help: https://support.google.com/analytics/answer/6004245?hl=de

b) Google Adwords Conversion Tracking

In order to statistically record the use of our website and to evaluate it for the purpose of optimising our website for you, we also use Google Conversion Tracking. In this process, Google Adwords sets a cookie (see section 5) on your computer if you have accessed our website via a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords client's website and the cookie has not yet expired, Google and the client can recognise that the user clicked on the ad and was redirected to this page.

Each Adwords customer receives a different cookie. Cookies can therefore not be tracked via the websites of Adwords customers. The information obtained using the conversion cookie is used to create conversion statistics for Adwords customers who have opted for conversion tracking. The Adwords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in the tracking procedure, you can also refuse the setting of a cookie required for this - for example, via a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser so that cookies from the domain "www.googleadservices.com" are blocked. Google's privacy policy on conversion tracking can be found under the following link: https://services.google.com/sitestats/de.html

8. social media plugins

We use social plugins of social networks (e.g. Facebook, Twitter, Google+) on our website on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO in order to make our company better known through them. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for data protection-compliant operation is to be ensured by their respective providers. We integrate these plugins using the so-called two-click method in order to protect visitors to our website as best as possible.

a) Facebook

Social media plugins from Facebook are used on our website to make their use more personal. We use the "LIKE" or "SHARE" button for this purpose. This is an offer from Facebook.

When you call up a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser, which then integrates it into the website.

By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook for everyone to see.

Facebook may use this information for the purposes of advertising, market research and demand-oriented design of the Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting my website.

For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to the privacy policy, in particular the data policy by Facebook, which you can view under the following link: https://www.facebook.com/about/privacy/

b) Twitter

Our website contains plugins of the short message network of Twitter Inc. (Twitter) are integrated on our website. You can recognise the Twitter plugins (tweet button) by the Twitter logo on our site. You can find an overview of tweet buttons at Twitter under this link: https://dev.twitter.com/web/tweet-button

When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site with your IP address. If you click the Twitter "tweet button" while you are logged into your Twitter account, you can link the content of our pages on your Twitter profile. This enables Twitter to associate your visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.

If you do not want Twitter to be able to associate your visit to our pages, please log out of your Twitter user account.

You can find more information on this in Twitter's privacy policy, which you can view here: https://twitter.com/de/privacy

c) Google "+1" button

Our website uses the "+1" button of the social network Google, which is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, USA. The button is marked with a "+1″.

The "+1" button is shorthand for „that's pretty cool“ or „check this out“. The button is not used to track your visits to the web.

If a web page of our website contains the "+1" button, your internet browser will load and display this button from the Google server. The Google server is automatically informed of the website you visited on our website. When displaying a +1 button, Google does not permanently log your browsing history, but only for a period of up to two weeks.

Google holds this data about your visit for this period for system maintenance and troubleshooting purposes. However, this data is not structured by individual profiles, usernames or URLs. This information is also not accessible to website publishers or advertisers. This information is used only for maintenance and troubleshooting purposes in internal systems at Google. Your visit to a page with a +1 button will not be evaluated by Google in any other way.

No further evaluation of your visit to a web page of our website with a "+1" button is carried out.

Giving +1s is itself a public process, i.e. anyone who performs a Google search or accesses content on the web to which you give +1s can potentially see that you have given a +1 to the content in question. Therefore, only give a +1 if you are absolutely sure that you want to share this recommendation with the whole world.

A click on this +1 button serves as a recommendation for other users in Google's search results. You can publicly communicate that you like our website, that our website meets with your approval or that you can recommend our website. If you have registered for Google+ and are logged in, the +1 button will turn blue when clicked. In addition, the +1 will be added to the +1 tab in your Google profile. On this tab, you can manage your +1s and decide whether you want to make the +1 tab public.

In order to store your +1 recommendation and make it publicly available, Google collects information about your recommended URL, your IP address and other browser-related information via your profile. If you withdraw your +1, this information will be deleted. All +1 recommendations from you are listed on the +1 tab in your profile.

Further information and the applicable data protection provisions of Google can be found at https://www.google.de/intl/de/policies/privacy/ can be retrieved. Further information from Google on the Google+1 button can be found under the link https://developers.google.com/+/web/buttons-policy

9. data subject rights

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by me, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
  • demand the correction of incorrect or incomplete personal data stored by us without delay in accordance with Art. 16 DSGVO;
  • pursuant to Art. 17 DSGVO to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
  • pursuant to Art. 20 DSGVO to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
  • revoke your consent at any time in accordance with Art. 7 (3) DSGVO. This has the consequence that we may no longer continue the data processing based on this consent for the future, and
  • complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

10. right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to: info@steingaesser.de

11. data security

We use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser when visiting the website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

12. up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and was updated in March 2018.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. The current data protection declaration can be viewed at any time on our website under the following link can be called up and printed out:

https://www.shop-steingaesser.de/datenschutz

___________________________________________________________________________

1 Data protection authorities require the conclusion of a data processing agreement for the permissible use of Google Analytics. A corresponding template is available at http://www.google.com/analytics/terms/de.pdf offered by Google.

 

Source: Model data protection declaration prepared by Andreas Gerstel (http://www.anwaltblog24.de/)