1. An overview of data protection
Data recording on this website
Who is the responsible party for the recording of data on this website (i.e., the “controller”)?
How do we record your data?
What are the purposes we use your data for?
What rights do you have as far as your information is concerned?
Analysis tools and tools provided by third parties
3. General information and mandatory information
Information about the responsible party (referred to as the “controller” in the GDPR)
Phone: +49 7531 8105-0
General information on the legal basis for the data processing on this website
Designation of a data protection officer
Mr. Kai Hartwig
Information on data transfer to the USA and other non-EU countries
Revocation of your consent to the processing of data
Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)
Right to log a complaint with the competent supervisory agency
Right to data portability
SSL and/or TLS encryption
Information about, rectification and eradication of data
Right to demand processing restrictions
- In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
- If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data.
- If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
- If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.
Rejection of unsolicited e-mails
4. Recording of data on this website
Request by email, telephone or fax
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR) if it has been obtained; the consent can be revoked at any time.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
Server log files
The operators of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
The collection of this data is based on article 6, section 1 (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website - for this purpose, the server log files must be collected.
Registration on this website
Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.
Consent with Cookiebot
Our website uses consent technology from Cookiebot to obtain your consent to the storage of certain cookies on your end device or for the use of certain technologies and to document this in a data protection-compliant manner. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “Cookiebot”).
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
5. Social media
6. Analysis tools and advertising
Google Tag Manager
Demographic parameters provided by Google Analytics
Contract data processing
Deactivation of Hotjar
8. Plug-ins and Tools
YouTube with expanded data protection integration
Google Web Fonts (local embedding)
The purpose of data processing
- We process your data for the purpose of order processing and paper-based invoicing via Deutsche Post E-Post Solutions GmbH.
- We need your data essentially for processing on the basis of article 6, section 1 (b) of GDPR
Recipients of personal data outside the company
- Billing data (such as bank details)
- Address data, company data, communication data (such as telephone number), contact person
- In the context of data for contracts, these data are kept until the statute of limitations of all foreseeable claims (After termination of the contract: standard statute of limitations 3 years according to §195 BGB).
- Data required for accounting purposes are kept for 10 years on the basis of Art. 6 Para. 1 lit. c. in conjunction with. § 257 HGB (German Commercial Code) as well as § 147 AO (German Tax Code)
- We retain data for invoices for 6 years pursuant to Art. 6 Para. 1 lit. c. in conjunction with § 257 HGB as well as § 147 AO. § 257 HGB as well as § 147 AO
Notification of tracking information by MHP Solution Group GmbH
The purposes of data processing
- We process your data for the purpose of order processing and email-based dispatch of shipment information via MHP Solution Group GmbH.
- We essentially require your data for order processing in accordance with article 6, section 1. (b) of the GDPR.
Recipients of personal data outside the company
The following categories of data are transferred:
- Shipment data (such as order number and delivery note number)
- Address data, company data, communication data (such as email address, telephone number), contact person
- In the context of data for contracts, this data is stored until the statute of limitations of all foreseeable claims (after termination of the contract: standard statute of limitations is 3 years according to §195 BGB (Germany Civil Code).
- Data required for accounting purposes are kept for 10 years on the basis of article 6 section. 1.(c) in conjunction with. § 257 HGB (German Commercial Code) as well as § 147 AO (German Tax Code)
- We retain data for invoices for 6 years pursuant to article 6 section. 1.(c) in conjunction with § 257 HGB as well as § 147 AO. § 257 HGB as well as § 147 AO
9. eCommerce and payment service providers
Processing of Customer and Contract Data
10. Custom Services
Handling applicant data
Scope and purpose of the collection of data
Data Archiving Period
Admission to the applicant pool
11. Our social media presences
Data processing through social networks
We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as Facebook, Twitter etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous processing operations related to data protection are initiated. In detail:
If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles where their preferences and interests are stored. This way you can see advertising bbased on your interests inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have previously logged in to.
Our social media presences should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 section 1 of the GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 section 1 of the GDPR).
Responsibility and assertion of rights
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations initiated during this visit. In principle, you can protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) via us as well as via the operator of the respective social media portal (e.g., Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies will remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.
Individual social networks
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta). According to Meta’s statement the collected data will also be transferred to the USA and to other third-party countries.
We have signed an agreement with Meta on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Meta are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can customise your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.