Name and contact details of the responsible person
Our responsible person (hereinafter referred to as "responsible person") in the sense of Art. 4 Zif. 7 GDPR is:
PFEIFFER Biegetechnik GmbH & Co
57413 Finnentrop, Germany
Managing Director U. Hellbach, R. Mühlhoff
Commercial register / No.: HRA 9158
Register court: AG Siegen
E-mail address: post(at)pfeiffer-biegetechnik.de
Data types, purposes of processing and categories of data subjects
Below we inform you about the nature, scope and purpose of the collection, processing and use of personal data.1. Types of data we process
Inventory data (name, address, etc.), contact information (telephone number, e-mail, fax, etc.), payment data (bank details, account data, payment history, etc.), contract data (subject of the contract, term, etc , Content data (text input, videos, photos, etc.),
2. Purposes of processing in accordance with Art. 13 para. 1 c) GDPR
processing of contracts, evidence / evidence, fulfillment of contractual obligations, contact in case of legal complaint by third parties, Fulfillment of statutory storage requirements, marketing / sales / advertising, customer service and customer care, handling contact requests, security measures,
3. categories of data subjects according to Art. 13 para. 1 e) GDPR
Customers, suppliers, interested parties, employees, employees of customers or suppliers,
The persons concerned are collectively referred to as "users".
Legal basis for the processing of personal data
Below we inform you about the legal bases of the processing of personal data:
- If we have obtained your consent to the processing of personal data, Art. 6 para. 1 sentence 1 lit. a) GDPR Legal basis.
- If the processing is necessary to fulfill a contract or to carry out pre-contractual measures, which are carried out at your request, then Art. 6 para. 1 sentence 1 lit. b) GDPR Legal basis.
- If the processing is required to fulfill a legal obligation that we are subject to (e.g. statutory retention requirements), then Art. 6 para. 1 sentence 1 lit. c) GDPR Legal basis.
- If processing is necessary to protect the vital interests of the data subject or of another natural person, Art. 6 (1) sentence 1 lit. d) GDPR Legal basis.
- If the processing is necessary for the protection of our or the legitimate interests of a third party and your interests or fundamental rights and freedoms do not predominate in this regard, then Art. 6 para. 1 sentence 1 lit. f) GDPR Legal basis.
Disclosure of personal data to third parties and processors
Without your consent, we generally do not pass on data to third parties. If this is the case, then the disclosure on the basis of the aforementioned legal basis, for example, in the transfer of data to online payment providers to fulfill the contract or by court order or a legal obligation to disclose the data for the purpose of prosecution, to avoid danger or to enforce intellectual property rights.
We also use processors (external service providers e.g. for web hosting of our websites and databases) to process your data. If data are passed on to the processor by order processing, this is always done in accordance with Art. 28 of the GDPR. We select our processors carefully, monitor them regularly and have given us the right to give instructions regarding the data. In addition, the processors must have taken appropriate technical and organizational measures and the data protection rules in accordance with Art. Comply with BDSG in its latest version and GDPR
Data transmission to third countries
The adoption of the basic European data protection regulation (GDPR) has created a uniform basis for data protection in Europe. Your data will therefore be processed primarily by companies for which GDPR applies. If the processing takes place through services of third parties outside the European Union or the European Economic Area, they must fulfill the special requirements of Art. 44 et seq. GDPR. This means that the processing takes place on the basis of special guarantees, such as the official recognition by the EU Commission of a data protection level corresponding to the EU, or the observance of officially recognized special contractual obligations, the so-called "standard contractual clauses". In US companies, submission to the so-called Privacy Shield, the EU-US data protection agreement, meets these requirements.
Deletion of data and storage duration
Existence of automated decision-making
We do not use automatic decision making or profiling.
Provision of our website and creation of log files
- If you only use our website for informational purposes (ie no registration and no other transmission of information), we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data: • IP address;
Internet service provider of the user;
• Date and time of the call;
• browser type;
• Language and browser version;
• Content of the call;
• time zone;
• access status / HTTP status code;
• amount of data;
• Websites from which the request comes;
• Operating system.
A storage of this data together with other personal data of you does not take place.
- This data is for the purpose of the user-friendly, functional and secure delivery of our website to you with functions and content as well as their optimization and statistical evaluation.
- The legal basis for this is our justifiable interest in the processing of data according to Art. 6 para. 1 p. 1 lit. f) GDPR.
- For security reasons, we store this data in server log files for the retention period of days. After this period, they will be automatically deleted, unless we need their storage for evidence in attacks on the server infrastructure or other violations.
Session cookies: We use so-called cookies to recognize multiple uses of an offer by the same user (e.g, when you have logged in to determine your login status). When you visit our site again, these cookies provide information to automatically recognize you. The information obtained in this way serves to optimize our offers and to give you easier access to our site. If you close the browser or log out, the session cookies will be deleted.
• Persistent cookies: These are automatically deleted after a specified period, which may differ depending on the cookie. In the security settings of your browser, you can delete the cookies at any time.
• Third party cookies (third party cookies): You can configure your browser settings to meet your needs. B. Reject the acceptance of third-party cookies or all cookies. However, we would like to point out that you may not be able to use all features of this website. Read more about these cookies in the respective third-party privacy policies.
- The legal basis for this processing is Art. 6 para. 1 p. Lit. b) GDPR, if the cookies are used to initiate a contract, e.g. for orders, and otherwise we have a legitimate interest in the effective functionality of the website, so that in the case of Art. 6 para. 1 sentence 1 lit. f) GDPR is the legal basis.
- Opposition and opt-out: You can generally prevent the storage of cookies on your hard disk by selecting "Do not accept cookies" in your browser settings . However, this can result in a functional restriction of our offers. You may opt-out of third-party cookies for advertising purposes through this American website ( https://optout.aboutads.info ) or this European website ( http://www.youronlinechoices.com/en / praferenzmanagement / ) contradict.
Settlement of contracts
- We process stock data (e.g. company, title / academic degree, names and addresses as well as contact data of users, e-mail), contract data (e.g. services used, names of contact persons) and payment data (e.g. bank details, payment history) for the purpose of fulfilling our contractual obligations (Knowledge of who is a contractual partner, justification, content design and execution of the contract, verification of the plausibility of the data) and services (e.g. contacting the customer service) acc. Art. 6 para. 1 sentence 1 lit. b) GDPR. The entries marked as obligatory in online forms are required for the conclusion of the contract.
- A transfer of these data to third parties does not take place, unless it is necessary for the prosecution of our claims (e.g. transfer to lawyer for debt collection) or fulfillment of the contract (e.g. transfer of data to payment providers) or there is a legal obligation acc. Art. 6 para. 1 sentence 1 lit. c) GDPR.
- We may also process the information you provide to inform you of other interesting products from our portfolio or to send you e-mail with technical information.
- The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. This is the case for the inventory and contract data when the data for the execution of the contract are no longer required and no claims can be made under the contract, because these are statute-barred (warranty: two years / statutory limitation: three years ). Due to commercial and tax regulations, we are obliged to store your address, payment and order data for a period of ten years. However, at the end of the contract after three years, we limit the processing, i.e. your data will only be used to comply with legal obligations. Information in the user account remains until its deletion.
Contact by contact form / E-Mail / Fax / Post
- When contacting us via contact form, fax, mail or e-mail your details will be processed for the purpose of processing the contact request.
- Legal basis for the processing of the data is in the presence of a consent of you Art. 6 para. 1 S. 1 lit. a) GDPR. The legal basis for the processing of data transmitted in the course of a contact request or e-mail, letter or fax is Article 6 (1) sentence 1 lit. f) GDPR. The person in charge has a legitimate interest in the processing and storage of the data in order to be able to answer inquiries from users, to secure evidence for liability reasons and, if necessary, to fulfill his statutory retention requirements for business letters. If the contact is aimed at concluding a contract, then additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) GDPR.
- We can store your details and contact requests in our Customer Relationship Management System ("CRM System") or a comparable system.
- The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. For the personal data from the input form of the contact form and those sent by e-mail, this is the case when the conversation with you has ended. The conversation ends when it can be inferred from the circumstances that the matter in question has been finally clarified. Requests from users who have an account or contract with us, we save until the expiration of two years after the contract termination. In the case of legal archiving obligations, the deletion takes place after its expiry: end of commercial law (6 years) and tax law (10 years) retention obligation.
- At any time, you have the option of obtaining consent in accordance with Art. 6 para. 1 sentence 1 lit. a) to revoke the GDPR for the processing of personal data. If you contact us by e-mail, you can object to the storage of personal data at any time.
Contact by phone
- When contacting us by phone, your telephone number will be processed to process the contact request and its processing and temporarily stored or displayed in the RAM / cache of the telephone / display for 70 days or displayed. The storage is made for reasons of liability and security in order to prove the call as well as for economic reasons to enable a recall. In case of unauthorized advertising calls, we block the phone numbers.
- The legal basis for the processing of the telephone number is Art. 6 para. 1 sentence 1 lit. f) GDPR. If the contact is aimed at the conclusion of a contract, additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.
- The device cache stores the calls for 70 days and overwrites or deletes old data successively; when the device is disposed of, all data is deleted and the memory is destroyed. Blocked phone numbers are checked annually for the need for blocking.
- You can prevent the phone number from being displayed by calling with the phone number suppressed.
Rights of the data subject
- Objection or revocation against the processing of your data
Insofar as the processing is subject to your consent pursuant to Art. 6 para. 1 sentence 1 lit. a), Art. 7 GDPR, you have the right to revoke your consent at any time. The lawfulness of the processing on the basis of the consent until the revocation is not affected.
As far as we have the processing of your personal data on the balance of interests in accordance with Art. 6 para. 1 p. 1 lit. f) support GDPR, you can object to the processing. This is the case if, in particular, the processing is not required to fulfill a contract with you, which we present in the following description of the functions. In the event of any such disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing.
You may object to the processing of your personal data for advertising and data analysis purposes at any time. The right to object can be exercised free of charge. About your advertising contradiction you can inform us under the following contact details:
PFIEFFER Biegetechnik GmbH & Co
57413 Finnentrop, Germany
Managing Director U. Hellbach, R. Mühlhoff
Register / No .: HRA 9158 Register Court : AG Siegen
- Right to information
You have a right to information about your personal data stored by us according to Art. 15 GDPR. This includes, in particular, information about the processing purposes, the category of personal data, the categories of recipients to whom your data was or is being disclosed, the planned storage period, the source of their data, if these were not collected directly from you.
- Right to rectification
You have the right to correct incorrect or correct data according to Art. 16 GDPR.
- Right to cancellation
You have the right to delete your stored data according to Art. 17 GDPR, unless legal or contractual retention periods or other statutory obligations or rights to further storage conflict with this.
- Right to restriction
You have the right to demand a restriction on the processing of your personal data if one of the conditions set out in Article 18 (1) lit. a) to d) GDPR is fulfilled:
If you deny the accuracy of your personal information for a period of time that enables the controller to verify the accuracy of your personal data;
• the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of personal data;
• the person responsible no longer needs personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
• if you object to the processing pursuant to Art. 21 para. 1 GDPR and still It is not known whether the legitimate reasons of the person responsible outweigh your reasons.
- Right to data portability
You have the right of data transferability under Art. 20 GDPR, which means that you may receive the personal data stored about us in a structured, common and machine-readable format or you may request the transfer to another person responsible.
- Right to appeal
You have a right to complain to a supervisory authority. As a rule, you can contact the supervisory authority for this purpose, in particular in the Member State of your place of residence, your job or the location of the alleged infringement.
In order to protect all personally identifiable information transmitted to us and to ensure compliance with our privacy practices, as well as our external service providers, we have taken appropriate technical and organizational security measures. Therefore, among other things, all data between your browser and our server encrypted over a secure SSL connection.
As of: 18.06.2019