Privacy Notice

4. Introduction

We would like to use the information below to provide you "data subject" with an overview of our processing of your personal data and your rights under data protection law. It is generally possible to use our website without entering personal data. However, if you wish to make use of special services offered by our company through our website, it may be necessary to process personal data. If it is necessary to process personal data and there is no legal basis for such processing, we will generally obtain your consent.

Personal data, such as your name, address or email address, is always processed in accordance with the EU General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to the "Fliegl Gruppe (Agrartechnik & Baukom)". The aim of this Privacy Notice is to inform you about the scope and purpose of the personal data we collect, use and process.

As the data controller, we have implemented numerous technical and organisational measures to ensure the most complete possible protection of the personal data processed via this website. Nevertheless, Internet-based data transmissions can in principle have security gaps so that absolute protection cannot be guaranteed. For this reason, you are free to submit personal data on alternative ways, such as by phone or by post to us.

5. Data controller

The data controller, as defined by the GDPR, is:

Fliegl Agrartechnik GmbH
Bürgermeister-Boch-Straße 1, 84453 Mühldorf am Inn, Deutschland
Phone: +49 (0)86313070
Fax: +49 (0)8631307550
Email: info(at)fliegl.com

Data controller’s representative: Josef Fliegl Junior

6. Data protection officer

You can reach the data protection officer as follows:

Stefan Auer

Phone: +49 (0)911 148986 50

Fax: +49 (0)911 148986 59

Email: office(at)ascon-datenschutz.de

You may contact our data protection officer directly at any time if you have any questions or suggestions regarding data protec-tion.

7. Definitions

 

This Privacy Notice is based on the terminology used by the European legis-lature and legislature in the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand, both for the public and for our customers and business partners. To en-sure this, we would like to explain in advance the terminology used. Among other things, we use the following terms in this privacy policy.

We use the following terms in this Privacy Notice, among others:

  1. Personal data
    Personal data means any information relating to an identified or identifi-able natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particu-lar by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social iden-tity of that natural person.
  2. Data subject
    A Data subject is any identified or identifiable natu-ral person whose personal data is processed by the controller (our compa-ny).
  3. Processing
    Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  4. Restriction of pro-cessing
    Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
  5. Profiling
    Profiling is any form of automated processing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person's performance at work, economic situa-tion, health, personal preferences, interests, reliability, behaviour, location or change of loca-tion.
  6. Pseudonymisation
    Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional infor-mation, provided that such additional information is kept separately and is subject to technical and organisa-tional measures which ensure that the personal data cannot be attributed to an identified or identifiable natural person.
  7. Data processor
    Data processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the control-ler.
  8. Recepient
    A recipient is a natural or legal person, public authority, agency, or other body to whom personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be con-sidered as recipients.
  9. Third party
    Third party means any natural or legal person, public au-thority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct responsibility of the controller or the processor, are authorised to process the personal da-ta.
  10. Consent
    Consent means any freely given specific and informed indication of the data subject's wishes in the form of a statement or other unambiguous affirmative act by which the data subject sig-nifies his or her agreement to the processing of personal data relating to him or her.

8. Legal basis for processing

Art. 6 (1) lit. a GDPR (icw § 25 (1) German Telecommunica-tions-Telemedia Data Protection Act (TTDSG)) serves our company as the legal basis for processing operations where we obtain consent for a specific processing purpose.

If the processing of personal data is neces-sary for the performance of a contract to which you are a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 (1) lit. b GDPR. The same applies to processing operations that are necessary for the implementation of pre-contractual measures, for example in the case of enquiries about our products or services.

If our company is subject to a legal obligation by which the processing of personal data becomes necessary, such as for the fulfilment of tax obligations, the processing is based on Art. 6 (1) lit. c GDPR.

In rare cas-es, the processing of personal data might become necessary to protect vital interests of the data subject or an-other natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result their name, age, health insurance data or other vital information had to be passed on to a doctor, hospi-tal or other third party. In this case, the processing would be based on Art. 6 (1) lit. d GDPR.

Finally, pro-cessing operations could be based on Art. 6 (1) lit. f GDPR. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary for the protection of a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not overweigh. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European law. In this respect, the legislature took the view that a legitimate interest could be assumed if you are a customer of our company (Recital 47, Sentence 2 GDPR).

9. Disclosure of data to third parties

Your personal data will not be conveyed to third parties for purposes other than those listed below.

We will only share/convey your personal data with third parties if:

  1. you have given us your express consent to do so in accordance with Art. 6 (1) lit. a GDPR,
  2. the disclosure is permissible in accordance with Art. 6 (1) lit. f GDPR to protect our legitimate in-terests and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  3. in the event that a legal obligation exists for the disclosure pursuant to Art. 6 para. 1 lit. c GDPR, as well as
  4. this is legally permissible and necessary according to Art. 6 (1) lit. b GDPR for the processing of contractual relationships with you.

In the context of the processing opera-tions described in this privacy statement, personal data may be transferred to the USA. Companies in the USA only have an adequate level of data protection if they have certified themselves under the EU-US Data Privacy Framework and thus the adequacy decision of the EU Commission pursuant to Art. 45 GDPR applies. We have explicitly mentioned this in the privacy policy for the service providers concerned. In order to protect your data in all other cases, we have concluded commissioned processing agreements based on the standard contractual clauses of the European Commission. If the standard contractual clauses are not sufficient to establish an ade-quate level of security, your consent pursuant to Article 49 (1) a) of the GDPR may serve as the legal basis for the transfer to third countries. This sometimes does not apply in the case of a data transfer to third countries for which the European Commission has issued an adequacy decision pursuant to Article 45 of the GDPR.

10. Technology

10.1 SSL/TLS-encryption

This site uses SSL or TLS encryption to guarantee the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact enquiries that you send to us as the operator. You can recognise an encrypted connection by the fact that the address bar of the browser contains a "https://" instead of a "http://" and by the lock symbol in your browser bar.

We use this technology to protect your transmitted da-ta.

10.2 Data collection when visiting the website

When using our website for information purposes only, i.e. when not registering or otherwise transmitting information to us, we only collect data that your browser transmits to our server (in so-called "server log files"). Our website collects a series of general data and information each time you access a website or an automated. This general data and information is stored in the server's log files. The following can be recorded:

  1. browser types and versions used,
  2. the operating system used by the accessing system,
  3. the website from which an accessing system accesses our website (so-called referrer),
  4. the sub-pages accessed via an accessing system on our website,
  5. the date and time of access to the website,
  6. an abbreviated internet protocol address (anonymised IP address) and,
  7. the Internet service provider of the accessing system.

When using this general data and information, we do not draw any conclusions about your person. This information is rather required to:

  1. deliver the contents of our website correctly,
  2. optimise the contents of our website as well as to advertise it,
  3. ensure the permanent operability of our IT systems and the technology of our website, and
  4. provide law enforcement authorities with the information necessary to prosecute in the event of a cyber-attack.

This collected data and information is therefore statistically analysed and further analysed by us with the aim of increasing data protection and data security within our company to ultimately ensure an optimum level of protection for the personal data being processed by us. The anonymous data from the server log files is stored separately from all personal data provided by a data subject.

The legal basis for data processing is Art. 6 (1) lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above.

10.3 Hosting by All-Inkl

We host our website at ALL-INKL.COM - Neue Medien Münnich, Inh. René Münnich, Hauptstraße 68, 02742 Friedersdorf (All-Inkl).

Whenvisiting our website, your personal data (e.g. IP addresses in log files) are processed on the servers of All-Inkl.

The use of All Inkl is based on Art. 6 (1) lit. f GDPR. Our legitimate interest is the high-performance provision of our website.

We have concluded a corresponding agreement with All Inkl on the basis of GDPR for commissioned pro-cessing. This is a contract required by data protection law, which ensures that All-Inkl only processes the per-sonal data of our website visitors according to our instructions and in compliance with the GDPR.

Additional information and All Inkl`s privacy policy can be found at: https://all-inkl.com/datenschutzinformationen/

10.4 Cloudflare (Content Delivery Network)

Our website uses functions from CloudFlare. The provider is CloudFlare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA.

CloudFlare offers a globally distributed Content Delivery Network with DNS. Technically, the information transfer between your browser and our website is routed via CloudFlare's network. CloudFlare is thus able to analyse the data traffic between users and our websites, for example, in order to detect and ward off attacks on our services. In addition, CloudFlare may store cookies on your computer for optimisation and analysis purpos-es.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

We have concluded a corresponding agreement with Cloudflare on the basis of the General Data Protection Regulation (GDPR) for commissioned processing or in accordance with the EU standard contractual clauses. Cloudflare collects statistical data about visits to this website. These include: Name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. Cloudflare uses the described log data for statistical evaluations for the purpose of the operation, security and optimisation of the offer.

If you have consented to Cloudflare being used, the legal basis for the processing of personal data is Art. 6 (1) lit. a GDPR. In addition, we have a legitimate interest in using Cloudflare to optimise our online offer and make it more secure. The corresponding legal basis for this is Art. 6 (1) lit. f GDPR. The personal data will be re-tained for as long as they are required to fulfil the purpose of the processing. The data will be deleted as soon as they are no longer required to achieve the purpose.

This US company is certified under the EU-US Data Privacy Framework. There is hereby an adequacy deci-sion pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guaran-tees or additional measures.

Additional information and Cloudflares privacy policy can be found at https://www.cloudflare.com/privacypolicy/.

10.5 Hosting by Amazon Web Services - AWS

We host our website on Amazon Web Services (AWS). The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg.

When visiting our website, your personal data is processed on the servers of AWS. This may also involve the transfer of personal data to the parent company of AWS in the USA. The data transfer to the USA is based on the EU standard contractual clauses. Details can be found at https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.

The use of AWS is based on Art. 6 (1) lit. f GDPR. Our legitimate interest is the high-performance provision of our website.

We have concluded a corresponding agreement with AWS on the basis of GDPR for commissioned pro-cessing. This is a contract required by data protection law, which ensures that AWS only processes the personal data of our website visitors according to our instructions and in compliance with the GDPR.

This US company is certified under the EU-US Data Privacy Framework. There is hereby an adequacy deci-sion pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guaran-tees or additional measures.

Additional information and AWS privacy policy can be found at https://aws.amazon.com/de/privacy/?nc1=f_pr

10.6 Amazon CloudFront CDN

Our website uses the Amazon CloudFront CDN content deliv-ery network. The provider is Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Lux-embourg (hereinafter "Amazon"). Amazon CloudFront CDN is a globally distributed content delivery net-work. Technically, the transfer of information between your browser and our website is routed via the Con-tent Delivery Network. This allows us to increase the worldwide accessibility and performance of our web-site.

The use of Amazon CloudFront CDN is based on our legitimate interest in providing our web-site as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).

This US company is certified un-der the EU-US Data Privacy Framework. This is an adequacy decision pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guarantees or additional measures.

Further information about Amazon CloudFront CDN can be found here: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Details can be found here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.

10.7 jsDelivr CDN

This website uses a so-called "Content Delivery Network" (CDN) from jsDelivr provided by ProspectOne, Królewska 65A/1, 30-081, Kraków, Poland.

A CDN is a service with the help of which the content of our online offer, in particular large media files such as graphics or scripts, is processed with the help of regionally distributed servers connected via the Internet, be delivered faster. The processing of user data is carried out solely for the aforementioned purposes and to maintain the security and functionality of the CDN.

For this purpose, the browser you are using must connect to the servers of the CDN. As a result, the provider becomes aware that our website has been accessed via your IP address.

The use is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f. GDPR. We have a legitimate interest in the secure and efficient provision, analysis and optimisation of our online offer.

For more information, see jsDelivr's privacy policy: https://www.jsdelivr.com/privacy-policy-jsdelivr-net/.

11. Cookies

11.1 Tips for avoiding cookies in common browsers

You can delete cookies, allow only se-lected cookies or completely deactivate cookies at any time via the settings of the browser you are using. You can find more information on the support pages of the respective providers:

11.2 Consent with Usercentrics

This website uses Usercentrics' consent technology to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document this in accordance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, website: https://usercentrics.com/de/ (hereinafter referred to as "Usercentrics").

When you enter our website, the following personal data is transmitted to Usercentrics:

  • Your consent(s) or the revocation of your consent(s)
  • Your IP address < li>Information about your browser
  • Information about your device
  • Time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consents granted or their revocation to you. The data collected in this way will be stored until you request us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

The Usercentrics banner on this website was configured with the help of eRecht24 (Recht24 GmbH & Co KG, Lietzenburger Str. 94, 10719 Berlin). You can recognize this by the fact that the logo of eRecht24 appears in the banner. In order to display the eRecht24 logo in the banner, a connection to the eRecht24 image server is established. The IP address is also transmitted, but it is only stored in anonymised form in the server logs. The image server of eRecht24 is located in Germany with a German provider. The banner itself is provided exclusively by Us-ercentrics.

Usercentrics is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Article 6 (1) (c) GDPR.

Data processing agreement

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract required by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

11.3 Classification of cookies used

We use different types of cookies on our website. These are small files that are automatically created by your browser and stored on your IT system (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device and do not contain any viruses, Trojans or other malware.

Information is stored in the cookie, which results in each case in connection with the specific device used. However, this does not mean that we are immediately aware of your identity.

Session cookies

The use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

Temporary cookies

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a specified period of time. If you visit our site again to make use of our services, it is automatically recognized that you have already been with us and what entries and settings you have made so that you do not have to enter them again.

Statistical cookies

Furthermore, we use cookies, to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined period of time.

Verification cookies

The data processed by cookies are required for the purposes mentioned in part to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 p. 1 lit. f GDPR. These include, in particular, those cookies that are technically necessary to display the page correctly on your device or the Usercentrics cookie. The latter cookie is set in order to request and store the consents required for the other cookies.

You have the option of managing your individual cookie settings yourself at any time on our homepage via the fingerprint symbol and changing them at any time. We only set the cookies listed there and only as long as we have your con-sent to do so.

Detailed information on the cookies can be found either by clicking on the question mark in the manual cookie settings or in the respective special paragraph below.

12. Contents of our website

12.1 Data processing when opening a customer account and for contract execution

Pursuant to Art. 6 (1) lit. b GDPR, personal data is collected and processed if you provide it to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. We store and use the data pro-vided by you for the purpose of processing the contract. After complete execution of the contract or deletion of your customer account, your data will be blocked taking into account tax and commercial law retention periods and deleted after expiry of these periods, unless you have expressly consented to further use of your data or we are legally permitted to the further use of your data, about which we inform you accordingly below.

12.2 Contact support / Contact form

Personal data is collected when contacting us (e.g. via con-tact form or e-mail). Which data is collected in the case of the use of a contact form can be seen from the re-spective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legiti-mate interest in responding to your request in accordance with Art. 6 (1) lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) lit. b GDPR. Your data will be deleted after final processing of your request; this is the case if it can be inferred from the circumstances that the matter concerned has been conclusively clarified and the deletion does not conflict with any legal obligations to retain data.

12.3 Services / Digital Goods

We only transmit personal data to third parties if this is necessary within the framework of the Data Protection Agreement, for example to the credit institution commissioned with the payment processing.

No further transmission of data will take place unless you have expressly consented to the transmission. Your data will not be disclosed to third parties without your express consent, for example for advertising pur-poses.

The basis for data processing is Art. 6 (1) lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

12.4 Application Management / job exchange

We collect and process the personal data of applicants for the purpose of processing the application procedure. The processing may also take place elec-tronically. This is particularly the case if an applicant submits the relevant application documents to us elec-tronically, for example by e-mail or via a web form on the website. If we conclude an employment or ser-vice contract with an applicant, the transmitted data will be stored for the purpose of processing the em-ployment relationship in compliance with the statutory provisions. If we do not conclude a contract with the applicant, the application documents are automatically deleted two months after notification of the rejec-tion decision, provided that no other legitimate interests on our part oppose deletion. Another legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the German Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz [AGG]).

The legal basis for processing your data is Art. 88 GDPR icw § 26 (1) German Federal Data Protection Act (Bundesdatenschutzgesetz [BDSG]).

13. Newsletters

13.1 Marketing newsletter (double opt-in)

On our website you are given the opportunity to subscribe to our company newsletter. What personal data is transmitted to us when ordering the newslet-ter, is determined by the input mask used for this purpose.

We use our newsletter to regularly communicate our offers to our customers and business partners. You can, therefore, only receive our com-pany’s newsletter if

  1. You have a valid e-mail address and
  2. You have registered for news-letter delivery.

For legal reasons, a confirmation e-mail will be sent to the e-mail address that you entered for the first time for the newsletter dispatch using the double opt-in procedure. This confirma-tion e-mail is used to verify that you, as the owner of the e-mail address, have authorized the receipt of the newsletter.

When you register for the newsletter, we also store the IP address assigned by your Internet service provider (ISP) of the IT system used by you at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of your e-mail address at a later date and therefore serves our legal protection.

The personal data collected in the context of a registration for the newsletter will be used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes in technical circumstances. No personal data collected as part of the newsletter service will be passed on to third parties. The subscription to our newsletter can be cancelled by you at any time. The consent to the storage of personal data that you have given us for the newsletter dispatch can be revoked at any time. For the purpose of revoking the consent, you will find a corresponding link in each newsletter. Furthermore, it is also possible to unsubscribe from the newsletter mailing directly on our website at any time or to inform us of this in another way.

The legal basis for data processing for the purpose of sending newsletters is Art. 6 (1) lit. a GDPR.

13.2 CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, (CRASH Building), Schafjückenweg 2, 26180 Rastede. CleverReach is a service with which the newsletter dispatch can be organized and analyzed. The data you enter for the purpose of receiving the newsletter (e.g. the e-mail address) is stored on the servers of CleverReach in Germany or Ireland.

Our newsletters sent with CleverReach allow us to analyze the behavior of newsletter recipients. Here, among other things, it can be analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e.g. the purchase of a product on our website) has taken place after clicking on the link in the newsletter. For more information on data analysis by CleverReach newsletter, please visit: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.

The data processing is based on your consent (Art. 6 (1) lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

If you do not want any analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in each newslet-ter message. Furthermore, you can also unsubscribe directly on the website.

You can revoke the consent you have given at any time. You can also prevent the processing at any time by unsubscribing from the newsletter. You can also prevent the storage of cookies by setting your web browser accordingly. You can also prevent the storage and transmission of personal data by disabling JavaScript in your web browser or installing a JavaScript blocker (e.g. https://noscript.net or https://www.ghostery.com). We would like to point out that these measures may mean that not all functions of our website are available.

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsub-scribe from the newsletter and will be deleted from our servers as well as from the servers of CleverReach after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g. e-mail addresses for the member area) remains unaffected by this.

You can view CleverReach's privacy policy at: https://www.cleverreach.com/de/datenschutz/.

14. Our activities in social networks

To allow us to communicate with you on social net-works and inform you about our services, we run our own pages on these social networks. If you visit one of our social media pages, we and the provider of the social media network are joint controllers (Art. 26 GDPR) regarding to the processing operations triggered thereby, which concern personal data.

We are not the original provider of these pages, but only use them within the scope of the options of-fered to us by the respective providers
We would therefore like to point out as a precautionary meas-ure that your data may also be processed outside of the European Union or the European Economic Area. Use of these networks may therefore involve data protection risks for you since the protection of your rights may be difficult, e.g. your rights to information, erasure, objection, etc. Processing on social networks frequently takes place directly for advertising purposes or for the analysis of user behaviour by network providers, and we have no control over this. If the provider creates user profiles, cookies are often used or user behaviour may be assigned directly to your own member profile on the respective social network (if you are logged in).

The processing operations of personal data described are carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interests and the legitimate interests of the respective provider in order to communicate with you in a timely manner or to inform you about our services. If you have to grant your consent to the respective providers to process your data as a user, the legal basis for this processing is Art. 6 (1) lit. a GDPR in conjunction with Art. 7 GDPR.

Since we have no access to these providers’ databases, we would like to point out that you would be best placed to exercise your rights (e.g. to information, rectification, erasure, etc.) directly with the respec-tive provider. More information on the processing of your data on social networks and your options for ex-ercising your right to object or your right of revocation (opt out) is listed below for each of the social network providers we use:

 

14.1 Instagram

(Joint) Data controller responsible for data processing in Europe:
Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Privacy Notice (Data Policy):
http://instagram.com/legal/privacy/

Opt-out and advertising settings:
https://www.instagram.com/accounts/privacy_and_security/

14.2 LinkedIn

(Joint) Data controller responsible for data processing in Europe:
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Privacy Notice:
https://www.linkedin.com/legal/privacy-policy

14.3 Twitter

(Joint) Data controller responsible for data processing in Europe:
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland

Privacy Notice:
https://twitter.com/en/privacy.

Information about your data:
https://twitter.com/settings/your_twitter_data

14.4 YouTube

(Joint) Controller responsible for data processing in Europe:
Google Ire-land Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Privacy Notice:
https://policies.google.com/privacy

 

(Joint) Data controller responsible for data processing in Germany:
New Work SE, Dammtorstrasse 29–32, 20354 Hamburg, Germany

Privacy Notice:
https://privacy.xing.com/de/datenschutzerklaerung

Requests for information for XING members:
https://www.xing.com/settings/privacy/data/disclosure

14.5 TikTok

(Mit-) Verantwortlicher für die Datenverarbeitung in Deutschland: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ir-land.

Datenschutzerklärung:

https://www.tiktok.com/legal/page/eea/privacy-policy/de-DE

Opt-Out und Werbe-einstellungen:

https://support.tiktok.com/de/account-and-privacy/personalized-ads-and-data/personalization-and-data

14.6 Fanpage Facebook

(Co-)Responsible for data processing in Europe: Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

In its judgment of 5 June 2018, the European Court of Justice (ECJ) ruled that the operator of a Facebook page is jointly responsible with Facebook for the processing of personal data. It is known that Facebook processes users' data for the following purposes: advertising (analysis, creation of personalized advertising), creation of user profiles, market research

Facebook uses cookies, i.e. small text files that are stored on the various end de-vices of the users, to store and further process this information. If the user has a Facebook profile and is logged in to it, the storage and analysis also takes place across devices. Facebook's privacy policy contains further information on data processing: https://www.facebook.com/about/privacy/

Objection options (so-called opt-out) can be made under https://www.facebook.com/settings?tab=ads or under http:// www.youronlinechoices.com be set.

The parent company, as a U.S. company, is certified under the EU-U.S. Data Privacy Framework. This is an adequacy decision pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guarantees or additional measures.

Statistical data

Statistical data of different categories can be accessed by the website operator via the so-called "Insights" of the Facebook page. These statistics are generated and pro-vided by Facebook. The operator of the site has no influence on the generation and presentation. This func-tion cannot be switched off or the generation and processing of the data cannot be prevented. For a se-lectable period of time as well as for the categories fans, subscribers, persons reached and interacting per-sons, the following data is provided to the website operator by Facebook in relation to the Facebook page: Total number of page views, "Likes" information, page activities, post interactions, reach, video views, post reach, comments, shared content, answers, proportion of men and women, origin in relation to country and city, language, Views and clicks in the shop, clicks on route planners, clicks on phone numbers. Data on the Facebook groups linked to the Facebook page is also provided in this way.

Due to the constant development of Facebook, the availability and processing of the data is changing, so that for further details please refer to Facebook's above-mentioned privacy policy. The available data is used in aggregated form to make the posts and activities on the Facebook page more attractive to users. For example, the distributions by age and gender are used for an adapted approach and the preferred visiting times of the users for a time-optimized planning of the contributions. Information about the type of devices used by visitors helps to adapt the posts visually and creatively. In accordance with the Facebook Terms of Use, which each user has agreed to when creating a Facebook profile, the subscribers and fans of the page can be identified and their profiles and other shared information can be viewed by them.

rights of data subjects

In accordance with the agreement on joint responsi-bility, Facebook assumes responsibility for fulfilling the rights of data subjects in accordance with Articles 15-20 of the GDPR. For requests for information or other questions about rights as a user, users should contact Facebook directly. Detailed information on joint responsibility can be found at https://www.facebook.com/legal/terms/page_controller_addendum

If the described data processing is no longer desired in the future, the connection of the user profile to the website must be terminated by using the function "I no longer like this page" or "Unsubscribe".

15. Web analytics

15.1 TruConversion

For the purpose of website analysis, we use the TruConversion technology provided by Digital Marketer Inc., 4330 Gaines Ranch Loop Suite 120 Aus-tin, Texas 78735 on our website. When you visit one of our pages, a connection to TruConversion's servers in the USA is established. TruConversion uses cookies that make it possible to understand how the website is used by visitors and how it can be improved and further developed accordingly. For example, TruConver-sion shows which content is clicked on or creates a visually displayed usage profile ("heat map"). This helps to adapt the website to the wishes and needs of the users. For this purpose, information about your use of our website (e.g. Your IP address and the page accessed) will be transmitted to the provider's servers in the USA and stored there.

These processing operations are carried out exclusively if express consent is given in accordance with Art. 6 para. 1 lit. a) GDPR.

You can prevent TruConversion from collecting your data by clicking on the following link: https://www.truconversion.com/opt-out/

The privacy policy and further information about this service provider can be found at: https://www.truconversion.com/privacy-policy/ .

16. Plugins and other services

16.1 Google Maps

We use Google Maps (API) on our website. The operating company of Google Maps is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Lim-ited is part of the Google group of companies with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Maps is a web service for displaying interactive (land) maps in order to visually present geographical information. By using this service, for example, our location can be displayed to you and a possible approach can be facilitated.

Already when calling up those sub-pages in which the map of Google Maps is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers in the USA and stored there. In addition, Google Maps reloads the Google Web Fonts. The provider of the Google Web-Fonts is also Google Ireland Limited. When you call up a page that embeds Google Maps, your browser loads the web fonts required to display Google Maps into your browser cache. Also for this purpose, the browser you are using establishes a connection to Google's servers. Through this, Google obtains knowledge that our website was accessed via your IP address. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out of your Google user account. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. You have the right to object to the creation of these user profiles, and to exercise this right you must contact Google as follows.

If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, you also have the option of completely disabling the Google Maps web service by turning off the JavaScript application in your browser. Google Maps and thus also the map display on this website can then not be used.

These processing operations are carried out exclusively when explicit consent is given in accordance with Art. 6 (1) lit. a GDPR.

Additional information on the service can be found at the following links https://www.google.de/intl/de/policies/terms/regional.html https://www.google.com/intl/de_US/help/terms_maps.html

The parent company Google LLC is certified as a US company under the EU-US Data Privacy Framework. There is hereby an adequacy decision pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guarantees or additional measures.

The privacy policy of Google Maps could be found here: ("Google Privacy Policy"): https://www.google.de/intl/de/policies/privacy/.

 

 

16.2 Google Recaptcha

On this website we also use the Recaptcha function of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Ireland Limited is part of the Google group of companies with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The Recaptcha function is primarily used to distinguish whether an entry is made by a natural person or whether it is misused by machine and automated processing. The service also includes sending the IP address and any other data required by Google for the Recaptcha service to Google.

According to Art. 32 GDPR, we are also obliged to ensure the availability of our services, including protection against SPAM notifications. In this respect, the use of the service is based on the ful-fillment of a legal obligation pursuant to Art. 6 para. 1 lit. c) GDPR in conjunction with Art. 32 GDPR.

The parent company Google LLC is certified as a US company under the EU-US Data Privacy Framework. This is an adequacy decision pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guarantees or additional measures.

Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.

 

Google WebFonts

For the uniform display of fonts, so-called web fonts are used when using Google Rechaptcha. Google Web-Fonts are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ire-land Limited is part of the Google group of companies headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When you visit our site, your browser loads the web fonts required by Google Rechaptcha into your browser cache in order to display texts and fonts correctly. For this pur-pose, the browser you are using establishes a connection to Google's servers. As a result, Google learns that our website has been accessed via your IP address.

The parent company Google LLC is certified as a US company under the EU-US Data Privacy Framework. This is an adequacy decision pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guarantees or additional measures.

Further information on Google WebFonts and Google's privacy policy can be found at: https://developers.google.com/fonts/faq; https://www.google.com/policies/privacy/.

16.3 Optinly

We use the Optinly service of the provider Cartrabbit Technologies Private Limited, India, to inform site visitors about news, updates and offers in pop-ups and info bars. Personal data is processed and transferred to the provider's servers. The user can proactively provide the following in-formation when prompted:

  • Personal data
  • e-mail address
  • First names
  • Last name
  • phone number

Optinly also tracks the user anonymously on the website, to display the pop-up according to the pages he has visited or the elements he has viewed.

The legal basis for data processing is Article 6 (1) (f) GDPR. We have a legitimate interest in automated communication via our website in order to provide our customers with efficient infor-mation.

For more information on how Optinly handles user data, please refer to Optinly's privacy policy: https://optinly.com/privacy-policy/.

 

16.4 Interacty

We use the "Interacty" service of HOLGE SIA, Gunara Astras 8-1,54, LV-1082 Riga, Latvia on our website to integrate interactive elements on our website. Your IP address and device-related information are processed. You can block access to Interactive services through your browser. For more information, see their privacy policy at https://interacty.me/de/privacy-policy. The legal basis for the processing of your personal data is Article 6 (1) (a) GDPR in conjunction with Section 25 (1) TTDSG.

Sometimes we need your e-mail address and possibly your name so that you can take part in our quizzes, competitions and tests and, if nec-essary, we can provide you with information. Be able to send your prize (e.g. discount codes for the online shop). We also measure game time, count attempts, and collect your IP address to evaluate and comply with rules. By participating, you agree to the collection of data.

If you send us your data, you also agree that we can integrate it into our newsletter system Acumbamail of the provider Acumbamail S.L., Av. del Rey Santo, 3D, 13001 Ciudad Real, Spain. This allows us to send you prize notifications and inform you about specials and news. There is an order data processing agreement with Acumbamail to ensure the care-ful processing and protection of your data. We do not pass on your data to other service providers. You can unsubscribe from our newsletter at any time by clicking on the appropriate link in each e-mail.

 

16.5 Use of chatbots

We use chatbots on our website to communicate with you. Chatbots are able to respond to your questions and other inputs without human help. For this purpose, the chatbots analyze other data in addition to your entries in order to provide suitable answers (e.g. names, e-mail ad-dresses and other contact details, customer numbers and other identifiers, orders and chat histories). In addition, the chatbot can be used to collect your IP address, log files, location information and other metadata. This data is stored on the servers of the chatbot provider. User profiles can be created on the basis of the data collected. In addition, the data can be used to display interest-based advertising, provided that the legal requirements (in particular consent) for this are met. For this purpose, the chatbots can be linked to analysis and advertising tools. The data collected can also be used to improve our chatbots and their response behavior (machine learning). The data you enter as part of the communication will remain with us or with the chatbot operator until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected by this.

The legal basis for the use of chatbots is Article 6 (1) (b) GDPR, provided that the chatbot is used to initi-ate or fulfill a contract. If a corresponding consent has been requested, the processing is carried out exclu-sively on the basis of Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time. In all other cases, the use is based on our legitimate interest in the most effective customer communication possible (Art. 6 para. 1 lit. f) GDPR).

We use the following chatbots:

 

Chatbase

The provider is Chatbase, 2 Harrison St, San Francisco, CA 94102 California, USA (hereinafter Chatbase). Chatbase is mainly used to communicate with our company. Chatbase processes the following data as part of the interaction with you: first name, last name, e-mail address, as well as usage data (e.g. browser, duration of the page visit) and your IP address. In addition, cookies from the visited website are sent to your browser and stored on your device. Other tracking technologies, such as beacons, tags, and scripts, are also used to collect and track information and to improve and analyze our service.

The legal basis for data processing is Article 6 (1) (f) GDPR. We have a legitimate interest in automated customer communication via our website in order to provide our customers with efficient infor-mation.

Chatbase's privacy policy can be found here: https://www.chatbase.co/privacy.

 

FacePop

We use the "FacePop" widget from answerly.io on our website. The widget makes it possible to display custom video messages on the website and includes an AI assistant for playing messages in FacePop. FacePop can also be used to provide additional features to facilitate customer com-munication, in particular making appointments via the integrated calendar function, registering for the newsletter and links to relevant content. This involves collecting usage data as well as information you enter in FacePop forms (e.g. email address). Hosting by the provider takes place within the EU.

The legal basis for data processing is Article 6 (1) (f) GDPR. We have a legitimate interest in automated customer communication via our website in order to provide our customers with efficient information.

You can find more information on the handling of user data in FacePop's privacy policy: https://facepop.io/privacy. More information about the chatbot can be found at: https://help.answerly.io/.

 

16.6 Climbo

We use the "Climbo" widget from Climbo SRL, Via Marsala 29H, Rome, Italy on our website. The widget enables the collection or integration of Google reviews of our company on our website. The widget can be found behind the "Leave a review" button. You can find more information on the handling of user data in Climbo's privacy policy: https://climbo.com/privacy-policy/.

16.7 Youtube (videos)

We have integrated components of YouTube on this website. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

YouTube is an Internet video portal that enables video publishers to post video clips free of charge and other users to view, rate and comment on them, also free of charge. YouTube allows the publication of all types of videos, which is why complete film and television broadcasts, as well as music videos, trailers or videos made by users themselves can be accessed via the Internet portal. Each time you visit one of the individual pages of this website, which is operated by us and on which a YouTube component (YouTube video) has been inte-grated, the Internet browser on your IT system is automatically prompted by the respective YouTube com-ponent to download a representation of the corresponding YouTube component from YouTube. The ser-vices Google Web Fonts, Google Video and Google Photo can also be downloaded from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google receive information about which specific subpage of our website you are visiting.

If you are logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website you are visiting by calling up a subpage that contains a YouTube video. This information is collected by YouTube and Google and assigned to your YouTube account.

YouTube and Google always re-ceive information via the YouTube component that you have visited our website if you are logged in to YouTube at the same time as accessing our website; this happens regardless of whether you click on a YouTube video or not. If you do not want this information to be transmitted to YouTube and Google, you can prevent the transmission by logging out of your YouTube account before accessing our web-site.

These processing operations are only carried out if express consent is given in accordance with Art. 6 (1) (a) GDPR.

The parent company Google LLC is registered as a US company under the EU-US Data Privacy Policy Framework certified. This is an adequacy decision pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guarantees or additional measures.

You can view YouTube's privacy policy at https://www.google.de/intl/de/policies/privacy/.

When using the YouTube videos, in addition to the ones described above, Processing opera-tions, further external services are reloaded. The legal basis for this is also your consent in accordance with Art. 6 (1) (a) GDPR.

 

DoubleClick

Youtube loads components from DoubleClick by Google. DoubleClick is a trademark of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), under which special online marketing solutions are marketed to advertising agencies and publishers.

DoubleClick by Google transmits data to the DoubleClick server with each impression as well as with clicks or other activi-ties. Each of these data transfers triggers a cookie request to your browser. If the browser accepts this re-quest, DoubleClick places a cookie on your IT system. The purpose of the cookie is to optimize and display advertising. The cookie is used, among other things, to place and display user-relevant advertising and to create reports on advertising campaigns or to improve them. Furthermore, the cookie serves to avoid mul-tiple displays of the same advertisement.

DoubleClick uses a cookie ID, which is required to handle the technical process. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to record which advertisements have already been displayed in a browser in order to avoid duplication. Furthermore, the cookie ID enables DoubleClick to record conver-sions.

A cookie from DoubleClick does not contain any personal data. However, a DoubleClick cook-ie may contain additional campaign identifiers. A campaign identifier is used to identify the campaigns with which you have already been in contact.

Each time one of the individual pages of this website is accessed, which is operated by us and on which a DoubleClick component has been integrated, the Internet browser on your IT system is prompted by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and the settlement of commissions. As part of this technical procedure, Google obtains knowledge of data that Google also uses to create commission statements. Among other things, Google can track that you have clicked on certain links on our website.

The parent company Google LLC is certified as a US company under the EU-US Data Privacy Framework. This is an adequacy decision pursuant to Art. 45 GDPR, so that a transfer of personal data may also take place without further guarantees or additional measures.

You can view the privacy policy of DoubleClick by Google at: https://www.google.com/intl/de/policies/.

 

Google Photos

In addition, YouTube uses the online service of the provider Google LLC, 1600 Amphi-theatre Parkway, Mountain View, CA 94043, USA, to store images that are embedded on our homepage.

Embedding is the integration of certain third-party content (text, video or image data) that is provided by another website (Google Photos) and then appears on your own Internet page (our website). A so-called embed code is used for embedding. If an embed code has been integrated by us, the external content of Google Photos is displayed by default as soon as one of our Internet pages is visit-ed.

Your IP address is transmitted to Google Photos via the technical implementation of the embed code, which enables the image display of the images from Google Photos. Furthermore, Google Photos records our website, the type of browser used, the browser language, the time and length of access. In addition, Google Photos can collect information about which of our subpages you have visited and which links have been clicked on, as well as other interactions you have carried out when you visit our site. This data can be stored and evaluated by Google Photos.

This US company is certified under the EU-US Data Privacy Framework. This is an adequacy decision pursuant to Art. 45 GDPR, so that a transfer of per-sonal data may also take place without further guarantees or additional measures.

You can view Google's privacy policy at: https://www.google.com/policies/privacy/.

17. Your rights as a data subject

17.1 Right to confirmation

You have the right to request confirmation from us as to whether personal data relating to you will be pro-cessed.

 

17.2 Right to information (Article 15 GDPR)

You have the right to obtain information about the personal data stored about you at any time, free of charge, as well as the right to access a copy of such data from us, in accordance with the statutory provisions.

 

17.3 Right to rectification (Article 16 GDPR)

You have the right to request the immediate rectification of incor-rect personal data relating to yourself. Furthermore, the data subject has the right to request the comple-tion of incomplete personal data, taking into account the purposes of the processing.

 

17.4 Erasure (Article 17 GDPR)

You have the right to demand that we erase the personal data relating to you be deleted without delay, provided that one of the reasons provided by law applies and if processing or further storage is not required.

 

17.5 Restriction to processing (Article 18 GDPR)

You have the right to request that we restrict the processing of your data if one of the legal requirements is met.

 

17.6 Data transferability (Article 20 GDPR)

You have the right obtain personal data relating to you that you provided us in a structured, commonly used and machine-readable format. You also have the right to transfer this data to another controller without hindrance by us, to whom the personal data was provided, provided that the processing is based on the consent pursuant to Article 6 Paragraph 1(a) GDPR or Article 9 Paragraph 2(a) GDPR or on a contract pursuant to Article 6 Para-graph 1(b) GDPR, and the data are processed using automated procedures, unless processing is necessary to complete a task, is in the public interest or is carried out in the exercise of an official authority assigned to us.

Furthermore, when exercising your right to data transferability pursuant to Article 20 Paragraph 1 GDPR, you have the right to have personal data transferred directly from one controller to another, pro-vided this is technically feasible and does not impede the rights and freedoms of other per-sons.

 

17.7 Objection Art. 21 GDPR

If, after weighing up our interests, we process your personal data on the basis of our overriding legitimate interest pursuant to Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with effect for the future.

Make use of your right to object, we will stop processing the data concerned. However, we reserve the right to further pro-cessing if we can demonstrate compelling legitimate grounds for the processing which override your indi-vidual interests, fundamental rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.

If your personal data is processed by us for direct marketing purposes, you have the right to: to object at any time to the processing of personal data concerning you for the purpose of such advertising. You can exercise the objection as described above. If you exercise your right to object to advertising, we will immediately stop processing the data concerned for direct marketing purposes with effect for the future.

 

17.8 Revocation of consent regarding data protec-tion

You have the right to revoke any consent to the processing of personal data at any time with future effect.

 

17.9 Lodging a complaint with a supervisory authority

You have the right to complain to a supervisory authority responsible for data protection about our processing of personal data.

18. Routine storage, erasure and blocking of personal data

We process and store your personal data only for the period of time necessary to meet the storage purpose or as required by the legal provisions to which our company is subject.

If the storage purpose no longer applies or if a required retention period expires, personal data will be routinely blocked or erased in accordance with the statutory provisions.

19. Duration of storage of personal data

The criterion for the duration of the retention of personal data is the respective legal retention period. Once this period expires, the data in question will be routinely erased, provided it is no longer required for the fulfilment or initiation of the con-tract.

17. Version and amendments to the Privacy Notice

This Privacy Policy is currently valid as of: [[monthYear]].

ue to the further development of our Internet pages and offers or due to changed legal or official requirements, it may become necessary to change this Privacy Policy. You can access and print out the current data protection declaration at any time on the website under "https://fliegl-agrartechnik.de/en/privacy-policy/".

This privacy statement has been prepared with the assistance of the privacy software: audatis MANAGER

20. Image and video recordings for public relations

Both on our homepage and on our ap-pearances in the aforementioned social media, we regularly publish pictures and film recordings of a wide variety of events, such as trade fair appearances or our series "Fliegl on Tour". Insofar as the persons de-picted are employees or known customers, the publication of the image data is based on their consent in accordance with Art. 6 para. 1 lit. a GDPR. This consent can be revoked at any time.

In the case of persons unknown to us, such as interested trade fair visitors, the publication of the images is based on our legitimate overriding interest within the meaning of Art. 6 para. 1 lit. f GDPR. You have the right to object to the further publication of your image at any time. To do so, please contact us or our data protection officer directly. In the event of an objection, the image(s) in question will be exchanged or we will make you un-recognizable as a person.

21. Processing of personal data when recording contact data

We collect personal data from customers or interested parties on various occasions, such as at trade fairs or other sales events, via a form. This data will be used to send you the desired offer or information material at a later date. Directly collected contact data (name, address, telephone, e-mail) are affected by the processing. The sending of the requested information and documents is a pre-contractual measure within the meaning of Article 6 (1) (b) GDPR. Depending on the specific interest, the data will either be processed by our sales department or forwarded to the responsible external sales representative or dealer. An data processing agreement (DPA) is always concluded with external sales staff, while dealers continue to process the data on their own re-sponsibility. If the contract is not concluded, the data will be deleted no later than two years after the last contact with the interested party.

22. Processing of personal data in the context of video surveillance

We use video surveil-lance at various points on our premises. Video surveillance is used to exercise domiciliary rights, prevent unauthorized access, prevent burglaries and thefts, prevent or investigate criminal offenses, assert claims for damages, use of records as evidence in judicial and out-of-court proceedings. Only non-public areas are affected by video surveillance, all of which are marked with clearly visible signs. The monitored areas in-clude the inner courtyard, the warehouse and production hall, the outdoor area in front of the main gate, the exhibition hall, the entrance area and the corridors.

The legal basis for the use of video surveil-lance is our legitimate overriding interest in accordance with Art. 6 para. 1 lit. f) GDPR. Employees, custom-ers, suppliers, service providers and guests are affected by the recording. The video material will only be evaluated on an ad hoc basis by specially authorised personnel. The data will only be passed on if this is necessary to achieve the stated purposes. This is the case, for example, if the recordings are passed on to the insurance company, lawyers or the investigating authorities in a specific case of damage. The processing of the data at the aforementioned offices is your own responsibility.

The recordings are generally deleted after 48 hours or 72 hours (weekend). Excluded from this, however, are the fixtures for load secur-ing, as these must be available for a longer period of time when shipping the goods internationally in order to be able to prove in the event of complaints that the goods concerned have been loaded free of defects and completely. This is the only way to prove that the liability does not lie with the Fliegl company, but with the respective freight forwarder. In this case, due to the long delivery times for overseas transactions, the retention period is 28 days.

Diese Datenschutzerklärung wurde mit Unterstützung der Datenschutz-Software: audatis MANAGER erstellt.