Data protection declaration and information obligations according to GDPR
Data protection and the protection of your personal data is our top priority. We will inform you below about the processing of your personal data on our website. The processing of personal data is carried out in accordance with the provisions of the Telemedia Act (TMG) and the applicable General Data Protection Regulation (GDPR) and the new Federal Data Protection Act (BDSG-new).
1. Name and address of the person responsible
Camina & Schmid Feuerdesign und Technik GmbH & Co. KG, Gewerbepark 18, 49143 Bissendorf
represented by the management: Anna Rokossa, Colin Rokossa
Phone +49 5402 70 10-10, email info(at)camina-schmid.de
2. Contact details of the data protection officer
Detlef Breuker, c/o C&S Consulting, An der Blanken Mühle 17, 49328 Melle
Email: info (at) datenschutz-os.de
3. Processing of personal data on our website
3.1. Provision of the website and creation of log files
For the mere visit to our website and the retrieval of the information contained therein, it is not necessary for you to provide personal data.
We only collect and use data when you visit our website, which your internet browser automatically transmits to us:
• Date and time of access to one of our websites
• Your browser type
• Your browser settings
• Your IP address
• The pages you visited
We use this data to technically enable you to visit our site. We also use this data for statistical purposes and to improve our website in terms of design and layout. We store the IP address for the purposes of guaranteeing and maintaining IT security (e.g. detection and defense against so-called DOS attacks) and functionality.
The legal basis for the temporary storage of data is Article 6 (1) (f) GDPR.
3.2 Personal Information
Personal data is recorded when you enter it in the context of an inquiry, when registering and using our spare parts shop, or in our contact form. The data you provide will be used to fulfill and process your order or request without your separate consent. The data is not transmitted to third parties for advertising purposes (no address sale).
3.2.1 Contact form
A contact form is available on our website. When using this option, the data entered in the input mask will be transmitted to us and saved:
3.3 Purposes and legal bases for data processing
The processing of the personal data from the input mask serves us only to process the contact. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.
The legal basis for the processing of the data that is transmitted in the course of sending an email is Article 6 Paragraph 1 Letter f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for the processing is Art. 6 Para. 1 Letter b GDPR.
As part of your order via our spare parts shop, personal data is processed in order to conclude a contract with our company. The legal basis results from Art. 6 Para. 1 Letter b GDPR.
3.4 Storage duration or criteria for determining the duration
Ordering spare parts shop: If necessary, we process and save your personal data for the duration of our business relationship. In addition, we are subject to various storage and documentation obligations, which essentially result from the Commercial Code (HGB) and the Tax Code (AO). The periods for storage and documentation specified there are six to ten years. Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to Sections 195 et seq. Of the German Civil Code (BGB) are usually 3 years, if it is necessary to preserve evidence, for example in the context of judicial proceedings, the limitation periods of the Civil Code (BGB) up to 30 years if a judicial title exists. After the contractual relationship has ended, the data will be deleted after the statutory retention requirements have expired.
Contact forms: If the purpose for storing the data no longer applies, the personal data will be blocked or deleted as long as there are no legal retention requirements.
3.5 Recipients or categories of recipients of the data (if data is transmitted)
Within the company, those departments receive your data that they need to fulfill our contractual and legal obligations. Order processors employed by us (Art. 28 GDPR) can also receive data for these purposes. These are companies in the categories IT services, printing services, telecommunications, consulting and consulting as well as sales and marketing.
Outside of the company, companies may receive your data which they need to fulfill our contractual obligations. Under these conditions, recipients of personal data can e.g. B. be:
- Tax consultant, auditor, consultant
- Lawyers (disputes, collections, etc.)
- Craftsmen / technicians (repair measures / maintenance)
- Banks / Financial Institutions
- transport service
- Credit agencies (Creditreform, Schufa)
3.5.1 Service providers for processing the applications
If you apply to our company, we will only process your application data for purposes related to your interest in current or future employment with us and the processing of your application. Your application will only be processed and acknowledged by the relevant contact persons at our company. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. If we are unable to offer you employment, we will keep the data you have submitted for up to three months after any rejection for the purpose of answering questions in connection with your application and rejection. This does not apply if legal provisions prevent deletion, if further storage is required for the purpose of providing evidence or if you have expressly consented to longer storage. The legal basis for data processing is 26 Paragraph 1 Sentence 1 BDSG. If we store your applicant data for a period of six months and you have expressly consented to this, we would like to point out that this consent can be revoked at any time in accordance with Art. 7 Para. 3 DSGVO. Such a revocation does not affect the lawfulness of the processing that has taken place on the basis of the consent up to the point of revocation.
3.6 Information on the rights of those affected
Every data subject has the following data protection rights under the GDPR:
• Right to information according to Art. 15 GDPR
• Right to correct incorrect data according to Art. 16 GDPR
• Right to deletion according to Art. 17 GDPR
• Right to restriction of processing according to Art. 18 GDPR
• Right to data portability according to Art. 20 GDPR
• Right to object according to Art. 21 GDPR
To exercise your above rights and revoke your consent, please contact the email address given in the legal notice.
You have the right to lodge a complaint with a supervisory authority. You can exercise this right with a supervisory authority in the Member State of your residence, your place of work, or the place of the alleged violation.
Before you lodge a complaint with the responsible supervisory authority, we would like to ask you to clarify this matter with our data protection officer.
3.7 Planned data transfer to third countries
There is currently no data transmission to third countries and is not planned in the future.
We use so-called "cookies" on our website. These are small text files that are sent from our web server to your computer in order to identify them for the duration of the visit. We do not collect any personal data via these cookies.
Our website can also be displayed without saving cookies. You can deactivate the storage of cookies in the settings of your browser or set it so that it informs you of the intended storage by a website. In this case, you decide whether to accept the cookie. For the full range of functions of our website, however, it is necessary for technical reasons to fully allow the temporary cookies.
This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transferred to a Google server in the USA and abbreviated there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by clicking on the following link https://tools.google.com/dlpage/gaoptout?hl=de Download and install the available browser plug-in.
You can prevent Google Analytics from collecting data by clicking on the following link. An opt-out cookie is set that prevents the future collection of your data when you visit this website: Disable Google Analytics
6. Google Tag Manager
This website uses the Google Tag Manager. This service allows website tags to be managed via an interface. The Google Tag Manager itself does not set cookies, only tags and does not collect any personal data. The service triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in effect for all tracking tags that are implemented with the Google Tag Manager.
7. MyFonts Counter
We use social plugins from the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. The plugins can be recognized by one of the Facebook logos. When you visit a website that contains such a plug-in, your browser establishes a direct connection to the Facebook servers. By clicking the button, Facebook receives the information that a user has called up the corresponding page of the offer. If the user is logged into Facebook, Facebook can assign the visit to their Facebook account. If users interact with the plugins, for example by pressing the Like button or leaving a comment, the corresponding information is transmitted from your browser directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save his IP address. According to Facebook, only an anonymized IP address is saved in Germany.
Purpose and scope of data collection and the further processing and use of data by Facebook, and the respective rights and ways to protect the privacy of users, this can refer to the privacy policies of Facebook: https://www.facebook.com/about/privacy/.
If a user is a Facebook member and do not want that Facebook collects data about this offer about him and linked to his stored on Facebook member data, he must log off before visiting the website on Facebook.
8.5.1 Facebook Pixels
We use the remarketing function "Custom Audiences" from Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland "Facebook") on our website.
Facebook Ireland and we are jointly responsible for the collection of your data and the transmission of this data to Facebook when the service is integrated. The basis for this is an agreement between us and Facebook Ireland on the joint processing of personal data, in which the respective responsibilities are defined. The agreement is under https://www.facebook.com/legal/controller_addendum accessible. According to this, we are particularly responsible for the fulfillment of the information obligations according to Art. 13, 14 GDPR, for compliance with the security requirements of Art. 32 GDPR with regard to the correct technical implementation and configuration of the service as well as for compliance with the obligations according to Art. 33 , 34 GDPR, insofar as a violation of the protection of personal data affects our obligations under the agreement on joint processing. Facebook Ireland is responsible for enabling the rights of the data subject in accordance with Art. 15 - 20 GDPR, complying with the security requirements of Art. 32 GDPR with regard to the security of the service and the obligations under Art. 33, 34 GDPR, insofar as a violation of the Protection of personal data concerns the obligations of Facebook Ireland under the joint processing agreement.
The purpose of the application is to target visitors to the website with interest-based advertising on the Facebook social network. For this purpose, the Facebook remarketing tag was implemented on the website. A direct connection to the Facebook servers is established via this tag when you visit the website. This transmits to the Facebook server which of our pages you have visited. Facebook assigns this information to your personal Facebook user account. If you visit the social network Facebook, you will then be shown personalized, interest-based Facebook ads.
Your data may be transmitted to the USA. There is no adequacy decision by the EU Commission for the USA. The data is transmitted on the basis of standard contractual clauses as suitable guarantees for the protection of personal data, which can be viewed at: https://www.facebook.com/legal/EU_data_transfer_addendum.
We use the "+1" button of the Google Plus social network, which is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States. When a user clicks the associated button, the browser establishes a direct connection to the Google servers. The content of the "+1" button is transmitted by Google directly to its browser, which integrates it into the website. the provider therefore has no influence on the amount of data that Google collects with the button. According to Google, no personal data is collected without clicking the button. Such data, including the IP address, is only collected and processed for members who are logged in.
This website contains at least one plugin from YouTube, belonging to Google Inc., located in San Bruno / California, USA. As soon as you visit the pages of our website that are equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which particular page of our website you have visited. If you were also logged into your YouTube account, you would enable YouTube to assign your surfing behavior directly to your personal profile. You can nullify this possibility of assignment if you log out of your account beforehand. Further information on the collection and use of your data by YouTube can be found in the information on data protection there www.google.de/intl/de/policies/privacy/.
We use the social network Pinterest, Pinterest, Inc., 808 Brannan St, San Francisco, CA 94103, USA. By clicking on the Pinterest button, Pinterest receives the information that you have accessed the corresponding page of our website. If you are logged in to Pinterest, Pinterest can assign the visit to your Pinterest account. The data transmitted by clicking the button is saved by Pinterest in the USA. If you do not agree to this, you must log out of your Pinterest account before clicking the button. The scope and purpose of the data collection and the further processing and use of the data by Pinterest as well as your corresponding rights and design rights to protect your privacy can be found in Pinterest's data protection information at: http://pinterest.com/about/privacy/.
Our website uses plug-ins from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA. The plug-ins are marked with an Instagram logo, for example in the form of an “Instagram camera”. An overview of the Instagram plug-ins and their appearance can be found here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges
When you visit one of our pages that contains such a plug-in, your browser establishes a direct connection to the Instagram servers. The content of the plug-in is transmitted from Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has called up the corresponding page of our website, regardless of whether you have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is sent from your browser directly to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can immediately assign your visit to our website to your Instagram account.
If you interact with the plug-ins, for example by clicking on the "Instagram" button, this information is also transmitted directly to an Instagram server and stored there. The information will also be published on your Instagram account and displayed to your contacts there. The purpose and scope of the data collection and the further processing and use of the data by Instagram as well as your rights in this regard and setting options for protecting your privacy can be found in Instagram's data protection information: https://help.instagram.com/155833707900388/
If you do not want Instagram to directly associate the data collected via our website with your Instagram account, you must log out of Instagram before visiting our website. You can also completely prevent the loading of Instagram plug-ins with add-ons for your browser, e.g. B. with the script blocker "NoScript" (http://noscript.net/).
We use functions of the LinkedIn network of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. We would like to inform you that when you visit our pages that contain LinkedIn functions, a connection to LinkedIn servers will be established. LinkedIn receives information that you have visited our website with your IP address. If you click the LinkedIn button and are logged into your LinkedIn account, LinkedIn is able to assign your visit to our website to your user account. We would like to point out that we have no knowledge of the content of the transmitted data or their use by LinkedIn. If you do not want this procedure, you must log out of your LinkedIn account beforehand.
Further information can be found in LinkedIn's data protection declaration: https://www.linkedin.com/legal/privacy-policy
15. Safety measures
We use technical and organizational security measures to protect personal data, especially against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments. We would like to point out that, despite all security measures, the transmission of data on the Internet can result in third parties taking note of or falsifying this data.
If you have any questions or suggestions regarding this data protection declaration, please contact the contact address given in the imprint.
17. Update of our data protection guidelines
The ongoing technical development in the field of IT technology and the Internet also requires an adaptation of the existing data protection declaration. We therefore reserve the right to make additions or changes to this data protection declaration.