PRIVACY
We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various items of personal data are collected. Personal data is data by means of which you can be personally identified directly or indirectly. This privacy policy explains who is responsible for data processing and which data is processed. It also explains how and for what purpose this is done.
CONTROLLER / DATA PROTECTION OFFICER
The controller for data processing on this website is:
Gruber-Folien GmbH & Co. KG
Schlesische Straße 114
D-94315 Straubing
The controller is the natural or legal person who, alone or together with others, determines the purposes and means of processing of personal data (e.g. names, email addresses, etc.). The controller has appointed a data protection officer. You can contact him about any data protection issues related to the company and to report any breaches of data protection at datenschutz@gruber-folien.de. or by post to the Data Protection Office at the above address.
HOSTING
This website is hosted by an external service provider (host). The personal data collected on this website is stored on the servers of the host. This includes, in particular, IP addresses, contact requests, meta and communication data, contract data, contact data, names, details of website access and other data generated by a website.
The host is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6(1) point (b) GDPR) and in the interest of secure, fast and efficient provision of our website by a professional provider (Art. 6(1) point (f) GDPR). Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions relating to this data.
CONCLUSION OF A COMMISSIONED DATA PROCESSING AGREEMENT
In order to ensure processing in accordance with data protection law, we have concluded a commissioned data processing agreement with our host.
SERVER LOG FILES
The provider of the site automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes:
- browser type and browser version
- operating system used
- referrer URL
- host name of the accessing computer
- time of the server request
- IP address
This data is not merged with other data sources.
The data is collected on the basis of Art. 6 (1) point (f) GDPR. The website operator has a legitimate interest in technically error–free presentation and optimisation of the website – the server log files must be compiled for this purpose.
SSL AND TLS ENCRYPTION
This site uses SSL and TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https: //” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
OBJECTION TO MARKETING EMAILS
We hereby object to the use of the contact details published in the obligatory imprint for the purpose of sending us unsolicited marketing and information materials. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited receipt of marketing information, for example by spam emails.
COOKIES
Our website uses so-called “cookies”. Cookies are small text files that do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your device when you access our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).
Cookies have various functions. Numerous cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or video playback). Other cookies are used to evaluate user behaviour or to display advertising.
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions required by you (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies for analysing the web audience) are stored on the basis of Art. 6 (1) point f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of cookies for technically error-free and optimised provision of its services. If consent to the storage of cookies has been requested, the storage of the relevant cookies takes place exclusively on the basis of that consent (Art. 6(1) point (a) GDPR); the consent may be withdrawn at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general, or enable automatic deletion of cookies on closing the browser. If cookies are disabled, the functionality of this website may be restricted.
There is separate information in this privacy policy about cookies that are used by third-party companies or for analytical purposes and, if necessary, we will ask for your consent in this context.
We use Cookiebot on our website for this, a web service of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (cookiebot.com). We have concluded a commissioned data processing agreement with cookiebot.com. When you access our website, your browser may send personal data to cookiebot.com. The legal basis for data processing is Art. 6 (1) point (f) GDPR. Our legitimate interest lies in the error-free functioning of the website. The data is erased as soon as the purpose of its collection has been fulfilled. Further information about handling of the transmitted data can be found in the privacy policy of cookiebot.com: https://www.cookiebot.com/en/privacy-policy/
You can prevent the collection and processing of your data by cookiebot.com by disabling the execution of script code in your browser or by installing a script blocker in your browser.
GOOGLE ANALYTICS
We use Google Analytics, a web analytics service provided by Google Inc. (“Google”), on our website. Google Analytics also uses “cookies”. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area are first truncated by Google. Direct personal identification can therefore be excluded in the course of further processing. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.
Google uses this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities and to provide other services related to website and internet use to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.
You may prevent the use of cookies by selecting the appropriate settings in your browser; please note, however, that if you do this you may not be able to use all the functions of this website to their full extent. In addition, you can prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and processing of that data by Google by downloading and installing the browser plug-in available via this link.
Google Analytics is used in accordance with the conditions which the German data protection authorities have agreed with Google.
VISABLE
We use products and services on our website for analysis and marketing purposes which are provided by Visable GmbH (www.visable.com). Tracking pixel technology is used for this purpose to collect, process and store data in order to create at least pseudonymised user profiles or, wherever possible and expedient, completely anonymised profiles. The collected data, which may initially include personal data, is transmitted to Visable or collected directly by Visable and used by it to create the user profiles mentioned above. No personal identification of visitors to this website is carried out, and no other personal data is merged with the user profiles. If IP addresses are identified as personal, they are deleted immediately. The processing takes place exclusively on the basis of your consent (Art. 6(1) point (a) GDPR); the consent is given by opting in and can be withdrawn at any time.
BONIVERSUM
Our company regularly checks your creditworthiness when concluding a contract and in certain cases where there is a justified cases where there is a justified interest, we also check the creditworthiness of existing customers. For this purpose we work together with Creditreform Boniversum GmbH, Hammfelddamm 13, 41460 Neuss, from whom we receive the necessary data. On behalf of Creditreform Boniversum we inform you in advance about the following information the following information in accordance with Art. 14 EU-DSGVO: Creditreform Boniversum GmbH is a consumer credit agency.
It operates a database in which in which creditworthiness information on private individuals is stored. On this basis, Creditreform Boniversum provides creditworthiness information to its customers. Its clients include, for example, credit institutions, leasing companies, insurance companies, telecommunication companies, receivables management companies, mail-order, wholesale and retail companies, as well as other companies that sell goods or services. and other companies that supply goods or services. Within the legal provisions, some of the data in the information database is also used to supply other company databases. for supplying other company databases, e.g. for use for address trading purposes. In the Creditreform Boniversum database, information is stored in particular on the following the name, address, date of birth, e-mail address if applicable, payment history and the participation relationships of persons. The purpose of processing the stored data is to to provide information on the creditworthiness of the person inquired about. The legal basis for legal basis for the processing is Art. 6 para. 1f EU-DSGVO According to this, information about this data may only be provided, if a customer credibly demonstrates a legitimate interest in knowing this information. If data is transferred to countries outside the EU, this is done on the basis of the so-called “standard contractual clauses”. “Standard Contractual Clauses”, which you can view at https://eur-lex.europa.eu/legalcontent/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE or have sent to you from there.
The data is stored as long as its knowledge is necessary for the fulfilment of the purpose of the storage. As a rule, knowledge is necessary for an initial storage period of three years.
After this period has expired, a check is made to see whether it is still necessary to store the data or deleted to the day. In the event that a case is settled, the data will be deleted on a daily basis three years after settlement. Pursuant to section 882e of the Code of Civil Procedure (ZPO), entries in the debtors’ register are deleted on a daily basis after three years have elapsed since the date of the entry order. Further information on this can also be found at www.boniversum.de/bonipedia/ under the heading Data Deletion. Legitimate interests within the meaning of Art. 6 para. 1f EU-DSGVO may be: Credit decision, business initiation, shareholding relationships, claims, credit assessment, insurance contract, enforcement information. You have the right to obtain information from Creditreform Boniversum GmbH about the personal data personal data stored there. If the data stored about you is incorrect, you have the following rights a right to correction or deletion. If it cannot be determined immediately whether the data is incorrect or correct, you have a right to block the respective data until clarification
If your data is incomplete, you may request that it be completed. If you have given your consent to the processing of the data stored by Creditreform Boniversum, you have the right to revoke this consent at any time. The revocation the lawfulness of the processing of your data which was carried out on the basis of your consent until processing of your data which took place on the basis of your consent up to the time of revocation. If you have any objections, requests or complaints regarding data protection, you can contact the Creditreform Boniversum data protection officer using the contact details below. He or she will be able to help you quickly and confidentially in all matters of data protection. In the event of a suspected breach of data protection, you have the right to complain to a state data protection supervisory authority. The competent authority for Creditreform Boniversum is the State Commissioner for Data Protection NRW, Postfach 20 24 44, 40102 Düsseldorf, e-mail: poststelle@ldi.nrw.de. The data that Creditreform Boniversum has stored on you comes from publicly accessible sources, from debt from publicly accessible sources, from debt collection companies and from their customers. To describe your creditworthiness Creditreform Boniversum calculates a score value for your data. The score value includes data on age and gender, address data and, in some cases, payment experience data. These data
are included in the score calculation with varying weighting. The Creditreform Boniversum clients use the score values as an aid in making their own credit decisions.
Right of objection:
In accordance with Art. 21 (1) DSGVO, you may object to the processing of your data on grounds relating to your particular situation (e.g. women’s shelter or witness protection). You can send your informal objection in writing to Creditreform Boniversum GmbH, Hammfelddamm 13, 41460 Neuss or by e-mail to selbstauskunft@boniversum.de. If you object to the processing of your data for advertising and marketing purposes at Boniversum, the data will no longer be processed for these purposes. The responsible party within the meaning of Art. 4 No. 7 EU-DSGVO is Creditreform Boniversum GmbH, Hammfelddamm 13, 41460 Neuss. Your contact at Boniversum is the Consumer Service, Tel.: 02131 36845560, Fax: 02131 36845570, E-Mail: selbstauskunft@boniversum.de. You can reach the responsible data protection officer at Boniversum under the following contact details: Creditreform Boniversum GmbH, Data Protection Officer, Hammfelddamm 13, 41460 Neuss, e-mail: datenschutz@boniversum.de.
FONT AWESOME
This site uses so-called web fonts provided by Fonticons, Inc. for consistent presentation of fonts. When you access a page, your browser loads the required web fonts to your browser cache to display texts and fonts correctly.
For this purpose, the browser you are using must make a connection to the servers of Fonticons, Inc. As a result, Fonticons, Inc. is aware that our website has been accessed via your IP address. The use of web fonts is in the interest of consistent and appealing presentation of our website. This constitutes a legitimate interest within the meaning of Art. 6 (1) point (f) GDPR.
If your browser does not support web fonts, a standard font will be used by your computer. For more information about Font Awesome, see https://fontawesome.com/help and the privacy policy of Fonticons, Inc.: https://fontawesome.com/privacy.
USER ACCOUNT / CUSTOMER ACCOUNT
In certain areas of our website (e.g. our shop), you also have the option of voluntarily creating a profile for yourself, storing data there and retrieving it again as necessary. The data you enter and the results of the actions you carry out (e.g. items saved in the shopping basket) are then stored in these profiles and are available for you to retrieve. The following information, if you choose to provide it, can be stored in a profile on our website:
- First and last name
- Date of birth
- VAT reg. no.
- Address
- Contact details
Your profile is based solely on the information you provide. No automated profiling is carried out by us on the basis of your behaviour or any other information. Access to your profile is protected by a password and is only accessible to third parties if you transfer it yourself.
If you create a profile on our website, a contract is concluded with us for the storage and provision of the profile in question. The processing of your personal data is therefore carried out in accordance with Art. 6 (1) point (b) GDPR. As a matter of principle, we do not independently erase the personal data you store in a profile. However, you have the option at any time to change or delete individual data items in your profile and to delete the profile you have created entirely, in which case all the personal data stored there will be deleted at the same time.
ORDER PROCESSING
All data provided in the context of order processing is stored. This includes:
- Last name, first name
- Address information (delivery and billing address)
- Payment details
- Email address
- Individual notes
Payment details are subject to the data protection regulations of the respective service providers. Only the data that is absolutely necessary for delivery or order processing is passed on to third parties (e.g. shipping service providers) to the extent necessary in each case.
The legal basis for this processing is Art. 6 (1) point (b) GDPR. As soon as the storage of your data is no longer required or prescribed by law, it is erased.
DATA WHEN USING OUR CONTACT FORM / REQUESTING A SAMPLE
If you send us a message using the form, the mandatory fields are indicated on the form itself. Contact details must be provided so that we can get in touch with you.
The data you enter on the form is processed by us exclusively to respond to your enquiry. This data is processed on the basis of Art. 6 (1) point (b) GDPR if your enquiry is related to the performance of a contract or is necessary to carry out pre-contractual measures (e.g. request for a sample/price information). In all other cases, the processing is based on our legitimate interest in the effective processing of enquiries addressed to us (Art. 6(1) point (f) GDPR) or on your consent (Art. 6(1) point (a) GDPR) if this has been requested.
The data you enter on the form is retained by us until you request us to erase it, withdraw your consent to its storage or the purpose of data storage no longer applies (e.g. after your enquiry has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
ENQUIRY BY EMAIL, TELEPHONE OR FAX
If you contact us by email, telephone or fax, your enquiry, including all resulting personal data (name, details of the enquiry), will be stored and processed by us for the purpose of dealing with your enquiry. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 (1) point (b) GDPR, insofar as your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of enquiries addressed to us (Art. 6(1) point (f) GDPR) or on your consent (Art. 6(1) point (a) GDPR) if this has been requested.
The data you send to us via contact enquiries is retained by us until you ask us to erase it, withdraw your consent to its storage or the purpose of data storage no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
DATA PROTECTION WHEN SUBMITTING APPLICATION DOCUMENTS
If you send us your application documents, we use them exclusively to decide on your application and do not pass your data on to third parties. We would like to point out that when you submit application documents by email, we currently do not offer encryption of your data. However, you can submit your attachments by means of a password-protected ZIP file, for example, and notify us of the password separately, e.g. by telephone. You will receive separate confirmation of receipt of your application. You can also send us your application by post.
Application data is stored and managed separately from other data records.
If we conclude an employment contract with an applicant, the data submitted is stored for the purpose of processing the employment relationship in compliance with the statutory regulations. If no employment contract is concluded with the applicant, the application documents are automatically deleted at the latest 6 months from notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller or the applicant has not expressly consented to longer storage and retention of their application, e.g. for subsequent contact about vacant positions. Other legitimate interest in this sense includes, for example, providing evidence in proceedings under the German General Equal Opportunities Act (AGG).
Data processing for the purpose of establishing contact and processing your application data is carried out in accordance with Art. 6 (1) sentence (1) point (a), (b) GDPR, on the basis of your voluntary consent and for the implementation of pre-contractual measures.
We process data related to your application. This may be general data about you (such as name, address and contact details), information about your professional qualifications and school education, information about your professional training and other information that you provide to us in connection with your application. In addition, we may process work-related information made publicly available by you, such as profiles on professional social media networks.
TRANSFER OF DATA
We will only pass on your personal data to third parties if:
- you have given your express consent for us to do so, in accordance with Art. 6 (1) sentence (1) point (a) GDPR; it is lawful and necessary for the fulfilment of contractual relationships that are required for the implementation of pre-contractual measures with you,
- in accordance with Art. 6 (1) sentence (1) point (b) GDPR; we are under a legal obligation to transfer the data,
- in accordance with Art. 6 (1) sentence (1) point (c) GDPR; the processing is necessary to pursue
- our legitimate interests or those of a third party in accordance with Art. 6 (1) sentence (1) point (f) GDPR, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data take precedence, in particular if the data subject is a child.
RIGHTS OF DATA SUBJECTS
You have the right:
- to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if not collected by us, and the existence of automated decision-making including profiling, together with any meaningful details in these connections;
- to demand the immediate rectification of incorrect personal data or completion of incomplete personal data stored by us, in accordance with Art. 16 GDPR;
- to request the erasure of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims, in accordance with Art. 17 GDPR;
- to demand the restriction of processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to have the data erased and if we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request its transfer to another controller, in accordance with Art. 20 GDPR; to withdraw the consent you have given to us at any time, in accordance
- with Art. 7 (3) GDPR. As a result, we may no longer continue the data processing based on this consent in the future; to lodge a complaint with a supervisory authority, in accordance with Art. 77 GDPR.
- As a rule, you can contact the supervisory authority responsible for your usual place of residence or workplace or our registered office for this purpose. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
RIGHT TO OBJECT
If, in order to pursue our legitimate, overriding interests, we process your personal data in accordance with Art. 6 (1) sentence (1) point (f) GDPR, you have the right to object to the processing of your personal data with effect for the future in accordance with Art. 21 GDPR.
If the processing is carried out for the purposes of direct marketing, you can exercise this right at any time. This also applies to profiling insofar as it is associated with such direct advertising. Insofar as the processing is carried out for other purposes, you are only entitled to a right to object if there are reasons arising from your particular situation.
After exercising your right to object, we will no longer process your personal data unless we can provide compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
If you object to the processing of your personal data for direct marketing purposes, the personal data will no longer be processed for those purposes.
AMENDMENT OF THIS PRIVACY POLICY – VERSION
As a result of further development of our website and the services offered on it or changes to the legal or official requirements, it may become necessary to amend this privacy policy in compliance with the applicable data protection regulations. The latest privacy policy can be accessed and printed by you at any time on our website under the heading Privacy.
Version of February 2021