Welcome to our website. Thank you for your interest in our company.
1 Personal data
The protection of your personal data is important to us. We process your data in compliance with the applicable statutory provisions on the protection of personal data, in particular the EU General Data Protection Regulation (GDPR) and the country-specific implementing legislation applicable to us.
For these purposes, personal data is any information that enables the identification of an individual. This includes in particular your name, date of birth, address, telephone number, email address and your IP address. Data is anonymous if no personal relationship to the user whatsoever can be established.
2 Controller and Data Protection Officer
Managing Directors Authorised as Representatives: Peter Andreas, Andre Scharschmidt
Data Protection Officer contact details: Norbert Rauch, atarax GmbH & Co. KG, email@example.com
3 Your rights as a data subject
First, we would like to tell you about your rights as a data subject. These rights are set out in Articles 15–22 of the GDPR. They include:
- The right to access (Art. 15 GDPR),
- The right to erasure (Art. 17 GDPR),
- The right to rectification (Art. 16 GDPR),
- The right to data portability (Art. 20 GDPR),
- The right to restriction of processing (Art. 18 GDPR),
- The right to object to the processing of your data (Art. 21 GDPR).
To assert these rights, please contact: Sandy Langer (Commercial Management), Tel.: +49 (0) 371 5223 2340, Email: firstname.lastname@example.org. The same applies if you have questions about data processing within our company. You also have the right to lodge a complaint with a data protection supervisory authority.
4 Rights to object
Please note the following in connection with your rights to object:
If we process your personal data for direct-marketing purposes, you are entitled to object to said processing at any time and without giving reasons for your decision. The same also applies to profiling if in connection with the direct marketing.
If you object to processing for direct-marketing purposes, we will no longer process your personal data for such purposes. The objection is free of charge and can be done in any form, where possible by contacting: Sandy Langer (Commercial Management), 0371 / 5223 – 2340, Email: email@example.com.
Where we process your data to safeguard legitimate interests, you may object to this processing at any time on grounds relating to your particular situation. This also applies to any profiling based on these provisions.
We will then no longer process your personal data unless we are able to demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or where the processing is to establish, exercise or defend legal claims.
5 Purpose and legal basis of data processing
During the processing of your personal data, the provisions of the GDPR and all other applicable data protection legislation will be complied with. The legal basis for the data processing arises in particular from Art. 6 of the GDPR.
We use your data for the initiation of business transactions, to fulfil contractual and legal obligations, to fulfil contractual relationships, to offer products and services, and to strengthen the customer relationship, which may also include analyses for marketing and direct-marketing purposes. Specifically, this includes the sending of price lists and offers about using our online quote service, the sending of contractual documents for use of the online quote service, the sending of access details for the online quote service, and making contact regarding contact and support requests (by email or by telephone). We also use your data to send advertising mailings or articles to make you aware of our existing or new services.
Your consent also constitutes an authorisation under data protection law. We hereby inform you about the purposes of the data processing and your right to revoke your consent. Where the consent also relates to the processing of special categories of personal data, we will indicate this specifically in the consent, Art. 88(1) GDPR.
Special categories of personal data, as defined in Art. 9(1) GDPR, will only then be processed where necessary on the basis of legal requirements and where there are no grounds to assume an overriding legitimate interest on your part that would prevent the processing, Art. 88(1) GDPR.
6 Disclosure to third parties
We will only pass your data on to third parties within the limits of the statutory provisions or with the appropriate consent. Otherwise, your data will not be passed to third parties except where we are compelled to do so on the grounds of mandatory statutory provisions (disclosure to external bodies, such as supervisory authorities or law-enforcement authorities).
7 Data recipients / categories of recipients
Within our company, we ensure that your data is only received by people who need it to fulfil the contractual and statutory obligations.
Service providers help us to perform our tasks. These service providers are subcontracted processors who have been commissioned to carry out development, maintenance and update works and the server hosting for the online quote service. Your data will also be saved in our enterprise resource planning system (ERP system) and our support system for the purpose of making contact with you and for quote- and contract-management purposes. In connection with their maintenance and updating of the systems, the subcontracted processors may also gain knowledge of your personal data.
The necessary data protection contractual structure has been concluded with all service providers.
8 Transmission to third countries / intent to transmit to third countries
The data will be processed solely in data centres in the Federal Republic of Germany.
Data will only be transmitted to third countries (countries outside the European Union and the European Economic Area) where this is necessary to fulfil contractual obligations, where required by law, or where you have granted us your consent so to doe.
9 Data storage period
We save your data for as long as necessary to fulfil the respective purpose of the processing. Please note that many retention periods require that your data is (must be) stored for longer. This relates in particular to retention obligations under commercial or tax law (such as the German Commercial Code, German Tax Code, etc.). In the absence of any additional retention obligations, the data will be routinely erased once the purpose has been fulfilled.
Hinzu kommt, dass wir Daten aufbewahren können, wenn Sie uns hierfür Ihre Erlaubnis erteilt haben oder wenn es zu rechtlichen Auseinandersetzungen kommt und wir Beweismittel im Rahmen gesetzlicher Verjährungsfristen nutzen, die bis zu dreißig Jahre betragen können; die regelmäßige Verjährungsfrist beträgt drei Jahre.
10 Secure transmission of your data
To provide the best possible protection for the data stored by us against accidental or deliberate tampering, loss, destruction or access by unauthorised persons, we use appropriate technical and organisational security measures. The security levels are continually reviewed in collaboration with security experts and are adapted to the latest security standards.
Data exchanges from and to our website are always encrypted. We use HTTPS as the transfer protocol for our website, using the latest encryption protocols in each instance. Within the contact forms, we also offer our users content encryption (SSL – Secure Socket Layer). Only we are unable to decrypt this data. There is also the option of using alternative methods of communication (such as post).
11 Obligation to provide data
Various personal data is necessary for the establishment, implementation and termination of the contractual relationship and to fulfil the contractual and statutory obligations associated with the same. The same applies to the use of our website and the various features it provides.
We have summarised the details of this for you in the paragraph above. In certain cases, data also needs to be collected or provided due to statutory provisions. Please note that, if you do not provide this data, it will not be possible to process your request or to implement the underlying contractual relationship.
12 Categories, sources and origin of data
The data we process is determined by the context in each instance: This depends on whether you submit an enquiry via our contact form or simply visit our website.
Please note that, for special processing situations, we also provide information separately to the appropriate body where necessary, such as in the case of a contact request.
12.1 When you visit our website, we collect and process the following data:
- Name of Internet service provider
- Details of the website you visited our site from
- The web browser and operating system used
- The IP address assigned by your Internet service provider
- The files requested, data volumes transferred and any downloads/file exports
- Information about the web pages you visit on our site, including the date and time
For technical security reasons (in particular to defend against attempted attacks on our web servers), this data will be stored in accordance with Art. 6(1)(f) GDPR.
12.2 During the course of a contact request or a request for test access, we collect and process the following data:
- Surname, first name
- Email address
- Telephone number
- Contract partner number / dealership number
- Information about preferences and interests
12.3 During the course of a support request within the online quote service, we collect and process the following data:
- Surname, first name
- Telephone number
- End customer’s vehicle identification number
- Contract partner number / dealership number
- Description of the issue
- Any file attachments you may have provided
13 Contact form / making contact by email (Art. 6[a] and [b] GDPR)
Our website contains a contact form which can be used to contact us online. When you write to us using the contact form, we process the data provided by you in the contact form to make contact with you and answer your questions and requests.
The principle of data minimisation and data avoidance is complied with here, meaning that you only need to enter the data we need in order to contact you. This data includes your name, email address, company and your company’s contract partner number (dealership number), as well as the message field itself. All other fields are optional and can be completed if desired (e.g. for a more customised response to your enquiries).
If you contact us by email, we will process the personal data provided in the email for the sole purpose of dealing with your enquiry. If you do not use the forms provided to contact us, no data will be collected through them.
14 Login (Art. 6[a] and [b] GDPR)
A valid user contract and contract-processing agreement are required between us and your company in order to use the online quote service. If you have been named company administrator by your company in the aforementioned contract documents, you will automatically receive access details for the online quote service by email. You can use these access details to log in to our Internet site. If you have not been named company administrator, your company administrator must have created you as a user. Only then will you be able to log in to our online quote service on our website.
When you log in, your user ID and the login date and time will be saved (technical background data). This data is also stored when you log out.
For the initial login, you will receive an email from us with your login details. The password is generated automatically during this process. Once you have signed in to the online quote service, you can change your password.
Please note: We will store the password specified by you in encrypted form. Employees of our company and your company will not be able to read the password. They are therefore unable to give you any information if you forget your password.
In that scenario, use the “Forgot your password?” feature, which will send you a new, automatically generated password by email. No member of staff is authorised to ask you for your password by telephone or in writing. Therefore please never give out your password if you receive such a request.
Your company administrator is responsible for changing your name or erasing your data.
15 Advertising purposes for existing customers (Art. 6[f] GDPR)
We are interested in maintaining our customer relationship with you and in sending you information about, and offers on, our products and services (advertising letters or promotional gifts). We therefore process your data in order to send you relevant information and offers by email or post (to your company).
If you do not wish to receive these, you may object to the use of your personal data for direct advertising purposes at any time. This also applies to profiling where this is in connection with the direct advertising. When you object, your data will no longer be processed for this purpose.
The objection can be submitted free of charge and in any form, without giving reasons, and, where possible, should be sent by email to firstname.lastname@example.org or by post to Schloz Wöllenstein Services GmbH & Co. KG, Werner-Seelenbinder-Straße 11b, 09120 Chemnitz, Germany.
16 Automated individual decision-making
We do not use any purely automated processing processes to make decisions
17 Cookies (Art. 6[f] GDPR / Art. 6[a] GDPR if consented to)
Our websites use so-called cookies in many places. These are used to make our site more user friendly, more effective and more secure. Cookies are small text files that are stored on your computer and saved in your browser (locally on your hard drive).
These cookies make it possible for us to analyse how users are using our website. This means that we can tailor the website content more towards the needs of our users. Cookies also allow us to measure the effectiveness of a particular advertisement and to place advertisements appropriately, for example, based on a user’s particular interests.
Most of the cookies we use are so-called “session cookies”. These are deleted automatically after your visit. Permanent cookies are deleted from your computer automatically once their period of validity (usually six months) expires or if you delete them yourself before this period has expired.
Most web browsers accept cookies automatically. You can however usually also change your browser settings if you would prefer not to send the information. In this case, you will still be able to use our website without any restrictions (exception: configurators).
Please note: Disabling cookies may result in you being unable to use some features of our website to their full extent.
18 Web tracking procedures / use of Google Analytics with anonymisation function
On our site, we use Google Analytics, a web-analysis service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, hereinafter “Google”. Google Analytics uses so-called “cookies”, text files stored on your computer, and this enables analysis of your use of the website. The information generated by these cookies, for example time, location and frequency of your visits to our website, including your IP address, will be sent to Google in the USA and will be stored there.
On our site, we use Google Analytics with the “_gat._anonymizeIp” add-on. In this scenario, your IP address is shortened, and thus anonymised, by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area.
Google will use this information to analyse your use of our site, to compile reports for us regarding website activity, and to provide other services in connection with use of the website and Internet usage. Google may also pass this information on to third parties where legally required to do so or where third parties process this data on Google’s behalf. Google states that under no circumstances will it associate your IP address with other Google data.
You can prevent the installation of cookies by making the appropriate setting in your browser software. Note, however, that if you choose to do so, you may not be able to use all features of our website to their full extent.
If you visit our site using a mobile end device (smartphone or tablet), you must click this link instead to prevent tracking by Google Analytics within this website. This is also possible as an alternative to the aforementioned browser add-on. Clicking the link places an opt-out cookie in your browser that is only valid for this browser and this domain. When you delete the cookies in this browser, the opt-out cookie will also be deleted, meaning you will need to click the link again.
19 Protection of minors – persons aged under 16
Persons aged under 16 may not send us any personal data or submit a declaration of consent to us without the consent of their parent or guardian. We therefore ask parents and guardians to be actively involved in their children’s online activities and interests.
20 Links to other providers
Our website also contains clearly visible links to the websites of other companies. Where links are provided to the websites of other providers, we have no influence over the content thereof. Therefore, we cannot accept any responsibility for, or offer any guarantee as to, their content. The provider or operator of the pages in question will always be responsible for the content of such pages.
At the time of linking, the linked pages were checked for any possible legal violations and identifiable rights infringements. No unlawful content was apparent at the time of the linking. However, ongoing checks of the content of linked pages without any specific indication of a legal violation is not reasonable. Should any legal violation come to our attention, the links in question will be removed immediately.