Privacy Policy
Table of contents:
§ 1 Information on the collection of personal data
§ 2 Your rights
§ 3 Collection of personal data when visiting our website
§ 4 Further functions and offers of our website
§ 5 Duration of storage of personal data
§ 6 Revocation of consent to the processing of your data and objection to the
processing of your data
§ 7 Legal or contractual obligation to provide personal data; necessity for the
conclusion of the contract; consequences of non-provision
§ 8 Use of our online shop
§ 9 Use of our newsletter
§ 10 Use of Google Analytics
§ 11 Use of social media plug-ins
§ 12 Integration of YouTube videos
§ 13 Use of Google Adwords Conversion
External data protection officer:
SITsolutions
Data Protection | Information Security | Consulting
Jörg Schmidt
Am Sonnenhain 13
36039 Fulda
Phone.: 08042-50390163
e-mail: datenschutz.LHT@mehler-systems.com
§ 1
Information about the collection of personal data
I. Below, we provide information on the collection of personal data when using
this website. Personal data are all data that are personally referable to you,
such as name, address, email addresses and user behaviour.
II. The data controller according to Art. 4 point 7 of the basic EU data
protection regulation (hereinafter: GDPR General Data Protection Regulation) is
Lindnerhof-Taktik GmbH, represented by the managing director Jakob Kolbeck,
Isarring 3, 83661 Lenggries, Germany, email address: info@hqg.de (see also our legal notice). You can
reach our data protection officer at the email address datenschutz.LHT@mehler-systems.com or
our postal address with the addition "the data protection officer".
III. When you contact us by email or via a contact form, the data you provide
(your email address, your full name, the subject of the message and your
message, your company and any other personal data you voluntarily provide) will
be stored by us in order to answer your questions and, if necessary, to
initiate a contractual relationship at your request (the legal basis is Art. 6
(1) clause 1 of point (b) GDPR). We will delete the data collected in this
context after its storage is no longer required, or otherwise limit its further
processing if we are required by the law to continue retaining it.
IV. If we make use of contracted service providers for individual functions of
our offer or would like to use your data for commercial purposes, we will
inform you in detail about the respective processes below. We also specify the
defined criteria for the storage period.
V. We have implemented extensive organisational and technical measures to
ensure the security of your personal data collected on our website as
completely as possible. For technical reasons, however, we cannot guarantee
absolute security when transmitting data on the Internet. Of course, you are
free to transfer your personal data to us by alternative means of transmission
(e.g. by post, fax or telephone).
§ 2
Your Rights
I. You have the following rights towards us regarding your personal data:
• The right to information (Art. 15 GDPR)
• The right to rectification and completion (Article 16 GDPR)
• The right to erasure (Art. 17 GDPR)
• The right to restriction of processing (Art. 18 GDPR)
• The right to object to processing (Art. 21 GDPR)
• The right to data portability (Art. 20 GDPR)
• The right to revoke consent (Art. 7 (3) GDPR)
II. You also have the right to lodge a complaint to a data protection
supervisory authority concerning our processing of your personal data (Art. 77
GDPR).
§ 3
Personal data collection when visiting our website
I. If you use the website for information purposes only, i.e. if you do not
register or otherwise provide us with information, we only collect the personal
data that your browser transmits to our server (so-called log files). If you
wish to view our website, we collect the following data, which are technically
necessary for us to display our website to you and to guarantee stability and
security (legal basis is Art. 6 (1) clause 1 of point (f) GDPR):
• Your IP address
• Date and time of request
• Time zone difference from Greenwich Mean Time (GMT)
• Content of the request (specific page or data)
• Access status/HTTP status code
• The amount of data transmitted
• Website from which the request comes (so-called referrer)
• Your browser
• Your operating system and device
• Language and version of your browser software
• Other similar data that is useful for security purposes in the event of an
attack on our IT infrastructure
We do not combine the aforementioned information with other data and do not use
it to draw conclusions about your person. We use this data only to deliver our
website to visitors, to maintain the functionality and operational security of
our website and the technical systems required for this, to optimise the
content of our website and, if necessary, to support law enforcement bodies in
the event of an attack on our IT infrastructure.
For this purpose, we may also make use of external service providers (each with
company headquarters in the European Union) who host and administer our online
presence, ensure the functionality and operational security of our IT
infrastructure etc. and who are subject by us to the same strict data
protection regulations to which we ourselves are also obliged (cf. also § 4
point 2).
II. In addition to the aforementioned data, cookies are stored on your computer
when you use our website. Cookies are small text files that are stored on your
hard disk in association with the browser you're using and by which the body
which sets the cookie (in this case, us), transmits certain information.
Cookies cannot run programs or deliver viruses to your computer. They serve to
make our site more user-friendly and effective.
III. Use of cookies:
1. This website uses the following types of cookies, the scope and functioning
of which are explained below:
• transient cookies (see point 2.)
• persistent cookies (see point 3.)
2. Transient cookies are automatically deleted when you close the browser.
These include, especially, session cookies. These store a session ID which
assigns the various requests made by your browser during the joint session.
This will allow your computer to be recognised when you return to our website
after a previous visit. Session cookies are deleted when you log out or close
the browser. We currently use transient cookies on our website.
3. Persistent cookies are automatically deleted after a specified period, which
may vary depending on the cookie, but no later than 2 years after the last
visit to our website. You can delete cookies at any time in the security
settings of your browser. We currently use persistent cookies on our website.
4. You can configure your browser settings as desired and refuse to accept
third-party or any other cookies. However, please note that if you do so, you
may not be able to experience full functionality of this website. This applies
in particular to the use of our online shop, since here the use of cookies is
absolutely necessary to guarantee the functionality of the online shop for
technical reasons (e.g. for the shopping basket function, the order process,
the selection of means of payment, etc.). In the event that you wish to use our
online shop, but at the same time only wish to accept the absolutely necessary
cookies, we recommend that you use the Google Analytics Opt-Out plugin (cf.
below § 10 point III) to refuse the collection of data by Google Analytics
cookies.
§ 4
Further functions and offers of our website
In addition to the purely informational use of our website, we offer various
services that you can use if interested. For this purpose, you must provide
further personal data which we use to provide the respective service and to
which the aforementioned data processing principles apply.
In some cases we use external service providers to process your data. These
have been carefully selected and commissioned by us, are bound by our
instructions and are regularly checked.
III. Furthermore, we may disclose your personal data to third parties if we
offer promotions, competitions, contracts or similar services together with
partners. You will receive more detailed information on this when you provide
your personal data or in the description of the respective offer below.
If our service providers or partners are based in a country outside the
European Economic Area (EEA) or the European Union (EU), we will inform you of
the consequences of this circumstance in the description of the respective
offer.
§ 5
Duration of personal data retention
Criterion for the duration of the storage of personal data within the meaning
of Art. 13 (2) point (a) DGPR is the respective legal retention period. Insofar
as the respective personal data is no longer used for the purposes of contract
fulfilment or contract initiation within the meaning of Art. 6 (1) clause 1 of
point (b) GDPR are required, these will be deleted by us after expiry of the
deadline in each case. Server log files in the sense of § 3 point I. are
automatically deleted after a period of 100 days. Google Adwords conversion
cookies are usually deleted automatically after 30 days at the latest (see also
below § 13 point II.), Google Analytics cookies (cf. below § 10) are
automatically deleted at the latest two years after the last call of the
website.
§ 6
Revocation of consent to the processing of your data and
objection to the processing of your data
I. If you have given your consent to the processing of your data, you
can revoke this at any time.
If you exercise this right, this will affect our ability to process your
personal data after you have already given it to us. The legality of the
processing carried out on the basis of the consent until revocation is not
affected.
You can inform us of your revocation of your consent at any time to all under §
1 point 2. or to those mentioned in the contact data in our legal notice .
II. If we base the processing of your personal data on the weighing of
interests (Art. 6 (1) point (f) GDPR), you can object to the processing at any
time.
This is the case if processing is not necessary in particular to fulfil a
contract with you, which is described by us in the description of the
functions. When exercising such a revocation, we ask you to explain the reasons
why we should not process your personal data as we have done. In the event of
your justified revocation, we will examine the situation and either stop or
adjust data processing or point out to you our compelling reasons worthy of
protection, on the basis of which we will continue processing.
You can send us your revocation against the processing at any time to all under
§ 1 point 2. or to those mentioned in the contact data in our legal notice .
III. Of course, you can object to the processing of your personal data
for advertising and data analysis purposes at any time.
You can object to the processing of your data for advertising and data analysis
purposes at any time to all under § 1 point 2. or to those mentioned in the
contact data in our legal
notice.
§ 7
Legal or contractual obligation to provide personal data; necessity for the
conclusion of the contract; consequences of non-provision
We would like to point out that in certain cases there is a legal obligation on
your part to provide personal data. This can be based, for example, on tax or
commercial law regulations. In addition, such a necessity may also arise for
contractual reasons, for example because information on the contractual partner
is required. If you wish to conclude a contract with us, you are obliged to
provide us with the necessary personal data to enable us to carry out and
process the contractual relationship. If you do not wish to provide us with the
required personal data, it is not possible to conclude a contract with us. Also,
we may not be able to contact you to initiate a contract or answer your
questions (for example, if you do not want to provide us with your contact
details and name). We check very carefully in each individual case according to
the principle of data economy which personal data we need from you for the
conclusion of a contract or to answer an enquiry addressed to us and will
inform you of the result of this check in advance in each individual case if
you contact us. Within the scope of this individual case examination, we will
also inform you whether there is a legal obligation or a contractual necessity
to provide your personal data, whether you are obliged to provide it and what
consequences a non-provision of your personal data would have in the respective
individual case.
§ 8
Use of our online shop
I. If you would like to order in our online shop, it is necessary for the
conclusion of the contract that you give us your personal data, which we need
for the completion of your order. Required information (in particular your full
name, your full address and country of residence as well as your email address)
are marked separately; further information is optional. We use the data
provided by you to process your order. For this purpose we can pass on your
payment data to our house bank. The legal basis for all of the above is Art. 6
(1) clause 1 of point (b) GDPR.
We may also pass on your data to external third parties (mail order companies)
to process your order, insofar as the transfer of the data is absolutely
necessary to carry out the delivery of the goods ordered by you. The legal
basis is Art. 6 (1) clause 1 of point (f) or (b) GDPR.
You can voluntarily create a customer account through which we can store your
data for future purchases. When creating a customer account during the order
process ("To checkout" or "To order", à "Order as new
customer", à "Register"), the data you have provided will be stored
revocably (legal basis for this is Art. 6 (1) clause 1 of point (b) or (f)
GDPR). Necessary mandatory information for the customer account registration
(in particular your full name, your full address including country of
residence, your email address and a desired password for logging into your
customer account) are marked separately; further information is voluntary. All
other data, including your customer account, can be deleted manually by us at
any time: please contact us at the contact details given in our legal notice .
You can also order as "Guest" ("Checkout" or
"Order", à "Order as new customer"à, "Buy as guest"),
without creating a customer account. Necessary mandatory information for a
guest order (in particular your full name, your full address including country
of residence, your email address) are marked separately; further information is
voluntary.
We may also process the data you provide in order to inform you of other
interesting and similar offers from our own portfolio or to send you emails
containing technical information (legal basis for this is Art. 6 (1) clause 1
of point (f) or (b) GDPR).
II. We are obliged by commercial and tax law to store your address, payment,
and order data for a period of ten years. However, after two years we limit the
processing of your data, that is, your data will only be used to comply with
legal obligations. The legal basis is Art. 6 (1) clause 1 of point (c) GDPR.
III. To prevent unauthorised access to your personal data, especially financial
data, the order process is encrypted using TLS technology
("https://").
IV. The following payment methods can currently be selected by the customer in
our online shop: Payment on account, payment in advance, payment by cash on
delivery, payment via PayPal.
a. If you as a customer choose payment via the payment service provider PayPal
(provider is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal,
L-2449 Luxembourg), you hereby give your consent to the transfer of your
personal data required for processing the payment to PayPal. If you do not wish
to give such consent, please choose an alternative payment method (for example,
by "prepayment" as the "most data-saving" alternative), as
otherwise payment processing via PayPal is technically not possible. The
necessary data will then be automatically transmitted to PayPal for the
execution of the payment when paying via PayPal. In particular, the data required
for payment processing are: Your full name together with your complete address,
your email address, your IP address at the time the payment order is placed,
your telephone number(s), data in connection with ordered goods or services
and, if applicable, other data which are absolutely necessary for processing
the payment order. The purpose of the transmission of the data to PayPal is the
processing of payments and preventive measures against fraud (legal basis for
this is Art. 6 (1) clause 1 of point (b) or (f) GDPR). PayPal may transfer data
transferred to PayPal to external service providers (credit agencies) to obtain
credit and identity information. If this is necessary to fulfil the contractual
obligations in connection with the purchase or payment or if the corresponding
data is to be processed on behalf of PayPal, PayPal may also transmit this data
to affiliated companies, external service providers, etc., if applicable.
We refer in this respect completely to PayPal's privacy policy, which can be accessed
under the following link: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=en_EN.
There you will also find information on how to contact PayPal and its data
protection officer and in particular the categories of personal data processed
by the payment service provider.
Of course, you can also revoke your consent to the processing and storage of
your personal data by PayPal at any time. The processing, storage and use of
data which are absolutely necessary for the processing of the payment order
shall remain unaffected by such a revocation. You will also find corresponding
information on this in PayPal's privacy policy, which you can call up under the
aforementioned link.
b. If you as a customer choose the payment method "invoice payment",
we can check or have checked in each individual case whether we can grant such
an invoice payment taking into account the creditworthiness of the customer or
any existing default and insolvency risk (scoring). For this purpose, the
credit risk is assessed on the basis of mathematical-statistical procedures by
the credit agency Creditreform Boniversum (Creditreform Boniversum GmbH,
Hellersbergstraße 11, D-41460 Neuss, Germany, tel.: +49 (0)2131-109-501, fax:
-+49 (0)2131-109-557). For this purpose, after selecting the "invoice
payment" payment method, we pass on the data (in particular the complete
name and address of the customer) to the credit agency Creditreform Boniversum,
based within the European Currency Area, in order to have a credit check
carried out and to enable subsequent execution of the contract. If you do not
wish this, a purchase on account cannot be carried out. In this case, please
select an alternative method of payment, for example by "prepayment"
(as the "most data-saving" alternative).
The data is therefore collected, stored and passed on for the purpose of credit
assessment in order to avoid non-payment and on the basis of Art. 6 (1) clause
1 of point (b) and Art. 6 (1) point (f) GDPR. On the basis of this information,
a statistical probability of a loan default and thus the solvency of the
customer is calculated. If the credit check is positive, a purchase on account
is possible. If the credit check is negative, we will not offer you payment on
account and will inform you of this. In this case, please choose an alternative
method of payment, for example "prepayment".
Automated decision making does not take place, as a scoring value is obtained
manually by one of our employees from the aforementioned credit agency and we
then decide for each individual case whether we offer you a purchase on account
or not.
Information about the scoring process and the source of the personal data used
for the scoring process and, if applicable, whether it comes from publicly
available sources can be found on the Creditreform Boniversum credit agency
website at https://www.boniversum.de/datenschutzerklaerung/ and https://www.boniversum.de/eu-dsgvo/.
§ 9
Use of our newsletter
Currently we do not offer a newsletter service.
§ 10
Use of Google Analytics
I. This website uses Google Analytics, a web analysis service of Google
Inc. (hereinafter "Google"). Google Analytics uses
"cookies", which are text files that are stored on your computer and
which help analyse your use of the website. The information generated by the
cookie about your use of the website will be transmitted to, and stored by,
Google, on servers in the United States. However, if IP anonymisation is
enabled on this website, your IP address will first be abbreviated by Google
within the member states of the European Union or other parties to the
agreement on the European Economic Area. Only in exceptional cases will the
full IP address be transferred to a Google server in the USA and truncated
there. On behalf of the operator of this website, Google will use this
information to evaluate your use of the website, to compile reports on website
activity and to provide the website operator with further services associated
with website and Internet use.
II. The IP address that your browser transmits within the scope of Google
Analytics will not be associated with any other data held by Google.
III. You can prevent cookies from being stored by selecting the appropriate
settings in your browser; however, we wish to point out that by doing so, you
may not be able to enjoy the full functionality of this website (cf. above § 3
point. III. point 4.). You can also prevent the data generated by cookies about
your use of the website (incl. your IP address) from being passed to Google,
and the processing of these data by Google, by downloading and installing the
browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en. Alternatively
to the browser add-on or when using browsers on mobile devices, please
use this link to prevent further tracking through Google Analytics
within this website.
IV. This website uses Google Analytics with the extension
"_anonymizeIp()". As a result, IP addresses are further processed in
truncated form, so that linking these to individuals can be ruled out. If the
data collected about you is personally identifiable, it will be blocked
immediately and the personal data deleted as soon as possible.
V. We use Google Analytics to analyse and regularly improve the use of our
website. We can improve our offer and make it more interesting for you as a
user. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/eu-us-framework,
for exceptional cases in which personal data is transferred to the USA. The
legal basis for the use of Google Analytics is Art. 6 (1) clause 1 of point (f)
GDPR:
VI. Information of the third-party provider: Google Inc, 1600 Amphitheatre
Pkwy, Mountain View, CA 94043-1351, USA. User conditions: http://www.google.com/analytics/terms/de.html,
Overview of data security: http://www.google.com/intl/de/analytics/learn/privacy.html
and the Privacy Policy: http://www.google.de/intl/de/policies/privacy.
§ 11
Use of social media plug-ins
I. We have not included a Facebook button via script on our website and instead
only use a static hyperlink on our website, which only forwards the visitor of
our website to our external Facebook profile by clicking on this hyperlink in a
targeted manner. This enables us to ensure that no personal data is collected
or processed by the operator of Facebook (this is Facebook Ireland Ltd., 4
Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland for visitors from
Europe) without a targeted activation of the hyperlink by the visitor to our
website by simply calling up our website. If you access our Facebook profile,
personal data may be collected and processed by Facebook, but we have no
influence over this. Further information in this regard can be found in
Facebook's privacy policy applicable in this respect under the following
link: https://de-de.facebook.com/policy.php.
There you will also find further information about your rights and setting
options to protect your privacy. Google also processes your personal data in
the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
II. Otherwise, we do not use any social media plug-ins on our website.
§ 12
Inclusion of YouTube videos
I. We may use the YouTube platform to provide you with videos that can be
played from there. For data protection reasons, however, we have not included
our videos directly on our website ("embedded") neither are they
directly playable from our website. Rather, we may only use a static hyperlink,
which only forwards the visitor to our website to the video platform YouTube by
clicking on this hyperlink in a targeted manner. This way we can ensure that
without a targeted activation of the hyperlink by the visitor of our website,
no personal data is collected or processed by the operator of YouTube simply by
calling up our website. If you access a video provided on the YouTube video
platform, personal data may be collected and processed by YouTube or Google,
but we have no influence over this. The YouTube video platform is
operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube,
LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA
94043-1351, USA.
II. Further information on the purpose and scope of data collection and its
processing by YouTube or Google, if you specifically access a video provided by
us on the YouTube video platform, can be found in the privacy policy under the
link https://www.google.de/intl/de/policies/privacy.
There you will also find further information about your rights and setting
options to protect your privacy. Google also processes your personal data in
the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
§ 13
Use of Google AdWords Conversion
I. We use the offer of Google Adwords to draw attention to our attractive
offers with the help of advertising materials (so-called Google Adwords) on
external websites. We can determine how successful the individual advertising
measures are in relation to the data from the advertising campaigns. We are
interested in showing you advertisements which are of interest to you, in
making our website more interesting for you and achieving a fair calculation of
advertising costs. The legal basis for processing is your consent under Art. 6
(1) clause 1 of point (f) GDPR.
II. These advertising media are delivered by Google (namely Google Inc., 1600
Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA) via so-called "Ad
Server". For this purpose, we use ad server cookies, through which certain
parameters for measuring success can be measured, such as the display of
advertisements or of clicks by users. If you access our website via a Google
ad, Google Adwords will store a cookie on your device. These cookies usually
expire after 30 days and are not used with the intention of personally
identifying you. The unique cookie ID, number of ad impressions per placement
(frequency), last impression (relevant for post-view conversions) and opt-out
information (a mark that the user no longer wishes to be addressed) are usually
stored as analysis values for this cookie.
III. These cookies enable Google to recognise your Internet browser. If a user
visits certain pages of an Adwords customer's website and the cookie stored on
their computer has not expired, both Google and the customer are able to
recognise that the user has clicked on the ad and has been redirected to this
page. Each Adwords customer is assigned a different cookie. Thus, cookies
cannot be tracked using the website of an Adwords advertiser. We do not process
any personal data ourselves in the aforementioned advertising measures. We only
receive statistical evaluations from Google. We are able to recognise which of
the advertising measures are particularly effective on the basis of these
evaluations. We do not receive any further data from the use of advertising
material; in particular, we cannot identify users on the basis of this
information.
IV. Due to the marketing tools used, your browser is automatically able to
establish a direct connection to the Google server. We have no influence on the
extent and the further use of the data which are collected by Google's use of
this tool, and we therefore inform you according to our knowledge: By
integrating AdWords conversion, Google receives the information that you
accessed the relevant part of our website or clicked on one of our
advertisements. If you are registered with a Google service, Google may
associate your visit to our website with your account. Even if you are not
registered with Google or have not logged in, it is possible that the provider
may obtain and store your IP address.
V. You can prevent participation in this tracking process in various ways: a)
by setting your browser software accordingly, in particular by suppressing
third-party cookies so that you will not receive ads from third-party
providers; b) by deactivating cookies for conversion tracking, by setting your
browser to block cookies from the domain "www.googleadservices.com", https://www.google.de/settings/ads,
this setting being deleted when you delete your cookies; c) by deactivating the
interest-based ads of the providers that are part of the "About Ads"
self-regulation campaign via the link http://www.aboutads.info/choices,
this setting being deleted when you delete your cookies; d) by permanently
deactivating Firefox, Internet Explorer or Google Chrome in your browsers under
the link http://www.google.com/settings/ads/plugin.
Please note that in this case you may not be able to use all functions of this
offer in full (cf. above § 3 point III. point 4.).
VI. Legal basis for the collection and processing of your data is Art. 6 (1)
clause 1 of point (f) GDPR. Further information on data protection at Google
can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html.
Alternatively, you can visit the website of the Network Advertising Initiative
(NAI) at http://www.networkadvertising.org.
Google also processes your personal data in the USA and has submitted to the
EU-US Privacy Shield, https://www.privacyshield.gov/eu-us-framework.