Data Privacy Statement 

 

  1. Intro­duc­tion

With the following infor­ma­ti­on we would like to give you as the “data subject” an overview of how we process your personal data and your rights under the data protec­tion laws. Using our Internet sites is possible without the disclo­sure of personal data. However, if you wish to use special services of our company through our website, it may be necessary for us to process your personal data. If the proces­sing of personal data is necessary and there is no legal basis for such proces­sing, we will generally obtain your consent.

 

The proces­sing of personal data, such as your name, address or e-mail address, is always in accord­ance with the General Data Protec­tion Regula­ti­on (GDPR) and in accord­ance with the country-specific privacy regula­ti­ons appli­ca­ble to “BAUFORMAT Küchen GmbH & Co. KG”. By means of this data policy statement we would like to inform you of the scope and purpose of the personal data collected, used and processed by us.

 

We have imple­men­ted many technical and organi­za­tio­nal measures as control­lers of the proces­sing in order to ensure the most complete protec­tion possible for personal data processed through this website. Never­theless, Internet-based data trans­mis­si­ons can in principle have security gaps such that absolute protec­tion cannot be guaran­teed. For this reason, you are free to transmit personal data to us in alter­na­ti­ve ways, such as by phone or by post.

 

  1. Control­ler
Burger Küchen­mö­bel GmbH
Martin-Luther-Straße 31
39288 Burg

Telefon: +49 (0) 39 21 / 9 76-0
Fax: +49 (0) 39 21 / 9 76-228
Email: info(at)burger-kuechen(dot)de

info(at)bauformat(dot)de

VAT-ID No.: DE 124323068

District court: Stendal, HRB 56

Company headquar­ters: Burg, Germany
Managing Directors: Delf Baumann, Michael Assner, Matthias Berens, Sabine Brock­schnie­der

 

  1. Data Protec­tion Officer

You can contact the data protec­tion officer via the following media:

Tel: +49 (0) 5221 85496-90
Fax: +49 (0) 5221 85496-99
E-mail: datenschutz@bauformat.de

You can contact our data protec­tion officer at any time with any questions or sugges­ti­ons regarding data protec­tion.

 

  1. Defini­ti­ons

This data privacy statement is based on the termi­no­lo­gy used by the European legis­la­tu­re and legis­la­tu­re in the adoption of the General Data Protec­tion Regula­ti­on (GDPR). Our data privacy statement should be easy to read and under­stand for the public as well as for our customers and business partners. To ensure this, we would like to explain in advance the termi­no­lo­gy used.

Amongst others, we use the following terms in this data privacy statement

a. Personal data

Personal data is all infor­ma­ti­on relating to an identi­fied or identi­fia­ble natural person. A natural person is a person who can be identi­fied, directly or indirect­ly, in parti­cu­lar by reference to an identi­fier, such as a name, an identi­fi­ca­ti­on number, location data, an online identi­fier or to one or more factors specific to the physical, physio­lo­gi­cal, genetic, mental, economic, cultural or social identity of that natural person.

b. Data subject

The Data Subject is any identi­fied or identi­fia­ble natural person whose personal data is processed by the control­ler (our company).

c. Proces­sing

Proces­sing is consi­de­red to be any process or series of opera­ti­ons related to personal data, such as retrieval, collec­tion, organi­za­ti­on, ordering, storage, adaptati­on or modifi­ca­ti­on, read-out, queries, use, disclo­sure by trans­mis­si­on, disse­mi­na­ti­on or other form of provision, matching or linking, restric­tion, deletion or destruc­tion performed with or without the aid of automated proce­du­res.

d. Restric­tion of proces­sing

Restric­tion of proces­sing is the marking of personal data stored with the aim of limiting its future proces­sing.

e. Profiling

Profiling is any form of automated proces­sing of personal data consis­ting of the use of personal data to evaluate certain personal aspects relating to a natural person, in parti­cu­lar to analyse or predict aspects concer­ning that natural person’s perfor­mance at work, economic situation, health, personal prefe­ren­ces, interests, relia­bi­li­ty, behaviour, location or movements.

f. Pseud­ony­mi­sa­ti­on

Pseud­ony­mi­sa­ti­on is the proces­sing of personal data in such a manner that the personal data can no longer be attri­bu­t­ed to a specific data subject without the use of additio­nal infor­ma­ti­on, provided that such additio­nal infor­ma­ti­on is kept separ­a­te­ly and is subject to technical and organi­sa­tio­nal measures to ensure that the personal data is not attri­bu­t­ed to an identi­fied or identi­fia­ble natural person.

g. Processor

The Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the control­ler.

h. Recipient

The Recipient is a natural or legal person, public authority, agency or other body to whom personal data is disclosed, whether or not the recipient is a third party. However, autho­ri­ties which may receive personal data under Union or Member State law within the framework of a specific mandate for inves­ti­ga­ti­on are not consi­de­red as recipi­ents.

i. Third party

A Third party is a natural or legal person, public authority, agency or body other than the data subject, the control­ler, the processor and the persons autho­ri­zed under the direct respon­si­bi­li­ty of the control­ler or processor to process the personal data.

j. Consent

Consent is consi­de­red to be any expres­si­on of will volun­ta­ri­ly given by the data subject in an informed and unambi­guous manner in the form of a statement or other unambi­guous confir­ma­to­ry act in which the data subject indicates that they are provide consent to the proces­sing of the personal data concerned.

 

  1. Legal Basis of the Proces­sing

 Art. 6 (1) a, GDPR serves our company as the legal basis for proces­sing opera­ti­ons where we obtain consent for a parti­cu­lar proces­sing purpose.

 

If the proces­sing of personal data is necessary to fulfil a contract of which you are a party, as is the case, for example, in proces­sing opera­ti­ons necessary for the supply of goods or the provision of any other service or consi­de­ra­ti­on, the proces­sing is based on Art. 6 (1) b, GDPR. The same applies to proces­sing opera­ti­ons that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services.

 

If our company is subject to a legal obliga­ti­on which requires the proces­sing of personal data, such as the fulfill­ment of tax obliga­ti­ons, the proces­sing is based on Art. 6 (1) c, GDPR.

 

In rare cases, the proces­sing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital infor­ma­ti­on would have to be passed on to a doctor, hospital or other third party. Proces­sing in such cases would be based on Art. 6 (1) d, GDPR.

 

Finally, proces­sing opera­ti­ons could be based on Art. 6 (1) f, GDPR. On this legal basis, proces­sing opera­ti­ons that are not covered by any of the above legal bases are required if proces­sing is necessary to safeguard the legiti­ma­te interests of our company or a third party, unless the interests, funda­men­tal rights and funda­men­tal freedoms of the data subject concerned prevail. Such proces­sing opera­ti­ons are parti­cu­lar­ly allowed to us because they have been speci­fi­cal­ly mentioned by the European legis­la­tor. This takes effect insofar as a legiti­ma­te interest could be assumed if you are a customer of our company (recital 47 (2), GDPR).

 

  1. Additio­nal infor­ma­ti­on for the data subject concer­ning the collec­tion of personal data

 

  • General infor­ma­ti­on for the data subject concer­ning the collec­tion of personal data as an employee, appren­ti­ce, trainee, intern or working student
  • General infor­ma­ti­on for the data subject concer­ning the collec­tion of personal data as a commu­ni­ca­ti­ons partner and contact
  • Infor­ma­ti­on for the data subject concer­ning the collec­tion of personal data as a customer, prospec­tive customer, service provider or supplier
  1. Techno­lo­gy

7.1 SSL/TLS Encryp­ti­on 

This site uses SSL or TLS encryp­ti­on to ensure the security of the data proces­sing and to protect the trans­mis­si­on of confi­den­ti­al content, such as orders, login details or contact requests that you send to us as the operator. An encrypted connec­tion can be recogni­zed by the fact that the address bar of the browser contains “https://” instead of an “http://” and the lock symbol in your browser bar.

When SSL or TLS encryp­ti­on is enabled, the data you submit to us cannot be read by third parties.

7.2 Data Collec­tion during Visits to the Websites

If our website is merely used for infor­ma­ti­on purposes, i.e. if you do not register or commu­ni­ca­te any other infor­ma­ti­on to us, we only collect the personal data that you browser transfers to our server (in server log files). Our website collects a series of general data and infor­ma­ti­on each time a page is accessed by you or an automated system. This general data and infor­ma­ti­on is stored in the log files of the server. Data that could be collected includes:

  1. The browser types and versions used
  2. The operating system used by the accessing system
  3. The website from which an accessing system arrives at our website (the referrer)
  4. The sub-web pages that are accessed via an accessing system on our website
  5. The date and time the website was accessed
  6. A shortened Internet Protocol address (anony­mi­sed IP address)
  7. The Internet service provider used by the accessing system.

When using this general data and infor­ma­ti­on, we do not draw any conclu­si­ons on your person. Rather, this infor­ma­ti­on is used for:

  1. Delivering the contents of our website correctly
  2. Optimi­sing the content of our website as well as the adver­ti­sing for it
  3. Ensuring the long-term functio­na­li­ty of our IT systems and the techno­lo­gy of our website
  4. Providing law enforce­ment with the necessary infor­ma­ti­on for prose­cu­ti­on in the event of a cyber attack.

This collected data and infor­ma­ti­on is therefore evaluated by us statis­ti­cal­ly on the one hand and on the other hand with the aim of increa­sing the data protec­tion and data security in our company in order to ultimate­ly ensure an optimum level of protec­tion for the personal data we process. The anonymous data of the server log files is stored separ­a­te­ly from all personal data provided by a data subject.

The legal basis for this data proces­sing is Art 6 (1.1) f, GDPR. Our legiti­ma­te interest follows from the data collec­tion purposes listed above.

  1. Cookies

8.1 General Infor­ma­ti­on on Cookies

We use cookies on our website. These are small files that your browser automa­ti­cal­ly creates and that are stored on your IT system (laptop, tablet, smart­pho­ne, etc.) when you visit our site. Cookies do not harm your device, do not contain viruses, Trojans or other malicious software.

Infor­ma­ti­on is stored in the cookie which results in connec­tion with the specific terminal used. However, this does not mean that we are immedia­te­ly aware of your identity.

The use of cookies serves on the one hand to make the use of our offerings more conve­ni­ent for you. For example, we use so-called session cookies to recognize that you have already visited indivi­du­al pages on our website. These are automa­ti­cal­ly deleted when you leave our website.

Further­mo­re, we also use temporary cookies that are stored on your device for a specified period of time to optimise usability. The next time you visit our site to take advantage of our services, it will automa­ti­cal­ly recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.

On the other hand, we also use cookies to statis­ti­cal­ly record the use of our website and to evaluate it for the purpose of optimi­sing our offerings. These cookies allow us to automa­ti­cal­ly recognize when you visit our site again that you have already visited us before. These cookies are automa­ti­cal­ly deleted after a defined time.

The data processed by cookies are for the purposes mentioned in order to safeguard our legiti­ma­te interests as well as third parties as required in accord­ance with Art. 6 (1.1) f, GDPR.

Most browsers accept cookies automa­ti­cal­ly. However, you can configure your browser such that no cookies are stored on your computer or such that a message always appears before a new cookie is created. However, disabling cookies comple­te­ly may mean that you can not use all features of our website.

  1. Content of our Website

9.1 Regis­tra­ti­on as a User

You have the option of regis­te­ring on our website by providing personal infor­ma­ti­on.

Which personal data is trans­mit­ted to us depends on the respec­tive input mask which is used for the regis­tra­ti­on. The personal data entered by you is collected and stored solely for internal use by us and for our own purposes. We may arrange for the transfer to one or more order proces­sors, such as a parcel service, who also uses the personal infor­ma­ti­on solely for internal use attri­bu­ta­ble to us.

By regis­te­ring on our website, the IP address assigned by your Internet service provider (ISP) as well as the date and time of regis­tra­ti­on are stored. This data is stored only against the background of preven­ting the misuse of our services, and such that this data makes it possible to clarify committed offenses where necessary.

In this respect, the storage of this data is required for our protec­tion. This data will not be disclosed to third parties unless there is a legal obliga­ti­on for us to do so or the disclo­sure serves law enforce­ment obliga­ti­ons.

Your regis­tra­ti­on under the voluntary provision of personal data also serves us to offer you content or services that, due to the nature of the case, can only be offered to regis­te­red users. Regis­te­red persons are free to change the personal data given at regis­tra­ti­on at any time or to have it deleted comple­te­ly from our database.

We will give you infor­ma­ti­on on request at any time about which of your personal data is stored. Further­mo­re, we will correct or delete personal data at your request, as far as there are no statutory storage requi­re­ments. A data protec­tion officer named speci­fi­cal­ly by name in this data protec­tion decla­ra­ti­on and all other employees are available to the data subject in this context as a contact person.

Your data is processed in the interest of the conve­ni­ent and easy use of our website. This consti­tu­tes a legiti­ma­te interest within the meaning of Art. 6 (1) f, GDPR.

9.2 Making Contact / Contact Form 

When contac­ting us (for example via contact form or e-mail), personal data is collected. Which data is collected in the case of a contact form can be seen from the respec­tive contact form. This data is stored and used solely for the purpose of answering your request or for establi­shing contact and the associa­ted technical adminis­tra­ti­on. The legal basis for proces­sing the data is our legiti­ma­te interest in answering your request in accord­ance with Art. 6 (1) f, GDPR. If your contact is aimed at conclu­ding a contract, then an additio­nal legal basis for proces­sing is Art. 6 (1) b, GDPR. Your data will be deleted after final proces­sing of your request; this is the case if it can be inferred from the circum­s­tan­ces that the matter in question is finally clarified and provided that this is not in conflict with any statutory storage requi­re­ments.

 

 

9.3 Appli­ca­ti­on Manage­ment / Vacancies

 

We collect and process the personal data of appli­cants for the purpose of comple­ting the appli­ca­ti­on process.

 

The proces­sing can also be performed electro­ni­cal­ly. This is parti­cu­lar­ly the case if an applicant submits the relevant appli­ca­ti­on documents electro­ni­cal­ly, for example by e-mail or via a web form on the website. If we conclude a contract of employ­ment with an applicant, the trans­mit­ted data will be stored for the purpose of the employ­ment relati­ons­hip in compli­an­ce with the legal requi­re­ments. If we do not conclude a contract of employ­ment with the applicant, the appli­ca­ti­on documents will be automa­ti­cal­ly deleted two months after notifi­ca­ti­on of the rejection decision, provided that deletion does not conflict with any other legiti­ma­te interests on our part. Other legiti­ma­te interests in this sense are, for example, a burden of proof in a procedure under the German Federal Act of Equal Treatment (AGG).

 

In this respect, data proces­sing takes place solely on the basis of our legiti­ma­te interest in accord­ance with Art. 6 (1) f, GDPR.

 

 

  1. Newslet­ter Dispatch

 

10.1 Newslet­ter Dispatch to Regular Customers

 

If you have provided us with your e-mail address when purcha­sing goods or services, we reserve the right to send you regular offers for similar goods or services such as those already purchased from our range by e-mail. We do not have to obtain separate consent from you to do so in accord­ance with § 7 (3) German Federal Law against Unfair Compe­ti­ti­on (UWG). In this respect, data proces­sing takes place solely on the basis of our legiti­ma­te interest in perso­na­li­sed direct marketing in accord­ance with Art. 6 (1) f, GDPR. If you object to the use of your e-mail address for this purpose at the time of submis­si­on, we will not send you mail. You are entitled to object to the use of your e-mail address for the purpose described above at any time with effect for the future by sending a message to the persons respon­si­ble named above. For this purpose, you only have to pay trans­mis­si­on costs in accord­ance with the standard rates. Upon receipt of your objection, the use of your e-mail address for marketing purposes will cease immedia­te­ly.

 

 

 

  1. Our Activi­ties in Social Networks

 

In order that we can commu­ni­ca­te with you in social networks and provide infor­ma­ti­on on our services, we are repre­sen­ted there with our own pages.

We are not the original provider (control­ler) of these pages, but use them only in the context of the options offered by the respec­tive provider.

 

Therefore, as a precau­tio­na­ry measure, we point out that your data may also be processed outside the European Union or the European Economic Area. Use can therefore have privacy risks for you, because the protec­tion of your rights, e.g. infor­ma­ti­on, deletion, opposi­ti­on, etc. can be difficult and proces­sing in social networks is often performed directly for adver­ti­sing purposes or to analyse user behaviour by providers without us being able to influence this. If user profiles are created by the provider, cookies are often used or the usage behaviour is assigned directly to your own member profile of the social networks (if you are logged in here).

 

The described proces­sing opera­ti­ons of personal data is performed in accord­ance with Art. 6 (1) f, GDPR, based on our legiti­ma­te interest and the legiti­ma­te interests of the respec­tive provider in order to commu­ni­ca­te with you in a timely manner or to inform you of our services. If you have to give consent to the respec­tive providers for the data proces­sing as a user, the legal basis for this is Art. 6 (1) a, GDPR, cf. Art. 7 GDPR.

 

Since we have no access to the databases of the providers, we point out that it is best for you to assert your rights (for example, to infor­ma­ti­on, correc­tion, deletion, etc.) against the respec­tive provider directly. We have listed below further infor­ma­ti­on on the proces­sing of your data in the social networks and the possi­bi­li­ty of exercising your right of objection or revoca­ti­on (so-called opt-out) with the respec­tive provider of the social networks that we use:

 

 

11.1 Facebook

 

Control­ler for data proces­sing in Europe:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

 

Data Privacy Statement (data guide­li­nes):
https://www.facebook.com/about/privacy

 

Opt-out and adver­ti­sing settings:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

 

 

Facebook is a parti­ci­pant within the EU-US Privacy Shield agreement:

https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

 

https://de-de.facebook.com/about/privacy/

 

 

11.2 Google+ / YouTube

 

Control­ler for data proces­sing:

Google LLC, 1600 Amphi­theat­re Parkway, Mountain View, CA 94043, USA

 

Data Privacy Statement:
https://policies.google.com/privacy

 

Opt-out and adver­ti­sing settings:

https://adssettings.google.com/authenticated

 

Google is a parti­ci­pant within the EU-US Privacy Shield agreement:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

 

 

11.3 LinkedIn

 

Control­ler for data proces­sing in Europe:

LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland

 

Data Privacy Statement:
https://www.linkedin.com/legal/privacy-policy

Opt-out and adver­ti­sing settings:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

 

LinkedIn is a parti­ci­pant within the EU-US Privacy Shield agreement:
https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

 

 

11.4 Twitter

 

Control­ler for data proces­sing in Europe: Twitter Inter­na­tio­nal Company, One Cumber­land Place, Fenian Street, Dublin 2, D02 AX07, Ireland

 

Data Privacy Statement:
https://twitter.com/de/privacy

 

Infor­ma­ti­on on your data: https://twitter.com/settings/your_twitter_data

 

Opt-out and adver­ti­sing settings: https://twitter.com/personalization

 

Twitter is a parti­ci­pant within the EU-US Privacy Shield agreement: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

 

 

11.5 XING

 

Control­ler for data proces­sing in Germany: XING AG, Dammtor­stra­ße 29-32, 20354 Hamburg, Germany

 

Data Privacy Statement:
https://privacy.xing.com/de/datenschutzerklaerung

 

Infor­ma­ti­on requests for XING members:

https://www.xing.com/settings/privacy/data/disclosure

 

 

11.6 Instagram

 

Control­ler for data proces­sing in Europe:

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

 

Data Privacy Statement:
https://help.instagram.com/519522125107875

 

Opt-out and adver­ti­sing settings:

https://help.instagram.com/1896641480634370?ref=ig

 

 

Infor­ma­ti­on requests for Instagram members:

https://www.instagram.com/accounts/privacy_and_security/

 

 

11.7 Pinterest

 

Control­ler for data proces­sing in Europe:

Pinterest Europe Ltd., Palmers­ton House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

 

Data Privacy Statement:
https://policy.pinterest.com/de/privacy-policy

 

Opt-out and adver­ti­sing settings:

https://policy.pinterest.com/de/privacy-policy

 

Pinterest is a parti­ci­pant within the EU-US Privacy Shield agreement: https://www.privacyshield.gov/participant?id=a2zt00000008VVzAAM&status=Active

 

 

11.8 Houzz

 

Control­ler for data proces­sing in Europe:

Houzz Inc., 285 Hamilton Avenue, 4th Floor, Palo Alto, CA 94301, USA

 

Data Privacy Statement:
https://www.houzz.de/privacyPolicy

 

Opt-out and adver­ti­sing settings:

https://www.houzz.de/cookiePolicy

 

Infor­ma­ti­on requests for Houzz members:

https://help.houzz.com/s/?language=en

 

 

 

  1. Plug-ins and Other Services

 

12.1 Google Maps

 

We use Google Maps (API) on our website, provided by Google LLC., 1600 Amphi­theat­re Parkway, Mountain View, CA 94043, USA. Google Maps is a web service for display­ing inter­ac­tive (country) maps to visually display geogra­phic infor­ma­ti­on. By using this service you can, for example, see our location and make it easier to get there.

 

When you visit any of the subpages where the Google Maps map is incorpo­ra­ted, infor­ma­ti­on about your use of our website (such as your IP address) is trans­mit­ted to Google’s servers in the United States and stored there. This is done regard­less of whether Google provides a user account that you are logged into, or if there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want this associa­ti­on with your profile on Google, you will need to log out of your Google Account. Google stores your data (even that of users that are not logged in) as usage profiles and evaluates them. According to Art. 6 (1) f, GDPR, such an evalua­ti­on is based on the legiti­ma­te interests of Google in the display of perso­na­li­zed adver­ti­sing, market research and/or the custo­mi­zed design of its website. You have a right of objection to the formation of these user profiles, and you must assert your claim to these rights against Google directly.

 

US-based Google LLC is certified under the US Privacy Shield, which ensures compli­an­ce with the level of data protec­tion in the EU.

 

If you do not agree with the future trans­mis­si­on of your data to Google when using Google Maps, you can also disable the Google Maps web service comple­te­ly by turning off the JavaScript appli­ca­ti­on in your browser. You will then no longer be able to use Google Maps and the map display on this website.

 

The use of Google Maps is in the interest of an attrac­tive presen­ta­ti­on of our online offerings and to facili­ta­te easy location of the places we have indicated on the website. This consti­tu­tes a legiti­ma­te interest within the meaning of Art. 6 (1) f, GDPR.

 

You can view the Google Terms of Use at https://www.google.de/intl/de/policies/terms/regional.html, and you will find the additio­nal Google Maps Terms of Service at https://www.google.com/intl/de_US/help/terms_maps.html.

You will find further infor­ma­ti­on on privacy in relation to the use of Google Maps, on the Google website (“Google Privacy Policy”): https://www.google.de/intl/de/policies/privacy/

 

 

12.2 Google Web Fonts

 

Our website uses web fonts provided by Google LLC., 1600 Amphi­thea­ter Parkway, Mountain View, CA 94043, United States for consis­tent font repre­sen­ta­ti­on. When you visit a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

 

To do this, the browser you use must establish a connec­tion to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of the uniform and attrac­tive presen­ta­ti­on of our website.

This consti­tu­tes a legiti­ma­te interest within the meaning of Art. 6 (1) f, GDPR.

 

US-based Google LLC is certified under the US Privacy Shield, which ensures compli­an­ce with the level of data protec­tion in the EU.

 

You will find further infor­ma­ti­on on Google Web Fonts at https://developers.google.com/fonts/faq and in the Google Privacy Policy: https://www.google.com/policies/privacy/

 

 

 

  1. Your Rights as a Data Subject

 

13.1 Right to Confir­ma­ti­on

 

You have the right to ask us for confir­ma­ti­on that your personal data is being processed.

 

 

13.2 Right to Infor­ma­ti­on, Art. 15 GDPR

 

You have the right at any time to receive free infor­ma­ti­on from us about the personal data stored about you as well as a copy of this data.

 

 

13.3 Right to Rectifi­ca­ti­on, Art. 16 GDPR

 

You have the right to demand the correc­tion of incorrect personal data relating to you. Further­mo­re, the data subject has the right to request the comple­ti­on of incom­ple­te personal data, taking into account the purposes of the proces­sing.

 

 

13.4 Right to Deletion, Art. 17 GDPR

 

You have the right to demand that the personal data relating to you be deleted without delay, provided that one of the reasons provided by law applies and that proces­sing is not required.

 

 

13.5 Restric­tion of Proces­sing, Art. 18 GDPR

 

You have the right to demand that we restrict proces­sing if one of the legal requi­re­ments is met.

 

 

 

1236 Data Porta­bi­li­ty, Art. 20 GDPR

 

You have the right to receive perso­nal­ly identi­fia­ble infor­ma­ti­on that you have provided to us in a struc­tu­red, common and machine-readable format. You also have the right to transfer this data to another person without hindrance by us, who has been provided with the personal data, provided that the proces­sing is based on the consent pursuant to Art. 6 (1) a, GDPR or Art. 9 (2) a, GDPR or on a contract pursuant to Art. 6 (1) b, GDPR, and processed by automated means, unless the proces­sing is necessary for the perfor­mance of a task that is in the public interest or in the exercise of official authority which has been entrusted to us.

 

Further­mo­re, when exercising your right to data porta­bi­li­ty under Art. 20 (1), GDPR, you have the right to effect that your personal data is trans­mit­ted directly from one control­ler to another, where techni­cal­ly feasible and insofar as the rights and freedoms of other persons are not affected.

 

 

13.7 Right to Object, Art. 21 GDPR

 

You have the right at any time for reasons arising from your parti­cu­lar situation to object to the proces­sing of personal data relating to you which is processed on the basis of Art. 6 (1) e (data proces­sing in the public interest) or f (data proces­sing based on a balance of interests), GDPR.

 

This also applies to profiling based on these provi­si­ons within the meaning of Art. 4 No. 4, GDPR.

 

If you object, we will no longer process your personal infor­ma­ti­on unless we can establish compel­ling legiti­ma­te grounds for proces­sing that outweigh your interests, rights and freedoms, or if proces­sing is for the purpose of enforcing, pursuing or defending legal claims.

 

In indivi­du­al cases, we process personal data in order to operate direct marketing. You may at any time object to the proces­sing of personal data for the purpose of such adver­ti­sing. This also applies to profiling, insofar as it is associa­ted with such direct marketing. If you object to our proces­sing for direct marketing purposes, we will no longer process the personal data for these purposes.

 

Further­mo­re, you have the right, for reasons arising from your parti­cu­lar situation, to object to the proces­sing of personal data relating to you by us for scien­ti­fic or histo­ri­cal research purposes or for statis­ti­cal purposes in accord­ance with Art. 89 (1) of the GDPR, unless such proces­sing is necessary for satis­fy­ing a task that is in the public interest.

 

You are free within the context of the use of infor­ma­ti­on society services, notwi­th­stan­ding Directive 2002/58/EC, to exercise your right of objection through automated proce­du­res, in which technical speci­fi­ca­ti­ons are used.

 

 

13.8 Revoca­ti­on of a Data Protec­tion Consent

 

You have the right to withdraw your consent to the proces­sing of personal data at any time with future effect.

 

 

13.9 Complaints via a Regula­to­ry Authority

 

You have the right to complain to a data protec­tion super­vi­so­ry authority about our proces­sing of personal data.

 

 

 

  1. Routine Storage, Deletion and Blocking of Personal Data

 

We process and store your personal data only for the period required to achieve the purpose of the storage or as provided by the legis­la­ti­on to which our company is subject.

If the purpose of the storage is no longer valid or if a prescri­bed storage period expires, the personal data will be routinely blocked or deleted in accord­ance with the statutory provi­si­ons.

 

 

 

  1. Duration of the Storage of Personal Data

 

The criterion for the duration of the storage of personal data is the respec­tive statutory retention period. Once this period has expired, the corre­spon­ding data will be routinely deleted, if it is no longer required to fulfil the contract or to initiate a contract.

 

 

 

  1. Effec­tiveness of and Changes to the Data Privacy Statement

 

This Data Privacy Statement is currently valid and is valid as of May 2018.

Due to the continual develop­ment of our websites and offerings or due to changed legal or official requi­re­ments, it may be necessary to change this privacy statement. You can retrieve and print out the respec­tive effective data privacy statement at any time on the website at “https://www.bauformat.de/datenschutz/”