Data protection statement of alfatec GmbH & Co.KG
We welcome you to our website and are pleased with your interest in our company. We take the protection of your personal data very seriously. We process your data in conformity with applicable regulations on the protection of personal data, in particular the EU General Data Protection Regulation (EU-GDPR) and the applicable national implementation acts. With the assistance of this data protection statement, we wish to comprehensively inform you about the processing of your personal data by alfatec and the rights you hold.
Personal data is information that makes possible an identification of a natural person. This includes, in particular, name, date of birth, address, telephone number, email address and also your IP address.
Anonymous data is where no personal connection to the user can be established.
Responsible organisation and data protection officer
alfatec GmbH & Co. KG
Meckenloher Str. 11
Telephone: +49 9122 9796-0
Telefax: +49 9122 9796-50
Contact of the data protection officer:
Your rights as a data subject
Initially we wish to inform you about your rights as a data subject. These rights are prescribed in Articles 15 - 22 EU-GDPR. They include:
· The right of access (Art. 15 EU-GDPR),
· The right to erasure (Art. 17 EU-GDPR),
· The right to rectification (Art. 16 EU-GDPR),
· The right to data portability (Art. 20 EU-GDPR),
· The right to restriction of processing (Art. 18 EU-GDPR),
· The right to object to data processing (Art. 21 EU-GDPR).
In order to assert these rights, please contact: firstname.lastname@example.org. The same applies if you have questions on data processing in our company. In addition, you have a right to file a complaint with a data protection supervisory authority.
Right to object
Please observe the following in association with rights to object:
If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without indicating any reasons. This also applies to profiling to the extent it is associated with the direct marketing.
If you object to processing for the purposes of direct marketing, we will no longer process your personal data for this purpose. The objection is gratuitous and can be done free of form requirements, if possible to: email@example.com
In the event that we process your data to safeguard our legitimate interests, you can object to this processing at any time for reasons relating to your particular situation; this also applies to profiling based on these provisions.
We shall no longer process your personal data unless we can show that the processing is necessary for compelling legitimate reasons which override your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal rights.
Purpose and legal basis of data processing
The provisions of the EU-GDPR and all other applicable data protection provisions are complied with in the processing of your personal data. The legal basis for data processing arises from, in particular, Art. 6 EU-GDPR.
We use your data to initiate business, to fulfil contractual and statutory obligations, to implement contractual relationships, to offer products and services as well as to strengthen customer relations, which can also include analyses for marketing purposes and direct marketing.
Your permission also represents a data protection consent regulation. In this regard, we explain to you the purposes of the data processing and your right of revocation. If permission also refers to the processing of particular categories of personal data, we will expressly point this out to you in the permission request.
Processing of particular categories of personal data within the meaning of Art. 9 (1) EU-GDPR is done only if this is necessary based on statutory regulations and there is no reason to assume that your legitimate interest in excluding the processing is overriding.
Transfer to third parties
We shall transfer your data to third parties only within the framework of statutory provisions or your corresponding permission. Otherwise there is no transfer to third parties unless we are obliged to do so on the basis of compelling regulations (transfer to external bodies such as, for example, supervisory authorities or law enforcement agencies).
Recipients of data / Categories of recipients
Within our company we assure that only those persons receive your data who need it in order to fulfil contractual and statutory obligations. In many cases service providers support our technical departments in the performance of their tasks. The necessary data protection contracts have been concluded with all service providers. External service providers support us in the following areas:
- Financial accounting
- File shredding
- Data protection
- Wage and salary
Transfer to third country / Intent to transfer to third country
Data transmission to third countries (outside the European Union or the European Economic Area) takes place only to the extent this is necessary for implementation of the contractual obligation, it is required by law or you have issued us your permission. We transmit no personal data to service providers or Group companies outside of the European Economic Area.
Storage duration of the data
We store your data as long as is necessary for the respective processing purpose. Please note that numerous retention terms require that data continue to be stored (must). In particular, this involves commercial or tax retention obligations (e.g. Commercial Code, Tax Code, etc.). If no additional retention obligations exist, the data are routinely erased after attainment of their purpose. In addition, we can retain data if you have issued us your permission or if there is a legal dispute and we use evidence within the framework of statutory limitation periods, which can be up to thirty years; the standard limitation period is three years.
Secure transmission of your data
In order to best protect data stored with us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons, we deploy corresponding technical and organisational security measures. The security level is continuously reviewed in cooperation with security experts and adjusted to new security standards. Data exchange from and to our website is encrypted. As transmission protocol for our website, we offer HTTPS under application of the current encryption protocol. In addition, we offer our users a content encryption within the framework of the contact forms. The decryption of this data is possible only by us. There is also the possibility of using alternative communication methods (e.g. regular mail, email or telephone).
Obligation to provide data
Diverse personal data are necessary for the establishment, implementation and termination of contractual obligations and the fulfilment of associated contractual and statutory obligations. The same applies to the use of our website and the various functions that it provides. We have summarised details for you in the above referenced point. In certain cases data must also be collected or made available due to statutory provisions. Please note that it is not possible to process your enquiry or to implement the underlying contractual obligations without the provision of this data.
Categories, sources and origin of data
Which data we process is determined by the respective context: This depends on whether you, for example, have submitted an online order or an enquiry in our contact form, whether you have filed an application with us or are submitting a complaint. Please note that we make available information for particular processing situations, if applicable also separately at a suitable place, for example when uploading application documents or during a contact enquiry.
For reasons of technical security (in particular in defence of attempted attacks on our web server), this data is stored in accordance with Art. 6 (1) 1 lit. F EU-GDPR. After 7 days at the latest, an anonymisation through contraction of the IP address takes place so that no reference can be made to the user.
Within the framework of a contact enquiry, we also collect and process the following data:
· Name, First name
· Contact data
· Details on wishes and interests
· Data which permissibly may be processed from other sources.
Contact form / contact initiation per email (Art. 6 (1) lit. a, b EU-GDPR)
A contact form that can be used for electronic contact initiation is available on our website. If you write to us via the contact form, we process your provided data within the framework of the contact form for contact initiation and in order to respond to your questions and requests. The principles of the data economy and data avoidance are observed in that you must only provide the data which we require from you for contact initiation. These are your email address as well as the message field itself. In addition, for reasons of technical necessity as well as legal protection, your IP address is processed. All other data are voluntary fields and can be provided (e.g. for individual response to your questions) optionally. If you contact us per email, we will process the personal data provided in the email solely for the purpose of processing your enquiry. If you do not use the provided forms for contact initiation, no additional data collection occurs.
Marketing purposes existing customers (Art. 6 (1) lit. f EU-GDPR)
Alfatec GmbH & Co.KG is interested in maintaining a customer relationship with you and in providing you with information and offers on our products / services (changes to our products). Accordingly, we process your data in order to send you corresponding information and offers per email. If you do not want this, at any time you can object to the use of your personal data for the purpose of direct marketing; this also applies to profiling to the extent it is connected to direct marketing. If you file an objection, we will no longer process your data for this purpose.
The objection can be filed without providing reasons, gratuitously and free of form requirements and sent to firstname.lastname@example.org if possible. This is possible in all common internet browsers.
Cookies (Art. 6 (1) lit. f EU-GDPR/ Art. 6 (1) lit a EU-GDPR upon permission)
Please note: If you deactivate the setting of Cookies, under some circumstances not all functions of our internet site are fully usable.
Links to other providers
Our website also contains clearly recognisable links to the internet sites of other companies. If links to websites of other providers are present, we have no influence on their contents. Accordingly, no guarantee and liability can be assumed for their content. The respective provider or operator of the sites is at all times responsible for the content of these sites.
At the time of the linkage, the linked sites have been reviewed for possible legal infringements and recognisable legal violations. Unlawful contents were not recognisable at the time of the linkage. However, a permanent control of the content of linked sites is not reasonable without a firm indication of a legal violation. Such links are removed immediately upon our awareness of legal violations.