Data Privacy Statement 

 

  1. Intro­duc­tion

With the following infor­ma­tion we would like to give you as the “data subject” an overview of how we process your personal data and your rights under the data pro­tec­tion laws. Using our Internet sites is possible without the dis­clo­sure of personal data. However, if you wish to use special services of our company through our website, it may be necessary for us to process your personal data. If the pro­cess­ing of personal data is necessary and there is no legal basis for such pro­cess­ing, we will generally obtain your consent.

 

The pro­cess­ing of personal data, such as your name, address or e-mail address, is always in accor­dance with the General Data Pro­tec­tion Reg­u­la­tion (GDPR) and in accor­dance with the country-specific privacy reg­u­la­tions applic­a­ble to “BAUFORMAT Küchen GmbH & Co. KG”. By means of this data policy statement we would like to inform you of the scope and purpose of the personal data collected, used and processed by us.

 

We have imple­ment­ed many technical and orga­ni­za­tion­al measures as con­trollers of the pro­cess­ing in order to ensure the most complete pro­tec­tion possible for personal data processed through this website. Nev­er­the­less, Internet-based data trans­mis­sions can in principle have security gaps such that absolute pro­tec­tion cannot be guar­an­teed. For this reason, you are free to transmit personal data to us in alter­na­tive ways, such as by phone or by post.

 

  1. Con­troller
Burger Küchen­mö­bel GmbH
Martin-Luther-Straße 31
39288 Burg

Telefon: +49 (0) 39 21 / 9 76-0
Fax: +49 (0) 39 21 / 9 76-228
Email: info(at)burger-kuechen(dot)de

info(at)bauformat(dot)de

VAT-ID No.: DE 124323068

District court: Stendal, HRB 56

Company head­quar­ters: Burg, Germany
Managing Directors: Delf Baumann, Michael Assner, Matthias Berens, Sabine Brockschnieder

 

  1. Data Pro­tec­tion Officer

You can contact the data pro­tec­tion officer via the following media:

Tel: +49 (0) 5221 85496-90
Fax: +49 (0) 5221 85496-99
E-mail: datenschutz@bauformat.de

You can contact our data pro­tec­tion officer at any time with any questions or sug­ges­tions regarding data pro­tec­tion.

 

  1. Def­i­n­i­tions

This data privacy statement is based on the ter­mi­nol­o­gy used by the European leg­is­la­ture and leg­is­la­ture in the adoption of the General Data Pro­tec­tion Reg­u­la­tion (GDPR). Our data privacy statement should be easy to read and under­stand for the public as well as for our customers and business partners. To ensure this, we would like to explain in advance the ter­mi­nol­o­gy used.

Amongst others, we use the following terms in this data privacy statement

a. Personal data

Personal data is all infor­ma­tion relating to an iden­ti­fied or iden­ti­fi­able natural person. A natural person is a person who can be iden­ti­fied, directly or indi­rect­ly, in par­tic­u­lar by reference to an iden­ti­fi­er, such as a name, an iden­ti­fi­ca­tion number, location data, an online iden­ti­fi­er or to one or more factors specific to the physical, phys­i­o­log­i­cal, genetic, mental, economic, cultural or social identity of that natural person.

b. Data subject

The Data Subject is any iden­ti­fied or iden­ti­fi­able natural person whose personal data is processed by the con­troller (our company).

c. Pro­cess­ing

Pro­cess­ing is con­sid­ered to be any process or series of oper­a­tions related to personal data, such as retrieval, col­lec­tion, orga­ni­za­tion, ordering, storage, adap­ta­tion or mod­i­fi­ca­tion, read-out, queries, use, dis­clo­sure by trans­mis­sion, dis­sem­i­na­tion or other form of provision, matching or linking, restric­tion, deletion or destruc­tion performed with or without the aid of automated pro­ce­dures.

d. Restric­tion of pro­cess­ing

Restric­tion of pro­cess­ing is the marking of personal data stored with the aim of limiting its future pro­cess­ing.

e. Profiling

Profiling is any form of automated pro­cess­ing of personal data con­sist­ing of the use of personal data to evaluate certain personal aspects relating to a natural person, in par­tic­u­lar to analyse or predict aspects con­cern­ing that natural person’s per­for­mance at work, economic situation, health, personal pref­er­ences, interests, reli­a­bil­i­ty, behaviour, location or movements.

f. Pseu­do­nymi­sa­tion

Pseu­do­nymi­sa­tion is the pro­cess­ing of personal data in such a manner that the personal data can no longer be attrib­uted to a specific data subject without the use of addi­tion­al infor­ma­tion, provided that such addi­tion­al infor­ma­tion is kept sep­a­rate­ly and is subject to technical and organ­i­sa­tion­al measures to ensure that the personal data is not attrib­uted to an iden­ti­fied or iden­ti­fi­able natural person.

g. Processor

The Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the con­troller.

h. Recipient

The Recipient is a natural or legal person, public authority, agency or other body to whom personal data is disclosed, whether or not the recipient is a third party. However, author­i­ties which may receive personal data under Union or Member State law within the framework of a specific mandate for inves­ti­ga­tion are not con­sid­ered as recip­i­ents.

i. Third party

A Third party is a natural or legal person, public authority, agency or body other than the data subject, the con­troller, the processor and the persons autho­rized under the direct respon­si­bil­i­ty of the con­troller or processor to process the personal data.

j. Consent

Consent is con­sid­ered to be any expres­sion of will vol­un­tar­i­ly given by the data subject in an informed and unam­bigu­ous manner in the form of a statement or other unam­bigu­ous con­fir­ma­to­ry act in which the data subject indicates that they are provide consent to the pro­cess­ing of the personal data concerned.

 

  1. Legal Basis of the Pro­cess­ing

 Art. 6 (1) a, GDPR serves our company as the legal basis for pro­cess­ing oper­a­tions where we obtain consent for a par­tic­u­lar pro­cess­ing purpose.

 

If the pro­cess­ing of personal data is necessary to fulfil a contract of which you are a party, as is the case, for example, in pro­cess­ing oper­a­tions necessary for the supply of goods or the provision of any other service or con­sid­er­a­tion, the pro­cess­ing is based on Art. 6 (1) b, GDPR. The same applies to pro­cess­ing oper­a­tions that are necessary to carry out pre-con­trac­tu­al measures, for example in cases of inquiries regarding our products or services.

 

If our company is subject to a legal oblig­a­tion which requires the pro­cess­ing of personal data, such as the ful­fill­ment of tax oblig­a­tions, the pro­cess­ing is based on Art. 6 (1) c, GDPR.

 

In rare cases, the pro­cess­ing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital infor­ma­tion would have to be passed on to a doctor, hospital or other third party. Pro­cess­ing in such cases would be based on Art. 6 (1) d, GDPR.

 

Finally, pro­cess­ing oper­a­tions could be based on Art. 6 (1) f, GDPR. On this legal basis, pro­cess­ing oper­a­tions that are not covered by any of the above legal bases are required if pro­cess­ing is necessary to safeguard the legit­i­mate interests of our company or a third party, unless the interests, fun­da­men­tal rights and fun­da­men­tal freedoms of the data subject concerned prevail. Such pro­cess­ing oper­a­tions are par­tic­u­lar­ly allowed to us because they have been specif­i­cal­ly mentioned by the European leg­is­la­tor. This takes effect insofar as a legit­i­mate interest could be assumed if you are a customer of our company (recital 47 (2), GDPR).

 

  1. Addi­tion­al infor­ma­tion for the data subject con­cern­ing the col­lec­tion of personal data

 

  • General infor­ma­tion for the data subject con­cern­ing the col­lec­tion of personal data as an employee, appren­tice, trainee, intern or working student
  • General infor­ma­tion for the data subject con­cern­ing the col­lec­tion of personal data as a com­mu­ni­ca­tions partner and contact
  • Infor­ma­tion for the data subject con­cern­ing the col­lec­tion of personal data as a customer, prospec­tive customer, service provider or supplier
  1. Tech­nol­o­gy

7.1 SSL/TLS Encryp­tion 

This site uses SSL or TLS encryp­tion to ensure the security of the data pro­cess­ing and to protect the trans­mis­sion of con­fi­den­tial content, such as orders, login details or contact requests that you send to us as the operator. An encrypted con­nec­tion can be rec­og­nized by the fact that the address bar of the browser contains “https://” instead of an “http://” and the lock symbol in your browser bar.

 

When SSL or TLS encryp­tion is enabled, the data you submit to us cannot be read by third parties.

 

7.2 Data Col­lec­tion during Visits to the Websites

 

If our website is merely used for infor­ma­tion purposes, i.e. if you do not register or com­mu­ni­cate any other infor­ma­tion to us, we only collect the personal data that you browser transfers to our server (in server log files). Our website collects a series of general data and infor­ma­tion each time a page is accessed by you or an automated system. This general data and infor­ma­tion is stored in the log files of the server. Data that could be collected includes:

  1. The browser types and versions used
  2. The operating system used by the accessing system
  3. The website from which an accessing system arrives at our website (the referrer)
  4. The sub-web pages that are accessed via an accessing system on our website
  5. The date and time the website was accessed
  6. A shortened Internet Protocol address (anonymised IP address)
  7. The Internet service provider used by the accessing system.

When using this general data and infor­ma­tion, we do not draw any con­clu­sions on your person. Rather, this infor­ma­tion is used for:

  1. Deliv­er­ing the contents of our website correctly
  2. Opti­mis­ing the content of our website as well as the adver­tis­ing for it
  3. Ensuring the long-term func­tion­al­i­ty of our IT systems and the tech­nol­o­gy of our website
  4. Providing law enforce­ment with the necessary infor­ma­tion for pros­e­cu­tion in the event of a cyber attack.

This collected data and infor­ma­tion is therefore evaluated by us sta­tis­ti­cal­ly on the one hand and on the other hand with the aim of increas­ing the data pro­tec­tion and data security in our company in order to ulti­mate­ly ensure an optimum level of pro­tec­tion for the personal data we process. The anonymous data of the server log files is stored sep­a­rate­ly from all personal data provided by a data subject.

 

The legal basis for this data pro­cess­ing is Art 6 (1.1) f, GDPR. Our legit­i­mate interest follows from the data col­lec­tion purposes listed above.

 

  1. Cookies

 

8.1 General Infor­ma­tion on Cookies

We use cookies on our website. These are small files that your browser auto­mat­i­cal­ly creates and that are stored on your IT system (laptop, tablet, smart­phone, etc.) when you visit our site. Cookies do not harm your device, do not contain viruses, Trojans or other malicious software.

 

Infor­ma­tion is stored in the cookie which results in con­nec­tion with the specific terminal used. However, this does not mean that we are imme­di­ate­ly aware of your identity.

 

The use of cookies serves on the one hand to make the use of our offerings more con­ve­nient for you. For example, we use so-called session cookies to recognize that you have already visited indi­vid­ual pages on our website. These are auto­mat­i­cal­ly deleted when you leave our website.

 

Fur­ther­more, we also use temporary cookies that are stored on your device for a specified period of time to optimise usability. The next time you visit our site to take advantage of our services, it will auto­mat­i­cal­ly recognize that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.

 

On the other hand, we also use cookies to sta­tis­ti­cal­ly record the use of our website and to evaluate it for the purpose of opti­mis­ing our offerings. These cookies allow us to auto­mat­i­cal­ly recognize when you visit our site again that you have already visited us before. These cookies are auto­mat­i­cal­ly deleted after a defined time.

 

The data processed by cookies are for the purposes mentioned in order to safeguard our legit­i­mate interests as well as third parties as required in accor­dance with Art. 6 (1.1) f, GDPR.

 

Most browsers accept cookies auto­mat­i­cal­ly. However, you can configure your browser such that no cookies are stored on your computer or such that a message always appears before a new cookie is created. However, disabling cookies com­plete­ly may mean that you can not use all features of our website.

 

  1. Content of our Website

 

9.1 Reg­is­tra­tion as a User

 

You have the option of reg­is­ter­ing on our website by providing personal infor­ma­tion.

 

Which personal data is trans­mit­ted to us depends on the respec­tive input mask which is used for the reg­is­tra­tion. The personal data entered by you is collected and stored solely for internal use by us and for our own purposes. We may arrange for the transfer to one or more order proces­sors, such as a parcel service, who also uses the personal infor­ma­tion solely for internal use attrib­ut­able to us.

 

By reg­is­ter­ing on our website, the IP address assigned by your Internet service provider (ISP) as well as the date and time of reg­is­tra­tion are stored. This data is stored only against the back­ground of pre­vent­ing the misuse of our services, and such that this data makes it possible to clarify committed offenses where necessary.

 

In this respect, the storage of this data is required for our pro­tec­tion. This data will not be disclosed to third parties unless there is a legal oblig­a­tion for us to do so or the dis­clo­sure serves law enforce­ment oblig­a­tions.

 

Your reg­is­tra­tion under the voluntary provision of personal data also serves us to offer you content or services that, due to the nature of the case, can only be offered to reg­is­tered users. Reg­is­tered persons are free to change the personal data given at reg­is­tra­tion at any time or to have it deleted com­plete­ly from our database.

 

We will give you infor­ma­tion on request at any time about which of your personal data is stored. Fur­ther­more, we will correct or delete personal data at your request, as far as there are no statutory storage require­ments. A data pro­tec­tion officer named specif­i­cal­ly by name in this data pro­tec­tion dec­la­ra­tion and all other employees are available to the data subject in this context as a contact person.

 

Your data is processed in the interest of the con­ve­nient and easy use of our website. This con­sti­tutes a legit­i­mate interest within the meaning of Art. 6 (1) f, GDPR.

 

9.2 Making Contact / Contact Form 

 

When con­tact­ing us (for example via contact form or e-mail), personal data is collected. Which data is collected in the case of a contact form can be seen from the respec­tive contact form. This data is stored and used solely for the purpose of answering your request or for estab­lish­ing contact and the asso­ci­at­ed technical admin­is­tra­tion. The legal basis for pro­cess­ing the data is our legit­i­mate interest in answering your request in accor­dance with Art. 6 (1) f, GDPR. If your contact is aimed at con­clud­ing a contract, then an addi­tion­al legal basis for pro­cess­ing is Art. 6 (1) b, GDPR. Your data will be deleted after final pro­cess­ing of your request; this is the case if it can be inferred from the cir­cum­stances that the matter in question is finally clarified and provided that this is not in conflict with any statutory storage require­ments.

 

9.3 Appli­ca­tion Man­age­ment / Vacancies

 

We collect and process the personal data of appli­cants for the purpose of com­plet­ing the appli­ca­tion process.

 

The pro­cess­ing can also be performed elec­tron­i­cal­ly. This is par­tic­u­lar­ly the case if an applicant submits the relevant appli­ca­tion documents elec­tron­i­cal­ly, for example by e-mail or via a web form on the website. If we conclude a contract of employ­ment with an applicant, the trans­mit­ted data will be stored for the purpose of the employ­ment rela­tion­ship in com­pli­ance with the legal require­ments. If we do not conclude a contract of employ­ment with the applicant, the appli­ca­tion documents will be auto­mat­i­cal­ly deleted two months after noti­fi­ca­tion of the rejection decision, provided that deletion does not conflict with any other legit­i­mate interests on our part. Other legit­i­mate interests in this sense are, for example, a burden of proof in a procedure under the German Federal Act of Equal Treatment (AGG).

 

In this respect, data pro­cess­ing takes place solely on the basis of our legit­i­mate interest in accor­dance with Art. 6 (1) f, GDPR.

 

  1. Newslet­ter Dispatch

 

10.1 Newslet­ter Dispatch to Regular Customers

 

If you have provided us with your e-mail address when pur­chas­ing goods or services, we reserve the right to send you regular offers for similar goods or services such as those already purchased from our range by e-mail. We do not have to obtain separate consent from you to do so in accor­dance with § 7 (3) German Federal Law against Unfair Com­pe­ti­tion (UWG). In this respect, data pro­cess­ing takes place solely on the basis of our legit­i­mate interest in per­son­alised direct marketing in accor­dance with Art. 6 (1) f, GDPR. If you object to the use of your e-mail address for this purpose at the time of sub­mis­sion, we will not send you mail. You are entitled to object to the use of your e-mail address for the purpose described above at any time with effect for the future by sending a message to the persons respon­si­ble named above. For this purpose, you only have to pay trans­mis­sion costs in accor­dance with the standard rates. Upon receipt of your objection, the use of your e-mail address for marketing purposes will cease imme­di­ate­ly.

 

  1. Our Activ­i­ties in Social Networks

 

In order that we can com­mu­ni­cate with you in social networks and provide infor­ma­tion on our services, we are rep­re­sent­ed there with our own pages.

We are not the original provider (con­troller) of these pages, but use them only in the context of the options offered by the respec­tive provider.

 

Therefore, as a pre­cau­tion­ary measure, we point out that your data may also be processed outside the European Union or the European Economic Area. Use can therefore have privacy risks for you, because the pro­tec­tion of your rights, e.g. infor­ma­tion, deletion, oppo­si­tion, etc. can be difficult and pro­cess­ing in social networks is often performed directly for adver­tis­ing purposes or to analyse user behaviour by providers without us being able to influence this. If user profiles are created by the provider, cookies are often used or the usage behaviour is assigned directly to your own member profile of the social networks (if you are logged in here).

 

The described pro­cess­ing oper­a­tions of personal data is performed in accor­dance with Art. 6 (1) f, GDPR, based on our legit­i­mate interest and the legit­i­mate interests of the respec­tive provider in order to com­mu­ni­cate with you in a timely manner or to inform you of our services. If you have to give consent to the respec­tive providers for the data pro­cess­ing as a user, the legal basis for this is Art. 6 (1) a, GDPR, cf. Art. 7 GDPR.

 

Since we have no access to the databases of the providers, we point out that it is best for you to assert your rights (for example, to infor­ma­tion, cor­rec­tion, deletion, etc.) against the respec­tive provider directly. We have listed below further infor­ma­tion on the pro­cess­ing of your data in the social networks and the pos­si­bil­i­ty of exer­cis­ing your right of objection or revo­ca­tion (so-called opt-out) with the respec­tive provider of the social networks that we use:

 

11.1 Facebook

 

Con­troller for data pro­cess­ing in Europe:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Data Privacy Statement (data guide­lines):
https://www.facebook.com/about/privacy

Opt-out and adver­tis­ing settings:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

 

Facebook is a par­tic­i­pant within the EU-US Privacy Shield agreement:

https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

https://de-de.facebook.com/about/privacy/

 

11.2 Google+ / YouTube

 

Con­troller for data pro­cess­ing:

Google LLC, 1600 Amphithe­atre Parkway, Mountain View, CA 94043, USA

Data Privacy Statement:
https://policies.google.com/privacy

Opt-out and adver­tis­ing settings:

https://adssettings.google.com/authenticated

Google is a par­tic­i­pant within the EU-US Privacy Shield agreement:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

 

11.3 LinkedIn

 

Con­troller for data pro­cess­ing in Europe:

LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland

Data Privacy Statement:
https://www.linkedin.com/legal/privacy-policy

Opt-out and adver­tis­ing settings:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

LinkedIn is a par­tic­i­pant within the EU-US Privacy Shield agreement:
https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

 

11.4 Twitter

 

Con­troller for data pro­cess­ing in Europe: Twitter Inter­na­tion­al Company, One Cum­ber­land Place, Fenian Street, Dublin 2, D02 AX07, Ireland

Data Privacy Statement:
https://twitter.com/de/privacy

Infor­ma­tion on your data: https://twitter.com/settings/your_twitter_data

Opt-out and adver­tis­ing settings: https://twitter.com/personalization

Twitter is a par­tic­i­pant within the EU-US Privacy Shield agreement: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

 

 11.5 XING

 

Con­troller for data pro­cess­ing in Germany: XING AG, Damm­torstraße 29-32, 20354 Hamburg, Germany

Data Privacy Statement:
https://privacy.xing.com/de/datenschutzerklaerung

Infor­ma­tion requests for XING members:

https://www.xing.com/settings/privacy/data/disclosure

  

11.6 Instagram

 

Con­troller for data pro­cess­ing in Europe:

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Data Privacy Statement:
https://help.instagram.com/519522125107875

Opt-out and adver­tis­ing settings:

https://help.instagram.com/1896641480634370?ref=ig

Infor­ma­tion requests for Instagram members:

https://www.instagram.com/accounts/privacy_and_security/

 

11.7 Pinterest

 

Con­troller for data pro­cess­ing in Europe:

Pinterest Europe Ltd., Palmer­ston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

Data Privacy Statement:
https://policy.pinterest.com/de/privacy-policy

Opt-out and adver­tis­ing settings:

https://policy.pinterest.com/de/privacy-policy

Pinterest is a par­tic­i­pant within the EU-US Privacy Shield agreement: https://www.privacyshield.gov/participant?id=a2zt00000008VVzAAM&status=Active

 

11.8 Houzz

 

Con­troller for data pro­cess­ing in Europe:

Houzz Inc., 285 Hamilton Avenue, 4th Floor, Palo Alto, CA 94301, USA

Data Privacy Statement:
https://www.houzz.de/privacyPolicy

Opt-out and adver­tis­ing settings:

https://www.houzz.de/cookiePolicy

Infor­ma­tion requests for Houzz members:

https://help.houzz.com/s/?language=en

 

  1. Plug-ins and Other Services

 

12.1 Google Maps

 

We use Google Maps (API) on our website, provided by Google LLC., 1600 Amphithe­atre Parkway, Mountain View, CA 94043, USA. Google Maps is a web service for dis­play­ing inter­ac­tive (country) maps to visually display geo­graph­ic infor­ma­tion. By using this service you can, for example, see our location and make it easier to get there.

 

When you visit any of the subpages where the Google Maps map is incor­po­rat­ed, infor­ma­tion about your use of our website (such as your IP address) is trans­mit­ted to Google’s servers in the United States and stored there. This is done regard­less of whether Google provides a user account that you are logged into, or if there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not want this asso­ci­a­tion with your profile on Google, you will need to log out of your Google Account. Google stores your data (even that of users that are not logged in) as usage profiles and evaluates them. According to Art. 6 (1) f, GDPR, such an eval­u­a­tion is based on the legit­i­mate interests of Google in the display of per­son­al­ized adver­tis­ing, market research and/or the cus­tomized design of its website. You have a right of objection to the formation of these user profiles, and you must assert your claim to these rights against Google directly.

 

US-based Google LLC is certified under the US Privacy Shield, which ensures com­pli­ance with the level of data pro­tec­tion in the EU.

 

If you do not agree with the future trans­mis­sion of your data to Google when using Google Maps, you can also disable the Google Maps web service com­plete­ly by turning off the JavaScript appli­ca­tion in your browser. You will then no longer be able to use Google Maps and the map display on this website.

 

The use of Google Maps is in the interest of an attrac­tive pre­sen­ta­tion of our online offerings and to facil­i­tate easy location of the places we have indicated on the website. This con­sti­tutes a legit­i­mate interest within the meaning of Art. 6 (1) f, GDPR.

 

You can view the Google Terms of Use at https://www.google.de/intl/de/policies/terms/regional.html, and you will find the addi­tion­al Google Maps Terms of Service at https://www.google.com/intl/de_US/help/terms_maps.html.

You will find further infor­ma­tion on privacy in relation to the use of Google Maps, on the Google website (“Google Privacy Policy”): https://www.google.de/intl/de/policies/privacy/

 

12.2 Google Web Fonts

 

Our website uses web fonts provided by Google LLC., 1600 Amphithe­ater Parkway, Mountain View, CA 94043, United States for con­sis­tent font rep­re­sen­ta­tion. When you visit a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

 

To do this, the browser you use must establish a con­nec­tion to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of the uniform and attrac­tive pre­sen­ta­tion of our website.

This con­sti­tutes a legit­i­mate interest within the meaning of Art. 6 (1) f, GDPR.

 

US-based Google LLC is certified under the US Privacy Shield, which ensures com­pli­ance with the level of data pro­tec­tion in the EU.

 

You will find further infor­ma­tion on Google Web Fonts at https://developers.google.com/fonts/faq and in the Google Privacy Policy: https://www.google.com/policies/privacy/

 

  1. Your Rights as a Data Subject

 

13.1 Right to Con­fir­ma­tion

 

You have the right to ask us for con­fir­ma­tion that your personal data is being processed.

 

 

13.2 Right to Infor­ma­tion, Art. 15 GDPR

 

You have the right at any time to receive free infor­ma­tion from us about the personal data stored about you as well as a copy of this data.

 

 

13.3 Right to Rec­ti­fi­ca­tion, Art. 16 GDPR

 

You have the right to demand the cor­rec­tion of incorrect personal data relating to you. Fur­ther­more, the data subject has the right to request the com­ple­tion of incom­plete personal data, taking into account the purposes of the pro­cess­ing.

 

 

13.4 Right to Deletion, Art. 17 GDPR

 

You have the right to demand that the personal data relating to you be deleted without delay, provided that one of the reasons provided by law applies and that pro­cess­ing is not required.

 

 

13.5 Restric­tion of Pro­cess­ing, Art. 18 GDPR

 

You have the right to demand that we restrict pro­cess­ing if one of the legal require­ments is met.

 

1236 Data Porta­bil­i­ty, Art. 20 GDPR

 

You have the right to receive per­son­al­ly iden­ti­fi­able infor­ma­tion that you have provided to us in a struc­tured, common and machine-readable format. You also have the right to transfer this data to another person without hindrance by us, who has been provided with the personal data, provided that the pro­cess­ing is based on the consent pursuant to Art. 6 (1) a, GDPR or Art. 9 (2) a, GDPR or on a contract pursuant to Art. 6 (1) b, GDPR, and processed by automated means, unless the pro­cess­ing is necessary for the per­for­mance of a task that is in the public interest or in the exercise of official authority which has been entrusted to us.

 

Fur­ther­more, when exer­cis­ing your right to data porta­bil­i­ty under Art. 20 (1), GDPR, you have the right to effect that your personal data is trans­mit­ted directly from one con­troller to another, where tech­ni­cal­ly feasible and insofar as the rights and freedoms of other persons are not affected.

 

13.7 Right to Object, Art. 21 GDPR

 

You have the right at any time for reasons arising from your par­tic­u­lar situation to object to the pro­cess­ing of personal data relating to you which is processed on the basis of Art. 6 (1) e (data pro­cess­ing in the public interest) or f (data pro­cess­ing based on a balance of interests), GDPR.

 

This also applies to profiling based on these pro­vi­sions within the meaning of Art. 4 No. 4, GDPR.

 

If you object, we will no longer process your personal infor­ma­tion unless we can establish com­pelling legit­i­mate grounds for pro­cess­ing that outweigh your interests, rights and freedoms, or if pro­cess­ing is for the purpose of enforcing, pursuing or defending legal claims.

 

In indi­vid­ual cases, we process personal data in order to operate direct marketing. You may at any time object to the pro­cess­ing of personal data for the purpose of such adver­tis­ing. This also applies to profiling, insofar as it is asso­ci­at­ed with such direct marketing. If you object to our pro­cess­ing for direct marketing purposes, we will no longer process the personal data for these purposes.

 

Fur­ther­more, you have the right, for reasons arising from your par­tic­u­lar situation, to object to the pro­cess­ing of personal data relating to you by us for sci­en­tif­ic or his­tor­i­cal research purposes or for sta­tis­ti­cal purposes in accor­dance with Art. 89 (1) of the GDPR, unless such pro­cess­ing is necessary for sat­is­fy­ing a task that is in the public interest.

 

You are free within the context of the use of infor­ma­tion society services, notwith­stand­ing Directive 2002/58/EC, to exercise your right of objection through automated pro­ce­dures, in which technical spec­i­fi­ca­tions are used.

 

13.8 Revo­ca­tion of a Data Pro­tec­tion Consent

 

You have the right to withdraw your consent to the pro­cess­ing of personal data at any time with future effect.

 

13.9 Com­plaints via a Reg­u­la­to­ry Authority

 

You have the right to complain to a data pro­tec­tion super­vi­so­ry authority about our pro­cess­ing of personal data.

 

  1. Routine Storage, Deletion and Blocking of Personal Data

 

We process and store your personal data only for the period required to achieve the purpose of the storage or as provided by the leg­is­la­tion to which our company is subject.

If the purpose of the storage is no longer valid or if a pre­scribed storage period expires, the personal data will be routinely blocked or deleted in accor­dance with the statutory pro­vi­sions.

 

  1. Duration of the Storage of Personal Data

 

The criterion for the duration of the storage of personal data is the respec­tive statutory retention period. Once this period has expired, the cor­re­spond­ing data will be routinely deleted, if it is no longer required to fulfil the contract or to initiate a contract.

 

  1. Effec­tive­ness of and Changes to the Data Privacy Statement

 

This Data Privacy Statement is currently valid and is valid as of May 2018.

Due to the continual devel­op­ment of our websites and offerings or due to changed legal or official require­ments, it may be necessary to change this privacy statement. You can retrieve and print out the respec­tive effective data privacy statement at any time on the website at “https://www.bauformat.de/datenschutz/”