Data Privacy Statement

We are delighted that you have visited our website and at your interest in our company. We believe data protection enhances the quality of the customer experience. We are committed to protecting your personal data and safeguarding your rights of privacy. Under this Data Privacy Statement, we wish to provide all visitors to our website with transparent information on how, to what extent and for what purpose we collect, use and process personal data, as well as to inform you of your rights. In general, you can use our website without disclosing personal data. However, it may be necessary to process your personal data if you wish to use services our company offers on our website. The data that is automatically collected when you visit our website, or the personal data you enter when you use services, is processed in compliance with the latest statutory regulations on protection of personal data. If it is necessary to process your personal data and there is no legal basis for processing it, we in principle obtain your consent to process it for the required purpose. As the company responsible for processing the data (“controller”), we have defined technical and organisational measures so as to ensure as high a possible level of protection for your personal data. However, we point out that there may be security gaps when data is transferred in the World Wide Web. If you wish to use the services our company offers, but do not want to transfer data over the World Wide Web, you can also contact us by telephone.

1. Contact data of the controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

dhs Dietermann & Heuser Solution GmbH
Herborner Str. 50
35753 Greifenstein-Beilstein / Germany

Telephone: +49 2779 91200
E-mail: vertrieb@dhssolution.com

 

The following person has been appointed as Data Protection Officer:

Mr. Stephan Hartinger
Coseco GmbH

Telephone: +49 8232 80988-70
E-mail: datenschutz@coseco.de

2. Collection and disclosure of personal data

We use your personal data solely for the purposes specified in the information on data protection provided on this page. There are the following input screens for collecting personal data on our website:

2.1   Registration on our website

2.1.1. Mailing of our newsletter

On our website we offer you the possibility of subscribing to our newsletter, which provides you with regular information on offers, products and news from our company. You need a valid e-mail address to receive our newsletter. We need the following particulars from you so we can send you a personalised newsletter:

1. E-mail address

After you submit your registration, legal reasons require us to send you a confirmation mail so that you can complete your request to receive the newsletter (double opt-in). The data specified here is used solely for mailing the newsletter. This personal data is not passed on to third parties. If we have received your e-mail address in connection with the sale of goods or services, we reserve the right to send you regular offers by e-mail relating to products in our range that are similar to the one you purchased, unless you have objected to that. You can stop being sent the newsletter by cancelling your subscription to it and can withdraw your consent to your data being used to mail the newsletter at any time. Every newsletter contains a link allowing you to do that. 

2.2  Contact fields on our website

2.2.1  Getting in touch with us by mail or using the contact form

On our site we offer you the possibility of getting in touch with us by e-mail or using a contact form. If you get in touch with us by e-mail or using a contact form, the personal data you submit is stored automatically. Personal data given to us voluntarily in this way is stored so that we can handle your request or for the purpose of contacting the data subject. This personal data is not passed on to third parties.

3. What are cookies used for?

Cookies are used at several places on our website. Please refer to our Cookie Policy for details and information on which cookies are used.

 

4. Erasure, blocking and length of storage of personal data

We process and store your personal data only for the period of time required to achieve the purpose for which it is stored or in compliance with the various retention periods prescribed by law. When the purpose for which it is stored no longer applies or when the statutory retention period expires, your personal data is routinely blocked for further processing or erased in compliance with the statutory regulations.

5. Use of tracking/analytics tools and social plug-ins

Google Maps 

This website uses Google Maps to present interactive maps and to provide directions. Google Maps is a map service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. Use of Google Maps may mean that information on your use of this website, including your IP address and the (start) address entered in the route planner function, may be transferred to Google in the USA. When you call one of our websites containing Google Maps, your browser establishes a direct connection to the servers of Google. The map’s content is transmitted by Goggle directly to your browser and integrated by the latter in the website. We therefore do not have any influence over the scope of data collected by Google in this way. As far as we are aware at present, the following data at least is collected:

  • The date and time you visited the website in question
  • The Internet address or URL of the website you called
  • Your IP address and
  • The (start) address entered in the route planning function 

We have no influence over how the data is subsequently processed and used by Google and so cannot assume any responsibility for that.
If you do not want Google to collect, process or use data gathered from our Internet presence, you can disable JavaScript in your browser settings. However, that means you will not be able to display the maps.
Please refer to Google’s Privacy Policy for details of the purpose and scope of data collection, how the data is processed and used further by Google, your related rights and settings you can make to protect your privacy (https://policies.google.com/privacy).
By using our website, you agree to the data collected about you being processed by the Goggle Maps route planner in the above manner and for the above purpose.

6. Rights of data subjects

If you have questions on your personal data, you can contact us in writing at any time. You have the following rights under the General Data Protection Regulation (GDPR): 

6.1 Right to access (Article 15 GDPR)

You have the right to obtain information at any time on what categories of data and all your personal information we process, the purpose of that, the period of time for which the data is stored and the criteria used to determine that period, and whether automated decision-making, including profiling, is used in this connection. You also have the right to know which recipients or categories of recipient your data has been or will be disclosed to, in particular recipients in third countries or international organisations. In the latter case, you also have the right to be informed of appropriate safeguards relating to transfer of your personal data. Apart from your right to lodge a complaint with the supervisory authority and to be informed of the origin of your data, you have the right to demand that your personal data be erased or rectified or that processing of it be restricted, as well as the right to object to processing of it. In the above cases, you have the right to demand that the party processing the data provide you free of charge with a copy of your personal data we process. For any further copies you request or request above or beyond a data subject’s right to obtain information, we may charge a reasonable administrative fee. 

6.2 Right to rectification (Article 16 GDPR)

You have the right to demand the rectification of inaccurate personal data concerning you without undue delay and, taking into account the purposes of the processing, to have incomplete personal data completed, including by means of providing a supplementary statement. If you wish to use your right to rectification of your data, you can contact our Data Protection Officer or the controller at any time. 

6.3 Right to erasure (Article 17 GDPR)

You have the right to demand erasure of your data without undue delay (“right to be forgotten”), in particular if the data no longer needs to be stored, you withdraw your consent to processing of it, your data has been unlawfully processed or unlawfully collected, and there is a legal obligation to erase it under EU or national law. However, the “right to be forgotten” shall not apply if there is an overriding right to freedom of expression and information, the data has to be stored to ensure compliance with a legal obligation (e.g. storage obligations), archiving purposes prevent erasure of the data, or the data is stored to enable the establishment, exercise or defence of legal claims. 

6.4 Right to restriction of processing (Article 18 GDPR)

You have the right to demand restriction to processing of your data by the controller if the accuracy of the personal data is contested by you, processing of it is unlawful, you oppose the erasure of your personal data and request the restriction of its processing instead, the personal data is no longer required for the purpose for which it is processed, or you have objected to processing of it in accordance with Article 21 (1) pending the verification whether our legitimate grounds override yours. 

6.5 Right to data portability (Article 20 GDPR)

You have the right to receive the personal data concerning you which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, if

  • the processing is based on your consent and
  • the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, where technically feasible. This must not adversely affect the rights and freedoms of others.

The right to data portability shall not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

6.6 Right to object (Article 21 GDPR)

You have the right at any time to object to the collection, processing or use of your personal data for direct marketing or market and opinion research purposes, as well as to general processing of your data for business purposes, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. Moreover, you cannot exercise your right to object if a legal provision authorises or requires collection, processing or use of the data. 

6.7 Right to lodge a complaint with a supervisory authority (Article 77 GDPR in conjunction with Section 19 of the German Federal Data Protection Act (BDSG))

You have the right to lodge a complaint with the responsible supervisory authority if you consider that processing of your personal data infringes statutory data protection requirements. 

6.8 Right to withdraw consent (Article 7 (3) GDPR)

If you have given us your consent to process your personal data, you can withdraw such consent at any time, without the need to state a reason for doing so. The same also applies if you wish to revoke declarations of consent you gave us before the EU General Data Protection Regulation came into effect.

7. Legal basis for processing

If we obtain consent from data subjects to process their personal data, the legal basis for processing is laid down by Article 6 (1) sentence 1 point (a) of the General Data Protection Regulation (GDPR). The legal basis for processing personal data required in order to perform a contract in which the data subject is Article 6 (1) sentence 1 point (b) GDPR. This provision also covers processing operations required to take steps prior to entering into a contract. If processing of personal data is necessary for compliance with a legal obligation on the part of our company, the legal basis for that is Article 6 (1) sentence 1 point (c) GDPR. If processing is necessary to safeguard legitimate interests of our company or a third party and the data subject’s interests, fundamental rights and freedoms do not override the interests of our company or the third party, the legal basis for that is Article 6 (1) sentence 1 point (f) GDPR. The legitimate interests of our company are in conducting our business operations and in analysing, optimising and preserving the security of our online offering. 

8. Transfer of data to third parties

In general, we do not sell or lend user data. Data will be transferred to third parties above and beyond the scope defined in this Data Privacy Statement only if required for handling the requested service. We only transfer data if we are legally obliged to do so. That is the case if government institutions (such as law-enforcement authorities) request information in writing or a court order compels us. Personal data is not transferred to third countries, i.e. countries outside the EU/EEA.

9. Statutory or contractual requirements to provide personal data and the possible consequences of failure to provide such data

We point out that the provision of personal data may be prescribed by law in certain cases (such as under fiscal law regulations) or under a contract (such as details on/of the contractual partner). To conclude a contract, for example, it may be necessary for the data subject/contractual partner to provide his/her personal data so that his/her request (such as an order) can be handled by us in the first place. In particular, there is an obligation to provide personal data when a contract is concluded. If no personal data is provided in such a case, the contract cannot be concluded with the data subject. Data subjects can contact our Data Protection Officer or the controller before providing personal data. The Data Protection Officer or controller will then inform them if the required personal data has to be provided under the law or a contract or is necessary to conclude a contract and whether a data subject’s request means there is an obligation to provide personal data or what consequences a failure to provide the requested data has for the data subject.

10. Existence of automated decision-making

As a responsible company, we do not use automated decision-making or profiling in our business relationships.