BWS GIANT Datenschutz

data protection

Privacy Policy

Stand 01.01.2024

GeneralThe following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text. Responsible body Data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website. A responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc. Ä.) decides.Objection to advertising emailsThe use of contact details published as part of the imprint obligation to send unsolicited advertising and information materials is hereby objected to. Using the above-mentioned contact details for your own purposes will also result in criminal law issues. The operators of the sites expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, such as spam emails or if the above email addresses are used for other unauthorized activities. Overview of processing Types of processed dataInventory dataLocation dataContact dataContent dataContract dataUsage dataMeta, communication and procedural data Categories of data subjectsCustomersEmployeesInterested partiesCommunication partnersUsersCompetition participantsBusiness and contractual partnersThird partiesWhistleblowers Purposes of processingProvision of contractual services and fulfillment of contractual obligationsContact requests and communicationSecurity measuresDirect marketingReach measurementTrackingOffice and organizational proceduresConversion measurementAdministration and answering of inquiries Implementation of sweepstakes and competitionsFeedbackMarketingProfiles with user-related informationProvision of our online offering and user-friendlinessInformation technology infrastructureWhistleblower protectionLegal basis according to the GDPR Below you will find an overview of the legal basis of the GDPR, on the basis of which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR) - The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or several specific purposes. Performance of the contract and pre-contractual inquiries (Art. 6 Paragraph 1 S. 1 lit. b) GDPR) - Processing is necessary for the performance of a contract to which the data subject is a party or to carry out pre-contractual measures that are carried out at the request of the data subject. Legal obligation (Art. 6 Paragraph 1 S. 1 lit. c) GDPR) - The processing is necessary to fulfill a legal obligation to which the controller is subject. Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR) - The processing is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, outweigh them. National data protection regulations in GermanyIn addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. This includes in particular the law to protect against misuse of personal data during data processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special regulations on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes and transmission and automated decision-making in individual cases, including profiling. Furthermore, state data protection laws of the individual federal states may apply. How do we collect your data? On the one hand, your data is collected when you provide it to us. This can be e.g. B. This concerns data that you enter into a contact form. Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter this website. We would like to point out that data transmission over the Internet may have security gaps. Complete protection of data from access by third parties is not possible. What do we use your data for? Some of the data is collected to ensure that the website is provided error-free. Other data can be used to analyze your user behavior. What is personal data? Personal data is all data that can be related to you personally, such as name, address, e-mail address, telephone number, fax number. The collection, processing and storage of your personal data is in accordance with applicable data protection laws. Minors We do not knowingly collect data from children under 18 years of age as this website does not carry out age checks. Shortening of the IP address If IP addresses are processed by us or by the service providers and technologies used and the processing of a complete IP address is not necessary, the IP address is shortened (also referred to as “IP masking”). Here, the last two digits or the last part of the IP address after a period are removed or replaced with placeholders. Shortening the IP address is intended to prevent or make it significantly more difficult to identify a person based on their IP address. SSL or TLS encryption This site uses for security reasons and to protect the transmission of confidential content, such as orders or inquiries You send us as the site operator SSL or TLS encryption. You can recognize an encrypted connection by the browser address bar changing from “http://” to “https://” and by the lock symbol in your email address Browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. We would like to point out that data transmission on the Internet (e.g. when communicating via e email or website) may have security gaps. It is not possible to completely protect the data from access by third parties.Transfer of personal dataAs part of our processing of personal data, the data may be transmitted to other bodies, companies, legally independent organizational units or persons or disclosed to them. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data. Data transfer within our companyWe may transfer personal data to other parties within our company or grant them access to this data. If this transfer is made for administrative purposes, the transfer of the data is based on our legitimate entrepreneurial and business interests or takes place if it is necessary to fulfill our contractual obligations or if there is consent from those affected or legal permission. Data processing in third countries If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing is carried out in the context of using third-party services or disclosing or transmitting data to other persons, Positions or companies take place, this only takes place in accordance with the legal requirements. If the level of data protection in the third country has been recognized by means of an adequacy decision (Art. 45 GDPR), this serves as the basis for the data transfer. Furthermore, data transfers only take place if the level of data protection is otherwise secured, in particular through standard contractual clauses (Art. 46 Para. 2 lit. c) GDPR), express consent or in the case of contractually or legally required transfer (Art. 49 Para. 1 GDPR). . We will also inform you about the basics of third-country transfers for the individual providers from the third country, with the adequacy decisions taking precedence as the basic principles. Information on third country transfers and existing adequacy decisions can be found in the EU Commission's information offering: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=de.EU- US Trans-Atlantic Data Privacy Framework As part of the so-called "Data Privacy Framework" (DPF), the EU Commission has also recognized the level of data protection as secure for certain companies from the USA as part of the adequacy decision in July 2023. The list of certified companies as well Further information about the DPF can be found on the website of the US Department of Commerce at https://www.dataprivacyframework.gov/ (English only). Data transfer in generalYour personal data will not be transferred to third parties, except in the description of the respective data processing Please note - if you have given your consent in accordance with Art is necessary and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data - in the event that there is a legal obligation for the disclosure in accordance with Art Art. 6 Para. 1 S. 1 lit. b GDPR is necessary for the processing of contractual relationships with you. Collection of data by third parties - data protection of other sites. This policy only deals with the use and disclosure of data that we collect from you. If you post information on other websites or disclose it to third parties on the Internet, different terms and conditions may apply. Therefore, always read the Terms and Conditions and Privacy Policy carefully when disclosing information. This Privacy Policy does not apply to the business practices of companies not owned or controlled by us, or to persons other than our employees and employees, including third parties to whom we disclose this information as described in this Privacy Policy. Please note that some recipients may not be located in the European Economic Area. If this is the case, we will only transfer your data to countries approved by the European Commission with an adequate level of data protection or to ensure an adequate level of data protection through a legal agreement. Further information on data transfer to the USA Our website includes, among other things, tools from companies based in the USA included. When these tools are active, your personal information may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It cannot therefore be ruled out that US authorities (e.g. secret services) process and evaluate your data located on US servers for surveillance purposes and save permanently. We have no influence on these processing activities. Deletion and storage period of data The data processed by us will be deleted in accordance with legal requirements as soon as their consent for processing is revoked or other permissions no longer apply. Unless the data is deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. Unless a specific storage period is specified in this data protection declaration, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods); In the latter case, the deletion takes place after these reasons no longer apply.Rights of the data subjectsRights of the data subjects from the GDPR: As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Articles 15 to 21 of the GDPR: Right to objectYou have the right to for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is carried out on the basis of Article 6 Paragraph 1 Letter e or f GDPR; This also applies to profiling based on these provisions. If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; This also applies to profiling insofar as it is connected to such direct advertising. You can revoke your consent at any time for the future via widerruf-datenschutz@bws-giant.de or by letter to the known address. Right to revoke consentYou have the right to revoke your consent at any time. Many data processing operations are only possible with your express consent. You can revoke your consent at any time via widerruf-datenschutz@bws-giant.de or by letter to the known address. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation. Right to informationYou have the right to request confirmation as to whether the data in question is being processed and to receive information about this data as well as further information and a copy of the data in accordance with the legal requirements. Upon request, we will be happy to inform you whether and which personal data we have stored about you (Article 15 GDPR). In this regard, you can contact us at any time using the contact options listed in the legal notice. Within the framework of the applicable legal provisions, you have the right to free information at any time about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time about this or if you have any further questions on the subject of personal data. Right to correction In accordance with the legal requirements, you have the right to request that the data concerning you be completed or that incorrect data concerning you be corrected. Within the framework of the applicable legal provisions, you have the right to free information at any time about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time about this or if you have any further questions on the subject of personal data. Right to deletion and restriction of processing In accordance with the legal requirements, you have the right to demand that data concerning you be deleted immediately, or alternatively in accordance with legal requirements to demand a restriction on the processing of the data. Within the framework of the applicable legal provisions, you have the right to free information at any time about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time about this or if you have any further questions on the subject of personal data. Right to data portabilityYou have the right to receive data concerning you that you have provided to us in a structured, common and machine-readable format in accordance with the legal requirements or to request that it be transmitted to another person responsible.You have the right to data that We process it automatically based on your consent or in fulfillment of a contract and have it handed over to you or to a third party in a common, machine-readable format. If you request the data to be transferred directly to another person responsible, this will only be done if it is technically feasible. Complaint to a supervisory authority, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you are of the opinion that the processing of your personal data violates the requirements of the GDPR. In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies. Right to restriction of processingYou have the right to request that the processing of your personal data be restricted. You can contact us at any time about this. The right to restriction of processing exists in the following cases: If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request that the processing of your personal data be restricted. If the processing of your personal data was/is occurring unlawfully, you can request that the data processing be restricted instead of deletion. If we no longer need your personal data However, if you need it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion. If you have lodged an objection in accordance with Article 21 Para. 1 GDPR, a balance must be made between your and our interests. As long as it is not yet clear whose interests prevail, you have the right to request that the processing of your personal data be restricted. If you have restricted the processing of your personal data, this data - apart from being stored - may only be permitted with your consent or for the purposes of asserting your rights , exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a member state. Use of cookies Our websites use so-called “cookies”. Cookies are small text files and do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser automatically deletes them. “Session cookies” that ensure normal system use. Session cookies are only stored for a limited time during a session and are deleted from your device as soon as you close your browser. “Persistent cookies”, which are only read by the website and are not deleted when the browser window is closed, but are stored on your computer for a certain period of time become. This type of cookie enables us to identify you on your next visit and, for example, to save your settings. In some cases, cookies from third-party companies can also be stored on your device when you enter our site (third-party cookies). These enable us or you to use certain third-party services (e.g. cookies for processing payment services). “Third-party cookies” are set by other online services that are represented with their own content on the page you are visiting. This can e.g. B. external web analytics companies that record and analyze access to our website. Cookies have various functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising. Cookies that are used to carry out the electronic communication process (necessary cookies) or to provide certain functions you want (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 Para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies in order to provide its services in a technically error-free and optimized manner. If consent to the storage of cookies has been requested, the relevant cookies will be stored exclusively on the basis of this consent (Art. 6 Para. 1 lit. a GDPR); Consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser . If cookies are deactivated, the functionality of this website may be restricted. If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this data protection declaration and, if necessary, request your consent. General information on revocation and objection (so-called " “Opt-Out”) Users can revoke the consent they have given at any time and object to the processing in accordance with the legal requirements. To do this, users can, among other things, restrict the use of cookies in their browser settings (which may also limit the functionality of our online offering). Cookie browser settingsYou can set your browser so that it does not set cookies on your device. To do this, proceed as follows (no guarantee of accuracy):Internet Explorer:Select "Internet Options" in the "Extras" menu. Click on the “Privacy” tab. Here you can set whether and which cookies should be accepted or rejected. Click "OK" to confirm your setting (otherwise no saving). In Firefox: Select Settings from the “Tools” menu. Click on “Privacy”. In the drop-down menu, select the entry “create according to user-defined settings”. Now you can set whether cookies should be accepted, how long you want to keep these cookies and add exceptions, which websites you always or never want to allow to use cookies. With "OK" you confirm your setting (otherwise no storage).Business servicesWe process data from our contractual and business partners, e.g. customers and interested parties (collectively referred to as "contractual partners") within the framework of contractual and comparable legal relationships as well as associated measures and within the framework communication with the contractual partners (or pre-contractual), for example to answer inquiries. We process this data in order to fulfill our contractual obligations. This includes, in particular, the obligations to provide the agreed services, any update obligations and remedies in the event of warranty and other service disruptions. In addition, we process the data to protect our rights and for the purposes of the administrative tasks associated with these obligations and the company organization. In addition, we process the data on the basis of our legitimate interests in proper and business management as well as security measures to protect our contractual partners and our business operations from misuse and jeopardy of their data, secrets, information and rights (e.g. the involvement of telecommunications and other auxiliary services as well subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). Within the scope of applicable law, we only pass on the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or to fulfill legal obligations. The contractual partners will be informed about other forms of processing, e.g. for marketing purposes, within the framework of this data protection declaration. We inform the contractual partners which data is required for the aforementioned purposes before or as part of the data collection, e.g. in online forms, through special marking (e.g. colors) or symbols (e.g. asterisks, etc.), or personally. We delete them Data after the expiry of statutory warranty and comparable obligations, ie, generally after 3 years, unless the data is stored in a customer account, for example as long as it must be retained for legal archiving reasons. The statutory retention period is ten years for documents relevant to tax law as well as for commercial books, inventories, opening balance sheets, annual financial statements, the work instructions required to understand these documents and other organizational documents and accounting documents, and six years for commercial and business letters received and copies of the commercial and business letters sent. The period begins at the end of the calendar year in which the last entry was made in the book, the inventory, the opening balance sheet, the annual financial statements or the management report were prepared, the commercial or business letter was received or sent or the accounting document was created and the recording was also made or the other documents have been created. If we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers. Types of data processed: inventory data (names, addresses); Payment data (bank details, invoices, payment history); Contact details (email, telephone numbers); Contract data (subject of the contract, term, customer category); Usage data (websites visited, interest in content, access times); Meta, communication and procedural data (IP addresses, time information, identification numbers, consent status). Affected persons: interested parties, business and contractual partners, customers. Purposes of processing: provision of contractual services and fulfillment of contractual obligations; Contact inquiries and communication; office and organizational procedures; managing and responding to inquiries; Marketing measurement (measuring the effectiveness of marketing measures). Legal basis: fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR). Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).External hosting / IONOS partner network / emailThis website is hosted by an external service provider (hoster) and our email traffic also takes place via the hoster. The personal data collected on this website is stored on the host's servers. This can include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access and other data that is generated via a website. The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offering by a professional provider (Art. 6 Para. 1 lit. f GDPR). Our hoster will use your data only process it to the extent that this is necessary to fulfill its service obligations and follow our instructions with regard to this data. We use the following host: 1&1 IONOS SEElgendorfer Str. 5756410 Montabaur We have concluded a contract for order processing (AVV) with the above-mentioned provider. This is a contract required by data protection law, which guarantees that the personal data of our website visitors will only be processed in accordance with our instructions and in compliance with the GDPR. You can find out more about data protection at https://www.ionos.de/terms-gtc /terms-privacy. Order processing contract: https://www.ionos.de/hilfe/datenschutz/generale-information-zur-datenschutz-grundverfassung-dsgvo/vertragsprocessing/. Server log filesThe provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: - Browser type and browser version - Operating system used - Referrer URL - Host name of the accessing computer - Time of server request - IP address This data will not be merged with other data sources. This data is collected on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - for this purpose the server log files must be recorded. E-mail sending The web hosting services we use also include sending, receiving and the storage of emails. For these purposes, the addresses of the recipients and senders as well as other information regarding the sending of emails (e.g. the providers involved) as well as the contents of the respective emails are processed. The aforementioned data may also be processed for SPAM detection purposes. We ask you to note that emails on the Internet are generally not sent encrypted. As a rule, emails are encrypted during transport, but (unless a so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We can therefore assume no responsibility for the transmission path of emails between the sender and receipt on our server; Legal basis: legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). IONOS WebAnalyticsThis website uses the analysis services of IONOS WebAnalytics (hereinafter: IONOS). The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D – 56410 Montabaur. As part of the analyzes with IONOS, visitor numbers and behavior (e.g. number of page views, duration of a website visit, bounce rates), visitor sources (ie which page the visitor comes from), visitor locations and technical data (browser and operating system versions) can be analyzed. to be analyzed. For this purpose, IONOS stores the following data in particular: - Referrer (previously visited website) - requested website or file - browser type and browser version - operating system used - device type used - time of access - IP address in anonymized form (is only used to determine the location of access used)According to IONOS, data collection is completely anonymized so that it cannot be traced back to individual people. Cookies are not stored by IONOS WebAnalytics. The data is stored and analyzed on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the statistical analysis of user behavior in order to optimize both its website and its advertising. If appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be revoked at any time. Further information on data collection and processing by IONOS WebAnalytics can be found in the IONOS data protection declaration at the following link: https://www.ionos.de/terms-gtc/index.php?id=6Analytics tools and tools from Third parties When you visit this website, your surfing behavior can be statistically evaluated. This happens primarily with so-called analysis programs. Usercentrics Consent Management PlatformThis is a consent management service that uses cookies to manage your consents. The purpose is to monitor compliance with legal obligations and the storage of consent. Company data is: Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich. The technologies with which this service collects data are cookies and pixels that are placed in the browser. The following data The following are collected and processed: - Browser information - Date and time of visit - Device information - Geographical location - Opt-in and opt-out data - Request URL of the website - Page path of the website The legal basis for this is Art. 6 Para. 1 S. 1 lit. c GDPR. Munich is the primary place where the collected data is processed. The consent database is located in Belgium. The retention period is the period during which the collected data is stored for processing. The data must be deleted as soon as it is no longer needed for the specified processing purposes. The consent data (consent and revocation of consent) are stored for three years. The data will then be deleted immediately or, upon request, passed on to the responsible person in the form of a data export. The data recipient is Usercentrics GmbH. You can find the data protection regulations of Usercentrics GmbH here: https://usercentrics.com/privacy-policy/Gstatic On our website there is a Web service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Gstatic) is reloaded. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Gstatic. The legal basis for data processing is Article 6 (1) (f) GDPR. The legitimate interest lies in the error-free functioning of the website. The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transferred data can be found in Gstatic's data protection declaration: https://policies.google.com/privacyYou can prevent the collection and processing of your data by Gstatic by deactivating the execution of script code in your browser or install a script blocker in your browser.Amazon CloudfrontThis website uses the content delivery network (CDN) Cloudfront. This is a service of Amazon Web Services Inc., 410 Terry Avenue North, Seattle, WA 021225085203. The Cloudfront CDN makes duplicates of a website's data available on various Amazon Web Services (AWS) servers distributed worldwide. This results in faster loading times for the website, greater reliability and increased protection against data loss. Some of the images and videos embedded on this website are obtained from the Cloudfront CDN when the page is accessed. Through this retrieval, if you have activated Java Script in your browser and have not installed a Java Script blocker, information about your use of our website (such as your IP address) will be transmitted to Amazon servers in other EU countries and stored there . This happens as soon as you enter our website. To prevent the execution of Java script code from Amazon CloudFront - Content Delivery Network (CDN) as a whole, you can install a Java script blocker. The use of Amazon Web Services and the Amazon CDN Cloudfront is in the interest of greater reliability website, increased protection against data loss and better loading speed of this website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. You can find out more about the data protection measures of Amazon Web Services at: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation1.pdf( PDF DOWNLOAD!) The current data protection declaration of Amazon Web Services can be found at: https://aws.amazon.com/de/privacy/Amazon Web Services Inc., based in the USA, is responsible for the US-European data protection agreement “Privacy Shield”. certified, which ensures compliance with the data protection level applicable in the EU. External online presencesWe maintain online presences within the social networks and platforms listed below in order to communicate with active users there and to provide information about our company and our products. If you communicate with us on social networks and platforms, e.g. write posts on our online presence or send us messages, we process your data for communication purposes. In addition, when you visit and use our respective online presence, the operator of the network or platform can evaluate your usage behavior and provide us with the information obtained from this. This information is used for the purposes of economic optimization and needs-based design of our online presence. Furthermore, your data within social networks and platforms is usually processed by the respective operator for market research and advertising purposes. For example, usage profiles can be created based on your usage behavior and the resulting interests in order to place advertisements tailored to your interests within and outside the networks and platforms. Further information on the operator's processing and possible objection options (opt-out) can be found in the data protection declarations of the respective operators. Our processing of your data is based on our legitimate interest (Art. 6 1f GDPR) in increasing the awareness of our company, to communicate with people who are interested in our company and our products and to better understand your wishes and interests. The data categories we may use include inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta - and connection data (e.g. device information, IP addresses). The deletion of your data is determined in accordance with the data protection declarations of the respective operator. Presences in social networks (social media) We maintain online presences within social networks and process user data in this context in order to communicate with active users there or to offer information about us. We would like to point out that user data is stored outside of this within the European Union. This can pose risks for users because it could make it more difficult to enforce users' rights. For a detailed description of the respective forms of processing and the options for objection (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks. YouTubeThis website embeds videos from the YouTube website. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. When you visit one of our websites on which YouTube is integrated, a connection is established to YouTube’s servers. The YouTube server is informed which of our pages you have visited. YouTube can also store various cookies on your device. With the help of these cookies, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve user experience and prevent fraud attempts. The cookies remain on your device until you delete them. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of an attractive presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit 1 lit. a GDPR; The consent can be revoked at any time. Further information on the handling of user data can be found in YouTube's data protection declaration at: https://policies.google.com/privacy?hl=de.Social media plug-ins with ShariffThis website uses social media plug-ins Media used (e.g. Facebook, Twitter, Instagram). You can usually recognize the plugins by the respective social media logos. To ensure data protection on this website, we only use these plugins together with the so-called “Shariff” solution. This application prevents the plugins integrated on this website from transferring data to the respective provider when you first enter the site. Only when you activate the respective plugin by clicking on the associated button will a direct connection to the provider's server be established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited this website with your IP address. If you are logged into your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to this website to your user account. Activating the plugin constitutes consent within the meaning of Art. 6 Para. 1 lit . The provider of this service is Facebook Ireland Limited (Meta Platforms Ireland Limited), 4 Grand Canal Square, Dublin 2, Ireland and Google Inc. 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). However, according to Facebook, the data collected will also be transferred to the USA and other third countries. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on this website. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/?locale=de_DE. When you visit this website, the plugin creates a direct connection between your browser and the Facebook server manufactured. Facebook thereby receives the information that you have visited this website with your IP address. If you click the Facebook “Like” button while you are logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to assign your visit to this website to your user account. We would like to point out that as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. If you have a Facebook or YouTube account, you can use such a social plugin and share information with your friends. If you do not want Facebook to be able to assign your visit to this website to your Facebook user account, please log out of your Facebook account Facebook user account. We have no influence on the content of the plugins and the transmission of information. The use of the Facebook plugins is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in achieving the greatest possible visibility on social media. If appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; consent can be revoked at any time. Facebook and Google provide detailed information on the scope, type, purpose and further processing of your data on their websites. Here you will also find further information about your rights and setting options to protect your privacy. Data protection information from Facebook: https://www.facebook.com/about/privacyData protection information from Google: https://www.google.com/intl/de/ policies/privacyMeta Retargeting - Facebook Pixel – InstagramOur platform uses the advertising services of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin, Ireland (“Meta”). Through the use of cookies, device identifiers or similar technologies, information about the use of this website and Meta Platforms Ireland Limited is collected under joint responsibility and transmitted to Meta Platforms Ireland Limited. This website is a pixel of Meta Platforms Ireland Limited integrated (website custom audience pixel), which enables Meta to transmit tracking data. This information can be assigned to you using additional information that Meta has stored about you, for example due to your ownership of an account on the social network “Facebook” and “Instagram”. Based on the information collected on the website, interest-based advertisements about our services can be shown to you in your Facebook or Instagram account (retargeting). On the other hand, we can use the Facebook pixel to evaluate the effectiveness of Facebook advertisements for statistical and market research purposes by determining whether users were redirected to our website after clicking on a Facebook advertisement. The information collected may also be aggregated by Meta and the aggregated information may be used by Meta for its own web purposes and for the advertising purposes of third parties. For example, Meta can infer certain interests from your surfing behavior on this website and also use this information to advertise third-party offers. Meta can also combine the information collected via the pixel with other information that Meta has collected about you via other websites and/or in connection with the use of the social network “Facebook” and “Instagram”, so that Meta Platforms Ireland Limited may store a profile about you. This profile can be used for advertising purposes. Meta Platforms Ireland Limited is solely responsible for the permanent storage and further processing of the tracking data collected via the website custom audience pixel used on this website. In this context, Meta Platforms Ireland Limited, as the sole data controller, may store data about you in the USA. In this context, there is a particular risk that your data will be processed by American institutions/authorities for control and surveillance purposes without you having an adequate legal remedy against this. The legal basis for this data processing is Article 6 Paragraph 1a) GDPR. Further information on data protection at Meta can be found at https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0.Instagram (plugin) general On this website functions of the Instagram service are integrated or we have an Instagram profile on www.instagram.com. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA / Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Plugins from the social network Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA (“Instagram”) are integrated. You can recognize the Instagram plugin by the “Instagram button” on our site. If you are logged into your Instagram account, you can link the contents of this website with your Instagram profile by clicking on the Instagram button. This allows Instagram to assign your visit to this website to your user account. We would like to point out that, as providers of the pages, we have no knowledge of the content of the transmitted data or their use by Instagram. The use of the Instagram plugin is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the greatest possible visibility on social media. Further information can be found in Instagram's data protection declaration: https://instagram.com/about/legal/privacy TikTok generalFunctions of the TikTok service are integrated into this website or we have a TikTok profile on www.tiktok.com. These functions are offered by TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (TikTok Information Technologies UK Limited, One London Wall, London EC2Y 5EB). You can contact TikTok using the following form: https:// www.tiktok.com/legal/report/privacy. You can reach TikTok's data protection officer using the following form: https://www.tiktok.com/legal/report/DPO. If you are logged into your TikTok account, you can You can link the contents of this website to your TikTok profile by clicking on the TikTok button. This allows TikTok to assign your visit to this website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or their use by TikTok. The use of the TikTok plugin is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the greatest possible visibility on social media.TikTok AdvertisingOur platform uses the TikTok Advertising service. TikTok Advertising is an online advertising program from TikTok Information Technologies UK Limited, One London Wall, London EC2Y 5EB (“TikTok”). Through the use of cookies and similar technologies such as device identifiers, information about the use of this website and TikTok Information Technologies UK Limited is collected under joint responsibility and transmitted to TikTok Information Technologies UK Limited. A pixel from TikTok is integrated into this website, which enables TikTok to transmit tracking data. When used, tracking data is transmitted to TikTok. Further processing of the data transmitted to TikTok Information Technologies UK Limited is the sole responsibility of TikTok Information Technologies UK Limited under data protection law. This information transmitted to TikTok can be assigned to you using other information that TikTok has stored about you, for example due to your ownership of an account on the social network “TikTok”. Based on the information collected, interest-based advertisements about our offers can be displayed to you in your TikTok account (retargeting). The information collected may also be aggregated by TikTok and the aggregated information may be used by TikTok for its own advertising purposes and for the advertising purposes of third parties. TikTok can also combine the information collected with other information that TikTok has about you, e.g. For example, you can connect other websites so that a profile about you can be saved on TikTok. This profile can be used for advertising purposes. To the extent that TikTok Information Technologies UK Limited processes your data as the sole controller under data protection law, it is possible that your data will be transmitted by TikTok Information Technologies UK Limited to the USA. In this context, there is a particular risk that your data will be processed by American institutions/authorities for control and surveillance purposes without you having an adequate legal remedy against this. The legal basis for this data processing is Article 6 Paragraph 1a) GDPR. Further information on data protection at TikTok can be found at https://www.tiktok.com/legal/page/eea/privacy-policy/deContact and inquiry processingContact formIf you send us inquiries using the contact form If you send us your information from the inquiry form, including the contact details you provided there, we will store it for the purpose of processing the inquiry and in case of follow-up questions. We will not pass on this data without your consent unless we are legally required to do so. Furthermore, your IP address may be stored anonymously by the host for the time required to process your request. This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, provided that your request is fulfilled of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was queried. The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory legal provisions - in particular retention periods - remain unaffected. WhatsApp Business We offer the opportunity to communicate with us via the messaging service/Messanger WhatsApp of WhatsApp Ireland Limited (Meta Platforms Ireland Limited), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, to get in touch. For this we use the so-called “business version” of WhatsApp. If you contact us via WhatsApp for a specific transaction (e.g. a booking made), we store and use the mobile phone number you use on WhatsApp and – if provided by you – yours First and last names in accordance with Article 6 Paragraph 1 Letter b. GDPR to process and respond to your request. Based on the same legal basis, we may ask you via WhatsApp to provide additional data (order number, customer number, address or email address) in order to be able to assign your request to a specific process. Use our WhatsApp contact for general inquiries (e.g Range of services, availability, etc.) we store and use the mobile phone number you use on WhatsApp as well as - if provided by you - your first and last name in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in the efficient and Prompt provision of the requested information. Your data will only ever be used to answer your request via WhatsApp. We will not pass it on to third parties. Under no circumstances will you receive the first contact from us via WhatsApp. In order for us to communicate with you via WhatsApp, you must first write to us. We would like to point out that WhatsApp Business receives access to the address book of the mobile device we use for this purpose and that telephone numbers stored in the address book are automatically sent to a server of the parent company Meta Platforms Inc. broadcast in the USA. To operate our WhatsApp business account, we use a mobile device in whose address book only the WhatsApp contact details of those users who have contacted us via WhatsApp are stored. This ensures that every person whose WhatsApp Contact data is stored in our address book, has already consented to the transmission of his WhatsApp telephone number from the address books of his chat contacts in accordance with Art. 6 Para. 1 lit. a GDPR when using the app on his device for the first time by accepting the WhatsApp terms of use. A transmission of data from users who do not use WhatsApp and/or have not contacted us via WhatsApp is therefore excluded. Purpose and scope of data collection and the further processing and use of the data by WhatsApp as well as your related rights and setting options to protect your privacy Please refer to WhatsApp's data protection information: https://www.whatsapp.com/legal/#Privacy A WhatsApp button (WhatsApp share button) is also used on this website. With this button you can share content from us via the WhatsApp application on your mobile phone. The button is a hyperlink. When the button appears on this website, no personal data is transmitted to the operator of WhatsApp. However, as soon as you use the WhatsApp button, the operator of WhatsApp learns what content is being shared and that the button was used on this website. Inquiry by email, telephone or faxIf you contact us by email, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent. The processing of this data is based on Art. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this has been requested.The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular statutory retention periods - remain unaffected.Marketing measuresWhen you access our website, we may display advertisements using ad technology from external providers. This technology uses your service usage data to serve ads (e.g. by placing third-party cookies on your web browser). Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR) If the data processing is based on Art. 6 ABS. 1 LITER. E OR F GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you object, we will no longer process your personal data unless we can demonstrate compelling reasons for the processing worthy of protection that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims (objection in accordance with ARTICLE 21 (1) GDPR).If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising.This also applies to profiling, insofar as it is is connected with such direct advertising. If you object, your personal data will no longer be used for the purpose of direct advertising. (Objection according to ART. 21 Para. 2 GDPR). Marketing newsletter The sending of the newsletter, which is sent up to 12 times per calendar month can be made using the shipping service provider CleverReach GmbH & Co. KG/CRASH Building, Schafjückenweg 2, 26180 Rastede / CRASH Verwaltungs GmbH, Schafjückenweg 2, 26180 Rastede. You can view the shipping service provider's data protection regulations here: https://www.cleverreach. com/de-de/data protection/. The shipping service provider is used on the basis of our legitimate interests in accordance with Art Assignment to a user, to optimize or improve your own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes. The newsletter recipients are registered either: - using the double opt-in procedure, in the case of self-entry - entering into a contractual relationship with us (further information can be found in the General Terms and Conditions, which you will receive together with an offer to provide the service).Revoking the Newsletters: Possible at any time by clicking on “unsubscribe” in each newsletter and then confirming your unsubscribe. You will then be removed from our mailing list. If you have any further questions about our newsletter, please send an email to newsletter@bws-giant.de.Postal MarketingBWS Giant - Jasmin Wieking has a legitimate interest in receiving your data, which was collected, for example, when entering into a contractual relationship with you. to use for marketing purposes. The following data is processed for our own marketing purposes: first name, last name, postal address, year of birth. You can object to the use of your personal data for the aforementioned marketing purposes at any time, free of charge with future effect, at widerruf-datenschutz@bws-giant.de. If you object your data will be blocked for further commercial data processing. We would like to point out that in exceptional cases advertising material may still be sent for up to five weeks after receipt of your objection. This is for technical reasons and does not mean that we have not implemented your objection.Google AdsWe use Google Ads to place ads on the websites of Google, Google partners and the display network and to measure their success (conversion measurement). We only receive an anonymous overall evaluation, but not information related to individual users. You have the option of using the following opt-out option from the service provider: https://adssettings.google.com/.Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA; Data protection declaration of the service provider: https://www.google.com/policies/privacy. As part of this service, data is transferred to a third country, i.e. a country outside the European Union or the European Economic Area, or such a transfer cannot be excluded. Guarantee for processing in third countries (USA): EU standard contractual clauses https://privacy.google.com/businesses/processorterms/Google Adsense with personalized ads We use the Google Adsense service with personalized ads, which helps display ads within our online offering and we receive compensation for their display or other use; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR); Website: https://marketingplatform.google.com; Privacy Policy: https://policies.google.com/privacy; Basis for third country transfer: EU-US Data Privacy Framework (PDF); Google Web FontsThis site uses so-called web fonts provided by Google for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you use must connect to Google's servers. This gives Google knowledge that this website was accessed via your IP address. The use of Google WebFonts is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If appropriate consent has been requested (e.g. consent to the storage of cookies), processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. A GDPR; consent can be revoked at any time. If your browser does not support web fonts, a standard font will be used by your computer. Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's data protection declaration: https://policies.google.com/privacy?hl=de.Competitions and competitionsIf you register for competitions organized by us, we will use the data you provided during registration for the purpose of executing the participation contract, in particular to notify you of the winner. In addition, you may be offered offers and information, such as vouchers, discounts, etc., the use of which may be made dependent on your consent to the use of certain data (e.g. email address). In these cases, granting consent to use the offers is legally required. Detailed information can be found in the respective terms and conditions of participation for the respective competition. The legal basis for this data processing is Article 6 Paragraph 1a) GDPR, Article 6 Paragraph 1b) GDPR and Article 6 Paragraph 1f) GDPR. Web analysis, monitoring and optimization Web analysis (also referred to as "reach measurement") is used to evaluate the flow of visitors to our online offering and can conduct behavior , interests or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can identify at what time our online offering or its functions or content are used most frequently or invite reuse. We can also understand which areas require optimization. Google reCAPTCHAWe use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. The purpose of reCAPTCHA is to check whether data entry on this website (e.g. in a contact form) was done by a human or by an automated process program takes place. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, length of time the website visitor stays on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place. The data is stored and analyzed on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive, automated spying and SPAM. If appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be revoked at any time. Further information about Google reCAPTCHA can be found in the Google data protection regulations and the Google terms of use under the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms ?hl=de.Google Analytics On our site we use the web tracking service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google Analytics). As part of web tracking, Google Analytics uses cookies that are stored on your computer and enable analysis of the use of our website and your surfing behavior (so-called tracking). We carry out this analysis based on the Google Analytics tracking service in order to constantly optimize our website and make it more available. When you use our website, data, such as your IP address and your user activities, are transmitted to Google Ireland Limited servers. We carry out this analysis on the basis of Google's tracking service in order to constantly optimize our internet offering and make it more available. The legal basis for data processing is your consent to the use of cookies and web tracking in accordance with Article 6 Paragraph 1 Letter a of the GDPR (Consent through a clear affirmative action or behavior). Google will store the data relevant to the provision of web tracking for as long as is necessary to fulfill the booked web service. Data collection and storage is anonymized. If there is any personal reference, the data will be deleted immediately unless it is subject to legal retention requirements. In any case, deletion takes place after the retention period has expired. You can prevent the collection and forwarding of personal data to Google (in particular your IP address) and the processing of this data by Google by executing script code in your browser deactivate or activate the “Do Not Track” setting in your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and from processing this data by using the following link (http: //tools.google.com/dlpage/gaoptout?hl=de) download and install the available browser plug-in. Google's security and data protection principles can be found at https://policies.google.com/privacy?hl=de.Adobe AnalyticsAdobe Analytics; - Adobe Systems Software Ireland, 4-6, Riverwalk Drive, Citywest Business Campus, Brownsbarn, Dublin 24, D24 DCW0, Ireland; Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR); Website: https://business.adobe.com/de/products/analytics/adobe-analytics.html; Data protection declaration: https://www.adobe.com/de/privacy.htmlGoogle Tag ManagerGoogle Tag Manager is a solution with which we can manage so-called website tags via an interface and thus integrate other services into our online offering (see further information is referred to in this data protection declaration). The Tag Manager itself (which implements the tags) is therefore used, for example: For example, user profiles have not yet been created or cookies have been stored. Google only learns the user's IP address, which is necessary to run Google Tag Manager; Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Basics: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR); Website: https://marketingplatform.google.com; Privacy Policy: https://policies.google.com/privacy; Order processing agreement: https://business.safety.google/adsprocessorterms. Basis for third country transfer: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://business.safety.google/adsprocessorterms). Customer reviews and rating processesWe participate in review and rating processes to evaluate, optimize and promote our services. If users rate us via the evaluation platforms or procedures involved or otherwise give feedback, the general terms and conditions or terms of use and the data protection information of the providers also apply. As a rule, the evaluation also requires registration with the respective provider. In order to ensure that the reviewers have actually used our services, we transmit, with the consent of the customer, the necessary data regarding the customer and the service used to the respective review platform (including name, email address and Order number). This data is used solely to verify the authenticity of the user. Types of data processed: contract data (subject of the contract, term, customer category); Usage data (websites visited, interest in content, access times); Meta, communication and procedural data (IP addresses, times, identification numbers, consent status).Data subjects: customers; Users (website visitors, users of online services).Purposes of processing: Feedback (collecting feedback via online form). Marketing.Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR). Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR).Rating service TrustpilotWe use Trustpilot, a feedback and rating service from Trustpilot A/S, Pilestraede 58, 5th floor, DK-1112 Copenhagen (“Trustpilot”) . If you have given us your consent, we will contact you via email using Trustpilot to collect your feedback and improve our service. For this purpose, we will share your name, email address and reference number with Trustpilot. When sending the email, Trustpilot acts as our processor within the meaning of Art. 28 GDPR. If you have given us your consent, your data will be processed on the basis of Article 6 Paragraph 1 Sentence 1 Letter a GDPR. In order to be able to submit a review on Trustpilot, you can register with Trustpilot and create a Trustpilot account . Trustpilot provides a form for submitting feedback about our website and the quality of our service. Your information may be published by Trustpilot. Trustpilot is solely responsible for the processing of personal data in connection with the Trustpilot account and the publication of reviews by Trustpilot. For more information about how Trustpilot processes your data, please visit https://de.legal.trustpilot.com/for-reviewers/end-user-privacy-terms.Review service Proven ExpertWe use Proven Expert, a feedback and review service from Expert Systems AG, Quedlinburger Straße 1, 10589 Berlin. If you have given us your consent, we will contact you via email using Proven Expert to collect your feedback and improve our service. For this purpose, we will share your name, email address and possibly your reference number with Proven Expert. When sending the email, Proven Expert acts as our processor within the meaning of Art. 28 GDPR. If you have given us your consent, your data will be processed on the basis of Article 6 Paragraph 1 Sentence 1 Letter a GDPR. In order to be able to submit a review at Proven Expert, you can register there and create an account. Proven Expert provides a form for entering feedback about our website and our service quality. Your information may be published by Proven Expert. Proven Expert is solely responsible for the processing of personal data in connection with the account there and the publication of reviews by Proven Expert. Further information on how Trustpilot processes your data can be found at https://www.provenexpert.com/de-de/datenschutzregulations/.Rate Service/ Online Portal Marktplatz Mittelstand We use Marktplatz Mittelstand, a feedback and rating service from Marktplatz Mittelstand GmbH & Co. KG, Pretzfelder Strasse 7-11, D-90425 Nuremberg, in order to constantly improve our presence and performance. If you have given us your consent, your data will be processed on the basis of Article 6 Paragraph 1 Sentence 1 Letter a GDPR. In order to be able to submit a review on Marktplatz Mittelstand, you can register there and create an account. Your information can be published by Marktplatz Mittelstand. Marktplatz Mittelstand is solely responsible for the processing of personal data in connection with the account there and the publication of reviews by PMarktplatz Mittelstand. Further information can be found at https://www.marktplatz-mittelstand.de/infocenter/datenschutzregulations-von-marktplatz-mittelstand-gmbh-co-kg/.Google Company ProfileWe use Google “MyBusiness” to constantly improve our presence and performance and to you to give you the opportunity to evaluate our services. In order to evaluate our services, you must create a Google account. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheater Parkway , Mountain View, CA 94043, USA; Data protection declaration of the service provider: https://www.google.com/policies/privacy. As part of this service, data is transferred to a third country, i.e. a country outside the European Union or the European Economic Area, or such a transfer cannot be excluded. Guarantee for processing in third countries (USA): EU standard contractual clauses https://privacy.google.com/businesses/processorterms/Rates-WidgetWe include so-called “ratings widgets” in our online offering. A widget is a functional and content element integrated into our online offering that displays changeable information. It can be presented in the form of a seal or comparable element, sometimes also called a “badge”. Although the corresponding content of the widget is displayed within our online offering, it is currently being retrieved from the servers of the respective widget provider. This is the only way to always show the current content, especially the current rating. To do this, a data connection must be established from the website accessed within our online offering to the widget provider's server and the widget provider receives certain technical data (access data, including IP address) that is necessary for the content of the widget to be sent to the browser of the user can be delivered. Furthermore, the widget provider receives information that users have visited our online offering. This information can be stored in a cookie and used by the widget provider to recognize which online offers that take part in the evaluation process have been visited by the user. The information may be stored in a user profile and used for advertising or market research purposes. Legitimate interests (Art. 6 Para. 1 Sentence 1 Letter f) GDPR). Further information obligation for customers/clientsWe only collect, process and use personal data to the extent that it is necessary for the establishment, content or change of the legal relationship (inventory data). This is done on the basis of Article 6 Paragraph 1 Letter b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. We only collect, process and use personal data relating to the use of our website (usage data) to the extent that this is necessary to enable the user to use the service and/or bill you. Your data will only be passed on on the basis of legal regulations to the consent given (e.g. when ordering hotel bookings or advertising material orders) or if we are obliged to provide information about this (Art. 6 S. 1 Para. 1 lit. b GDPR). If we receive your order electronically/ As a precautionary measure, we would like to point out that data you send by email will be transmitted unencrypted. In this respect, there is a risk that unauthorized parties can intercept and use this data. Credit check In order to better assess the risk of payment default and to protect legitimate interests, we may obtain credit information about contractual partners from Schufa, Creditreform/CEG or Bürgel or via ETI Expert Inkasso. To do this, we transmit the personal data required for a credit check to the respective company and use the information received about the statistical probability of non-payment to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report can contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical methods and whose calculation includes, among other things, address data. Your interests worthy of protection will be taken into account in accordance with the legal provisions. The customer data collected will be deleted within 3 months of completion of the order or within 3 months of termination of the business relationship. Statutory retention periods remain unaffected.Invoicing We collect, process and use personal data from contractual relationships to the extent that these are necessary for the establishment, content structure or change of the legal and tax relationship. In order to be able to issue a proper invoice, we pass on invoice-relevant data to our accounting program. Our accounting program is carried out via "paperwork" - odacer finanzsoftware GmbH, Konrad-Adenauer-Ring 13, 65187 Wiesbaden. This is done on the basis of Art. 6 Para. 1 lit. b GDPR, which requires the processing of data to fulfill a contract or pre-contractual measures permitted. You can view the data protection conditions at https://www.papierkram.de/datenschutz. Further information requirements for applicants If you apply to us electronically, your information will only be used to process your application and will not be passed on to third parties. Please note that applications you send by email are transmitted unencrypted. In this respect, there is a risk that unauthorized parties can intercept and use this data. We only collect and process the personal data you transmit to us as part of the application process. The processing takes place in consideration of and in accordance with the applicable General Data Protection Regulation (GDPR) and the New Federal Data Protection Act (BDSG), area-specific data protection standards in the course of the application process such as the Social Security Code and the Works Constitution Act. We process your data, if necessary, to protect our legitimate interests or the legitimate interests of third parties. This includes, for example, the assertion of legal claims and defense in legal disputes, measures for business management and further development. If you give your consent to the processing of personal data, the lawfulness of the collection and processing of your personal data is based on the consent you have given us. This can be revoked at any time. The revocation takes effect in the future and cannot be granted retroactively. If the processing of the collected personal data is revoked, the purpose for which it was collected can no longer be fulfilled or implemented. Your data will only be passed on on the basis of legal regulations, your consent given to us or if we have to do so You are authorized/obliged to provide information about this (Art. 6 S. 1 Para. 1 lit. b GDPR). Your personal data will be processed and stored, if necessary, for the duration of the application process. Once the purpose has been fulfilled, but at the latest after 3 months, we will delete them. If the storage of the data is no longer necessary to carry out the application process and there is no statutory retention period for it or if we do not have your consent that would justify a longer storage period, the data will be deleted immediately. Should a recruitment occur after the application process , your data will be stored, processed and passed on to third parties (e.g. tax office) in accordance with legal regulations. Use of links The website may contain hyperlinks to other websites that do not belong to us. If you visit such websites, no responsibility can be assumed for the confidential handling of your data. The transmission of your data from the Internet may be partially unencrypted. As a result, unauthorized access by third parties cannot be completely ruled out. Updates or changes to this privacy policy We reserve the right to change or review this privacy policy from time to time. You can find the date of the current version under “As of” above. Your continued use of the Platform following the posting of such changes on our website will constitute your acceptance of such changes to the Privacy Policy and will be deemed to be your agreement to be bound by the modified terms.

Imprint | data protection