DATA PROTECTION

Information on data processing within the meaning of EU Directive No. 679/2016
Daniel Oberrauch informs within the meaning of EU Directive No. 679/2016 (hereinafter referred to as GDPR), and with reference to the personal and sensitive data that he will become aware of, about the type, scope and purpose of their data processing.

 

Responsible for data processing:

The person responsible for data protection is Daniel Oberrauch, in the person of the legal representative Daniel Oberrauch, based in 39040 Feldthurns, contact details Kierhof - Daniel Oberrauch, Garn 7, 39040 Feldthurns.
The person responsible for data processing is Daniel Oberrauch and can be contacted by registered mail to Kierhof - Daniel Oberrauch, Garn 7, 39040 Feldthurns or by email to info@kierhof.com .

 

Types of data processed and data subjects:
The personal data of customers and suppliers as well as data of persons who voluntarily provide our company with their personal data (in person, by telephone, by fax or by e-mail), as well as by registering on our website, as well as persons whose data is processed are processed have been taken over by third parties, for example when collecting external data for business information, public directories, etc., whereby in the latter case it is only simple personal data.

 

Purpose of data processing:

The data processing takes place exclusively for the following purposes:

1. Fulfillment of the obligations stipulated by applicable ordinances and laws, including in terms of tax law and accounting.

2. Fulfillment of contractual obligations towards the data subjects.

3. Exercise of the activities related to the business activities of our company, such as the compilation of internal statistics, accounting, the management of customer and supplier accounting.

4. Creation of an offer.

5. Sending newsletters.

6. Creation of internal statistics.

 

Legal basis for data processing:

The data processing takes place in consideration of the legal requirements and is based on the following legal bases according to Art. 6 and 7 GDPR: The data processing takes place to fulfill the agreed services, to carry out contractual measures and to answer inquiries, to fulfill legal obligations and to safeguard authorized persons Interests, as well as based on the consent of the data subjects.

 

Data processing modality:
The data processing can take place with or without the help of electronic, in any case automatic means and includes collection, storage, organization, storage, query, processing in the narrower sense, change, selection, selection, comparison, use, linking, blocking, transmission, deletion and Storage of data. The data processing is carried out by the person responsible for the data processing as well as by contract processors and third parties whom the person responsible has commissioned with the processing of the data for the fulfillment of the purposes provided under point 3 or in cases where this is regulated by law. The person responsible for data processing has ensured that processors and third parties also process the personal data in accordance with the GDPR. If required, the data will be passed on to domestic and / or foreign natural and / or legal persons, provided that this serves the exercise of the activities and purposes provided for under point 3. However, there is no general dissemination of personal data.

Specifically, the data processing takes place with the following modalities:

 

User account:
The personal data is recorded during registration and processed to provide a user account. As part of the registration and login function, the IP address and the time of the respective user action are also stored. These data will be deleted immediately after the user account is terminated, unless retention is necessary for tax or accounting purposes.

 

Contact:
When contacting the company using the contact form, email or social media, the information provided by the user is processed in order to process and process the contact request. The information can be stored in a customer relationship management system or a comparable request organization. The inquiries are deleted as soon as they are no longer required, provided that the storage of the data does not serve the fulfillment of legal obligations.

 

Google Tag Manager:
Google Tag Manager is a solution with which so-called website tags can be managed via an interface in order to be able to integrate Google marketing services into the online offer, and which is used on this website. The Tag Manager itself does not process any personal data; for more detailed information, reference is made to the usage guidelines of Google services: https://www.google.com/intl/de/tagmanager/use-policy.html

 

Google Analytics:
Analysis tools from Google Inc. are used on this website for marketing and optimization purposes. In doing so, data is collected and stored in anonymised form. Google Analytics uses cookies, which are text files which are stored on the computer and which enable an analysis of the use of the website by the person concerned. This data is transmitted to a Google server in the USA and stored there. The IP address transmitted by the data subject's browser as part of Google Analytics will not be merged with other Google data. In addition, the “anonymizeIP” function is used in the code, which guarantees the masking of the IP address so that all data is collected anonymously. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. The data collected is not used to personally identify the visitor to this website, the individual user remains anonymous, and no data is passed on to third parties. Google uses this information to create various reports on website activity on behalf of the website operator. In this context, those affected are informed of the possibility of objection by installing the browser plug-in to deactivate Google Analytics at https://tools.google.com/dlpage/gaoptout?hl=de.

 

Google Adwords and Conversion Measurement:
This website also uses the services of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Google is certified under the Privacy Shield Agreement and guarantees to comply with European data protection law. This website uses the online marketing process Google Adwords to place advertisements in the Google advertising network so that they are displayed to users who have a presumed interest in the advertisements. This makes it possible to display advertisements for and within the online offer of this website in a more targeted manner in order to only present users with advertisements that potentially correspond to their interests. For this purpose, when websites on which the Google advertising network is active are called up, a Google code is immediately executed by Google and so-called marketing tags are integrated into the website, with the help of which the user enters the data on the device individual cookie, ie a small file is saved. This file records which websites the user visits, which content he is interested in, as well as technical information about the browser and operating system and the time of the visit. Google also uses conversion cookies to create statistics that determine the total number of users who viewed the ad. The users themselves cannot be personally identified, however; Google only processes cookie-related data within anonymized user profiles, unless a user explicitly allows Google to process the data without anonymization. Further information can be found in Google's data protection declaration (https://policies.google.com/technologies/ads).

 

Twitter:
A Twitter widget is integrated into the customer management of the website to display tweets from the company's Twitter account. A connection with Twitter is established and log data is transmitted to Twitter and a cookie is placed on the computer of the person concerned. After a maximum of ten days, Twitter begins deleting, unidentifying or collecting this data. Further information can be found in the Twitter data protection guideline (https://twitter.com/de/pivacy).

 

Facebook:
Plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on this website. The Facebook plugins can be recognized by the Facebook logo or the “Like” button. This plug-in establishes a direct connection between the data subject's browser and the Facebook server. As a result, Facebook receives the information that the person concerned has visited this website and there is the option of using the “Like” button to link the content of this website to your own Facebook profile. Further information can be found in Facebook's privacy policy (https://de-de.facebook.com/policy.php).

 

Instagram:
Social plugins from Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025 USA are used on this website. These plugins are marked with an Instagram logo. These plugins establish a direct connection between the browser of the person concerned and the Instagram server, which is located in the USA, and Instagram receives the information that the person concerned has accessed the corresponding page. If the person concerned is logged in to Instagram, Instagram can assign the relevant data directly to the respective account. Further information on the purpose and scope of data collection by Instagram, as well as the further processing of the data can be found in Instagram's data protection information (https://help.instagram.com/519522125107875?helpref=page_content).

 

Social media presences:
Daniel Oberrauch maintains an online presence within social networks and platforms in order to be able to communicate with customers, interested parties and users active there and to be able to inform them about one's own services. When calling up the respective networks, the data protection guidelines of the respective operator apply.

 

Transfer of data to domain registries:
For the registration of the respective domains of the data subjects, their data must be forwarded to the respective national and international registration offices of the domains. Only the absolutely necessary personal data will be transmitted. The data transmitted to the registrars can be queried and viewed by Internet users. The registration authorities prohibit commercial and improper use.

 

Passing on of data to certifier:
Personal data is transmitted to the certificate issuer for the issuing of an SSL certificate. Only the absolutely necessary data is transferred here. The person concerned agrees that this data is automatically transferred to the certificate issuer when the certificate is created.

 

Business analyzes and market research:
In order to be able to recognize market trends as well as the wishes of the contractual partners and users, the available data on business transactions, inquiries, contracts, etc. are analyzed. Inventory data, communication data, contract data, payment data, usage data and metadata from contractual partners, interested parties, customers and visitors to the online offer are processed. The analyzes serve to increase the user-friendliness, the optimization of the offer and the economic efficiency and are not disclosed externally.

 

Cookies:
When you visit this website, session cookies are generated, which are only valid while you are visiting the website. It is not possible to evaluate these cookies across domains, as advertising networks do, and the cookies are also not used to evaluate user behavior.

 

Disclosure of data and refusal to disclose:
The disclosure of personal data is indispensable for the fulfillment of the purposes set out in point 3, and the possible refusal on the part of the person concerned to disclose the data means that the purposes set out in point 3 cannot be fulfilled.

 

Storage of the data:
Unless expressly stated otherwise in this data protection declaration, the processed data will be deleted as soon as they are no longer required for the purposes provided under point 3 and there are no longer any statutory retention requirements. In general, the personal data are not kept for longer than two years.
If deletion is not possible for legal reasons, data processing will be restricted, i.e. the data will be blocked and not used for other purposes.

 

Rights of the data subject:
The GDPR allows the data subject to exercise specific rights:

1. Right to information on the part of the person responsible about the personal data concerned, as well as to correction or deletion or restriction of processing, and a right to object to processing;
2. Right to receive your own data from the person responsible for data processing in a structured and understandable format, as far as possible, also for the purpose of data transfer to another person responsible;
3. Right to be able to revoke the consent to data processing at any time, provided that the lawfulness of the processing is based on the consent of the person concerned and without affecting the legality of the processing carried out on the basis of the consent up to the revocation;
4. Right to lodge a complaint with the supervisory authority for data processing.

 

The envisaged rights can be exercised by a written notification via a certified email to the address info@kierhof.com or by registered letter AR to the address Kierhof - Daniel Oberrauch, Garn 7, 39040 Feldthurns.