Information on data protection

Privacy Policy of Spiegelburg International GmbH & Co. KG

Thank you for your interest in our website. Protecting your privacy is very important to us. The following text provides detailed information about how we use your data.

I. Name and address of the responsible party

The responsible party within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the EU Member States, as well as other data protection regulations, is:

Spiegelburg International GmbH & Co. KG
Hafenweg 30
48155 Münster
Germany

Phone: +49 251 41 411 266
E-mail: info@spiegelburg-international.com
Website: www.spiegelburg-international.com

II. Contact details of the data protection officer

The data protection officer of the responsible party can be reached as follows:

Data Protection Officer of Spiegelburg International GmbH & Co. KG
Hafenweg 30
48155 Münster
Germany
Phone: +49 251 41 411 338
E-mail: datenschutz@coppenrath.de

III. Provision of the website and creation of log files

1. Description and scope of data processing

Every time you visit our website, our system automatically collects data and information from the computer system of the accessing computer.

In doing so, the following data is collected:

  • The IP address of the requesting computer
  • The date and time of access
  • The name and URL of the data downloaded
  • The amount of data transferred
  • A report as to whether the access attempt was successful
  • Used browser and operating system
  • The website from which access is made
  • The name of your Internet access provider

The data is also stored in the log files of our system.

2. The legal basis for data processing

The legal basis for temporary storage of data and log files is Art. 6 para. 1 lit. f) of the GDPR. Our legitimate interest arises from the purposes mentioned below for data processing.

3. The purpose of data processing

Temporary storage of IP address by the system is necessary to enable delivery of the website to the user’s computer. To this end, the user’s IP address must remain stored for the duration of the session.

The data is stored in log files to ensure the website’s functionality. The data is also used to optimise the website and to ensure the security of our information technology systems.

After you have finished using of our websites, this data will only be stored in order to improve the quality of our services. This data cannot be traced back to you as an individual.

These purposes also encompass our legitimate interest in data processing in accordance with Art. 6 Para. 1 lit. f) of the GDPR.

4. Duration of retention

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for provision of the website, this will be undertaken once the respective session has ended.

Any data is to be stored in log files will be stored within seven days at the latest. Further storage is possible. In this case, the user’s IP addresses will be deleted or distorted so that assignment to the accessing client is no longer possible.

5. The right of objection

In accordance with Article 21 of the GDPR, you have the right to object to the processing of your data at any time for reasons arising from your particular situation. We will then no longer process this data, unless compelling reasons worthy of protection can be proven for the processing, which outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

To exercise a corresponding objection, the user can contact us by e-mail using the e-mail address datenschutz@coppenrath.de. In the event of a justified objection, the data will be deleted.

IV. Use of session and persistent cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. If a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive character string that enables unique identification of the browser when the website is accessed again.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after changing pages. Some of the cookies we use are deleted after the browser session, i.e. after you close your browser (these are so-called session cookies). Other cookies remain on your computer and enable us to recognise your browser on your next visit (persistent cookies).

The following data is stored and transmitted in the cookies:

(1) Use of website functions

2. The legal basis for data processing

The legal basis for processing personal data using cookies is Art. 6 1 lit. f) of the GDPR. Our legitimate interest arises from the purposes mentioned below for data processing.

3. Purpose of the data processing

The purpose of using technically necessary cookies is to simplify use of websites for users. Some features of our website are not offered without the use of cookies. In this case, it is necessary that the browser is recognised even after changing the page.

For these purposes, our legitimate interest also lies in the processing of personal data pursuant to Art. 6 para. 1 lit. f) of the GDPR.

4. Duration of storage, objection and removal option

Cookies are stored on the user’s computer and transmitted to our site. Therefore, as a user, you have full control of the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all of the website’s features in full.

V. Contact form and e-mail contact

1. Description and scope of data processing

There is a contact form on our website that can be used for electronic contact. If a user accepts this option, the data entered in the input screen will be transmitted to us and stored. This data includes:

(1) First name

(2) Last name

(3) Company

(4) Address

(5) E-mail address

(6) Phone number

(7) Subject

(8) Message

The following data is also stored at the time the message is sent:

(1) The user’s IP address

(2) The date and time of subscription

Alternatively, you can contact us via the e-mail address provided. In this case, the user’s personal data that is transmitted along with the email will be stored.

The data will not be disclosed to third parties during the course of this. The data is used exclusively for the processing of the conversation.

2. The legal basis for data processing

The legal basis for processing the data transferred in the course of sending an e-mail is Art. 6 para. 1 lit. f) of the GDPR. Our legitimate interest lies in processing the establishment of contact. If you send us an e-mail with the intention of entering into a contract with us, this creates an additional legal basis for its processing in accordance with Art. 6 para. 1 lit. b) of the GDPR.

3. Purpose of the data processing

The processing of personal data in the input screen is used by us only for processing the contact. In the event of contact by e-mail, this also constitutes the necessary, legitimate interest in processing the data.

The other personal data processed during the sending process is for preventing the misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of retention

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For the personal data from the contact form input screen and the data that was sent by e-mail, this is the case when the respective conversation with the user has been completed. The conversation will have ended when it is evident from the circumstances that the matter at hand has been conclusively resolved. Of course, the data will also be stored for as long as storage obligations require this.

Personal data that was additionally collected during the sending procedure will be deleted at the latest after a period of seven days.

5. Objection- and removal option

The user has the option of revoking his or her consent to the processing of personal data at any time. A user who has contacted us by e-mail can object at any time to the storage of his or her personal data. It will not be possible to continue the conversation in this case.

The consent and the objection of storage can be revoked at any time by sending a message to wolff@spiegelburg-international.com.

All personal data stored in the course of contacting us will be deleted as a result.

VI. Rights of the data subject

You have the following rights vis-à-vis Spiegelburg International GmbH & Co. KG:

1. Right to information

You can request that the responsible party confirm whether we will process personal data that concerns you.

If such processing is taking place, you can request to be informed by the responsible party regarding the following information:

(1) the purposes for processing the personal data;

(2) the categories of personal data being processed;

(3) the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;

(4) the planned storage duration of personal data concerning you or, if specific information in this respect is not possible, criteria for determining the storage period;

(5) the existence of a right of rectification or deletion of personal data that concerns you or of a restriction on processing by the responsible party or of a right to object to such processing;

(6) the existence of a right of appeal to a supervisory authority;

(7) any available information on the origin of the data if the personal data has not been collected from the data subject;

(8) the existence of automated decision-making, including profiling in accordance with Art. 22 para. 1 and 4 of the GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information regarding whether your personal information will be transmitted to a third-party country or an international organisation. In this respect, you can request the appropriate guarantees in accordance with Art. 46 of the GDPR in connection with the transmission.

2. The right of rectification

You have a right of rectification and/or completion with respect to the responsible party if the personal data processed concerning you is incorrect or incomplete. The responsible party shall make the correction immediately.

3. The right to limitation of processing

Under the following conditions, you may request that the processing of personal data concerning you be restricted if:

(1) you dispute the accuracy of the personal data concerning you for a period that enables the responsible party to verify the accuracy of the personal data;

(2) the processing is unlawful, and you refuse to delete the personal data and instead request that the use of the personal data be restricted;

(3) the responsible party does not need the personal data for longer than the processing’s purposes, but you need it for the assertion, exercise or defence of legal claims, or

(4) you object to the processing in accordance with Art. 21 para. 1 of the GDPR and it is not yet clear whether the legitimate reasons of the responsible party outweigh your reasons.

Where processing of the personal data that concerns you has been restricted, such data – apart from being stored – may be processed only with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on the grounds of an important public interest of the Union or of a Member State.

If the processing restriction has been done in accordance with the above conditions, you will be informed by the responsible party before the restriction is lifted.

4. Right to deletion

a) Deletion obligation

You may request that the responsible party delete the personal data that concerns you immediately, and the responsible party will be obliged to delete this data immediately if one of the following reasons applies:

(1) the personal data that concerns you is no longer necessary for the purposes for which it was collected or otherwise processed;

(2) you revoke your consent to the processing pursuant to Art. 6 para. 1 lit. a) or Art. 9 para. 2 lit. a) of the GDPR and there is no other legal basis for processing;

(3) you submit an objection to the processing pursuant to Art. 21 para. 1 of the GDPR, and there are no overriding legitimate grounds for processing, or you submit an objection to the processing pursuant to Art. 21 para. 2 of the GDPR.

(4) the personal data that concerns you has been processed unlawfully;

(5) the deletion of personal data is required to comply with legal obligations according to Union law or the laws of the Member States to which the responsible party is subject;

(6) the personal data that concerns you has been collected in connection with offered information society services pursuant to Art. 8 para. 1 of the GDPR.

b) Transfer of personal data to third parties

If the responsible party has made the personal data that concerns you public and if the responsible party is obliged for its deletion pursuant to Art. 17 para. 1 of the GDPR, that responsible party shall take appropriate measures, including technical means, while taking into account available technology and implementation costs, to inform the parties responsible for data processing who process the personal data, that you as the person concerned have requested deletion of all links to such personal data or of copies or replications of such personal data.

c) Exceptions

The right to deletion does not exist insofar as the processing is necessary

(1) to exercise the right of freedom of expression and information;

(2) for the performance of a legal obligation required for processing under the law of the Union or of the Member States to which the responsible party is subject or for the performance of a task in the public interest or in the exercise of official authority conferred to the responsible party;

(3) for reasons of public interest in the field of public health in accordance with Art. 9 para. 2 lit. h) and i), as well as Art. 9 para. 3 of the GDPR;

(4) for archiving purposes in the interest of public, scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 of the GDPR, to the extent that the law referred to in a) is likely to render impossible or seriously prejudicial the attainment of the objectives of such processing; or

(5) to assert, exercise or defend legal claims.

5. Right to information

If you have exercised your right to have the responsible party correct, delete or limit the processing, this party is obliged to inform all recipients to whom the personal data that concerns you has been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort.

It is your right to have the controller inform you regarding such recipients.

6. Right to data portability

You have the right to obtain your personal data, which you have provided to the controller, in a structured, commonly used and machine-readable format. In addition, you have the right to pass this data on to another responsible party without obstruction by the responsible party to whom the personal data was provided, insofar as

(1) the processing is based on consent pursuant to Art. 6 para. 1 lit. a) of the GDPR or Art. 9 para. 2 lit. a) of the GDPR or on a contract pursuant to Art. 6 para. 1 lit. b) of the GDPR and

(2) the processing is undertaken using automated procedures.

In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one responsible party to another responsible party, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

The right to data portability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the responsible party.

7. Right to object

You have the right, for reasons arising from your specific situation, to object to the processing of personal data concerning you at any time, which is carried out in accordance with Art. 6 para. 1 lit. e) or f) of the GDPR, including profiling based on those provisions;

The responsible party will no longer process the personal data that concerns you unless the party can prove compelling legitimate reasons for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data that concerns you is being processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data that concerns you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing.

If you object to processing that is for direct marketing purposes, the personal data that concerns you will no longer be processed for these purposes.

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

8. The right to revoke the data protection declaration of consent

You have the right at any time to revoke your data protection declaration of consent. The revocation of consent shall not affect the legality of processing undertaken on the basis of this consent before its withdrawal.

9. The right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or where the infringement is suspected, if you believe that the processing of personal data that concerns you is in contravention of GDPR.

The supervisory authority with which the appeal has been filed shall inform the appellant of the status and results of the appeal, including the possibility of a judicial remedy under Art. 78 of the GDPR.

If you have questions about the collection, processing or use of your personal data, the disclosure, correction, blocking or deletion of data and if applicable revocation of permission granted, or objection to a particular use of the data, please contact our Data Protection Officer:

Data Protection Officer of Spiegelburg International GmbH & Co. KG
Hafenweg 30
48155 Münster
Germany
Phone: +49 251 41411338
E-mail: datenschutz@coppenrath.de