Privacy Statement
Thank you for visiting our homepage. We take the legal provisions on data protection seriously and comply with them.
Subject of data protection
Data protection is intended to protect personal data and thus the right of individuals to handle their data independently. Personal data includes, for example: name, postal address, email address or telephone number but also usage data such as your IP address. This individual data can be used to establish a connection to you personally.
Responsible person
The person responsible for data processing is
H+B Hightech GmbH
Kappelberg 50
73486 Adelmannsfelden
Germany
Telephone: +49 796384182-0
Fax: +49 796384182-169
represented by the managing directors
Robert Heine, Hilmar Wanner, Dr. Rainer Lindner
The person responsible has appointed the following as data protection officer:
Marc Weiß
Herrenkellergasse 6
89073 Ulm
Germany
Email: zentrale@mwv-ulm.de
Legal basis for processing personal data
If we obtain the consent of the data subject for the processing of personal data, Article 6 Para. la of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
If we process personal data to fulfill a contract to which the data subject is a party, Art. 6 Para. lb GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
To the extent that processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 Para. lc GDPR serves as the legal basis.
In the event that the vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. ld GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Para. 1 f GDPR serves as the legal basis for the processing.
Data deletion and storage period
Personal data of data subjects will be deleted or blocked by us as soon as the purpose for which they were stored no longer applies.
If there are legal regulations to which we are subject, storage can also take place. The data will also be blocked or deleted if a storage period prescribed by these regulations expires, unless the conclusion or fulfillment of a contract requires further storage of the data.
Provision of the website and creation of log files
a) Description and scope of data processing
When you access our website, our system automatically collects data and information from the computer system from which you access our site each time you access it.
The following data is collected:
- Information about the browser type and version used
- The user’s operating system
- The user’s Internet service provider
- The user’s IP address
- Date and time of access
- Websites from which the system of the user reaches our website
- Websites that are accessed by the user’s system via our website
- search engine used including keywords
- length of stay
- last page opened before leaving the website
This data is also stored in so-called log files in our system. We store this data separately from other personal data relating to you and do not combine them at any time.
Legal basis for data processing
For the temporary storage of data and log files, we use Art. 6 Paragraph If GDPR.
b) Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. The data also serves us to optimize the website and to ensure the security of our information technology systems. This also lies in our legitimate interest in data processing in accordance with Art. 6 Para. lf GDPR. The data will not be evaluated for marketing purposes in this context.
c) Duration of storage
The data will be deleted as soon as the purpose for which it was collected has been achieved and is no longer required, unless legal regulations apply.
If the data is collected to provide the website, this is the case when you leave our website.
If the data is stored in log files, this is the case after eight weeks at the latest. Storage beyond this is possible. In this case, the users’ IP addresses are deleted or altered so that it is no longer possible to assign the calling client.
d) Possibility of objection and removal
The collection of data to provide the website and the storage of the data in log files is absolutely necessary for the operation of the website. For this reason, the user has no opportunity to object.
Use of cookies and other technologies
a) Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is accessed again.
We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change.
The following data is stored and transmitted in the cookies:
- Language settings
- Log-in information
We also use cookies on our website that enable analysis of users’ surfing behavior.
In this way, the following data can be transmitted: –
- Search terms entered
- Frequency of page views
- Use of website functions.
The data collected in this way is pseudonymized using technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the users. When accessing our website, users are informed by an information banner about the use of cookies for analysis purposes and are referred to this data protection declaration. In this context, there is also a note on how the storage of cookies can be prevented in the browser settings.
b) Legal basis for data processing
We use Art. 6 Para. lf GDPR to process personal data using cookies.
c) Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change.
The user data collected through technically necessary cookies is not used to create user profiles. The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies we learn how the website is used and can therefore continually optimize our offering. For these purposes, our legitimate interest lies in the processing of personal data in accordance with Art. 6 Para. 1f GDPR.
d) Duration of storage, possibility of objection and removal
Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.
Google Analytics
Our website uses Google Analytics, a web analysis service provided by our service provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. (“Google”). Google Analytics uses cookies, which are stored on your computer and enable analysis of your use of the website. The information generated by the cookies about your use of this website is usually transmitted to a Google server in the USA and stored there. However, by activating IP anonymization on our website, your IP address will be shortened and therefore anonymized by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there (https://policies.google.com/privacy?hl=de).
Social media
We maintain online presences on social networks and platforms in order to communicate with customers, interested parties and active users and to inform them about our services.
We would like to point out that user data may be processed outside the European Union. This can lead to risks for users as it could, for example, make it more difficult to enforce users’ rights. With respect to US providers certified under the adequacy decision, they are required to comply with EU data protection standards.
In addition, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created based on usage behavior and the resulting interests of the user. The usage profiles can in turn be used, for example, for advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are typically stored on users’ computers to record users’ usage and interests. In addition, data may also be stored in the usage profiles, regardless of the devices used by users (especially if users are members of the respective platforms and log in to them).
The processing of users’ personal data is based on our legitimate interests in effectively informing users and communicating with users. 6 Para. 1 lit. f. GDPR If the users are asked by the respective providers for consent to data processing (i.e. declare their consent, e.g. by ticking a checkbox or clicking a confirmation button), the legal basis for the processing is Art. 6 (1) lit. a., Art. 7 GDPR.
For a detailed description of the respective processing and the objection options, we refer to the information provided by the providers listed below.
When it comes to requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only providers have access to user data and can take appropriate measures and provide information directly. If you still need help, you can contact us.
Our website uses social plugins (“plugins”) from the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are marked with a Facebook logo or the addition “Facebook Social Plugin”. If you access a page on our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted from Facebook directly to your browser and integrated into the website. By integrating the plugins, Facebook receives the information that you have accessed the corresponding page on our website. If you are logged in to Facebook, Facebook can assign the visit to your Facebook account. When you interact with the plugins, for example the
If you click the “Like” button or leave a comment, the corresponding information will be transmitted directly from your browser to Facebook and stored there.
The purpose and scope of data collection and the further processing and use of the data by Facebook as well as your related rights and setting options to protect your privacy can be found in Facebook’s data protection information. If you do not want Facebook to collect data about you via our website, you must log out of Facebook before visiting our website. Facebook’s privacy policy can be found at https://www.facebook.com/privacy/policy/.
Functions and content of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, can be integrated into our online offering. This may include, for example, content such as images, videos or texts and buttons with which users can share content from this online offer within LinkedIn. If the users are members of the LinkedIn platform, LinkedIn can assign access to the above-mentioned content and functions to the users’ profiles there. LinkedIn’s privacy policy: www.linkedin.com/legal/privacy-policy. LinkedIn is certified under the Dat Privacy Framework and thereby offers a guarantee that it will comply with European data protection law (https://www.privacyshield.gov/participant?id= a2zt0000000L0UZAA0&status=Active). Data protection declaration: www.linkedin.com/legal/privacy-policy, opt-out: www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Functions of the Instagram service are integrated into this website. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
If the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thereby receives information about your visit to this website.
If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to assign your visit to this website to your user account. We would like to point out that as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram.
If consent has been obtained, the above will be used. Service based on Article 6 Paragraph 1 Letter a GDPR and Section 25 TTDSG. Consent can be revoked at any time. Unless consent has been obtained, the use of the service is based on our legitimate interest in achieving the greatest possible visibility on social media.
To the extent that personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing ( Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of data and its transfer to Facebook or Instagram. The processing carried out by Facebook or Instagram after forwarding is not part of the shared responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the data protection-safe implementation of the tool on our website. Facebook is responsible for the data security of Facebook and Instagram products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram directly on Facebook. If you assert your data subject rights with us, we are obliged to forward these to Facebook.
Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.
Further information can be found in Instagram’s privacy policy: https://instagram.com/about/legal/privacy/.
Links
We would like to point out at this point that this data protection declaration does not apply to other websites that you can reach via links shown on our website. We have no influence on whether other providers comply with data protection and security regulations. Therefore, please inform yourself about the data protection declarations provided on the websites of other providers
MyFonts
We also use the MyFonts font on our website. This service is offered by Monotype Imaging Holdings Inc., 600 Unicorn Park drive, Woburn, Massachusetts 01801 USA.
Your data may also be transferred to the USA.
In accordance with the EU adequacy decision, Monotype Imaging Holdings Inc. has a certificate. The company thereby commits itself to complying with the principles of the EU-USA data protection framework. In addition, so-called standard clause contracts provided by the EU are used. This is intended to ensure that the data complies with European data protection standards even when transferred to third countries.
You can find more information about use in the Privacy Policy at https://www.monotype.com/legal/privacy-policy.
Rights of the data subject
If your personal data is processed, then you are the data subject within the meaning of the GDPR with the following rights towards us:
1.) Right to information
You can request confirmation from us as to whether personal data concerning you is being processed by us. If this is the case, you can request the following information from us:
a) The purposes for which the personal data are processed
b) The categories of personal data which are processed
c) The recipients or the categories of recipients to whom the personal data concerning you have been or will be disclosed
d) The planned duration of storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period
e) The existence of a right to correction or deletion of the personal data concerning you, a right to restriction of processing by the controller or a right to object to this processing
f) The existence of a right to lodge a complaint with a supervisory authority
g) all available information about the origin of the data if the personal data is not collected from the data subject
h) Profiling in accordance with Article 22 Paragraphs 1 and 4 GDPR does not exist
i) You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organization. In this context, you can request to be informed about the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.
2.) Right to rectification
You have the right to rectification and/or completion if the personal data processed concerning you is incorrect or incomplete.
3.) Right to restriction of processing
You can request the restriction of the processing of personal data concerning you under the following conditions:
If you contest the accuracy of the personal data relating to you for a period enabling us to verify the accuracy of the personal data.
The processing is unlawful and you refuse the deletion of the personal data and instead request the restriction of the use of the personal data and we no longer need the personal data for the purposes of the processing, but you need it to assert, exercise or defend legal claims, or if you have objected to the processing in accordance with Article 21 Para. 1 GDPR and it is not yet clear whether our legitimate reasons outweigh your reasons.
If the processing of personal data concerning you has been restricted, this data – apart from its storage – may only be permitted with your consent or for the purpose of asserting, exercising or defending legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.
4.) Right to deletion
You can request that the personal data concerning you be deleted immediately. We are then obliged to delete this data immediately if one of the following reasons applies:
The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
You revoke your consent on which the processing was based in accordance with Article 6 Paragraph la or Article 9 Paragraph 2a GDPR and there is no other legal basis for the processing.
You object to the processing in accordance with Art. 21 Para. 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 Para. 2 GDPR.
Your personal data has been processed unlawfully.
The deletion of your personal data is necessary to comply with a legal obligation to which we are subject.
The personal data concerning you was collected in relation to information society services offered in accordance with Article 8 Para. 1 GDPR.
The right to deletion does not exist if the processing is necessary and
(a) to exercise the right to freedom of expression and information
(b) to comply with a legal obligation which requires processing under Union or Member State law to which we are subject or to carry out a task carried out in the public interest or in the exercise of official authority vested in us
(c) for reasons of public interest in the field of public health in accordance with Art. 9 Para. 2h and i as well as Art. 9 Para. 3 GDPR for archival purposes in the public interest, scientific or historical research purposes or for statistical purposes. Art. 89 Para. 1 GDPR, insofar as the law mentioned under section a) is likely to make the achievement of the objectives of this processing impossible or seriously impair it, or
(d) to assert, exercise or defend legal claims
5.) Right to information
If you have asserted the right to correction, deletion or restriction of processing against us, we are obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing. That is not the case if
this proves to be impossible or involves disproportionate effort. You have the right to be informed about these recipients.
6.) Right to data portability
You have the right to receive the personal data relating to you that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another person responsible, if:
(a) the processing is based on consent in accordance with Art. 6 Para. la GDPR or Art. 9 Para. 2a GDPR or on a contract. Art 6 paragraph lb GDPR is based and
(b) the processing is carried out using automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from us to another person responsible, to the extent that this is technically feasible. The freedoms and rights of other people must not be impaired by this.
The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7.) Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is carried out on the basis of Article 6 Paragraph 1 e or f GDPR.
We will then no longer process the personal data concerning you unless we can demonstrate compelling legitimate reasons for the processing. Your interests, rights and freedoms prevail, or the processing serves to assert, exercise or defend legal claims.
If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising. If you object to processing for direct advertising purposes, your personal data will no longer be processed for this purpose.
8.) Right to revoke the data protection declarations of consent
You have the right to revoke your data protection declaration of consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.
9.) Right to complain to a supervisory authority
You have the right to complain to a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the claimed violation if you are of the opinion that the processing of your personal data violates the GDPR.
Contact details:
To protect your rights, which you can assert against us, please use the following contact details:
H+B Hightech GmbH
Kappelberg 50
73486 Adelmannsfelden
Germany
info@hb-hightech.de
