Data Privacy Statement including Information according to Art. 13 EU General Data Protection Regulation (GDPR)
Adjust privacy settingsIntroduction
As a website operator, we also process personal data. We would like to present an overview of this processing to you hereinbelow, and give you an overview of your rights as well as further important information as mandated by the General Data Protection Regulation.
In the course of your visit to our website, you can retrieve, save and print the following Data Privacy Statement at any time.
Data controller
The data controller responsible for the data processing in the definition of the General Data Protection Regulation is:
KÜHME Armaturen GmbH
Am Vorort 14
44894 Bochum
Phone: +49 (0)2 34 – 2 98 02 – 0
Fax: +49 (0)2 34 – 2 98 02 – 10
Email: info@kuehme.de
Data Protection Officer
Our data protection officer monitors data protection at our company. If you have questions about data protection at our company or as concerns your data that is processed by us, you can contact our data protection officer:
Dr.-Ing. Martin H. Ludwig
Lindenstraße 59
45894 Gelsenkirchen
Email: dsb@ing-buero-ludwig.de
Phone: 0234 / 9 49 02 04
Which data do we process during your visit to our website and why do we do this
The visit to our website is usually also possible without directly providing personal data. You are not required to register with your name, etc. when you come to visit. However, it can also happen in certain situations that personal data will be processed. This is described below. You can find the relevant legal basis of the GDPR in parentheses in the description, according to which the data are processed in the respective case.
- You can only reach the internal area of our website after logging in. If you have access rights to this area, you can find more information about the data processing in the internal area there. If you do not have any access rights and enter personal data into the registration input mask, the data will be processed. In that case, we will process your data to check the access rights and protect our infrastructure against attacks.
The legal basis for this data processing is Art. 6 (1) sent. 1, lit. f) GDPR. It is our legitimate interest to protect the internal information that is reserved for specific groups of visitors from unauthorised visitors.
- If you enter your data into our contact form (normally your contact details and your requests to us) we will process these data, notably exclusively for the purpose of processing your request. The data are required for this purpose.
If the data are required for contacting you for the performance of a contract that has been concluded with you or when it is worked towards concluding a contract with you, this serves as grounds for the legitimacy of the data processing (Art. 6 (1) lit. b) GDPR). If nothing happens besides mere contact, the grounds are the protection of legitimate interests (Art. 6 (1) lit. f) GDPR). This is because it is our interest to answer your query and since it was you who has placed this query it is reason for us to assume that you are not opposed to this processing.
- However, there are also data that you will transmit automatically to us during the visit to our website. This is your IP address for one thing. Without the IP address, we cannot display the website in your browser. In addition, you or your browser will transmit the so-called referrer if you have called up our website via a link. We can see here which link you have clicked. You can prevent this by not calling up our page via a link, meaning clicking on a link, but instead by entering the page address directly into your browser. Furthermore, you transmit technical data about your browser and your computer to us: the type of browser and operating system you use, the size of your monitor is, etc.
We process these data (the IP address) firstly to be able to display the website to you. Secondly, we log the retrieved webpages (your IP address will be truncated and thereby anonymised in this process) to analyse the visits statistically and improve our website: which areas of our website are popular and which ones less so. We also analyse the referrer in this manner to optimise advertising that links to our website. It can be the case that this involves personal data of yours and that it is therefore transmitted to us, especially as relates to the referrer. We have no control over this and do not analyse these data in a personalised manner. It is our legitimate interest to display the website as well as to optimise the website (Art. 6 (1) lit. f) GDPR).
- We furthermore use technical tools to recognise recurring visits and analyse how the visits progress and which paths the visits on our website take. We do this within our legitimate interest to optimise our website to make the visit a pleasant experience for you. However, we have decided not to rely on this legitimate interest (Art. 6 (1) lit. f) GDPR) for the data processing of your personal data, but we ask for your explicit consent when you come to visit our website (Art. 6 (1) lit. a) GDPR).
Do we transfer your data?
We generally do not transfer your data to third parties. However, there are a few exceptions to this rule:
- You have asked us to transfer the data (Art. 6 (1) lit. a) GDPR and, if applicable, also Art. 6 (1) lit. b) GDPR).
- If you have asked us for something that requires the transfer of the data (Art. 6 (1) lit. a) GDPR and, if applicable, also Art. 6 (1) lit. b) GDPR), it is necessary to transfer the data in our legitimate interest. In that case, our data protection officer will consider if you might possibly object to this. If you would not object to it according to customary judgment, we may also transfer the data then (Art. 6 (1) lit. f) GDPR). One example of this is a criminal attack against our servers: we may pass on excerpts from the log files of the relevant timeframes to the law enforcement authorities. The only one who would object to this is the criminal hacker and we will not protect the acts of criminals.
- There is a further exception in case we are required to transmit the data by operation of law (Art. 6 (1) ) lit. c) GDPR).
- In addition, we have integrated external contents: social media buttons, videos, map displays, links to other websites. If you click on them, your browser will be instructed to load data from these external providers, and the external providers will find out your IP address and that you were on our website. Please see the details about this below. If you do not want this data transmission, please do not click on these buttons or links. The legal basis for this initiation of the transmission is Art. 6 (1) lit. a) GDPR. You have consented to the initiation of the data transmission by clicking on the link.
- We have contracted services providers for the performance of our services. For the data processing on the website, for example, this is the hosting provider and IT service provider. They work within the scope of Article 28 GDPR and are therefore our commissioned data processors. This means that we continue to be responsible for the data processing.
Where do we process your data?
The entire processing generally takes place within the area of applicability of the General Data Protection Regulation and the data protection law of the Federal Republic of Germany. A transfer of your personal data to a third country or international organisation does not take place nor is such planned.
We have described the exceptions above: Some of the external contents integrated by us are made available by providers whose registered office might be located outside of the spatial area of applicability of the GDPR. We describe the individual services and the providers in more detail below. You can also find out there who these providers are in specific and where these providers maintain their registered office. You decide on the transfer of your data to these providers. For as long as you do not click on the link or the external contents, none of your data will be transferred.
Measures for data protection
We would like to ask you not transfer more data to us than required for the respective matter. This way, you help us comply with the principle of data minimisation and purpose limitation. Data that are (no longer) required for a matter will generally be deleted within the near term.
Please note that we work towards securing data transmissions of any kind by means of SSL encryption. This security, however, is not complete so that the risk of unintentional disclosure of the data cannot be ruled out entirely.
We operate the servers, which host our websites and on which your data are processed, in secure computing centres. By means of special, so-called “technical and organisational measures,” it is ensured that your data are handled correctly and as described.
Profiling – what is it and do we operate profiling?
In data protection, profiling is the automatic processing and analysis of your personal data to evaluate certain personal aspects. For example, an online shop might classify you and offer other products or present other prices to you if you have moved in a certain manner on the shop page. We do not do this and profiling does not take place.
Nor does automated decision-making based on your data take place on our website.
What if you do not let us know your data?
If you do not transfer the data required for the delivery of the website, which means the IP address, the website will not be displayed in your browser. If you do not transfer technical information to us, e.g. about your browser, the website might be displayed in a lower visual quality and information might also be missing. If you transfer data to us that we use for statistical analyses, we cannot implement our optimisations. This does not have any direct effects on you.
If you do not use the contact form and leave out data here, we might not be able to contact you and process your request accordingly, or we might only be able to process it to the extent that you have provided the required data to us.
Regarding the data gathered for this website, it is mandated neither by law nor contract that you share them with us, nor is it required for the conclusion of a contract that you let us know these data.
And what about cookies, etc.?
Cookies are small text files that are filed in your system and the content of which can be, e.g. transferred back to us. They can fulfil various purposes. For example, they can be used to manage a shopping cart or to recognise you as a returning website visitor.
There are other techniques that offer comparable functions: IDs in the URL or “browser fingerprinting.”
We use these techniques for administrative purposes for technical reasons, thus e.g. to back up our shopping cart and the settings you have made (e.g. the displayed font size).
We also use these techniques to recognise a visitor on his or her visits to improve our website: If a visitor returns to us regularly, we obviously have a good offer – if you visit our website just once and do not return we need to do change something. These data are not personal. Even if you enter your name, e.g. on our website for a request, this name will not be linked to your behaviour during a visit. We cannot identify you as a person here.
You can generally prevent the creation of cookies by applying a certain setting in your browser. You can usually find information about this in the instructions for your browser. By preventing the creation of cookies, some features of our website might not work.
The techniques for recognition returning visitors will be used only if you consent to the tracking when prompted the “cookie question” on your visit to the website. The legal basis for the processing is therefore Art. 6 (1) lit. a) GDPR.
Website analysis: Google Analytics
On our Website, we use a web analysis service called Google Analytic of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, hereinafter referred to as “Google” for short, for the purpose described above, which is the improvement of our website.
This service generates cookies and stores them on your computer system. For this purpose, the data are transmitted to a server in the USA, and stored and analysed there. However, the gathered data are first technically anonymised in Europe and the IP address is truncated accordingly so that no personal data will be transferred into the USA.
By certification pursuant to the EU-US Privacy Shield, which can be found at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active, Google guarantees that the data protection requirements of the EU are also observed in the processing of data in the USA.
You can generally suppress the setting of cookies by adjusting the corresponding settings in your browser or you can specifically prevent particular cookies. In the process, the functions of our website may be restricted.
You can prevent the generation of cookies by installing a browser plug-in. It can be found at the following link:
https://tools.google.com/dlpage/gaoptout?hl=de
The tracking by Google Analytics will be conducted only if you consent to the tracking when prompted the “cookie question” on your visit to the website. The legal basis for the processing is therefore Art. 6 (1) lit. a) GDPR.
Please find more information in the separate data privacy policy of Google and Analytics, respectively.
Map displays: Google Maps
We use Google Maps to display our location and generate directions to our locations. Google Maps is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, hereinafter referred to as “Google” for short.
By certification pursuant to the EU-US Privacy Shield, which can be found at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active, Google guarantees that the data protection requirements of the EU are also observed in the processing of data in the USA.
If you click on the static map shown on our page, a connection with the Google server will be established, and your IP address and the information that you are visiting our website is transferred to Google. In the further course, Google will store a cookie on your end device via your internet browser. Google processes this information in its own interest. We cannot rule out that Google uses servers in the USA.
The legal basis for the processing of the data after subscription of the newsletter is Art. 6 (1) lit. a) GDPR: By clicking on the static map, you grant the permission to instruct your browser to call up Google Maps.
Google Maps and the information obtained through Google Maps is used in accordance with the Google terms of use https://policies.google.com/terms?gl=DE&hl=de and the general terms and conditions for Google Maps https://www.google.com/intl/de_de/help/terms_maps.html.
Google offers more information at https://policies.google.com/privacy.
Videos: YouTube
We show videos on our website. For this purpose, we have integrated YouTube. Google Maps is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, hereinafter referred to as “Google” for short.
By certification pursuant to the EU-US Privacy Shield, which can be found at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active, Google guarantees that the data protection requirements of the EU are also observed in the processing of data in the USA.
If you click on a static video shown on our page, a connection with the Google server will be established, and your IP address and the information that you are visiting our website is transferred to Google. In the further course, Google will store a cookie on your end device via your internet browser. Google processes this information in its own interest. We cannot rule out that Google uses servers in the USA.
The legal basis for the processing of the data after subscription of the newsletter is Art. 6 (1) lit. a) GDPR: By clicking on for the static pictures, you grant the permission to instruct your browser to call up YouTube.
We integrate YouTube videos exclusively in the “expanded data protection mode” of YouTube.
YouTube and the information obtained via YouTube is used in accordance with the Google terms of use https://policies.google.com/terms?gl=DE&hl=de.
Google offers more information at https://policies.google.com/privacy.
Social media like buttons
On our website, we integrate “like” buttons, etc. of various social media providers.
If you click on these buttons, a connection with the server of the respective provider will be established, and your IP address and the information that you are visiting our website will be transferred to this provider. In the further course, this provider might store a cookie on your end device via your internet browser. We cannot rule out that these providers use servers in foreign countries where no data protection standard comparable to the data protection standard in Europe is given.
The legal basis for activation of the connection with the respective provider is Art. 6 (1) lit. a) GDPR: By clicking on the button, you grant permission to instruct your browser to call up the provider.
You can tell with which concrete provider a connection will be established by the display of your browser on the respective button.
The providers process the information obtained by your click in their own interest.
We use the following “social networks”:
- YouTube
Social media links and other links
On our website, we integrate links to other websites.
If you click on these links, a connection with the server of the respective provider will be established, and your IP address and the information that you are visiting our website will be transferred to this provider. We cannot rule out that these providers use servers in foreign countries where no data protection standard comparable to the data protection standard in Europe is given.
The legal basis for activation of the connection with the respective provider is Art. 6 (1) lit. a) GDPR: By clicking on the button, you grant permission to instruct your browser to call up the provider.
You can tell with which concrete provider a connection will be established by the display of your browser on the respective link.
The providers process the information obtained by your click in their own interest.
Your rights as a data subject
You have the full right at any time to receive confirmation from us whether and what personal data of you are processed or disclosed to us or another party and for what purposes.
You have the right at any time that we correct incorrect data and immediately erase data that has been processed illegitimately. Furthermore, you can demand the restriction of the processing of your personal data if the continuation of the processing is no longer legitimate, on the one hand, meanwhile an immediate deletion does not seem warranted yet on the other hand (e.g. if the correctness is disputed but if this has to be verified first).
If the processing is based on your consent, you can revoke this consent at any time – of course, only with effect for the future.
You may furthermore have the right, as the case may be, to object to the data processing, e.g. for reasons arising from your particular situation if the processing is based on our legitimate interests (Art. 6 (1) lit. f) GDPR).
You additionally have the right to data portability and the right to lodge complaint with the following supervisory authority:
Landesbeauftragter für Datenschutz und Informationsfreiheit (LDI)
[State Officer for Data Protection and Freedom of Information]
North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
Phone: 0211/38424-0
Fax: 0211/38424-10
Email: poststelle@ldi.nrw.de
Changes
Legal, economic and technical developments may make an adjustment of this data privacy statement necessary. We will make the respectively updated version available to you promptly on our website.