Data privacy

 

Privacy Policy

Introduction and general information

Thank you for your interest in our website. The protection of your personal data is important to us. Below you will find information on how we handle your data that is collected through your use of our website. Your data will be processed in accordance with the legal privacy regulations.

Responsible office in the sense of data protection law

GEBHARDT Fördertechnik GmbH
Neulandstraße 28
74889 Sinsheim
info@gebhardt-group.com
+49 07261 939-0

 

Contact details of our Data Protection Officer

Proliance GmbH / www.datenschutzexperte.de
Leopoldstr. 21
80802 München
datenschutzbeauftragter@datenschutzexperte.de

 

Definition

In principle, our privacy policy should be simple and understandable for everyone. For this reason, our privacy policy generally uses the official terms of the General Data Protection Regulation (GDPR). The official definitions are explained in Art. 4 GDPR.

 

Server-Logfiles

When you visit our website, it is technically necessary that data is transmitted to our web server via your internet browser. The following data is recorded during a running connection for communication between your internet browser and our web server:

• Visited domain
• The date and time of the request
• Page from which the file was requested
• Access status (file transferred, file not found, etc.)
• The web browser, system language, operating system and device type used
• IP address of the requesting computer
• The amount of data transferred

We collect the listed data to ensure a smooth connection to the website and to enable a comfortable use of our website. In addition, the log file serves the purpose of evaluating system security and stability, as well as providing administrative functions. The legal basis for the temporary storage of data or log files is Art. 6 para. 1 lit. f GDPR. After the statistical analysis, the collected and stored data are regularly deleted after four weeks (for log files) respectively one week (for IP addresses).

 

Cookies

Our website uses so-called “cookies”. Cookies are small text files that are either temporarily stored on your end device for the duration of a session (session cookies) or permanently (permanent cookies). Most of the cookies we use are session cookies, which are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or an automatic solution is provided by your web browser. The use of permanent cookies allows us to recognize your browser the next time you visit our website.

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or language settings). Other cookies are used to evaluate user behavior or display advertising.

Technically necessary cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the storage of cookies for the optimal presentation of our services. Other cookies are only stored with your consent on the basis of Art. 6 para. 1 lit. a GDPR. This consent can be withdrawn at any time for the future. The legal basis may also result from Art. 6 para. 1 lit. b GDPR if the processing is necessary for the performance of a contract or pre-contractual measures.

You can set your browser in order to

• be informed about the setting of cookies,
• only allow cookies in individual cases,
• exclude the acceptance of cookies in general or for certain cases,
• activate the automatic deletion of cookies when the browser is closed.

The cookie settings can be managed under the following links for each browser:

• Google Chrome
• Mozilla Firefox
• Edge (Microsoft)
• Safari
• Opera

You can also manage cookies of many companies and functions used for advertising individually. To do this, use the appropriate user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.

Most browsers also offer a so-called "do-not-track function". When this feature is enabled, the browser signals ad networks, website and applications that you do not want to be "tracked" for behavioral advertising and the like.

For information and instructions on how to edit this feature, please refer to the links below, depending on your browser provider:

• Google Chrome
• Mozilla Firefox
• Edge (Microsoft)
• Safari
• Opera

Additionally, you can prevent the loading of so-called scripts by default. "NoScript" allows the execution of JavaScripts, Java and other plug-ins only at trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).

Please note that if you disable cookies, the functionality of our website may be limited.

 

Contact form and contact via email

If you send us requests via contact form or email, your details from the enquiry form or email, including the contact data (first name, last name, salutation, address) you provided, will be stored for the purpose of processing the request and in the event of follow-up questions. It is necessary to provide an email address to contact us. Your name and telephone number are optional. Under no circumstances will we transfer these data without your consent. We use the ticket system Zendesk in order to process customer queries. Zendesk is a customer service platform from Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102. Zendesk’s privacy policy contains details about the data processing by Zendesk available at http://www.zendesk.com/company/privacy. Zendesk is part of the EU-U.S. Privacy Shield and certificated for its observance. For further information please go to “Privacy Shield List” on the Website of the U.S. Department of Commerce, available at https://www.privacyshield.gov/welcome. If you have any more questions, you can contact the data protection officer of Zendesk: privacy@zendesk.com. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 para. 1 lit. f GDPR and, if applicable, Art. 6 para. 1 lit. b GDPR, provided that your request is aimed at concluding a contract. Your data will be deleted after final processing of your request, provided that there are no legal storage obligations which require the further storage. You can object to the processing of your personal data at any time in the case of Art. 6 para. 1 lit. f GDPR.

 

Newsletter

If you would like to receive the newsletter offered on our website with regular information about our offers and products, we need your email address as a mandatory information. We use the so-called double opt-in procedure for dispatching the newsletter. This means that we will not send you our newsletter by email until you have explicitly confirmed that you agree to the dispatch of newsletters. In the first step, you will receive an email with a link to confirm that you, as the owner of the corresponding email address, would like to receive the newsletter in the future. With the confirmation you give us your consent according to Art. 6 para. 1 lit. a GDPR that we may use your personal data for the purpose of dispatching the desired newsletter.

When registering for the newsletter we store the IP address via which you have registered for the newsletter additionally to the required email address. We also store the date and time of registration and confirmation so that we can trace any possible misuse at a later date.

You can cancel the newsletter at any time via the link provided in each newsletter or by sending an email to the controller mentioned above. Your email address will be deleted from our e-mail distribution list immediately after cancellation. The data will not be deleted if the processing is legally permissible in another way or you have consented in the continuous use of the data. We dispatch our e-mail newsletter via the service provider HubSpot Ireland Limited, Ground Floor, Two Dockland Central, Guild St, North Dock, Dublin, D01 R8H7 Dublin ("HubSpot"). We transfer the information you provide for the newsletter registration to this provider. The transfer is pursuant to Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in using a promotionally effective, safe and user-friendly newsletter system. The data concerning the newsletter (e.g. e-mail address) is stored on HubSpot’s server in Germany.

HubSpot uses this information for the dispatch and the statistical analysis of the newsletter on our behalf. For the analysis, the newsletter e-mails contain so called web beacons, respectively tracking pixels, which are pixel image files stored on our website. In this way, it can be determined whether an e-mail was opened or not and which links were clicked. Conversion tracking can also be used to analyse whether clicking on a link in the newsletter ultimately led to a predefined action (e.g. the purchase of a product on our website). Technical information is also recorded (e.g. time of access, IP address, browser type and operating system). The data are recorded pseudonymously and are not linked with other personal data. A direct personal reference cannot be made. The data are solely used to statistically analyse the newsletter campaigns. The results of the analysis can be used to further adjust newsletter content and the recipients’ interests in the future.

In case you want to object the data analysis for statistical purposes, you have to unsubscribe from the mailing list.

We concluded a data processing agreement with HubSpot, in which we oblige HubSpot to secure our customer data and not transfer them to third parties. It is possible that data are transferred in the USA to HubSpot Inc. HubSpot is certified for the EU-U.S. Privacy Shield which ensures the compliance with privacy standards in the EU. More details can be found in HubSpot’s privacy policy, available at https://legal.hubspot.com/de/privacy-policy.

 

HubSpot

We use HubSpot for our marketing activities. HubSpot is a software company from the USA with a branch in HubSpot Ireland Limited in Ground Floor, Two Dockland Central, Guild St, North Dock, Dublin, D01 R8H7, Ireland. We use this integrated software solution for our own marketing, lead creation and customer service purposes. This includes e-mail marketing, which regulates the dispatch of newsletters as well as automated mailings, social media publishing, reporting, contact management, such as user segmentation and CRM, landing pages and contact forms. HubSpot uses cookies. Cookies are small text files that are locally stored on your end device and are used to analyse your visit on our website. HubSpot analyses the collected information (e.g. IP address, location, browser type, duration of the website visit) on our behalf so we can generate reports about website visits. Information collected by HubSpot as well as contents from our websites are stored on servers belonging to HubSpot’s service providers. In case you gave your consent pursuant to Art. 6 para. 1 s.1 lit GDPR data on this website is processed for the purpose of website analysis. HubSpot is certificated for the compliance with the EU-U.S. Privacy-Shield as well as the Swiss-U.S. Privacy Shield. For further information please go to “Privacy Shield List” on the Website of the U.S. Department of Commerce, available at https://www.privacyshield.gov/welcome. You can permanently object the setting of cookies by ceasing your browser settings. You can object the processing of your personal data at any time with effect for the future by sending an e-mail to info@gebhardt-group.com

 

Google Analytics

Our website uses Google Analytics, an internet analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses so-called "cookies" and web beacons. The information generated in relation to the use of this website is transferred by default to a Google server in the USA and stored there. We use Google Analytics only with IP anonymization enabled. This means that Google will reduce the IP address of users within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area, which may exclude any personal relationship. Google Inc., based in the USA, is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. Processing is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of user consent.

On behalf of the operator of this website, Google will use this information to analyse your use of the website and to generate reports on website activity. Google also uses this information to provide other services related to the use of the website and the internet to the website operator. The IP address sent by your browser as part of Google Analytics is not combined with other Google data. The terms of use of Google Analytics and information on data protection can be accessed via the following links:

http://www.google.com/analytics/terms/de.html

https://www.google.de/intl/de/policies/

You can prevent cookies from being saved by adjusting the settings of your browser. However, it must be pointed out that in this case you will not be able to use all functions of this website without restrictions. You can also prevent Google from collecting the data generated by the cookie and analysing your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at:

http://tools.google.com/dlpage/gaoptout?hl=en

A click on the following link prevents Google Analytics from collecting data by setting an opt-out cookie:

<a href=“javascript:gaOptout()“>Deaktivierung von Google Analytics</a>

Information on the handling of user data at Google Analytics can be found in Google's privacy policy:

https://support.google.com/analytics/answer/6004245?hl=en.

 

Google Analytics Remarketing/DoubleClick

Our website uses the functions of Google Analytics Remarketing combined with cross-device functions from Google AdWords and Google DoubleClick. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The function enables the combination of target groups, created with Google Analytics Remarketing, with cross-device functions from Google AdWords and Google DoubleClick. In this way, we are able to display interesting, personalized advertisements, that are based on your past user and browsing behavior, additionally on other terminal devices (e.g. phone, tablet, computer). In case you gave your consent, Google connects your web and app browser history with your Google account so that the same personalized ads can be placed on every terminal device that is logged in your Google account. In order to support this function, Google collects analytics authenticated user IDs, which are temporarily connected with our Google Analytics data, to define and create target groups for cross-device advertising. You can permanently object cross-device remarketing/targeting by deactivating personalized advertising in your Google account. This function is available at: https://adssettings.google.com/.

For data recording activities, which are not merged in your Google account (e.g. because you do not have a Google account or objected the merging), the recording is based on Art. 6 para. 1 lit. f GDPR. The website owner has a legitimate interest in the anonymized analysis of website visitors for advertising purposes.

The collected information about users can be transferred to Google and stored on Google servers in the USA.

Google is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. Google’s privacy policy contains more details concerning data protection regulations, available at: https://www.google.com/policies/technologies/ads/

 

Google reCAPTCHA

We use “Google reCAPTCHA” (in the following referred to as “reCAPTCHA”) on our website. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). reCAPTCHA controls whether data entries on our website (e.g. in a contact form) are made by humans or automated programs. For this purpose, reCAPTCHA analyses the user behavior on the website based on several characteristics. The analysis starts automatically as soon as the user visits the website. reCAPTCHA evaluates several information, e.g.

• IP address
• Length the user stays on the website
• Mouse movements
• The data recorded for the analysis are transferred to Google.

The reCAPTCHA analysis run in the background. Website visitors are not informed about the analysis. The processing is pursuant to Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in protecting our website from abusive spying out of data and unwanted, automated mailings (spam).

Google is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. We do not store personal data from the use of reCAPTCHA. In general, personal data concerning the data subject are deleted or disabled as soon as purpose for storing the data has omitted. Google’s privacy policy contains more details concerning data protection regulations, available at: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/v3beta.html.

 

CloudFlare

Our website uses CloudFlare. The provider of this service is CloudFlare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA. CloudFlare offers a worldwide distributed content delivery network with DNS. The transfer of information between your browser and our website is routed through CloudFlare’s network. CloudFlare is in a position to analyse protocol data between user and our website, e.g. in order to detect and avert attacks on our services. CloudFlare sets cookies on your device. Legal basis for the use of CloudFlare is our legitimate interest in safety and protecting the transfer of confidential content on our website pursuant to Art. 6 para. 1 lit. f GDPR.

We concluded a data processing agreement with CloudFlare. CloudFlare is part of the EU-U.S. Privacy Shield and certificated for its observance. CloudFlare is obliged to handle all personal data received from all participating EU Member States pursuant to the Privacy Shield framework. For further information please go to “Privacy Shield List” on the Website of the U.S. Department of Commerce, available at https://www.privacyshield.gov/welcome. CloudFlare collects statistical data concerning the website visit. The access data includes: Name of the visited website, datafile, date, time of access, volume of transferred data, message concerning the successful access, browser type and version, operating system, referrer URL (the previously visited website), IP address, provider sending the inquiry. CloudFlare uses protocol data for statistical analysis for the purpose of operating, securing and optimising our offers. More details concerning the data processing through CloudFlare is available at https://www.cloudflare.com/privacypolicy/.

 

Social Media Plugins

We integrated the following social media plugins on our website:

• Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA,
• Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA,

• LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA,

• XING, Dammtorstraße 30, 20354 Hamburg, Germany

The plugins can be recognised by the company logo or the “Like-Button” on our website. When you visit our website, the plugins establish a direct connection between your browser and the servers of the respective providers, even if you are not logged in your social media account or do not operate a social media account at all. The respective provider transfers the content of the plugin directly to your browser and integrates it in the website. This information (including your IP address) is directly sent from your browser to a server in the USA. If you interact with the plugins, e.g. by clicking on the “Like-Button” or leaving a comment, this information is directly sent to the server of the social media network and stored. If you gave us your consent, the legitimate basis for our use of social is your consent pursuant to Art. 6 para. 1 lit. a GDPR for the optimal marketing of our offers. If you do not want to the social networks to make a connection to your visit on our website, please log out of your user account. You can also prevent and object the loading of social media plugins as well as the subsequent data processing described above by using add-ons for your browser, e.g. the script blocker “NoScript” (http://noscript.net/).

The listed social networks based in the USA are certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. The privacy policies of the providers contain more details concerning data protection regulations, available at:

https://de-de.facebook.com/policy.php
https://twitter.com/privacy
www.linkedin.com/legal/privacy-policy
https://privacy.xing.com/de/datenschutzerklaerung

 

YouTube

Our website uses plugins from YouTube. YouTube is a service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (“Google”). If you visit a website that is operated by us and uses a YouTube plugin, a connection to YouTube servers will be established. YouTube servers will be informed about which of our websites you visited. If you are logged in your YouTube account, you enable YouTube to assign your browsing behavior to your YouTube account. You can prevent this by logging out of your account. Further information about the handling of user data are stated in YouTube’s privacy policy, available at: https://www.google.de/intl/de/policies/privacy

We use the advanced privacy mode which, according to the provider, only leads to the storage of user information when the video is played. When embedded YouTube videos are played, the provider uses cookies in order to collect information about the user behavior. This procedure enables YouTube to record video statistics, enhance user friendliness and prevent abusive behavior. When you are logged in your Google account, your data will be assigned to your account when you play videos. If you do not want this assignment, you have to log out of your account before playing the video. Google stores the data (also for users that are not logged in) in the form of user profiles and analyses them. The legal basis for the analysis is Google’s legitimate interest in displaying personalized advertisement, market research and adequate website presentation. You have the right to object the creation of user profiles. If you want to want to exercise this right, you have to address YouTube. By visiting this website, a connection to the Google network “DoubleClick” is established, independently from playing an embedded video, and can lead to further data processing, which are not influenced by us. Google is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU.

 

Data transfer and recipient

We do not sell your personal data to third parties. Your personal data will not be passed on to third parties unless

• we have explicitly indicated this in the description of the respective data processing,
• you have given your explicit consent in accordance to Art. 6 para. 1 lit. a GDPR,
• the transfer pursuant to Art. 6 para. 1 lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an outright interest worthy of protection in not disclosing your data,
• that a legal obligation exists for the transfer pursuant to Art. 6 para. 1 lit. c GDPR and
• this is required under Art. 6 para. 1 lit. b GDPR for the processing of contractual relationships with you.

We also use external service providers, which we have carefully selected and commissioned in writing to carry out our services. They are bound by our instructions and are regularly checked by us.  With which we have concluded order processing contracts in accordance with Art. 28 GDPR, if necessary. These are service providers for web hosting, sending e-mails and maintaining our IT systems, etc. The service providers will not pass this data on to third parties.

 

Data security

In accordance with Art. 32 GDPR and having regard to the latest state of the art, the costs of implementation, the type, scope, circumstances and purpose of the processing as well as various probabilities of occurrence and severity of risks for rights and freedoms for natural persons, we take suitable technical and organizational measures in order to guarantee an appropriate level of protection. This website uses SSL-encryption for safety reasons and in order to secure the transfer of confidential content.

 

Storage period of personal data

The duration of the storage of personal data is determined by the relevant legal retention periods (e.g. commercial law and tax law). After expiry of the respective period, the corresponding data is routinely deleted. If data is necessary for the fulfilment of a or contract initiation, or if we have a legitimate interest in further storage, the data will be deleted if they are no longer necessary for these purposes or if you make use of your right of withdrawal or objection.

 

Your rights

In the following section you will find information on the rights of data subjects which are granted to you by the current data protection laws with regard to the controller of the processing of your personal data:

The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of complaint, the origin of your data, if they have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information regarding their details.

The right to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR.

The right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

The right, pursuant to Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to have it deleted and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have filed an objection against the processing pursuant to Art. 21 GDPR.

The right to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another person responsible in accordance with Art. 20 GDPR.

The right to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state in which we have our registered office or, if applicable, that of your usual place of work or usual residence.

The right to revoke consent granted pursuant to Art. 7 para. 3 GDPR: You have the right to revoke consent to the processing of data once granted at any time with effect for the future. In the event of revocation, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation;

 

Right of objection

If your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to the processing in accordance with Art. 21 GDPR, insofar as this is for reasons resulting from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to indicate a special situation. If you would like to make use of your right of withdrawal or objection, please send an e-mail to info@gebhardt-group.com

 

External links

On our website Google+ is solely embedded as a link to the respective service. Furthermore, we refer from our website to further websites belonging to us. After clicking on the embedded text/image-link you will be directed to the website of the respective provider. User information will be only transferred after the redirection to the respective provider. Information regarding the use of your personal data through the use of the website can be found in the privacy policies of the visited websites.

 

Subject to alterations

We reserve the right to change this Privacy Policy at any time in accordance with the law. In this way, we can adapt it to current legal requirements and take changes in our services into account, e.g. when introducing new services. The most current version applies to your visit.

State of the privacy policy: 29.01.2020