2 General notes and mandatory information

As the operator of these pages, we take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done. We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

2.1 Information about the responsible party

The responsible party for data processing on this website is:

Graichen Produktions- und Vertriebs GmbH
Darmstädter Str. 127-129
D-64625 Bensheim
Phone: +49 6251 770 788 – 0
Fax: +49 6251 779 – 01
E-Mail: info(at)graichen-bensheim.de

The responsible entity is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).

2.2 Data protection officer

We have appointed the following data protection officer for our company:

Stumpf Consulting GmbH
Stefan Stumpf
An der Schmidtsei 7a
65232 Taunusstein
Tel.: 06128 7969500
info@stumpf-consulting.de

3 Data collection on our website
3.1 Cookies

We use so-called cookies on our website. These do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of our website may be limited. Cookies that are required to carry out the electronic communication process or to provide certain functions you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 (1) lit. f DSGVO. We have a legitimate interest in storing cookies for the technically error-free and optimized provision of our services used. Insofar as other cookies (e.g. cookies for the analysis of your surfing behavior) are stored, these are treated separately in this data protection declaration.

3.2 Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

browser type and browser version
Operating system used
referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources. The basis for data processing is Art. 6 (1) lit. f DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

3.3 Contact form

If you send us inquiries via the contact form, your data from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent. The processing of the data entered in the contact form is therefore based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. The data you entered in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.

3.4 SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as site operator, our website uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

3.5 Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

4 Social media
4.1 Facebook

We use the plugin from Facebook on our homepage. Facebook is operated at www.facebook.com by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA, and at www.facebook.de by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (“Facebook”). An overview of Facebook’s plugins and their appearance can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE; information on data protection at Facebook can be found here: http://www.facebook.com/policy.

4.2 Instagram

We use the plugin from Instagram on our homepage. Facebook is operated at www.instagram.com by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Facebook Ireland Limited is a company registered under the laws of the Republic of Ireland. Further information about Facebook can be found at the top of this statement. Information on data protection at Instagram can be found here: https://help.instagram.com/519522125107875

4.3 OpenStreetMap

We use content from OpenStreetMap on our site. The owner of the domain: https://www.openstreetmap.de is: FOSSGIS e.V., Römerweg 5, D-79199 Kirchzarten. Further information on data protection at OpenStreetMap can be found here: https://www.fossgis.de/datenschutzerkl%C3%A4rung/.

4.4 Twitter

We use the plugin from Twitter on our homepage. Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). An overview of Twitter’s plugins and their appearance can be found here: https://developer.twitter.com/; information on data protection at Twitter can be found here: https://twitter.com/de/privacy.

4.5 Vimeo

We use the plugin from Vimeo on our homepage. Vimeo is operated by Vimeo, Inc, Attention: Data Protection Officer; 555 West 18th Street; New York, New York 10011 (“Vimeo”). An overview of Twitter’s plugins and their appearance can be found here: https://developer.vimeo.com/de/; information on data protection at Vimeo can be found here: https://vimeo.com/privacy and https://vimeo.com/terms.

4.6 YouTube

We use the video platform YouTube on our site, which is operated by YouTube, LLC, 901 Cherry Ave. San Bruno, CA 94066, USA (“YouTube”). YouTube is a platform that enables the playback of audio and video files. When you call up a corresponding page of our offer, the embedded YouTube player establishes a connection to YouTube so that the video or audio file can be transferred and played back. In the process, data is also transferred to YouTube as the responsible party. We are not responsible for the processing of this data by YouTube. For more information about the scope and purpose of the data collected, the further processing and use of the data by YouTube, your rights and the privacy options you can choose, please refer to YouTube’s privacy notice.

5 Plugins, analysis tools and advertising
5.1 Leadfeeder

We use the Leadfeeder analysis tool on our homepage. Provider is Liidio Oy / Leadfeeder , Mikonkatu 17 C, 00100 Helsinki Data protection information of Leadfeeder can be found here: https://www.leadfeeder.com/privacy/ and/or https://www.leadfeeder.com/leadfeeder-and-gdpr/

5.2 Google Analytics

Our website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of our website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. The storage of Google Analytics cookies is based on Art. 6 (1) lit. f DSGVO. As the website operator, we have a legitimate interest in analyzing user behavior in order to optimize both our website and our advertising.

5.2.1 IP anonymization

We have activated the IP anonymization function on our website. This means that your IP address is shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Only on our behalf, Google will use this information to evaluate your use of the website, compiling reports on website activity and providing other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

5.2.2 Browser plugin

You can prevent the storage of cookies by selecting the appropriate settings on your browser software. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

5.2.3 Order data processing

We have concluded an order data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

5.2.4 Demographic characteristics in Google Analytics

This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be generated that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item “Objection to data collection”.

5.3 Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Google’s servers. This enables Google to know that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. If your browser does not support web fonts, a standard font will be used by your computer. You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

5.4 Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. We as the provider of this site have no influence on this data transmission. The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. More information on the handling of user data can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

6 Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties. The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “Unsubscribe from newsletter” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. The data you provide us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g. data from the contact form) remains unaffected by this.

7 Data subject rights
7.1 Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.

7.2 Right to information, blocking, deletion, correction

As a data subject, you have the right at any time to request confirmation free of charge from the controller as to whether personal data concerning you is being processed. If this is the case, you have a right to information about this personal data and to the information listed in detail in Art. 15 DSGVO (e.g. origin and recipient of the data and the purpose of the data processing). You also have the right to demand that the controller immediately rectify any inaccurate personal data and, if necessary, complete any incomplete personal data concerning you (Art. 16 DSGVO). Furthermore, you have the right to demand from the controller that personal data concerning you be deleted without undue delay if one of the reasons listed in detail in Art. 17 of the GDPR applies, e.g. if the data is no longer required for the purposes pursued (right to erasure).   For this, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.

7.3 Right to object

As a data subject, you have the right to request the controller to restrict processing if one of the conditions listed in Article 18 GDPR applies, e.g. if you have objected to the processing, for the duration of the controller’s review. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you. The controller will then no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or that the processing is for the purpose of asserting, exercising or defending legal claims (Article 21 DSGVO).

7.4 Right of appeal

In the event of violations of data protection law, you as the data subject have a right of appeal to the competent supervisory authority. Thus, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR (Art. 77 GDPR). You may assert this right before a supervisory authority in the Member State of your residence, workplace or the place of the alleged infringement. The competent supervisory authority in data protection matters is the state data protection commissioner of the federal state in which our company is based. For Graichen GmbH, the responsible supervisory authority in Hesse is. State Commissioner for Data Protection and Freedom of Information Hesse: https://datenschutz.hessen.de/