Data privacy statement
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not associate your IP address with any other data held by Google.
You can refuse the use of Google Analytics by clicking on the following link. An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website: Disable Google Analytics Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html or at https://www.google.de/intl/en_uk/policies/. Please note that on this website, Google Analytics code is supplemented by “gat._anonymizeIp();” to ensure an anonymized collection of IP addresses (so called IP-masking).
Declaration Concerning the EU’s General Data-Protection Regulations (GDPR)
Your interest in our company is important to us, and data protection is one of the top priorities of our company’s management team. For us, it is a matter of principle that our web pages be made available to you without you having to supply personal data. However, if an individual wishes to access specific services offered by us via our website, this may involve the processing of personal data. If the processing of personal data is indeed required, and if no specific legal basis has been defined for this data processing, we generally obtain the consent of the person concerned (i.e. the data subject) for this processing activity.
The processing of personal data such as the name, address, e-mail address or telephone number of the data subject is at all times in accordance with the European Union’s General Data-Protection Regulation, and with the country-specific data-protection regulations applicable to our company. By issuing this data-protection declaration, our company wishes to make a public statement about the nature, scope and purpose of its collection, use and processing of personal data. This data-protection declaration is further intended to inform all concerned of their rights under the EU’s data-protection legislation.
As the data-processing controller responsible for the processing of personal-data processing referred to above, we have set in place numerous technical and organizational measures to ensure that the degree of protection provided with regard to personal data processed via this website is as comprehensive as possible. However, internet-based data transmission is inherently susceptible to security breaches, and absolute data security can therefore not be guaranteed. For this reason, we offer any person wishing to pass on personal data to us the possibility of doing so by alternative means – for example, by telephone.
The responsible entity (i.e. the data controller) within the meaning of (i) the EU’s General Data-Protection Regulation, (ii) the other data-protection laws in place in the member states of the EU, and (iii) other provisions dealing with data protection is:
temp-rite Int. GmbH
as represented by Herr Dirk Schwenk
Telephone: +49 (0)421/48692-0
The following person has been designated as the data-protection officer for the responsible entity in accordance with Article 37 of the European Union’s GDPR (General Data-Protection Regulation):
Herr Volker Weinhard
Telephone: +49 (0)4142 / 8116940
Collection of general data
Our company website collects a certain amount of general data and information each time it is accessed by a person or an automated system. The general data and information acquired is stored in the server’s log files. The data and information that can be collected are:
- the browser types used and the browser versions;
- the operating system of the system that has accessed the website;
- the website that has directed a particular system to our website (a so-called referrer);
- the sub-website that has directed a particular system to our website;
- the date and the time of day when our website was accessed;
- an Internet Protocol address (IP address);
- the Internet Service Provider (ISP) of the system accessing our website, and
- other data and information of a similar nature that can be used to avert danger in the event of an attack being launched on our information-technology systems.
These data and items of information are not used by us to make deductions about the person who has accessed our website (the data subject). They are needed so that we can:
- deliver the content of our website in an appropriate form;
- optimize our website content and, where appropriate, the related advertising;
- ensure the long-term functioning of our information-technology systems and the technologies used on our website;
- provide law-enforcement authorities with the information they require to pursue wrongdoers who have launched cyber attacks.
The above data and items of information, all of which are gathered anonymously, undergo statistical analysis on the one hand, and on the other are evaluated for the purpose of raising the levels of data security and data protection in our company, so that we can guarantee optimum protection of the personal data we process. The anonymous data in the server log files are stored separately from all the personal data provided by visitors to our website.
In accordance with statutory regulations, our website contains information that provides the possibility of rapidly establishing contact with our company by electronic means and communicating directly with us via a generally accessible electronic mailing (i.e. e-mail) address. When a data subject contacts the data controller in our company through the sending of an e-mail or the completion of a contact form, the personal data transmitted by the data subject are automatically stored so that they can be processed, or so that the data subject can be contacted. The personal data thus obtained are not passed on to any third party.
Rights of concerned persons (data subjects)
a) Right to confirmation
The European Directives and Regulations Authority accords every data subject who has transmitted personal data to us the right to demand from our data processor confirmation of whether or not his or her personal data are being processed. If a data subject wishes to exercise this right of confirmation, that person may take up the matter with us at any time.
b) Right to be informed
The European Directives and Regulations Authority accords every person whose personal data have been transmitted to, and may have been stored by, a data controller the right to obtain from the data controller information about whether his or her personal data have actually been stored, and the person concerned (data subject) is also entitled to be provided with a copy of this information. The European Directives and Regulations Authority accords the data subject the right to seek and obtain information about:
- the purposes for which his or her data are being processed;
- the categories of personal data that are being processed;
- the recipients, or categories of recipients, to whom the personal data in question have been, or are to be, disclosed; this applies, in particular, to recipients in third countries, and to recipients in international organizations;
- the length of time the personal data are to be stored in so far as this is possible, or, if this is not possible, information about the criteria use to determine the length of time that personal data might be stored;
- the existence of a right for any data subject to have his or her personal data rectified or deleted, or obtain information about the existence of a right to have a restriction placed on the processing of this data by the data controller, or the existence of a right to object to the processing of personal data;
- the existence of a right to appeal to a regulatory authority;
- everything that is known about the origins of the personal data gathered when these data have not been obtained from the data subject;
- the existence of automated decision-making mechanisms, including profiling, within the meaning of Article 22 (1) and (4) of the GDPR, and – at least in cases where the aforementioned mechanisms are used – meaningful information about the logic involved in the use of these mechanisms, and about the scope and envisaged consequences of such processing, and the consequences of these for the data subject.
The data subject is entitled to information about whether his or her personal data have been transmitted to a third country or to an international organization. If this has occurred, the data subject shall in addition be entitled to obtain information about the availability of suitable guarantees in connection with such data transmissions.
If a data subject would like to exercise his or her right to obtain such information, that person can take up the matter with us at any time.
c) Right to rectification
The European Directives and Regulations Authority accords every person affected by the processing of personal data the right to demand immediate rectification of incorrect personal data concerning them. The affected person (the data subject) further has the right to demand the augmentation of incomplete personal data, including by means of a supplementary declaration, and to demand that this augmentation take into account the purposes for which the personal data were gathered.
If a data subject would like to exercise his or her right to such rectification, that person can take up the matter with us at any time.
d) Right to erasure
also known as ‘the right to be forgotten’
The European Directives and Regulations Authority accords every person affected by the processing of personal data (the data subject) the right to demand from the data controller in possession of his or her personal data that those data be erased without delay where one of the following grounds applies, and provided that there is no longer any necessity for the processing of the data:
- The personal data are no longer needed in connection with the purposes for which they were collected or otherwise processed;
- The data subject withdraws his or her consent for the processing of the data in accordance with Letter (a) of Article 6 (1) of the GDPR or Letter (a) of Article 9 (2) of the GDPR, and there is no other legal basis for the processing;
- The data subject enters an objection pursuant to Article 21 (1) of the GDPR to the processing of the data, and there are no overriding legitimate grounds for the processing, or the data subject enters an objection pursuant to die Article 21 (2) of the GDPR to the
- The personal data have been unlawfully processed;
- The erasure of the personal data is necessary in order to achieve compliance with EU law or with the law of the EU member state by which the data controller is bound;
- The personal data have been gathered in connection with information-society services offered in accordance with Article 8 (1) of the GDPR.
If any one of the above grounds applies, and a data subject wishes to have personal data stored by us deleted, he or she may take up the matter with us at any time. We shall see to it that the demand for the erasure of the data is complied with without delay.
If the personal data have been published by us, and if our company in its capacity as a data controller is under an obligation pursuant to Article 17 (1) of the GDPR to erase these personal data, we shall, taking account of the available technology and the costs of implementation, take appropriate measures, including measures of a technical nature, to inform other data controllers engaged in the task of processing the personal data published by us that the data subject has demanded of these other data controllers that they erase all links to the aforesaid personal data and all copies or replications of these personal data in so far as there is no longer any necessity for the processing of these data. We undertake to take whatever steps are necessary in each individual case to achieve this end.
e) Right to the restriction of processing
The European Directives and Regulations Authority accords every person affected by the processing of personal data (the data subject) the right to demand of a data controller that the processing of his or her personal data be restricted where one of the following sets of circumstances applies:
- The accuracy of the personal data is contested by the data subject for a sufficient period of time to allow the data controller to verify the accuracy of the personal data;
- The processing is unlawful, and the data subject, rather than consenting to the erasure of the personal data, instead demands that the use of the personal data be restricted;
- The data controller no longer requires the personal data for processing purposes, but the data subject does need them for the establishment, exercise or defence of legal claims;
- The data subject has entered an objection against processing in accordance with Article 21 (1) of the GDPR, and it has not yet been established whether the legitimate interests of the data controller override those of the data subject.
If any one of the above sets of circumstances applies, and a data subject wishes to demand that the use of the personal data we have stored be restricted, he or she may take up the matter with us at any time. We shall see to it that a restriction be placed on the use of the aforesaid data without delay.
f) Right to data portability
The European Directives and Regulations Authority accords every data subject who has made personal data available to a data controller the right to obtain from that data controller in a structured, commonly used and machine-readable form the personal data about himself or herself that he or she made available to the data controller. In addition, the data subject has the right to transmit these data to another data controller without hindrance from the data controller to whom the personal data were previously made available where the processing is based on consent pursuant to Letter (a) of Article 6 (1) of the GDPR or Letter (a) of Article 9 (2) of the GDPR, or on a contract pursuant to Letter (b) of Article 6 (1) of the GDPR, and where the processing is performed by automated means, and provided that the processing is not necessary for the performance of a task carried out in the public interest, or in the exercise of official authority vested in the data controller.
In the exercise of his or her right to data portability, the data subject further has the right, pursuant to Article 20 (1) of the GDPR to bring it about that the personal data be transmitted directly from one data controller to another, provided that this is technically feasible and does not prejudice the rights and freedoms of other persons.
Any data subject of ours wishing to exercise his or her right to data portability may take up the matter with us at any time.
g) Right to object
The European Directives and Regulations Authority accords every person affected by the processing of personal data (the data subject) the right at any time to lodge an objection for reasons arising from his or her particular situation to the processing of his or her personal data if the processing is based on Letter (e) or (f) of Article 6 (1) of the GDPR. This also applies to profiling based on these provisions.
Unless we are able to demonstrate compelling legitimate grounds for the processing of the data subject’s personal data that take precedence over the data subject’s interests, rights and freedoms, or our processing of the data subject’s personal data is in connection with the establishment, exercise or defence of legal claims, we shall cease to process the data subject’s personal data in the event of an objection being lodged.
If we process a data subject’s personal data for direct-marketing purposes, the data subject shall have the right to object at any time to the processing of his or her personal data for this kind of marketing activity. This shall also apply to profiling if the profiling is undertaken in connection with direct marketing as referred to above. If the data subject lodges an objection with our company about the processing of his or her personal data for direct-marketing purposes, we shall cease to process his or her personal data for these purposes.
In addition, the data subject has the right for reasons arising from his or her particular situation to object to our processing his or her personal data pursuant to Article 89 (1) of the GDPR for scientific, historical-research or statistical purposes unless such processing is required in connection with a task whose performance is in the public interest.
If the data subject wishes to exercise his or her right to object, he or she can take up the matter directly with us. The data subject may further, in the context of the use of information-society services, and notwithstanding EU Directive 2002/58/EC, exercise his or her right to object by automated means using technical specifications.
h) Right to withdraw consent
The European Directives and Regulations Authority accords every person affected by the processing of personal data (the data subject) the right to withdraw, at any time, his or her consent to the processing of his or her personal data.
If the data subject wishes to exercise his right to withdraw consent to the processing of personal data, he or she may take up the matter with an employee of our company (the data controller) at any time.
Legal basis for processing
Letter (a) of Article 6 (I) of the GDPR serves as the legal basis for the processing activities that our company performs after having obtained consent for the undertaking of such activities in connection with a specific processing purpose. If the processing of personal data is being undertaken to fulfil a contract, and the party to that contract is the data subject, as, for example, may be the case when processing activities are required in connection with the supply of goods or the rendering of performance or counter-performance, the basis for that processing shall be Letter (b) of Article 6 (I) of the GDPR. The same applies for such processing activities as are required for the performance of measures prior to the signing of a contract – for example, in connection with processing enquiries about our products, or the services we provide. If – for example, in order to meet fiscal obligations – our company is subject to a legal obligation that necessitates the processing of personal data, the processing we undertake shall be on the basis of Letter (c) of Article 6 (I) of the GDPR. In rare cases, the processing of personal data may be required in order to protect the vital interests of a data subject, or of some other natural person. This would be the case, for example, if a visitor to our company were to sustain an injury, and the visitor’s name, age, health-insurance details or other vital information had to be passed on to a doctor, a hospital or some other third party. Data processing in such an eventuality would be based on Letter (d) of Article 6 (1) of the GDPR. Ultimately, Letter (f) of Article 6 (1) might serve as the legal basis for the data-processing activities undertaken. This legal basis would apply for data-processing activities not covered by any of the other aforementioned legal bases if the data processing in question were required in order to uphold the legitimate interests of our company or of a third party, providing these interests were not overridden by the interests, and by the fundamental freedoms and rights, of the data subject. We are entitled to undertake such data-processing activities in particular because they have been specifically referred to by the European legislator. The European legislator has taken the view that a legitimate interest might be assumed to exist if the data subject is a customer of the data controller (Recital 47, sentence 2 of the GDPR).
If the processing of personal data is based on Letter (f) of Article 6 (1) of the GDPR, our legitimate interest is the pursuit of our business activities for the benefit of all our employees and our shareholders.
Duration of storage of personal data
The duration of the storage of personal data is determined by the respective legal retention period. After the expiry of this period, the corresponding data will be routinely deleted, provided they are no longer needed to fulfil or initiate a contract.
We hereby inform you that the provision of personal data is, in part, prescribed in law (for example, in tax regulations), or it may follow on from the provisions of a contract (for example, the obligation to provide details about a contractual partner). In some cases, the conclusion of a contract may depend on a data subject providing personal data that we subsequently have to process. The data subject will, for example, be under an obligation to provide us with personal data if our company signs a contract with him or her. If these personal data were not provided, it would not be possible to conclude the contract with the data subject. Before the data subject provides personal data, the data subject should take the matter up with one of our employees. Our employee shall then inform the data subject whether, in the context of the matter in hand, the provision of personal data is prescribed in law, or stipulated in the contract, or necessary for the signing of the contract, or whether an obligation to provide personal data actually exists, and what the consequences of failing to provide the personal data would be.
Automated decision-making process
We hereby inform you that we have chosen to refrain from using automated decision-making processes or profiling.