Jump straight to the main content Jump straight to scrolling ticker

Privacy policy

This privacy policy contains detailed information on what happens to your personal data if you visit our website www.krampe.de. In accordance with Art. 4 GDPR, personal data means any information relating to an identified or identifiable natural person. We adhere strictly to statutory provisions when processing your data, in particular the General Data Protection Regulation (“GDPR”), and take great care to ensure that your visit to our website is absolutely secure.


Data controller

Responsible under data privacy law for the collection and processing of personal data on this website is:

Krampe Fahrzeugbau GmbH
Zusestrasse 4, 48653 Coesfeld, Germany
Tel.: +49 2541 80178-0
Email: info@krampe.de
Website: www.krampe.de
(represented by: Robin Krampe, Managing Director)

Data privacy officer

The external data privacy officer of the controller for processing data is:

FP OrgaConsult GmbH
Ms Phoebe G. Bakeberg, lawyer
Dülmener Strasse 92, 48653 Coesfeld, Germany
Tel.: +49 2541 915-03
Email: datenschutz@fp.nrw
www.fp.nrw

Any data subject may at any time contact our data privacy officer directly with any questions and suggestions.

Access data (server log files)

When calling up our website, we collect and store automatically in server log files, any access data that your browser automatically transfers to us. This data includes:

  • browser type, language and ​version of your PC
  • operating system used by your PC
  • referrer URL (source/link from which you reached our website)
  • host name of the accessing computer
  • date and time of the server request (time zone difference to GMT / Greenwich Mean Time)
  • the IP address currently used by your PC (when necessary in anonymised form)
  • amount of data transferred in each case
  • HTTP/HTTPS status code (access status)

We cannot and do not normally intend to link any of this data to a specific individual. Such data is processed in accordance with Art. 6 (1) sentence 1 (a) GDPR for the purposes of our legitimate interest in improving the stability and functionality of our website.

This anonymous data is stored separately from any entered personal data and therefore does not allow any conclusions to be drawn about a certain individual. This data is analysed for statistical purposes to optimise our internet presence and our offerings.

The system needs to store the IP ​address temporarily to provide the user’s computer with access to our website. For this purpose, the IP address of the user must remain stored for the duration of the session.
This data is stored in log files to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. Data is not analysed for marketing purposes in this context.

The data is deleted once it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
In the case of the storage of data in log files, this is the case after seven days at the latest. Longer storage periods are possible. In this case, the IP addresses of the users are deleted or anonymised so that identification of the accessing client is no longer possible.

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary to operate the website. Consequently, the user has no right of objection.

Cookies

We use cookies to make visiting our website an attractive proposition and to facilitate the use of certain functions. Cookies are small text files stored on your device. Cookies cannot run any programs or transfer viruses to your computer system.

Cookies required for electronic communications or to provide the specific functions you require are stored on the basis of Art. 6 (1) sentence 1 (f) GDPR. We have a legitimate interest in saving cookies to provide our services optimally with no technical errors. If other cookies (e.g., cookies for analysing your surfing behaviour) are stored, these are treated separately in this privacy policy.

Most of the cookies we use are session cookies. They are automatically deleted after the end of your visit. Other cookies are stored on your device until you delete them. These cookies allow us to recognise your browser the next time you visit us.

You can set up your browser to notify you whenever cookies are set and to only allow cookies in individual cases, to accept cookies for certain cases or generally exclude cookies as well as enabling automatic deletion of cookies when closing the browser. Disabling cookies may restrict the functionality of this website.

Web analysis tools and advertising

1.1 - Google Analytics

Our website uses the web analysis service Google Analytics in the version Google Analytics 4. The provider is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses cookies, which are text files stored on your computer to allow analysis of the use of the website by you. Google Analytics collects all data from devices located in the EU (based on the geographic location as per the IP address), via domains and servers in the EU before the traffic is forwarded to Analytics servers for processing. 

The legal basis for the processing of your data is the consent given by you via the cookie consent tool in accordance with Art. 6 (1) sentence 1 (a) GDPR.

a) IP anonymisation

With Google Analytics, the function IP anonymisation is automatically enabled on the website. As a result, Google shortens your IP ​address within EU member states or in another state party to the Agreement on the European Economic Area prior to transfer to the United States. Only in exceptional circumstances is the full IP ​address transferred to a Google server in the United States where it is shortened (IP masking). Google will use this information on our behalf to analyse your use of our website to compile reports on website activities and to provide us with other services associated with the use of the website and the internet. According to Google, Google Analytics does not log or store any IP addresses, but simply processes these briefly for geolocalisation purposes and immediately deletes them. The IP address transferred from your browser as part of Google Analytics is not combined with other data from Google. Data may be transferred to third parties if required by law or as part of a commissioned data processing agreement.

b) Demographics with Google Analytics

Our website uses the “Demographics” function from Google Analytics. Reports can be created containing statements on age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as from visitor data of third-party providers. This data cannot be assigned to a specific individual. You can disable this function at any time via the display settings in your Google account or generally prohibit the collection of your data by Google Analytics - as shown in the “Objection to data recording” bullet point.

c) Data processing agreement

We have concluded a data processing agreement with Google and implement fully the strict requirements of the German data privacy authorities when using Google Analytics.

d) Storage period

Data stored at Google at user and event level, which is linked to cookies, user names (e.g., user ID) or advertising ​IDs (e.g., DoubleClick cookies, Android advertising ID), is deleted after two months. Details can be found under the following link: https://support.google.com/analytics/answer/7667196?hl=en.

e) Right to cancellation

Many data processing operations are possible only with your express consent. If the processing of your data is based on your consent, you have the right to revoke the consent you previously issued to the processing of data in accordance with Art. 7 (3) GDPR at any time with effect for the future by accessing the cookie settings and changing your selection there. By revoking consent, the lawfulness of processing based on consent before its revocation is not affected. Storage of data for billing and accounting purposes is unaffected by a revocation.

More information on how user data is handled with Google Analytics can be found in Google’s privacy statement: https://support.google.com/analytics/answer/6004245?hl=en.

You can find further information on data privacy in Google’s privacy statement: https://policies.google.com/privacy?hl=en&gl=en 

1.2 - Google Tag Manager

Our website uses Google Tag Manager. The provider is Google Ireland Ltd. Google Tag Manager is a solution that enables marketers to manage website tags via an interface. Tags are code snippets that record your activity on our website, for instance. Tags can perform various tasks, such as collecting browser data, supplying marketing tools with data, integrating buttons, setting cookies, and also tracking users across multiple websites. The tool that implements the tags is a cookie-free domain that does not store any personal data. The tool triggers other tags, which may in turn record data. Google Tag Manager does not access this data. If use has been disabled at domain or cookie level, this continues to apply to all tracking tags implemented with Google Tag Manager.

1.3 - Google Ads and Google conversion ​tracking

Our website uses Google Ads (previously Google AdWords). Google Ads is an online advertising programme from the provider Google.

Google Ads enables us to use advertising collateral on external websites to draw attention to our offerings and to determine how successful individual advertising activities are. This helps us to show you advertising that is interesting for you, to structure our website so it is more interesting for you and to reach a fair calculation of advertising costs.

As part of Google Ads, we use conversion tracking. The advertising collateral is delivered by Google using AdServers. To this end, we use AdServer cookies that enable us to measure certain parameters to determine the success of our advertising, such as the display of advertisements or clicks by users. If you click on an advertisement placed by Google, a cookie is set for the conversion tracking. Cookies are small text files that the internet browser stores on the user’s computer. These cookies become invalid after 30 days and are not used to personally identify users. These cookies enable Google to recognise your web browser. If you visit certain pages of our web presence whenever the cookie has not yet expired, Google and we can detect that you have clicked a specific advertisement and were forwarded to this page. 

Each Google Ads customer receives a different cookie. The cookies can therefore not be traced via the websites of Ads customers. In conjunction with the advertising activities, Krampe Fahrzeugbau GmbH does not process any data itself. Google simply provides us with statistical analyses that we can use to determine which advertising measures are particularly effective. The following information is normally stored in relation to the cookie as analytical parameters: Unique ​cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-​out information (marking that the user no longer wants to be targeted). The information collected using the conversion cookie is used to create conversion statistics for Ads customers that have opted for commercial tracking. The Ads customers find out the total number of users that have clicked their advertisement and were forwarded to a site provided with a conversion tracking tag. However, they do not receive any information that allows users to be identified personally. If you do not wish to take part in the tracking, you can object to this use by simply disabling the Google conversion tracking cookie via your internet browser under user settings. You are then not included in the conversion tracking statistics.

By integrating Ads Conversion, Google receives the information that you have accessed the relevant part of our internet presence or have clicked on an advertisement from us. If you have registered for a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, Google may find out and store your IP ​address.

The data recorded in your Google account is summarised solely on the basis of your consent, which you can give or revoke to/with Google (Art. 6 (1) (a) GDPR). For data collection operations that are not consolidated in your Google account (e.g., because you do not have a Google account or have objected to such consolidation), data collection is based on Art. 6 (1) (f) GDPR. The legitimate interest is based on our interest in the anonymised analysis of visitors to our website for advertising purposes to optimise both our web offering and our advertising.

Further information and data privacy provisions can be found in Google’s privacy policy at: https://policies.google.com/technologies/ads?hl=en.

Social media

1.1 - Facebook plug-ins (Like & Share button)

Plug-ins for the social network Facebook, provider Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are integrated on our website (“Facebook”). You can tell the Facebook plug-ins by the Facebook logo or the “Like button” on our website. An overview of the Facebook plug-ins is available here: https://developers.facebook.com/docs/plugins/?locale=en_EN.

To enhance the protection of your data when visiting our website, the Facebook plug-ins are not unrestricted, but are simply incorporated into the page through the use of an HTML link (“Shariff” solution from c't). This integration ensures that when accessing a page of our web presence that includes such plug-ins, no connection to Facebook servers is established. Only when you click on the Facebook button, does a new window open in your browser that accesses the Facebook page on which you can press the Like or Share button. Using Shariff, you can therefore determine yourself whether and when data is transferred to the social network operator.

Information on the purpose and scope of the data collection and the further processing and use of the data by Facebook and your associated rights and setting options to protect your privacy can be found in Facebook’s privacy policy at: https://www.facebook.com/privacy/policy/.

1.2 - Instagram plug-in

Functions provided by the Instagram service are integrated on our pages. These functions are provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, (“Instagram”). The plug-ins are marked with an Instagram logo or take the form of an “Instagram camera”. An overview of the Instagram plug-ins and their appearance is available here: https://about.instagram.com/blog/announcements/introducing-instagram-badges-for-webpage-embedding

To enhance the protection of your data when visiting our website, the Instagram plug-ins are not unrestricted, but are simply incorporated into the page through the use of an HTML link (“Shariff” solution from c't). This integration ensures that when accessing a page of our web presence that includes such plug-ins, no connection to Instagram servers is established. Only when you click on the Instagram button, does a new window open in your browser that accesses the Instagram page. Using Shariff, you can therefore determine yourself whether and when data is transferred to the social network operator.

Information on the purpose and scope of the data collection and the further processing and use of the data by Instagram and your associated rights and setting options to protect your privacy can be found in Instagram’s privacy policy at: https://instagram.com/about/legal/privacy/.

1.3 - LinkedIn plug-in

Our website uses functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company Wilton Plaza, Gardner House 4,5,6 Dublin 2, Ireland (“LinkedIn”).

To enhance the protection of your data when visiting our website, the LinkedIn plug-ins are not unrestricted, but are simply incorporated into the page through the use of an HTML link (“Shariff” solution from c't). This integration ensures that when accessing a page of our web presence that includes such plug-ins, no connection to LinkedIn servers is established. Only when you click on the LinkedIn button, does a new window open in your browser that accesses the LinkedIn page. Using Shariff, you can therefore determine yourself whether and when data is transferred to the social network operator.

Information on the purpose and scope of the data collection and the further processing and use of the data by LinkedIn and your associated rights and setting options to protect your privacy can be found in LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy?trk=%7Berror-page%7D-privacy-policy.

1.4 - XING plug-in

Our website uses functions of the XING network. The provider is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany (“XING”).

To enhance the protection of your data when visiting our website, the XING plug-ins are not unrestricted, but are simply incorporated into the page through the use of an HTML link (“Shariff” solution from c't). This integration ensures that when accessing a page of our web presence that includes such plug-ins, no connection to XING servers is established. Only when you click on the XING button, does a new window open in your browser that accesses the XING page on which you can press the Share button. Using Shariff, you can therefore determine yourself whether and when data is transferred to the social network operator.

Further information on data privacy and the XING Share button can be found in XING’s privacy policy at: https://www.xing.com/app/share?op=data_protection

Google Maps

Our website uses an API (Application Programming Interface) to provide access to the Google Maps service from the provider Google.

To guarantee data privacy on our website, Google Maps is disabled the first time you enter our website. A direct connection to the Google servers is only established if you enable Google Maps yourself (consent in accordance with Art. 6 (1) (a) GDPR). This prevents your data from being transferred to Google the first time you enter our website.

After being enabled, Google Maps will store your IP ​address. This information is then normally transferred to a Google server in the United States where it is stored. The storage is provided regardless of whether you have a Google account that you used to log in with or a Google account does not exist. If you are logged in with a Google account, your data is linked directly to your account. User account exists. Google can also use other tools for marketing purposes. The provider of this page has no influence on this data transmission after Google Maps has been activated.

More information on how user data is handled can be found in Google’s privacy statement: https://policies.google.com/privacy?hl=en&gl=en.

YouTube

Our website uses plug-ins from YouTube to integrate and play video content. The provider of the video portal is Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland (“YouTube”).

To guarantee data privacy on our website, YouTube video is disabled if you are visiting our website for the first time. A direct connection to the YouTube servers is only established if you enable YouTube yourself (consent in accordance with Art. 6 (1) (a) GDPR). This prevents your data from being transferred to YouTube the first time you enter our website.

After being enabled, YouTube will simply save data from the visited page, providing a video is played, by means of the “enhanced data privacy mode” used by us. If you are logged in to YouTube at the same time, this information is assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website. This information is then normally transferred to a YouTube server in the United States where it is stored. The provider of this page has no influence on this data transmission after YouTube has been activated.

More information on how user data is handled can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=en&gl=en.

Newsletter

Provided you have expressly given consent, we will send our newsletter regularly to your email address. To receive our newsletter, you will need to tell us your email address and then verify this. Supplementary data is not collected or is voluntary. The data is used solely to send the newsletter.

The data provided when registering for the newsletter is processed solely on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your given consent at any time. To revoke your consent, you simply need to email us an informal message or you can unsubscribe via the “Unsubscribe” link in the newsletter. The lawfulness of previous data processing operations is unaffected by the revocation.

Data entered to set up the subscription is deleted if you unsubscribe. If this data has been sent to us for other purposes and at another location, this data still remains with us.

Contact​/application form

If you reach out to us via email or via a contact/application form, transferred data including your contact details is stored so we can process your enquiry or answer follow-up questions. This data is not forwarded without your consent.

The data entered on the contact/application form is processed solely on the basis of your consent (Art. 6 (1) (a) GDPR). You can revoke your given consent at any time. Revocation simply requires an informal message via email. The lawfulness of the data processing operations completed until the revocation is unaffected by the revocation.

We retain data transferred via the contact/application form until you ask us to delete it, revoke your consent for storage or there is no longer any need for data storage. Mandatory statutory provisions - especially retention periods - are unaffected.

User account

If you set up a user account, you consent to storage of your existing data such as name, address and email address and your usage data (user name, password). This allows you to log into our system with your email address and your personal password. Your data is stored in accordance with Art. 6 (1) sentence 1 (a) GDPR.

Your personal data is stored for as long as required to fulfil the aforementioned purposes or until you delete your user account yourself. If your user account is inactive for longer than three years (no login or no use), we reserve the right to delete your data to meet our storage requirements and to guarantee data economy in accordance with Art. 5 (1) (c) GDPR.

After deletion of your account, your data is removed fully from our active systems unless statutory retention obligations require longer storage. In this case, the affected data is blocked until the expiry of the retention periods and then deleted.

Data usage and forwarding

The personal data that you tell us, for instance via email (e.g., your name and your address or your email address), is neither sold to third parties nor marketed elsewhere. Your personal data is processed only for correspondence with you and only for the purpose for which you provided the data to us. To process payments, we forward your payment data to the financial institution commissioned to handle the payment.

The data that is collected automatically during your visit to our website is used only for the aforementioned purposes. The data will not be used for any other purpose.

Moreover, we assure you that we do not pass on your personal data to third parties unless we are forced to do so by law or you have previously given us your consent.

SSL and TLS encryption

Our website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the browser address line changing from “http://” to “https://” and the padlock symbol in your browser line.

If SSL or TLS encryption is enabled, third parties cannot read the data that you transfer to us.

Storage period

Personal data notified to us via our website is only stored until the purpose is fulfilled for which that information was entrusted to us. If retention periods under commercial and tax law must be followed, the storage duration regarding certain data may be up to 10 years.

Business letters/postal contact

1.1 - Purpose and legal basis

If you contact us by post, the personal data that may have been transmitted to us in this way, which is related to the implementation of a contractual relationship and is necessary for this, will be processed here. This is regularly done to initiate or perform a contractual relationship and is therefore permitted in accordance with Art. 6 (1) (b) GDPR.

1.2 - Recipient of data

We only pass on your personal data within our company to those departments and persons who require this data to fulfil contractual and legal obligations. Otherwise, data is only passed on to recipients outside the company if this is permitted or required by law, if the transfer is necessary to process and thus fulfil the contract or, at your request, to carry out pre-contractual measures, if we have your consent or if we are authorised to provide information. There is no intention to transfer data to third countries. If necessary, such a transfer will only take place if it is necessary for the processing and thus the fulfilment of the contract or, at your request, to carry out pre-contractual measures, if the transfer is required by law or if you have given us your consent.

1.3 - Storage duration

Where necessary, we will process and store your personal data for the duration of our business relationship and/or for the fulfilment of contractual purposes. In addition, we are subject to various retention and documentation obligations, which result from the German Commercial Code (HGB) and the German Tax Code (AO), for example.

Data subject rights

With regard to the personal data relating to you, as the data subject of the data processing in accordance with statutory provisions, you have the following rights vis-à-vis the controller:

1.1 - Right to revocation

Many data processing operations are possible only with your express consent. Insofar as the processing of your data is based on your consent, you have the right to revoke the consent you previously gave to the processing of data in accordance with Art. 7 (3) GDPR at any time with effect for the future. By revoking consent, the lawfulness of processing based on consent before its revocation is not affected. Storage of data for billing and accounting purposes is unaffected by a revocation.

1.2 - Right to access

In accordance with Art. 15 GDPR, you have the right to request confirmation stating whether we process personal data relating to you. If such processing exists, you have the right to access information on your personal data processed by us, the processing purposes, the categories of processed personal data, the recipients or categories of recipients, to whom your data was or is being disclosed, the planned storage duration and the criteria for the stipulation of the storage duration, the existence of a right to rectification, erasure, restriction of the processing, objection to the processing, complaint to the supervisory authority, the origin of your data if we did not collect that data from you, the existence of automated decision-making including profiling and, where necessary, meaningful information on the logic involved and the scope applicable to you and the desired impact of such processing as well as your right to notification regarding what guarantees exist in accordance with Art. 46 GDPR in the case of forwarding your data to third countries.

1.3 - Right to rectification

In accordance with Art. 16 GDPR, you have the right to request at any time immediate rectification of incorrect personal data relating to you and/or the completion of your incomplete data.

1.4 - Right to erasure

In accordance with Art. 17 GDPR, you have the right to request the erasure of your personal data if one of the following reasons applies:

  1. Your personal data is no longer necessary for the purposes for which it was collected or processed in another way.
  2. You revoke your consent on which processing was based in accordance with Art. 6 (1) (a) or Art. 9 (2) (a) GDPR, and there is no other legal basis for processing.
  3. You object in accordance with Art. 21 (1) GDPR to the processing and there are no other overriding legitimate grounds for processing, or you object in accordance with Art. 21 (2) GDPR to processing.
  4. The personal data was processed unlawfully.
  5. The erasure of the personal data is required to fulfil a legal obligation under European Union law or the law of a member state to which we are subject.
  6. The personal data was collected in relation to the offered information society services in accordance with Art. 8 (1) GDPR. 

However, this right does not exist if processing is necessary:

  1. To exercise the right to freedom of speech and the right to information;
  2. To fulfil a legal obligation which we are subject to under the law of the European Union or its member states, or to perform a task carried out in the public interests or in the exercise of official authority, which was transferred to us;
  3. For reasons of public interest in the area of public health in accordance with Art. 9 (2) (h) and (i) and Art. 9 (3) GDPR;
  4. For the purposes of archiving in the public interest, scientific and historical research or for statistical purposes in accordance with Art. 89 (1) GDPR, if the rights of the data subject presumably render impossible or seriously impair the achievement of the objectives of this processing
  5. To assert, exercise or defend legal claims.

If we have made your personal data public and if we are obliged to delete such data pursuant to the above, we will adopt suitable measures, including technical measures, taking into account the available technology and cost of implementation, to inform the data processing controllers, who process the personal data, that you as the data subject have requested the erasure of all links to your personal data or of any copy or replication of this personal data.

1.5 - Right to restriction of processing

In accordance with Art. 18 GDPR, you have the right to request the restriction of processing (blocking) of your personal data. To this end, you can contact us at any time at the address stated in the publication details. The right of restriction of processing exists in the following cases:

  1. If you dispute the accuracy of your personal data stored by us, we normally require time to verify this. While the verification takes place, you have the right to request the restriction of processing of your personal data.
  2. If your personal data was/is being processed unlawfully, you may request the restriction of data processing instead of erasure.
  3. If we no longer require your personal data, but you require this data to exercise, defend or assert legal claims, you have the right to restrict the processing of your personal data instead of erasing the data.
  4. If you have objected in accordance with Art. 21 (1) GDPR, your and our interests will need to be weighed up. As long as it is not clear whose interests prevail, you have the right to request the restriction of processing of your personal data.

If you have restricted the processing of your personal data, this data – apart from storage of the data – may be processed only with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of an important public interest of the EU or of a member state.

1.6 - Right to information

If you have asserted the right to rectification, erasure or restriction of processing vis-à-vis us, we are obliged to notify all recipients to whom your personal data was disclosed about this rectification or erasure of the data or restriction of processing, unless this proves impossible or entails a disproportionate effort. In accordance with Art. 19 GDPR, you have the right to request being notified about these recipients.

1.7 - Right not to be subject to a decision based solely on automated processing – including profiling.

In accordance with Art. 22 GDPR, you have the right not to be subject to a decision based solely on automated processing – including profiling, that has legal implications for you or significantly affects you in a similar way.

This shall not apply if the decision

  1. Is required for the conclusion or the performance of a contract between you and us,
  2. Is permissible based on legal regulations of the EU or of the member states to which the controller is subject and these legal regulations contain suitable measures to protect your rights and freedoms as well as your legitimate interests or
  3. Are provided with your express consent.

However, the decisions in the cases mentioned in (1) to (3) must not be based on special categories of personal data in accordance with Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) applies and suitable measures were taken to protect the rights and freedoms as well as your legitimate interests.

In the cases mentioned in (1) and (3) we adopt suitable measures to guarantee your rights and freedoms as well as your legitimate interests, whereby the controller has at least the right to appoint someone to act on their behalf, to represent their own standpoint and to challenge the decision.

1.8 - Right to data portability

If the processing is based on your consent in accordance with Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract in accordance with Art. 6 (1) (b) GDPR and is provided using automated procedures, you have the right, in accordance with Art. 20 GDPR, to receive your personal data that you have provided us with, in a structured, commonly used and machine-readable format and to transfer that data to another controller or request the transferral to another controller provided this is technically feasible.

1.9 - Right to object

If we based the processing of your personal data on the balance of interest in accordance with Art. 6 (1) (f) GDPR, you have the right at any time for reasons arising out of your particular situation to object to the processing of your personal data; this also applies to profiling based on this provision. The respective legal basis that underpins the processing of data can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the assertion, exercise or defence of legal claims (objection in accordance with Art. 21 (1) GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to the profiling provided this is connected with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection in accordance with Art. 21 (2) GDPR).

You can exercise your right of objection to the use of automated procedures using technical specifications, in connection with the use of information society services – irrespective of Directive 2002/58/EC.

1.10 - Right to complain to the competent supervisory authority in accordance with Art. 77 GDPR

In the case of breaches of the GDPR, the data subject is entitled to file a complaint with a supervisory authority, especially in the member state of their customary residence, their workplace or the place of the alleged breach. The right to complain is without prejudice to other regulatory or court provisions.

The competent supervisory authority for us is:

Regional Officer for Data Privacy and Freedom of Information North-Rhine Westphalia
PO Box 20 04 44
40102 Düsseldorf

Kavalleriestrasse 2-4
40213 Düsseldorf, Germany

Telephone: +49 211 38424-0
Email: poststelle@ldi.nrw.de
Website: https://www.ldi.nrw.de 

Validity and amendment of this privacy policy

This privacy policy shall apply from 1 January 2025. We reserve the right to amend this privacy policy at any time in accordance with the applicable data privacy regulations. This may be necessary, for instance, to comply with new statutory provisions or to take account of the changes to our website or new services on our website. The version available at the time of your visit shall apply.

If this privacy policy is amended, we intend to notify any changes to our privacy policy on this site so that you are fully informed of which personal data we collect, how we process that data and under what circumstances the data may be forwarded.