Data Protection Declaration
It is very important to us to keep your personal data safe and sound. This Privacy Data Privacy Statement describes to you how we capture personal data when you visit our website and online profiles and what we use your personal data for.
1. Name and contact information of the controller
BMB Beschläge GmbH, Rudolf-Diesel-Strasse 12, 22941 Bargteheide, Germany,
Phone: +49 (0)4532 2886601,
The data protection officer of BMB Beschläge GmbH can be contacted as follows:
Phone: +49 (0) 4532 2886601
E-mail: firstname.lastname@example.org. Controller: Bernd G. Schleicher
2. Scope and purpose of the processing of personal data
When this website (https://www.bmb-beschlaege.de) is visited, data from the internet browser used by the visitor is automatically sent to the server of this website and stored in a protocol file (log file) for a limited period. Until it is automatically deleted, the following data is stored without additional input from the visitor:
IP address of the visitor’s end device,
date and time that the visitor accessed the site,
name and URL of the page accessed by the visitor,
website from which the visitor arrived at the website of BMB Beschläge GmbH (so-called referrer URL),
browser and operating system of the visitor’s end device as well as the name of the access provider used by the visitor.
Processing of this personal data is justified in accordance with Art. 6 (1) (1f) of the GDPR. BMB Beschläge GmbH has a legitimate interest in data processing with the purpose of,rapidly establishing the connection to the website,
enabling a user-friendly application of the website, identifying and ensuring the safety and stability of the system and
facilitating and improving the administration of the website.
Under no circumstances does the processing occur with the purpose of obtaining personal information about the visitor to the website.
3. Transfer of data to third parties
Provided we transfer your data to processors these being companies we commission to process data within the legally defined parameters, Art. 28 GDPR. In this case, BMB Beschläge GmbH still remains responsible for the protection of your data. We have implemented technical and organizational measures (TOM’s) to ensure that processors comply with the provisions of the data protection laws. We commission contractors in the following areas in particular: IT, marketing, finance, HR, logistics.
We will also transfer your data to our co-operation partners, who deliver services to you under their own responsibility (suppliers, delivery companies). This is the case when you request us to deliver services from these partners, or if you consent to the involvement of the partner, or if we engage the partner in a situation in which we are legally permitted to do so, such as the performance of a contract, in accordance with Art. 6 (1 b) GDPR.
Personal data is transferred within BMB Group for internal administrative purposes connected with centralized customer care and order processing. The legal basis for this is Art. 6 (1 f) GDPR. Finally, in certain cases we have a legal obligation to provide certain data to public agencies if requested.
In other cases personal data will not be transferred to third parties.
The website uses so-called ‘cookies’. These are data packets which are exchanged between the BMB Beschläge GmbH website server and the visitor’s browser. Upon visiting the website, they are saved to the respective devices used (PC, Notebook, Tablet, Smartphone etc.) Cookies cannot cause any harm to the devices used. Information relating to the specific device used is stored in the cookies. BMB Beschläge GmbH can thereby never obtain direct knowledge regarding the identity of the visitor to the website. Cookies cannot run applications or transmit viruses to your computer. Their purpose is to make the general online experience more user-friendly and effective. The legal basis for this is Art. 6 (1 f) GDPR.
5. Collection of access data and server log files
The provider of our internet pages automatically collects and saves data on every access to the server on which this service is located (so-called server log files). Processing of this data is justified in accordance with Art. 6 (1) (1f) of the GDPR.
The access data includes name of the retrieved website, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, user's operating system, referrer URL (previously visited page), IP address and the requesting provider , This data can not be assigned to specific people. We reserve the right to check this data retrospectively, if we become aware of specific indications for illegal use. The data is collected only for data security purposes. Any other analysis of the data - except for statistical purposes and then in an anonymous form - does not take place. Also, no personal surfing profiles or the like are created or processed.
The hosting services we use are designed to provide the following services:
infrastructure and platform services, computing capacity, storage and database services, security and technical maintenance services.
Here we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer. Processing of this data is justified in accordance with Art. 6 (1) (1f) and Art. 28 of the GDPR.
7. Contact form
Visitors can send messages to BMB Beschläge GmbH using an online form on the website. In order to receive a reply, a valid email address is the minimum information required. All other information can be supplied voluntarily by the person submitting the request. By sending the message using the contact form, the visitor agrees to the processing of the personal data supplied. Data processing occurs with the sole purpose of handling and responding to enquiries conveyed in the contact form. This occurs on the basis of consent provided willingly by the user in accordance with Art. 6 (1) (1a) of the GDPR. The personal data obtained for the use of the contact form is automatically deleted as soon as the enquiry has been dealt with and no reasons are given for further storage (e.g. further commissioning of our company BMB Beschläge GmbH).
You have the opportunity of subscribing to our newsletter. To do so, you are required to enter your email address to which we will send the newsletter. If you enter this into the input screen, we will record your name in order to address the newsletter personally to you. By entering your email address you agree that we may use your data for the purpose of sending the newsletter to tell you about our news. The legal basis for this processing is Art. 6 (1a) GDPR. Your email address will not be used for any other purpose; in particular it will not be sent to any third parties.
You can cancel your newsletter subscription and the consent you issued at any time; this will then take effect for the future. If you wish to cancel your newsletter subscription, please use the relevant button in the newsletter sent to you. Your email address will then be promptly erased from our system.
9. Analytic services for websites, tracking
This website uses Google Analytics, a web analytics service provided by Google LLC. (“Google“), Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how it is used. The information generated by the cookie on your use of this website will normally be transmitted to a Google server in the United States and stored there. This website uses Google Analytics with the extension „gat._anonymizeIp();“ to guarantee the anonymous capture of IP addresses (“IP masking”). If IP anonymization is activated on this website, however, your IP address will be truncated by Google from within a member state of the European Union or from within any other country which is party to the Agreement on the European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server in the United States and truncated there. Google will use this information on our behalf for purposes of evaluating your use of the website, compiling reports on website activity and providing the website operator with other services relating to website use and internet usage. Google will not associate your IP address (sent by your browser and transferred via Google Analytics) with any other data held by Google. The legal basis for the processing of your personal data is Art. 6 (1f) GDPR.
You may refuse the storage of cookies by selecting the appropriate settings in your browser software, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the acquisition of the data generated by the cookie (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=en).
An opt out cookie will be placed that will prevent future acquisition of your data while visiting this website.
Deactivate Google Analytics. Further information concerning usage conditions and data protection can be found at www.google.com or at policies.google.com
10. Google webfonts
This site uses so-called web fonts, provided by Google, for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. To do this, the browser you use must connect to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest in accordance with Art. 6 (1) (1f) of the GDPR. If your browser does not support web fonts, a default font will be used by your computer. Further information concerning usage conditions and data protection can be found at developers.google.com and data protection can be found at www.google.com.
11. Security of data processing
We maintain up-to-date technical and organizational measures for ensuring the security of the data processing operation, especially in order to protect your personal data from risks during data transfer and from becoming known to unauthorized third parties. These measures are modified in accordance with the current state-of-the-art, the need for protecting the personal data in question, and the risks to your rights and freedoms. Generally speaking, your data will be processed in Germany and within other European countries. If, in exceptional cases, your data is also processed in countries outside of the European Union (i.e. in “third countries”), this will take place to the extent that you have explicitly consented to it or if it is stipulated by law (Art. 49 GDPR).
12. Rights of the data subject
Provided that your personal data is processed on the occasion of your visit to our website, you have the following rights as a “data subject” according to the GDPR:
You can request that we disclose whether or not we are processing your personal data. You have no right to information if granting the requested information would violate the duty of confidentiality in accordance with § 57 para. 1 of the German Tax Consultancy Act (StBerG) or if the information must be kept secret for other reasons, in particular due to a legitimate prevailing interest of a third party. By way of exception, an obligation to disclose the information can exist if your interests outweigh the interest of maintaining confidentiality, in particular with regard to imminent damage. The right to information is further excluded if the data is only being saved because its deletion is not permitted due to legal or statutory retention periods or if the data is solely serving the purposes of data backup or data protection controls, where disclosing the information would require a disproportionate amount of effort and processing for other purposes is excluded due to applicable ethnic or organisational measures. If the right to information is not excluded in your case and your personal data is being processed by us, you can request the disclosure of the following information from us:
the purpose of processing,
the categories of your personal data which is being processed,
the recipients or categories of recipients to whom your personal data is being disclosed, particularly in the case of recipients in third countries,
if possible, the duration for which your personal data is intended to be stored; if this is not possible, the criteria for the determination of this storage period,
the existence of a right to correction of, deletion of, or restriction to the processing of your personal data or a right to object to this processing,
the existence of the right to lodge a complaint with a supervisory authority for data protection,
all available information on the source of the data, if the personal data was not being collected from you as the data subject,
where applicable, the existence of automated decision-making including profiling and conclusive information on the logistics involved as well as the consequences and pursued objectives of such automated decision-making processes,
* where applicable, in the case of the transfer to recipients in third countries where no ruling by the EU Commission exists regarding the suitability of the protection level in accordance with Art. 45 (3) of the GDPR, information regarding which suitable guarantees are provided for the protection of personal data in accordance with Art. 46 (2) of the GDPR.
12.2 Correction and completion
If you determine that we have inaccurate data pertaining to your person, you can request the immediate correction of this inaccurate data. If data pertaining to your person is incomplete, you can request that it be completed.
You have a right to the deletion of your data (“right to be forgotten”), provided that the processing is not necessary to exercise a right to freedom of expression, a right to information, or for the fulfilment of a legal obligation or the performance of a task which is in the public interest, and one of the following grounds applies:
The personal data is no longer required for the purposes for which it was processed.
The legal basis for the processing was exclusively your consent, which you have withdrawn.
You have lodged an objection against the processing of your personal data which we have made public.
You have lodged an objection against the processing of your personal data which we have not made public and there are no overriding legitimate reasons.
Your personal data was processed illegally.
The deletion of your personal data is required for the fulfilment of a legal obligation which we are subject to. A claim to deletion does not exist if, in cases of legal and non-automated data processing, the deletion is not possible or is only possible with a disproportionately high effort due to the specific type of storage, and your interest in deleting the data is minimal. In this case the restriction of processing occurs instead of the data being deleted.
12.4 Restriction of processing
You can request the restriction of processing if one of the following grounds applies:
You dispute the accuracy of the personal data. In this case a restriction can be requested for the time it takes us to check the accuracy of the data.
The processing is illegal and instead of deletion you request a restriction to the use of your personal data.
Your personal data is no longer required by us for the purpose of processing, however you require the data to assert, exercise or defend legal claims.
You have lodged an objection in accordance with Art. 21 (1) of the GDPR. The restriction of processing can be requested for as long as it remains undetermined whether our legitimate grounds override your grounds.
A restriction to the processing of your personal data means that such personal data shall only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest. We are obligated to inform you before we lift the restriction.
12.5 Data portability
You have a right to data portability provided that the processing is based on your consent (Art. 6 (1) (1a) or Art. 9 (2) (a) of the GDPR) or on a contract to which you are party and the processing occurs with the help of automated procedures. The right to data portability includes in this case the following rights, provided that the rights and freedoms of other persons are not compromised because of this: You can request the receipt of personal data which you have previously supplied to us in a structured, prevalent and machine-readable format. You have the right to transfer this data to another controller without any hindrance on our part. In so far as it is technically possible, you can request that we directly transfer your personal data directly to another controller.
12.7 Revoking consent
You have the right to revoke your given consent with future effect at any time. You can informally communicate your revocation of consent to us via telephone, email, or telefax where necessary or by using our postal address. The revocation does not affect the legality of data processing conducted based on consent up until the notice of revocation has been effected. After receiving a notice of revocation, data processing that is exclusively based on your consent is suspended.
If you are of the view that the processing of your personal data is illegal, you can lodge a complaint with a supervisory authority for data protection which is responsible for your place of residence or work or for the place in which the suspected violation was committed.
13. Privacy information for applicants
When you provide us with your application documents and your personal data, you agree that this information may be collected, stored and used as part of the application process. The legal basis for the processing of this data is Art. 6 (1) b) GDPR. In accordance with the GDPR and the FDPA, you are entitled to be kept informed, to demand the correction, erasure and restrictions on the processing of your data, and its portability. If you wish to exercise your rights, please contact email@example.com.