Section 1 - Information regarding the collection of personal data
(1) On the following pages, we will inform you about the collection of personal data when using our website. Personal data is defined as any data which refers to you personally, such as your name, address, e-mail address and user behaviour.
(2) Responsible entity in accordance with Art. 4, Para. 7 of the EU General Data Protection Regulation (GDPR) is Haumann GmbH, Giesweg 15a, 44149 Dortmund, 0231/948333-13, datenschutz@haumann-dortmund.de.
(3) We apply up-to-date technical measures to ensure the protection of personal data. These are adapted to the current state of the art in each case.
(4) Where we use contracted service providers for individual functions of our service or would like to use your data for advertising purposes, we will provide you with detailed information regarding the procedures below. We will also state the set criteria of storage duration.
Section 2 - Collection and processing of personal data and the nature and purpose of its use
your personal data will be collected and processed by us in the following contexts:
a) When visiting our website
(1) Where the website is used for informational purposes only, i.e. if you do not otherwise submit information to us, we will only collect the personal data that your browser transmits to our server. If you would like to view our website, we will collect the following data which is technically necessary for us to display our website to you and ensure stability and security:
- IP-Address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Volume of data transmitted in each case
- Website from which the request is sent
- Browser
- Operating system and its user interface
- Language and version of the browser software
(2) The same data will be processed by us for the following purposes:
- Ensuring a smooth connection with the website
- Ensuring convenient use of our website
- Evaluating system security and stability
- Other administrative purposes
(3) The legal basis for data processing is Art. 6 Para. 1 sentence 1 lit. f of the GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case will we use the data collected for the purpose of drawing conclusions as to your person.
b) When using the contact form
(1) When you contact us via the contact form, the data provided by you (name, email address, message) will be stored by us where this is necessary.
(2) Any processing for the purpose of contacting you by telephone will be carried out as a pre-contractual measure (Art. 6 Para. 1 sentence 1 lit. b of the GDPR) based on your consent in accordance with Art. 6 Para. 1 sentence 1 lit. a of the GDPR and on the basis of Art. 6 Para. 1 sentence 1 lit. f of the GDPR.
c) When sending data
(1) When you contact us, the data you provide will be stored by us to the extent necessary.
(2) Any processing for the purpose of contacting you will be carried out as a pre-contractual measure or for the purpose of contract execution (Art. 6 Para. 1 Sentence 1 lit. b of the GDPR) based on your consent in accordance with Art. 6 Para. 1 sentence 1 lit. a of the GDPR and on the basis of Art. 6 Para. 1 sentence 1 lit. f of the GDPR.
Section 3 - Disclosure of data
(1) Your personal data will not be transmitted to third parties for purposes other than those expressly specified in this statement.
(2) We will only disclose your personal data to third parties if:
- you have given us your express consent to do so in accordance with Art. 6, Para. 1 sentence 1 lit. a of the GDPR.
- disclosure in accordance with Art. 6 Para. 1 sentence 1 lit. f of the GDPR is necessary to safeguard our legitimate interests, in particular for the purpose of asserting, exercising or defending legal claims, and there is no reason to believe that you have an overriding legitimate interest in the non-disclosure of your data,
- in the event that there is a legal obligation for the disclosure according to Art. 6 Para. 1 sentence 1 lit. c of the GDPR, or
- this is permitted by law and is required in accordance with Art. 6 Para. 1 sentence 1 lit. b of the GDPR for the processing of contractual relationships with you.
Section 4 - Criteria for the duration of storage of your data
(1) Personenbezogene Daten werden nur solange gespeichert wie es zur jeweiligen Zweckerreichung erforderlich ist, soweit andere gesetzliche Vorschriften, insbesondere Aufbewahrungspflichten, dem nicht entgegenstehen.Personal data will only be stored for as long as is necessary to achieve the respective purpose, as far as this is not opposed by other legal regulations, in particular retention obligations.
(2) If the purpose has been fully achieved and the time period has expired, the data will be deleted as far as it is no longer required for contract fulfilment or contract initiation.
Section 5 - Your rights
(1) You have the following rights in respect of the personal data concerning you:
- Right of access (Art. 15 of the GDPR),
- Right to rectification (Art. 16 of the GDPR),
- Right to erasure (Art. 17 of the GDPR),
- Right to restriction of processing (Art. 18 of the GDPR),
- Right to data portability (Art. 20 of the GDPR).
(2) Where your personal data is processed on the basis of legitimate interests in accordance with Art. 6 Para. 1 sentence 1 lit. f of the GDPR, you have the right, in accordance with Art. 21 of the GDPR, to file an objection against the processing of your personal data as far as there are reasons for this that arise from your specific situation or the objection is against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without a specific situation being stated.
(3) If you have consented to the processing of your personal data, you can revoke this consent at any time (Art. 7Para. 3 of the GDPR). However, such a revocation is only effective for the future; if processing has already been carried out, the revocation will be ineffective.
(4) Please send any requests for information, enquiries, revocations or objections regarding data processing by e-mail or via another means of communication to the person responsible at Haumann GmbH, Giesweg 15a, 44149 Dortmund.
(5) You also have the right to complain to the competent supervisory authority (State Commissioner for the Protection of Data and Freedom of Information of North Rhine-Westphalia: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Postfach 20 04 44, 40102 Düsseldorf) about matters relating to data protection.
Section 6 - Data security
(1) When you visit the website, we use the widespread SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser in each case, which is typically a 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You can see that data is being transmitted in encrypted form when your browser displays an icon showing a key or closed lock in the status bar at the bottom of your screen.
(2) We also apply appropriate technical and organisational security measures in order to protect your personal data against accidental or intentional manipulation, partial or full loss, destruction and against unauthorised access by third parties. Our security measures are continuously improved in line with technological development.
Section 7 - Further information and changes to this data privacy statement
(1) For more information, please refer to the full text of the GDPR, which is available on the internet at https://dejure.org/gesetze/DSGVO
(2) Owing to the continued development of our website and offers provided via it, or due to changed legal or official requirements, it may become necessary to change this data privacy statement. You can view the current data privacy statement at any time on the website at Data Privacy and print it out.
Last updated: May 2018