Privacy Statement

Privacy Statement

Information obligations DSGVO/GDPR

Limitation on Liability

The contents of this website have been compiled with the greatest possible care. However, the provider assumes no liability for the accuracy, completeness and up-to-dateness of the content provided. The use of the website contents is at the user's own risk. Contributions marked by name reflect the opinion of the respective author and not always the opinion of the provider. The mere use of the provider's website does not constitute a contractual relationship between the user and the provider.
 

Externals links

This website contains links to third-party websites ("external links"). These websites are subject to the liability of the respective operators. The provider reviewed the third-party contents at the time the initial link was created to determine any legal violations. At that time no legal violations were apparent. The provider has no influence whatsoever on the current and future design and the contents of linked sites. The placement of external links does not mean that the provider adopts the content behind the reference or link as its own. Constant monitoring of these external links by the provider without specific indications of legal violations is not feasible. In the event of known legal violations, however, such external links will be deleted immediately.


Copyright and related (neighboring) rights

The contents published on this website are subject to German copyright and related right. Any use not permitted by German copyright and related right requires the prior written consent of the provider or the respective copyright holder. This applies in particular to duplication, editing, translation, storage, processing or reproduction of content in databases or other electronic media and systems. Contents and rights of third parties are marked as such. The unauthorized duplication or transmission of individual contents or complete pages is not permitted and punishable by law. Only the production of copies and downloads for personal, private and non-commercial use is permitted.
The representation of this website in external frames is only permitted with written permission.
 

Data protection

I. Basic information on data processing and legal bases

(1) This privacy policy explains to you the nature, scope and purpose of the processing of personal data within our online service and the associated websites, functions and content (hereinafter collectively referred to as "online service" or "website"). The privacy policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) used, on which the online service is executed.

(2) The terms used in this privacy policy correspond to the wording of the Basic Data Protection Regulation (DSGVO/GDPR), in particular the definitions in Art. 4 DSGVO/GDPR. For better understanding, we have defined the relevant terms for the privacy policy below:


a. Personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). A natural person shall be considered identifiable if that person can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an on-line identifier or one or more specific characteristics expressing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

b. Data subject (person concerned)

Data subject means any identified or identifiable natural person whose personal data are processed by the person responsible for the processing.

c. Processing:

Processing means any operation or set of operations that is carried out with or without the aid of automated procedures relating to personal data, such as collection, recording, organization, sorting, storage, adaptation or alteration, reading out, retrieval, use, disclosure by transmission, dissemination or otherwise making available, matching or interconnection, restricting, deleting or destruction.

d. Restriction of processing

Restriction of processing is the marking of stored personal data with the objective of limiting their future processing.

e. Profiling

Profiling is any type of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or movement of that natural person.

f. Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the provision of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures ensuring that the person-related data are not allocated to an identified or identifiable natural person.

g. Controller:

Controller or controller for the processing means the natural or legal person, public authority, agency or any other body who alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or respectively the specified criteria of the controller's nomination can be provided for in accordance with Union law or with the law of the Member States.

h. Processor

‘processor’ means a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;

i. Recipient

Recipient means a natural or legal person, public authority, agency or any other body to whom data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the context of a specific investigation mandate under Union law or the law of the Member States shall not be considered as recipients.

j. Third party

Third party means any natural or legal person, public authority, agency or any body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process data.

k. Consent

Consent means any voluntary given manifestation of will by the data subject for a certain case in an informed and clear manner as a declaration or other unambiguous, confirming act, with which the data subject indicates his or her consent to the processing of his or her personal data. The personal user data processed within the scope of this online service include inventory data (e.g., names and addresses of customers), contract data (e.g., services used, names of persons responsible, payment information), usage data (e.g., websites visited on our online service, interest in our products) and content data (e.g., entries in the contact form).

 

(3) In addition, we use the term "user" in this declaration. This has the same meaning as the term "data subject" in the sense of the DSGVO/GDPR. This includes all visitors to our online services, regardless of whether we are already in contractual contact with them or not.

(4)All terms used in this declaration, such as "user", are to be understood gender-neutral.

(5) As part of our business activities, we comply with the relevant data protection regulations. We therefore only process users' personal data if we have legal permission to do so. According to legal regulations, we are specifically permitted to process personal data if this processing is necessary for the provision of our contractual services (e.g. processing of orders) and online services, or if the processing is based on legal obligations imposed on us. In addition, we are permitted to process these data, if the person concerned has given his or her consent and/or if we process the data as a result of justified interests (e.g. to prosecute criminally relevant (cyber) attacks on our (computer) system).

(6) Responsible for the data processing is:

Aguti Produktentwicklung & Design GmbH
Bildstock 18/3
D-88085 Langenargen

Telephone:  07543 9621 60
Fax:  07543 9621 99
Mail: info@aguti.en
www.aguti.com

Managing Director: Andreas Grieger, grad. designer

Entry in the Commercial Register 
Register Court: Local Court of Ulm
Register number: HRB (COMMERCIAL REGISTER, DEPT. B) 631383 

 

Publication of the contact details of the data protection officer pursuant to Art. 37 para. 7 EU-DSGVO/GDPR
External data protection officer according to Art. 37 EU-DSGVO/GDPR/ § 38 BDSG (Federal Data Protection Act), new:
Mr. David Kuhn – Deutsche Datenschutzkanzlei (German data protection office)
Phone +49 7542 / 949 21 08, datenschutz@aguti.de

Your inquiries will be treated confidentially.
 

 

(7) The legal basis for data processing with the consent of the data subject is Art. 6 Para. 1 lit. a. and Art. 7 DSGVO/GDPR; for processing to fulfill of our services and implementation of contractual measures Art. 6 Para. 1 lit. b. DSGVO/GDPR; for processing to fulfill our legal obligations Art. 6 para. 1 lit. c. DSGVO/GDPR; and for the legal basis for the processing to safeguard our legitimate interests Art. 6 para. 1 lit. f. DSGVO/GDPR.

 

II. Safety measures

(1) With regard to the protection of the personal data of our users, we take organizational, contractual and technical security measures that are in accordance with the state-of-the-art.

(2) These security measures include in particular the encrypted transmission of data between the browser of the respective user and our server.

(3) However, we would like to point out that e-mails can be stored and transmitted unencrypted.

 

III. Passing on of data to third parties and third-party providers

(1) Data will only be passed on to third parties within the framework of legal requirements. In principle, we only pass on user data to (external) third parties if this is necessary for contractual purposes, e.g. on the basis of Art. 6 Para. 1 lit. b) DSGVO/GDPR, if we are legally obliged to do so or if this passing on is based on our legitimate interests pursuant to Art. 6 Para. 1 lit. f DSGVO/GDPR.

(2) As far as we use subcontractors to provide our services, we will take appropriate legal precautions and take appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant statutory provisions. In addition, we also obligate our subcontractors to comply with data protection regulations, in particular by using the necessary technical and organizational measures.

(3) If content, tools or other means from other providers (hereinafter jointly referred to as "third-party providers") are used within the scope of our Internet service and their registered office is located in a country outside the scope of the DSGVO/GDPR (i.e. outside the European Union or the European Economic Area), it is to be assumed that (also) a data transfer to this country takes place. However, data will only be transferred to such countries ("third countries") if an appropriate level of data protection exists in these countries or if users have consented to this transfer or otherwise have legal permission to do so.

(4)Currently, we are using the following third-party programs on our homepage:

 

a. Google Analytics

On our homepage we use Google Analytics, a web analysis service of Google Inc. ("Google"). This usage serves our interest in the analysis, optimization and economic operation of our online services and is therefore permitted on the basis of our legitimate interests (i.e. within the meaning of Art. 6 para. 1 lit. f. DSGVO/GDPR).

Google is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European data protection law.

(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use the hereby obtained information on our behalf in order to evaluate the use of our online service by the users, to compile reports on the activities within this online service and to provide us with further services associated with the use of this online service and the use of the Internet. In this, pseudonymous user profiles of the users can be created from the processed data.

We employ Google Analytics only with IP anonymization enabled. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European economic area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there.

The IP address transmitted by the user's browser is not merged with other Google data. Users can prevent cookies from being saved by selecting the appropriate settings on your browser software; Beyond this, users can prevent the collection of data generated by the cookie and related to their use of the website through Google, as well as the processing of this data through Google by downloading and installing the browser plug-in available under the following link:

tools.google.com/dlpage/gaoptout.

Google uses cookies for this service. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. The use of such cookies is therefore also in our legitimate interest (pursuant to Art. 6 para. 1 lit. f DSGVO/GDPR). On calling up our homepage, we have informed you about the use of cookies. The information generated by the cookie on the user's use of this website is generally passed on to a Google server in the USA and saved there.

You as a user have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also take place automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used to the full extent.

Further information on the use of data by Google, setting and objection options can be found on the Google website:

www.google.com/intl/de/policies/privacy/partners ("Google's use of data when you use websites or apps of our partners"),

www.google.com/policies/technologies/ads ("Use of data for advertising purposes"),

www.google.de/settings/ads ("Managing information that Google uses to display advertisements to you").

 

b. Google Maps

Our site uses the Google Maps map service via an API. Application provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use these Google Maps features, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and saved there. We have no influence on this data transmission.

Our use of Google Maps is in the interest of an appealing presentation of our online services and an easy retrievability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO/GDPR.

For more information on handling user data, please refer to Google's privacy policy: www.google.de/intl/de/policies/privacy/.

 

c. Google AdSense

In addition, we use the Google AdSense service on our website. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, for the integration of advertisements. Google uses cookies for this service. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. The use of such cookies is therefore also in our legitimate interest (pursuant to Art. 6 para. 1 lit. f DSGVO/GDPR), because it facilitates the navigation and use of our homepage for the user. On calling up our homepage, we have informed you about the use of cookies. The information generated by the cookie on the user's use of this website is generally passed on to a Google server in the USA and saved there.

Google AdSense also uses web beacons, which are invisible graphics that allow Google to analyze clicks on this site, traffic on this site, and similar information.

The information received via cookies and web beacons, your IP address and the delivery of advertising formats are transmitted to a Google server located in the USA and saved there. Google may share this information with third parties where required to do so by law, or where Google has requested third parties to process the information. However, Google will merge your IP address with the other saved data.

You as a user have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also take place automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used to the full extent.

 

Further information on the use of data by Google, setting and objection options can be found on the Google website:

www.google.com/intl/de/policies/privacy/partners ("Google's use of data when you use websites or apps of our partners"),

www.google.com/policies/technologies/ads ("Use of data for advertising purposes"),

www.google.de/settings/ads ("Managing information that Google uses to display advertisements to you").

 

d. Google Tag Manager: This website uses the Google Tag Manager. Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (in the following referred to as Google). This service allows website tags to be managed via an interface. The Google Tool Manager only implements tags. This means: Cookies are not used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access these data. If a deactivation has been made at the domain or cookie level, it will remain in force for all tracking tags, as far as these are implemented with the Google Tag Manager. For more details, please refer to Google's privacy policy at the Google Privacy Center: Transparency, choices and data protection regulations at https://policies.google.com/privacy?hl=de&gl=de

 

e. Facebook plug-ins

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online service in the sense of Art. 6 Para. 1 lit. f. of the DSGVO/GDPR), we make use of social plug-ins of the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plug-ins can represent interaction elements or content (e.g. videos, graphics or text contributions) and are recognizable by one of the Facebook logos (white "f" on a blue background, the terms "like", or a "thumbs up" sign) or are marked with the addition "Facebook social plug-in". The list and look of Facebook social plug-ins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user calls a function of this online service that contains such a plug-in, his device establishes a direct connection with the Facebook servers. The content of the plug-in is transmitted directly from Facebook to the user's device and embedded into the online service by it. In this, user profiles of the users can be created from the processed data. We therefore have no influence on the extent of the data that Facebook collects with the help of this plug-in and therefore inform the user according to our state of knowledge.

By integrating the plug-ins, Facebook receives the information that a user has called up the corresponding page of the online service. If the user is logged in to Facebook, Facebook can assign the visit to the user's Facebook account. When users interact with the plug-ins, e.g. by clicking the Like button or commenting, the corresponding information is transmitted directly from your device to Facebook and saved there. If a user is not a member of Facebook, it is still possible for Facebook to find out and save the user's IP address. According to Facebook, only an anonymous IP address is saved in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options to protect the privacy of users, can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect information about him or her via this online service and link it to his or her Facebook member data, the user must log out of Facebook and delete their cookies before using our online service. Further settings and objections on the use of data for advertising purposes are possible within the Facebook profile settings: www.facebook.com/settings via the US website http://www.aboutads.info/choices/ or the EU-website www.youronlinechoices.com.

The settings are platform-independent, meaning, they are adopted for all devices, such as desktop computers or mobile devices.

 

f. Instagram plug-in

Instagram service functions are also embedded in our online service. This is done on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO/GDPR, because it improves and facilitates the usability of our homepage for the user and particularly the connection of our homepage to the social networks used by the user.

These functions are offered and integrated by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged in to your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. In this manner, Instagram can correlate the visit of our webpages to your user account. We would like to point out that we, as the provider of the webpages, do not receive knowledge of the content of the transmitted data as well as their usage on behalf of Instagram. Privacy Statement: instagram.com/about/legal/privacy/.

 

g. Pinterest plug-in

We also use the pinterest.com service on our website. The use of this service is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO/GDPR, because it improves and facilitates the usability of our homepage for the user and particularly the connection of our homepage to the social networks used by the user.

Pinterest.com is a service of Pinterest, Inc. 808 Brannan St, San Francisco, CA 94103, USA. Through the embedded "Pin it" button on our website, Pinterest receives the information that you have called the respective page of our Internet presence. If you are logged in with Pinterest, Pinterest can assign this visit on our site to your Pinterest account and link the data. The data transmitted by clicking the "Pin it" button is saved by Pinterest.

For the purpose and scope of the data collection, its processing and use as well as your related rights and setting options for privacy protection, please refer to the Pinterest's privacy policy, which you can access at pinterest.com/about/privacy/.

To prevent Pinterest from assigning your visit to our site to your Pinterest account, you must log out of your Pinterest account before visiting our site.

 

IV. Contact and newsletter

(1) If personal data is sent to us by e-mail, we will use these exclusively within the scope of legal permission, i.e. to process any inquiry or within the scope of consent given (Art. 6 para. 1 lit. a DSGVO/GDPR) or - if the e-mail contact is aimed at concluding a contract - to fulfill our contractual obligations pursuant to Art. 6 para. 1 lit. b DSGVO/GDPR. Personal data obtained in this way from users are kept separate from other personal data obtained in the rest of the business during the processing process.

(2) The following information will inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures and your rights of objection:

The subscription of our newsletter by the user includes the agreement with the receipt of the newsletter as well as the procedures described in the following. This concerns a data-protection consent, which we record for the purpose of verifiability.

b. Contents of the newsletter:

We send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter referred to as "newsletter") only with the consent of the recipient or a legal permission. Insofar as the contents of the newsletter are specifically described within the framework of registration, they are decisive for the consent of the users. In other respects,, our newsletters contain information about our products, offers, promotions and our company.

c. Double-Opt-In and logging:

The registration to our newsletter takes place in a so-called Double-Opt-In procedure. Users will therefore receive an e-mail after registration, asking them to confirm their registration. This confirmation is necessary so that no one can register with external e-mail addresses. The registrations for the newsletter are logged, in order to be able to prove the registration process according to legal requirements. This includes storing the login and confirmation times as well as the IP address. Any changes to the data stored by the dispatch service provider are also recorded.

d. Dispatch service provider:

Newsletters are sent by Newsletter2Go GmbH, Koepenicker Str. 126, 10179 Berlin, https://www.newsletter2go.de/. hereinafter referred to as "dispatch service provider". The dispatch service provider's data protection regulations can be viewed here: www.newsletter2go.de/datenschutz-uebersicht/

Furthermore, the dispatch service provider may use this data in pseudonymous form, i.e. without allocation to a user, to optimize or improve its own services, e.g. for technical optimization of the dispatch and display of the newsletter or for statistical purposes in order to determine from which countries the recipients come. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or pass them on to third parties.

e. Subscription data:

In order to subscribe the newsletter, it is sufficient to provide the e-mail address of the respective user. It is also possible to optionally submit your own name. This only serves the personal salutation in the newsletter itself.

f. Statistical survey and analysis:

Our newsletter contains a so-called "web-beacon", i.e. a file the size of a pixel, which is called up by the server of the dispatch service provider when the newsletter is opened. Within the scope of this call-up, technical information such as information about the browser and your system, as well as your IP address and time of call-up are initially collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior with respect to their retrieval points (which can be determined with the help of the IP address) or access times. Statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can actually be assigned to the individual newsletter recipients. However, it is neither our nor the shipping service provider's intention to monitor individual users. Moreover, the evaluations help us to recognize the reading habits of our users and to adapt our content to them, or to send different content according to the interests of our users.

g. The use of the dispatch service provider, the performing of statistical surveys and analyses as well as the logging of the registration procedure are carried out on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO/GDPR. Our interest is in employing a user-friendly and secure newsletter system that serves both our business interests and users' expectations.

h. Termination/cancellation:

Users can terminate the receipt of our newsletter at any time, i.e. cancel their consent. With this, the consent for the dispatch through the dispatch service provider and the statistical analyses expire at the same time. A separate cancellation of the dispatch through the dispatch service provider or the statistical evaluation is unfortunately not possible. A link to cancel the newsletter can be found at the end of each newsletter. When users have only subscribed to the newsletter and cancelled their subscription, their personal data will be deleted.

i. Claims of the users:

Each user possesses the rights and claims described in more detail in Section VI, which can be asserted at any time against us - also with regard to consent regarding the dispatch of the newsletter.

j. Contact form/Inquiries: On our website, you have the possibility of sending us your inquiries via contact form. In this, your data from the contact form (content of your inquiry, subject of your inquiry and date) including the contact data given by you there (name, surname, company, telephone number and email) are stored for the purpose of processing the inquiry and for the case of follow-up questions with us. The legal basis for the collection and processing of the data is Art. 6 para. 1 lit. a) GDPR. The data entered by you in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your inquiry has been processed). Statutory provisions that are mandatory - in particular retention periods - remain unaffected.

 

V. Collection of access data and log files

(1) We collect data on each accessing of the server on which this service is located (so-called server log files). The access data includes the name of the called-up website, file, date and time of call-up, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

(2) Log file information is stored for security reasons (e.g. to clarify abuse or fraud) for a maximum period of 30 days and then anonymized. Data required to be further saved for evidence purposes shall be excluded from deletion until the respective incident has been finally clarified.

(3) The collection of this data is necessary for the technical provision of our Internet service, so that the data collection takes place on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. DSGVO/GDPR.

 

VI. User rights

(1) Users have the right at any time to receive free information about:

a. the purposes for which we process the personal data;

b. the categories of personal data processed by us;

c. the recipients respectively the categories of recipients to whom the personal data has been or will be disclosed to;

d. the planned saving duration of the personal data concerning you, or, if it is not possible to provide specific information in this regard, criteria for determining the saving duration;

e. all available information on the origin of the data, if the personal data are not collected from the data subject;

f. the existence of automated decision-making, including profiling, in accordance with Article 22 (1) and (4) DSGVO/GDPR and - at least in these cases - significant information on the logic involved and the scope and intended effects of such processing for the data subject.

(2) In addition, users have the following rights:

a. Right of correction

Users have the right to have their personal data corrected and/or completed with respect to us, as far as the processed personal data concerning them is inaccurate or incomplete. Such corrections shall be made by us without delay.

b. Right to limitation of processing

Under the following conditions, users may request that the processing of their personal data be restricted:

i. if they contest the accuracy of the personal data concerning them for a period of time which enables us to verify the accuracy of the personal data;

ii. the processing is unlawful and they refuse to have the personal data deleted, and instead demand the restriction of the use of the personal data;

iii. we no longer need the personal data for the purposes of processing, but they need them to assert, exercise or defend legal claims; or

iv. if they have lodged an objection against the processing pursuant to Art. 21 para. 1 DSGVO/GDPR and it has not yet been determined whether the legitimate reasons existing with us outweigh the reasons of the users.

If the processing of personal data relating to users has been limited, then such data - with the exception of the data being saved - may only be processed, with the consent of the user or for the purpose of asserting, exercising or defending legal claims, or for protecting the rights of another natural or legal person, or for reasons of an important public interest of the Union or of a Member State.

If the limitation of the processing has been restricted in accordance with the above conditions, we shall inform the users before the limitation is lifted.

c. Right to deletion

i. Obligation to deletion

Users can demand from us to delete the personal data concerning them immediately, and we are obligated to delete such data immediately as far as any of the following reasons apply:

The personal data concerned are no longer necessary for the purposes for which they were collected or otherwise processed.

Users revoke their consent on which the processing pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO/GDPR was based and there is no other legal basis for the processing.

Users object to the processing pursuant to Art. 21 para. 1 DSGVO/GDPR and there are no overriding legitimate reasons for the processing or they object to the processing pursuant to Art. 21 para. 2 DSGVO/GDPR.

Personal data concerning users have been unlawfully processed.

The deletion of personal data concerning users is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject to.

Personal data concerning users were collected in relation to services offered by the information society services pursuant to Art. 8 (1) DSGVO/GDPR.

ii. Information to third parties

If we have made the personal data relating to a user public and if we are obligated to delete such data pursuant to Art. 17 (1) DSGVO/GDPR, we shall take appropriate measures, also of a technical nature, taking into account the available technology and the implementation costs, to inform other persons responsible for data processing who process the personal data that the user, as the person concerned, has demanded them to delete all links to this personal data or copies or replications of this personal data.

iii. Exceptions

The right to deletion does not exist insofar as processing is necessary

to exercise of the right to freedom of expression and information;

to fulfill a legal obligation which the processing requires under the law of the Union or of the Member States to which the controller is subject or to perform a task carried out in the public interest or in the exercise of official authority vested in the controller;

for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 DSGVO/GDPR;

for archive purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 para. 1 DSGVO/GDPR, insofar as the law mentioned under section a) presumably makes the realization of the objectives of such processing impossible or seriously impairs them,

or for the assertion, exercise or defense of legal claims.

d. Right to information

i. If a user has asserted the right of correction, deletion or restriction of processing against us, we are obliged to inform all recipients, to whom the personal data relating to the user has been disclosed, of this correction or deletion of data or restriction of processing, unless this proves to be impossible or involves disproportionate effort.

ii. The user has the right with respect us, to be informed about these recipients.

e. Right to data portability

The users shall have the right to receive the personal data concerning them, which they have provided to us, in a structured, commonly used and machine-readable format. Users shall also have the right to transmit those data to another controller without hindrance from us, where

i. the processing is based on consent pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO/GDPR or on a contract pursuant to Art. 6 para. 1 lit. b DSGVO/GDPR and

ii. the processing is carried out by automated means.

In exercising this right, users also have the right to obtain that the personal data relating to them be transmitted directly by one controller to another, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

f. Right to object

i. Users have the right, for reasons arising from their particular situation, to object at any time to the processing of their personal data on the basis of Art. 6 para. 1 lit. e or f DSGVO/GDPR; this also applies to profiling based on these provisions.

ii. We will then no longer process the personal data relating to the users unless we can prove compelling reasons for the processing worthy of protection which outweigh the interests, rights and freedoms of the users, or the processing serves the assertion, exercise or defense of legal claims.

iii. Where personal data relating to users are processed for the purposes of direct marketing, users shall have the right to object at any time to the processing of their personal data for the purposes of such advertising; this shall also apply to profiling in so far as it is linked to such direct marketing. Currently, such processing does not take place with us.

iv. Where users object to processing for the purposes of direct marketing, their personal data shall no longer be processed for those purposes.

v. Users have the possibility to exercise their right of objection in relation to the use of Information Society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.

vi. Likewise, users can revoke their consent (generally with effect for the future) at any time and object to the future use of their data, as far as this is possible due to legal regulations.

g. Right of appeal at a supervisory authority

i. Without prejudice to any other administrative or judicial remedy, users shall have the right of appeal at a supervisory authority, in particular in the Member State of their residence, place of work or place of presumed infringement, if they have the view that the processing of their personal data is contrary to the DSGVO/GDPR.

ii. The supervisory authority to which the complaint was submitted shall inform the appellant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 DSGVO/GDPR.

 

iii. The supervisory authority responsible for us is:

The State Commissioner for Data Protection and Freedom of Information
Baden-Wuerttemberg
P.O. Box 10 29 32
70025 Stuttgart.
 
Koenigstrasse 10a
70173 Stuttgart

Phone: 0711/61 55 41 – 0

Fax: 0711/61 55 41 – 15
E-mail: poststelle@lfdi.bwl.de

Internet: www.baden-wuerttemberg.datenschutz.de

 

VII. Deletion of data

(1) The data saved with us will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them. As far as user data are not deleted because they are required for other legally permissible purposes, their processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to user data that must be stored for commercial or tax reasons.

(2) According to legal requirements, the documents shall be stored for 6 years in accordance with § 257 para. 1 Commercial Code (HGB) (accounting books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years in accordance with § 147 para. 1 AO (books, records, status reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

 

VII. Changes to the data protection declaration/privacy statement

(1)We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service or data processing. However, this only applies with regard to declarations on data processing. As far as the consents of users are required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.

(2) Users are requested to inform themselves regularly about the content of the data protection declaration.

Revision date of this privacy statement: 25.05.2018

CONTACT
×

Contactform

Please acept our terms of data protection.

 

* Mandatory field

Logo Aguti Produktentwicklung & Design GmbH×