Privacy Policy
Welcome to our website https://selfadmin.eguard.systems/. We are pleased that you’ve visited and are interested in data protection. The protection of your data is very important to us. That’s why we’ve drawn up the following Privacy Policy to provide information about which of your data we or third-party service providers collect when you visit our website and how this data is used. We feel a particular responsibility to keep your personal data confidential and that’s why we work hard to ensure that your data is handled strictly within the limits set out by legal regulations. We collect and use your data in accordance with the provisions of the General Data Protection Regulation.
The Privacy Policy applies to the following domain:
https://selfadmin.eguard.systems/
1 Information about the collection of personal data
1. The term ‘personal data’ is defined in Article 4, para. 1 of the General Data Protection Regulation (GDPR). It relates to detailed information about the personal or factual circumstances of an identified or identifiable natural person. This includes, for example, your legal name, address, telephone number, date of birth and your user behaviour.
2. The Controller, pursuant to Article 4, para. 7 of the EU General Data Protection Regulation (GDPR), is
Doepke Schaltgeräte GmbH
Stellmacherstraße 11
26506 Norden
Germany
Tel.: +49 (0)4931 1806 - 0
Fax: +49 (0)4931 1806 - 101
Email: info@doepke.de (see our legal notice).
Our Data Protection Officer,
Mr Michael Potsch, can be contacted at
datenschutzbeauftragter@doepke.de
or via our postal address, marked for the attention of the ‘Data Protection Officer’.
3. When you contact us by email or via a contact form, the data you provide (your email address, and possibly your name and telephone number) will be stored by us so that we can answer your questions. We erase the data arising in this context after storage is no longer required, or restrict processing if statutory retention obligations apply.
4. If we use contracted service providers for individual functions of our website or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes. We also specify the defined criteria for the storage period.
5. This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line in the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in the browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
2 Your rights
1. You have the following rights regarding your personal data:
· right to rectification or erasure
· right to restriction of processing
· right to object to processing
· right to data portability.
2. You also have the right to lodge a complaint with a data protection regulatory authority about the processing of your personal data by us. The right to lodge a complaint with a regulatory authority can be exercised in the Member State in which the affected individual resides or at the location where the suspected breach took place. In Niedersachsen (Lower Saxony), Germany, the responsible regulatory authority is the Landesbeauftragte für den Datenschutz Niedersachsen, Prinzenstr. 5, 30159 Hanover, Germany.
3 Collection of personal data when visiting our website
1. If you only use the website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Article 6, para. 1, clause 1f GDPR):
· IP address
· date and time of the enquiry
· time zone difference to Greenwich Mean Time (GMT)
· content of the request (specific page)
· access status/HTTP status code
· quantity of data transferred in each case
· website from which the request originates
· browser
· operating system and its user interface
· language and version of the browser software.
2. In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which specific information is passed to the body that sets the cookie (in this case, us). Cookies cannot execute programmes or transfer viruses to your computer. They serve to make the website more user-friendly and effective overall.
3. Use of Consent Manager and cookies:
a) Our website uses Consent Manager’s consent technology to obtain your consent to the storage of specific cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Digital Data Solutions B.V. (CookieFirst), Plantage Middenlaan 42a, 1018DH Amsterdam, Netherlands. Website: https://cookiefirst.com/de/ (hereinafter referred to as ‘Consent Manager’).
b) When you access our website, a connection is established to the Consent Manager servers in order to obtain your consent and other declarations regarding the use of cookies. Consent Manager then stores a cookie in your browser in order to assign the consents you have granted or their revocation to you. The data collected in this way is stored until you ask us to erase it, you delete the Consent Manager provider cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.
c) Consent Manager is used to obtain the legally required consent for the use of cookies. The legal basis for this is Article 6, para. 1c GDPR.
d) We have concluded an Order Processing Contract (OPC) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the service only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
e) This website uses the following types of cookies, the scope and function of which are explained below
o transient cookies (see f)
o persistent cookies (see g).
f) Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a session ID, with which various requests from your browser can be assigned to the joint session. This enables your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close the browser.
g) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
h) You can configure your browser settings as you wish and, for example, refuse to accept third-party cookies or all cookies. We would like to make you aware that you may not be able to use all the functions of this website.
4 Data erasure and retention period
1. For the processing operations that we carry out, we indicate below how long the data is stored by us and when it is erased or blocked. If no explicit retention period is specified below, your personal data will be erased or blocked as soon as the purpose or legal basis for its retention no longer applies. Your data will only be stored on servers in the EU, subject to any disclosure that may be made in accordance with the provisions of sections 7 and 13.
2. However, data may be stored beyond the specified time in the event of a (potential) legal dispute with you or other legal proceedings, or if such storage is required of us by law as the data controller (e.g. Section 257 of the German Commercial Code (HGB), Section 147 of the German Fiscal Code (AO)). When the retention period prescribed by law expires, the personal data will be blocked or erased, unless further retention by us is necessary and there is a legal basis for this.
5 Data security
We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties (e.g. TLS encryption for our website), taking into account the current state of technology, the costs of implementation and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including the likelihood and impact of such a breach) for the data subject. Our security measures are continuously improved in line with technological developments.
We would be happy to provide you with more information about this upon request. Please contact our data protection officer in this regard (see section 1 no 2).
6 Transfer of personal data to third parties; legitimate basis
The following categories of recipients, who are usually processors (see section 7), may be given access to your personal data:
· Service providers for the operation of our website and the processing of data stored or transmitted by the systems (e.g. for data centre services, payment processing, IT security). In this case, the legal basis for the disclosure is Article 6(1)(1)(b) or (f) GDPR, insofar as it does not concern processors;
· Government agencies/authorities, insofar as this is necessary to fulfil a legal obligation. In this case, the legal basis for the disclosure is Article 6(1)(1)(c) GDPR;
· Persons engaged to carry out our business operations (e.g. auditors, banks, insurance companies, legal advisors, supervisory authorities, parties involved in company acquisitions or the establishment of joint ventures). In this case, the legal basis for the disclosure is Article 6(1)(1)(b) or (f) GDPR.
Please refer to section 13 for information on guarantees of an adequate level of data protection when transferring data to third countries.
In addition, we will only pass on your personal data to third parties if you have given your express consent in accordance with 6(1)(1)(a) GDPR.
7 Cooperation with processors
As is common in larger companies, we also use external domestic and foreign service providers to handle our business transactions (e.g. in the areas of IT, logistics, telecommunications, sales and marketing). Insofar as the respective external service provider processes personal data on our behalf, they will only act in accordance with our instructions and have been contractually obliged to comply with data protection regulations within the meaning of Article 28 GDPR.
If we disclose your personal data to our subsidiaries or if our subsidiaries disclose your personal data to us (e.g. for advertising purposes), this is done on the basis of existing order processing relationships.
8 Other functions and offers on our website
1. In addition to the purely informational use of our website, we offer various services that you can use if you are interested. In order to do so, you must generally provide additional personal data that we will use to provide the respective service and for which the aforementioned data processing principles apply.
2. In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.
3. We may also pass on your personal data to third parties if we offer promotions, competitions, contracts or similar services in conjunction with partners. You will receive more detailed information on this when you provide your personal data or in the description of the offer below.
4. If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this in the offer description.
9 Objection or revocation of consent to the processing of your data
1. If you have given your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the permissibility of the processing of your personal data after you have given it to us.
2. Insofar as we base the processing of your personal data on the balancing of interests, you can object to its processing. This is the case if, in particular, the processing is not necessary for fulfilling a contract with you, which is described by us in the description of the functions below. When exercising such an objection, we ask that you explain the reasons why we should not process your personal data as we have been doing. If your objection is deemed to be justified, we will examine the situation and either discontinue or adapt the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.
3. You can, of course, object to the processing of your personal data for advertising and data analysis purposes at any time. To discuss how and when we contact you for promotional purposes or if you have any questions or concerns regarding the rectification, restriction or erasure of your personal data, please get in touch with our Data Protection Officer using the contact details provided in this Privacy Policy or using the address provided in the legal notice on this website.
10 Newsletter subscription
1. You can subscribe to our newsletter on our website. We need your email address for this purpose. For legal reasons we also have to check whether you are indeed the owner of the email address provided to us and whether you really do want to receive the newsletter.
2. For this reason, we collect information that allows us to carry out these checks. The data collected for this purpose is used to send and receive the newsletter. It is not used for any other purpose and is not passed on to third parties. Apart from the information required to send the newsletter, no other data will be collected from our website.
3. Since sending and receiving our newsletter depends on your consent, you can revoke your consent to collect and store your data at any time without having to provide a reason. Use the unsubscribe link for this purpose, which is provided in the newsletter itself.
11 Objection to advertising email
1. For legal reasons, we have to publish our contact details. This information is sometimes used by third parties to send us unsolicited advertising and informational material. We hereby object to any sending of advertising material of any kind not expressly authorised by us.
2. We also expressly reserve the right to take legal action against the unwanted and unsolicited sending of advertising material. This applies in particular to spam email, spam letters and spam faxes. We would like to make you aware that the unauthorised sending of advertising material may have legal repercussions under competition, civil and criminal law. Spam email and faxes in particular may lead to high damages claims if they disrupt our business operations by overfilling our mailboxes or fax machines.
12 Exclusion of automated decision-making (including profiling)
We have no intention of using the personal data we collect from you for any automated decision-making process (including profiling).
13 Requirements for the transfer of personal data to third countries
Within the context of our business relationships, your personal data may be passed on or disclosed to third-party companies. Processing of this kind is carried out solely to fulfil the contractual and business obligations and to maintain your business relationship with us (legal basis is Article 6, para. 1b or 1f, in each case, in conjunction with Article 44 et seq. GDPR). We will inform you about the respective details of the transfer at the relevant points below.
In this context, as part of our ‘eguard’ service (which can be accessed via https://selfadmin.eguard.systems), we work with Microsoft Azure in particular. Microsoft Corporation is based in a third country (the USA). The European Commission certifies that some third countries have a level of data protection comparable to the EEA standard via adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). With regard to the USA, the companies that represent an adequate data protection framework, i.e. one that is comparable to the EU, are part of the EU-US Data Privacy Framework (available at https://www.dataprivacyframework.gov/list). Microsoft is appropriately certified.
In other third countries to which personal data may be transferred, however, there may not be a consistently high level of data protection due to a lack of legal provisions. In such cases, we ensure that data protection is adequately guaranteed. This is possible via binding company rules, standard contractual clauses of the European Commission for the protection of personal data pursuant to Article 46, para. 1, 2c GDPR (the standard contractual clauses of 2021 are available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32021D0915&locale-en), certificates or recognised codes of conduct. Please contact our Data Protection Officer (see section 1, no 2) if you would like more detailed information on this.
14 Changes to the Privacy Notice
Within the context of the ongoing development of data protection law and technological or organisational changes, our Privacy Notice is regularly reviewed to determine whether it needs to be adapted or supplemented. You will be informed about any changes, in particular on our German website https://www.doepke.de/de/. This Privacy Notice is valid as of August 2024.