Data protection

1. Introduction

With the following information we would like to give you as an "affected person" an overview of the processing of your personal data by us and your rights under the Data Protection Law. A use of our internet pages is basically possible without the input of personal data. However, if you wish to use special services of our company through our website, it may be necessary to process your personal data. If the processing of personal data is required and there is no legal basis for such processing, we will generally obtain your consent.

The processing of personal data, such as your name, address or e-mail address, always takes place in accordance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to "Kraus Elektrotechnik Walter Kraus GmbH". By means of this privacy policy we would like to inform you about the scope and purpose of the personal data collected, used and processed by us.

We have implemented many technical and organizational measures as responsible Company in order to ensure the most complete protection possible for personal data processed through this website. Nevertheless, Internet-based data transmissions can generally have security holes, so that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us in alternative ways, such as by phone or by post.

2. Responsibilities

Responsible within the meaning of the GDPR is the:

EKR Elektro-Kontakt Radebeul GmbH
Gartenstraße 44, 01445 Radebeul, Germany

Telephone: +49 (0) 351 8 30 30 06
Fax: +49 (0) 351 8 30 30 05
E-Mail: info(at)ekr-radebeul.de

Head of the responsible office: Mr. Horst Wawrzyniak

3. Data Protection Officer

We point out that no data protection officer must be named.

The contact person for data privacy Questions:

Stephan Weiss
Telephone: +49 821 65085177
E-Mail: DS-WalterKraus@ub-weiss.com

4. Definitions

The privacy statement is based on the terminology used by the European Union's legislature in the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain in advance the terminology used.

We use the following terms in this privacy policy, including but not limited to:

a. Personal data

Personal data is any information that relates to an identified or identifiable natural person. A natural person well be considered as identifiable - either direct or indirect - in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, which does express the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

b. Affected person

Affected person is any identified or identifiable natural person whose personal data is processed by the repsonsible personsof our company.

c. Processing

Processing means performing any process related to personal data with or without automated processing related to personal data, such as collecting, organizing, storing, adapting or modifying, selecting, querying and using the data, with or without the aid of automated procedures as well as disclosure by submission, distribution or any other form of provision, reconciliation or association, restriction, deletion or destruction.

d. Restriction of processing

Restriction of the processing is the marking of filed personal data with the aim to limit its future processing.

e. Profiling

Profiling is any kind of automated processing of personal data that serves to use personal information and to evaluate certain personal aspects relating to a natural person, particulary focusing on the analysis and prediction of aspects related to job performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or relocation of that natural person.

f. Pseudonymization

Pseudonymisation is the processing of personal data in a way that personal data can no longer be attributed to a person´s specific data without using additional information, as long as such additional information is kept separatly and subjected to technical and organizational measures ensuring that the personal data can not be assigned to an identified or identifiable natural person.

g. Processors

The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the person responsible.

h. Recipient

Recipient is a natural or legal person, public authority, agency, company or other entity to whom Personal Data is disclosed, no matter if it is a third party or not. However, public authorities which may receive personal data under EU or national law in connection with a particular mission are not considered receivers.

i. Third Party

A third party is a natural or legal person, public authority, agency, company or body other than the affected person, the controller, the data processor or the persons authorized under the direct responsibility of the controller or the data processor to process the personal data.

j. Consent

A consent is any voluntarily given and unambiguously expressed act by the affected person in the form of a statement or other unambiguous confirmatory for the particular case, by which the affected person indicates that she consents and accepts to the processing of the personal data concerning.

5. Legal basis of processing

Art. 6 para. 1 lit. A GDPR serves our company as the legal basis for processing operations where we obtain consent for a particular processing purpose.

If the processing of personal data is necessary to fulfill a contract of which you are a party (e.g. in processing operations necessary for the supply of goods or the provision of any other service or consideration), the processing is based on Art. 6 para. 1 lit. b GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services.

If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Art. 6 para. 1 lit. c GDPR.

In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party. Then processing would be based on Art. 6 para. 1 lit. d GDPR.

Finally processing operations can be based on Art. 6 para. 1 lit. f GDPR. On this legal basis, Data will be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ('integrity and confidentiality'). The processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person prevail. Such processing operations are particularly allowed to us because they have been specifically mentioned by the European legislator. In that regard, a legitimate interest may be assumed, if you are a customer of our company (Recital 47, second sentence, GDPR).

6. Technology

6.1 SSL / TLS encryption

This Web site uses an SSL or TLS encryption to ensure the security of the data processing and to protect the transmission of confidential content, such as orders, login details or contact requests that you send to us as the operator or user. An encrypted connection can be recognized by the fact that the address bar of the browser contains an "https: //" instead of an "http: //" and the lock symbol in your browser bar.

If SSL or TLS encryption is enabled, the data you submit to us can not be read by third parties.

7. Contents of our Website

7.1 Contact / Contact form

When contacting us (for example via contact form or e-mail), personal data is collected. The data collected via the contact form can be seen from the respective contact form. These data is stored and used solely for the purpose of answering your request or for establishing the contact and is stored and used for the associated technical administration. The legal basis for processing the data is our legitimate interest in answering your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aiming to conclude a contract with us, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted from our Web services after the processing of your request is finalized and as long as there is no legal obligation to keep the data.

7.2 Legal basis for the use of cookies

The data processed by cookies, required for the proper functionality of the website, are thus necessary to ensure the protection of our legitimate interests and those of third parties in accordance with Art. 6 Paragraph 1 S. 1 lit. f of the GDPR.
For all other cookies, it applies that you have given your consent to this via our opt-in cookie banner in accordance with Art. 6 Paragraph 1 lit. a GDPR.

8. Newsletter Distribution

8.1 Newsletter distribution to existing customers

If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to send you regular offers for similar goods or services, such as those already purchased, from our range by e-mail. For this we do not have to obtain separate consent from you in accordance with § 7 Abs. 3 UWG. In this respect, data processing takes place solely on the basis of our legitimate interest in personalized direct mail in accordance with Art. 6 (1) lit. f GDPR. If you have initially objected to the use of your e-mail address for this purpose, we will not send you a mail. You are entitled to reject to the use of your e-mail address for the purpose described above at any time with effect for the future by a message to the responsible person named. Upon receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately.

9. Our activities in social networks

So that we can communicate with you in social networks and provide information about our services, we are represented there with our own pages.

We are not the original provider (responsible) of these pages, but use them only in the context of the possibilities offered by the respective provider.

Therefore, as a precautionary measure, we point out that your data may also be processed outside the European Union or the European Economic Area. A use can therefore have privacy risks for you, as the protection of your rights, e.g. Information, deletion, opposition, etc. can be difficult and processing in the social networks often directly for advertising purposes or to analyze the user behavior by the provider, without this being influenced by us. If user profiles are created by the provider, cookies are often used or the usage behavior is assigned directly to your own member profile of the social networks (if you are logged in here).

The processing operations of personal data described in Article 6 (1) lit. f DS-GVO based on our legitimate interest and the legitimate interests of the respective provider in order to communicate with you in a timely manner or to inform you about our services. If you have to give consent to the data processing as a user with the respective providers, the legal basis refers to Art. 6 para. 1 lit. a DS-GMO i.V.m. Art. 7 DS-BER.

Since we have no access to the databases of the providers, we point out that your rights (for example, to information, correction, deletion, etc.) Best apply directly to the respective provider. Further information on the processing of your data in the social networks and the possibility of your right of objection or revocation (so-called opt-out) make use, we have listed below with the respective provider of social networks we use:

9.1 Facebook

Responsible for data processing in Europe:

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland

Privacy Policy (Data Policy):

www.facebook.com/about/privacy

Opt-out and advertising settings:

www.facebook.com/ads/preferences/

Facebook is the EU-US. Privacy Shield Agreement:

www.privacyshield.gov/participant

https://de-de.facebook.com/about/privacy/

9.2 Google+

Responsible for data processing:

Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland

Data protection:

policies.google.com/privacy

Opt-out and advertising settings:

adssettings.google.com/authenticated

Google is the EU-US. Privacy Shield Agreement:

www.privacyshield.gov/participant

10. Plugins and other Services

10.1 Google Maps

On our website, we use Google Maps (API) from Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland. Google Maps is a web service for displaying interactive (land) maps to visually display geographic information. By using this service you can, for example, see our location and make it easier to get there.

When you visit any of the subpages where the Google Maps map is incorporated, information about your use of our website (such as your IP address) is transmitted to Google's servers in the United States and stored there. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you're logged in to Google, your data will be assigned directly to your account. If you do not want to associate with your profile on Google, you'll need to log out of your Google Account. Google stores your data (even for non-logged-in users) as usage profiles and evaluates them. According to Art. 6 para. 1 lit. f GDPR, such an evaluation is based on the legitimate interests of Google in the display of personalized advertising, market research and / or customized design of its website. You have the right to object to the generation of user profiles. On that account you will have to address it to Google directly.

US and Ireland-based Google LLC is certified under the US Privacy Shield, which ensures compliance with the level of data protection in the EU.

If you disagree with the future transmission of your data to Google when using Google Maps, you can also disable the Google Maps web service completely by turning off the JavaScript application in your browser. Google Maps and the map display on this website might then not be usable anyore.

You have given our consent to this within the meaning of Art. 6 para. 1 lit. a GDPR via our opt-in cookie banner.

Google's Terms of Use can be viewed at https://www.google.com/intl/en/policies/terms/regional.html
and the additional Google Maps terms of service can be found at
https://www.google.com/intl/en_US/help/terms_maps.html

For details on privacy related to the use of Google Maps, please visit the Google Privacy Policy: https://www.google.com/intl/en/policies/privacy/

10.2 Google WebFonts

Our website uses so-called web fonts provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland for consistent font representation. When you visit a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

To do this, the browser you use must connect to Google's servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a consistent and attractive presentation of our website.

This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DS GMO.

US and Ireland-based Google LLC is certified under the US Privacy Shield, which ensures compliance with the level of data protection in the EU.

More information about Google Web Fonts can be found at developers.google.com/fonts/faq and in Google's Privacy Policy: https://www.google.com/policies/privacy/

11. Your rights as an affected person

11.1 Right to confirm

You have the right to ask us for confirmation of your personal data being processed.

11.2 Right to information Art. 15 DS-BER

You have the right at any time to receive free information from us about the personal data stored about you and to receive a copy of this data.

11.3 Right to correction Art. 16 DS-BER

You have the right to demand the correction of incorrect personal data concerning your records. Furthermore, the affected person has the right to request the completion of incomplete personal data, taking into account the purposes of the processing.

11.4 Deletion Art. 17 GDPR

You have the right to demand that the personal data concerning you is being deleted without delays, if applicable by law and processing is not required.

11.5 Restriction of processing Art. 18 GDPR

You have the right to demand that we restrict processing, if none of the legal requirements is met.

11.6 Data transferability Art. 20 GDPR

You have the right to receive your personal data record provided to us in a structured, common and machine-readable format.

You also have the right to transfer this data to another responsible entity without impediment by us (if we have been provided with the personal data from your side), if the processing is based on the consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and the processing is carried out by automated processes, unless the processing is not or no more necessary for the performance of a task in the public interest or in the exercise of official authority which has been entrusted to us.

In addition, when exercising your right to data portability under Article 20 (1) of the GDPR, you have the right to obtain that your personal data will be transmitted directly from one controller to another, where technically feasible and as long as the liberties of any others are not affected.

11.7 Contradiction Art. 21 GDPR

For reasons arising from your particular situation, you have the right to contradict against the processing of personal data related to you, which have been pursued due to Art. 6 para. 1 lit. e (data processing in the public interest) or f (data processing based on a balance of interests) GDPR at any time.

This also applies to a profiling based on these provisions within the meaning of Art. 4 No. 4 GDPR.

If you refuse the processing, we will no longer process your personal information unless we can demonstrate compelling legitimate reasons for processing that outweigh your interests, rights and freedoms, or the processing serves the asserting, exercising or defending legal claims.

In individual cases, we process personal data in order to operate direct mail advertising. You may at any time refuse to the processing of personal data for the purpose of such advertising. This also applies to the profiling, as far as it is associated with such direct mail. If you object to our processing for direct marketing purposes, we will no longer process the personal data for these purposes.

In addition, you have the right, for reasons arising from your particular situation, to refuse to the processing of personal data concerning for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) of the GDPR unless such processing is necessary to fulfill a public interest task.

Feel free, in the context of the use of information societies, not withstanding Directive 2002/58 / EC, to exercise your right of refusal through automated procedures where technical specifications are used.

11.8 Revocation of a data protection consent

You have the right to withdraw your consent to the processing of personal data at any time with future effect.

11.9 Complaint to a regulatory authority

You have the right to complain to the Sächsischen Datenschutzbeauftragten, Devrientstr. 1 in 01067 Dresden (https://www.saechsdsb.de) about our processing of personal data.

12. Routine storage, deletion and blocking of personal data

We process and store your personal data only for the period required to achieve the purpose of the storage or as provided by the legislation and laws to which our company is subject.

If the purpose of the storage is omitted or if a prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

13. Duration of storage of personal data

The criteria for the duration of the storage of personal data is the respective statutory retention period. After the deadline is passed, the corresponding data will be routinely deleted, if the data is no longer required to fulfill the contract or to initiate a contract.

14. Updating and changing the privacy policy

This privacy policy is currently valid and is valid as of February 2020.

Due to the further development of our websites and offers or due to changed legal or official requirements, it may be necessary to change this privacy policy. You can always retrieve and print out the current data protection declaration on the website under https://www.ekr-radebeul.com/data-protection/