privacy police

Data protection declaration

Processing of personal data
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
The use of our website is generally possible without providing personal data. As far as personal data (for example name, address or e-mail addresses) is collected on our sites, to the greatest extent possible, this is always done on a voluntary basis. This data will not be passed on to third parties without your express consent.
We would like to point out that data transmission via the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Definitions of terms

a)    Personal data
Personal data is all information relating to an identified or identifiable natural person (hereinafter “data subject”). Considered to be identifiable is a natural person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

b)    Data subject
Data subject is any identified or identifiable natural person whose personal data is processed by the data controller.

c)    Processing
Processing means any operation or series of operations carried out with or without the aid of automated procedures in relation to personal data, such as the collection, entry, organisation, sorting, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, erasure or destruction.

d)    Restriction of processing
Restriction of processing is the marking of stored personal data with the purpose of restricting its future processing.

e)    Profiling
Profiling is any form of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, behaviour, location or relocation of that natural person.

f)    Pseudonymisation
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures that ensure the personal data is not assigned to an identified or identifiable natural person.

g)    Data controller or person responsible for processing
The data controller or the person responsible for the processing is the natural or legal person, public authority, institution or other body which alone or jointly with others decides on the purposes and means of processing personal data. Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the processor or the specific criteria for his appointment may be laid down in accordance with Union law or the law of the Member States.

h)    Contract processor
Contract processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the data controller.

i)    Recipient
Recipient is a natural or legal person, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, authorities that may receive personal data under Union law or the law of the Member States within the context of a particular investigation mandate shall not be regarded as recipients.

j)    Third party
A third party is a natural or legal person, authority, institution or other body other than the data subject, the data controller, the data processor and the persons authorised to process the personal data under the direct responsibility of the data controller or the data processor.

k)    Consent
Consent is any informed and unequivocal expression of will voluntarily provided by the data subject in the particular case in the form of a declaration or other clear affirmative act, by which the data subjects indicates his or her consent to the processing of his/her personal data.

Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type/ browser version
  • Operating system used
  • Referrer URL
  • Host name / IP of the accessing computer
  • Time of the server request
Rights of the data subject

a)    Right to confirmation
Every data subject shall have the right granted by the European legislator of directives and regulations to require the controller to confirm whether personal data concerning him/her is being processed. If a data subject wishes to exercise this right of confirmation, he or she may contact an employee of the controller at any time.

b)    Right to information
Any person concerned by the processing of personal data shall have the right granted by the European legislator of directives and regulations to obtain, at any time and free of charge, information from the data controller concerning his/her stored personal data and a copy of that information. Furthermore, the European regulator has granted the data subject the right to information on the following:

  • the processing purposes
  • the categories of personal data to be processed
  • the recipients or categories of recipients to whom the personal data has been or still is being disclosed, in particular recipients in third countries or international organisations
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
  • the existence of a right of rectification or deletion of his/her personal data or of a restriction on processing by the controller or of a right of objection to such processing
  • the existence of a right of complaint to a supervisory authority
  • if the personal data is not collected by the data subject: all available information about the origin of the data
  • the existence of automated decision-finding, including profiling in accordance with Section 22 par. 1 and 4 GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject concerned.

Furthermore, the data subject has a right to access information as to whether personal data has been transferred to a third country or to an international organisation. When this is the case, the data subject also has the right to obtain information on the appropriate guarantees in connection with the transfer.
If a data subject wishes to exercise this right of access to information, he may contact an employee of the controller responsible for processing at any time.

c)    Right to correction
Any person affected by the processing of personal data shall have the right that is granted by the European legislator of directives and regulations to request the immediate correction of his/her inaccurate personal data. Furthermore, by considering the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration.
If a data subject wishes to exercise this right of rectification, he or she may contact an employee of the controller responsible for processing at any time.

d)    Right to cancellation (right to be forgotten)
Any person affected by the processing of personal data shall have the right granted by the European legislator of directives and regulations to require the data controller to request that the personal data concerning him/her be deleted immediately, provided that one of the following reasons applies and to the extent that the processing is not necessary:

  •  The personal data has been collected or otherwise processed for such purposes for which it is no longer necessary.
  • The data subject withdraws his/her consent to the processing that was based on Section 6 par. 1 letter a GDPR or Section 9 par. 2 letter a GDPR, and no other legal basis for processing exists.
  • The data subject objects to the processing in accordance with Section 21 par. 1 GDPR, and no overriding legitimate grounds exist for the processing, or the data subject objects to the processing in accordance with Section 21 par. 2 GDPR.
  • The personal data has been processed unlawfully.
  • The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States that the data controller must comply with.
  • The personal data was collected with regard to services offered by the information society in accordance with Section 8 par. 1 GDPR.

If one of the above-mentioned reasons applies and a data subject wishes to have his /her stored personal data deleted, he or she may contact an employee of the controller at any time. We will arrange for the request for deletion to be complied without delay.

If the personal data has been made public by us, and if our company as a data controller is obliged to delete the personal data in accordance with Section 17 par. 1 GDPR, we shall take the appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform other persons responsible for data processing of the published personal data, stating that the data subject has requested the deletion of all links to this personal data or of copies or replications of this personal data from these other data processors, insofar as the processing is not necessary. In individual cases, we will effect the necessary measures.

e)    Right to limitation of processing
Any data subject affected by the processing of his/her personal data shall have the right granted by the European legislator of directives and regulations to require the data controller to restrict the processing, provided one of the following conditions is met:

  • The accuracy of the personal data is disputed by the data subject, and this applies for a period that will enable the data controller to verify the accuracy of the personal data.
  • The processing is unlawful, the data subject does not request deletion of the personal data and instead requests that its use be restricted.
  • The data controller no longer needs the personal data for processing purposes, but the data subject needs it to assert, exercise or defend legal claims.
  • The data subject has filed an objection against processing pursuant to Section 21 par. 1 GDPR, and it has not been determined yet whether the legitimate reasons of the data controller outweigh those of the data subject.

When one of the above conditions is met, and a data subject wishes to request the restriction of personal data stored by us, he or she may contact an employee of the data controller at any time. We will arrange for processing to be restricted.

f)    Right to data transferability
Any data subject shall have the right granted by the European legislator to be provided with his/her personal data by a processor of a data controller responsible for the processing in a structured, current and machine-readable format. The data subject also has the right to transmit this data to another data controller without obstruction by the controller to whom the personal data has been provided, provided that the processing is based on consent, pursuant to Section 6 par. 1, letter a of the GDPR or Section 9 par. 2, letter a of the GDPR, or on a contract, pursuant to Section 6 par. 1, letter b of the GDPR, and that the processing is carried out using automated procedures, unless the processing is necessary for the performance of a task that is in the public interest, or required in the exercise of public authority entrusted to the controller.
Furthermore, in exercising his/her right to data transferability in accordance with Section 20 par. 1 of the GDPR, the data subject has the right to have the personal data transferred directly by a data controller to another data controller, provided this is technically feasible and does not impair the rights and freedoms of other persons.
In order to assert the right to data transferability, the person concerned may, at any time, contact an employee of Hermann Weihrauch Revolver GmbH.

g)    Right of objection
For reasons arising from his/her particular situation, any person affected by the processing of personal data shall have the right that is granted by the European legislator to object, at any time, to the processing of personal data concerning him/her, on the basis of Section 6 par. 1 letter e, or f of the GDPR. This also applies to profiling that is based on these provisions.
We don’t continue to process personal data in the event of an objection, unless we can prove compelling grounds for processing that outweigh the interests, rights and freedoms of the data subject or when the processing serves to assert, exercise or defend legal claims.
When we process personal data for direct marketing purposes, the data subject has the right to object to the processing of personal data for the purpose of such advertising at any time. This also applies to profiling, insofar as it is linked to such direct advertising. If the data subject objects to our processing for direct marketing purposes, we will no longer process the personal data for these purposes.
In addition, the data subject has the right to object to the processing of his/her personal data for scientific or historical research purposes or for statistical purposes in accordance with Section 89, par. 1 GDPR, unless such processing is necessary to fulfil a task that is the public interest.
To exercise the right of objection, the affected person may contact us directly. Notwithstanding Directive 2002/58/EC, the data subject shall also be free to exercise his/her right of objection in relation to the use of services of the information society by means of automated procedures, where technical specifications are used.

h)    Automated decisions in individual cases, including profiling
Any data subject whose personal data is processed shall have the right that is granted by the European legislator of directives and regulations not to be subject to a decision that is exclusively based on automated processing, including profiling, which has legal effect against him/her or significantly affects him/her in a similar manner, provided that the decision (1) is not necessary for the conclusion or performance of a contract between the data subject and the data controller, or (2) is admissible under Union or Member State law to which the data controller is subject, and that such law contains appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, or (3) ensues with the express consent of the data subject.
Where a decision is necessary for concluding or carrying out a contract between the data subject and the data controller, or when a decision is taken with the express consent of the data subject, we shall take appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, including, at the least, the right to intervention by a person on the part of the data controller, to state his own position and to oppose the decision.
If the data subject wishes to assert rights relating to automated decisions, he or she may contact an employee of the controller responsible for data processing at any time.

i)    Right to revoke consent under data protection law
Any person concerned by the processing of personal data has the right that is granted by the European legislator of directives and regulations to revoke consent to the processing of his/her personal data at any time.
If the data subject wishes to exercise his/her right to revoke his/her consent, he/she may contact an employee of the controller responsible for data processing at any time.

Cookies

The Internet pages use cookies. Cookies are text files that are stored on a computer system via an Internet browser.
Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identification of the cookie. It consists of a string of characters by means of which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognised and identified by its unique cookie ID.
The use of cookies provides visitors to this website with more user-friendly services, which would not be possible without cookies.
By using a cookie, the information and offers on our website can be optimised for the user. As already mentioned, cookies place us in a position to recognise the users of our website. The purpose of this recognition is so as to simplify things for users when they visit our website. For example, the user visiting a website that uses cookies does not have to re-enter his/her access data each time he/she visits the website, because this is taken over by the website and the cookie is stored on the user’s computer system. Another example is the cookie of a shopping basket in the online shop. Thanks to a cookie, the online shop remembers the items a customer has placed in the virtual shopping bag.
The person affected can prevent the setting of cookies by our website at any time with an appropriate setting of the Internet browser that is used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programmes. This is possible in all common internet browsers. If the person affected deactivates the setting of cookies in the Internet browser that is used, it could happen that not all functions of our Internet site may be fully usable.

Use of WordPress Stats

This website uses WordPress.com-Stats, a tool for the statistical analysis of visitor accesses, operated by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110-4929, USA, with the use of tracking technology by Quantcast Inc., 201 3rd St, Floor 2, San Francisco, CA 94103-3153, USA. WordPress.com-Stats uses so-called “cookies”, which are text files placed on your computer to help the website analyse how users use the site. The information generated by the cookie about your use of this website is stored on a server in the USA. The IP address is anonymised immediately after processing and before it is stored. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this, you may not be able to use the full functionality of this website. You can object to the collection and use of data by Quantcast with effect for the future by setting an opt-out cookie in your browser. This is done by clicking on the link “click here to opt-out”: http://www.quantcast.com/opt-out . If you delete all cookies on your computer, you must set the opt-out cookie again.

Contact form

When you send us enquiries using the contact form, your details from the enquiry form, including the contact data you provided there, will be stored for the purpose of processing the enquiry and in the event of follow-up questions.

Legal basis of the processing

Section 6 I lit. a GDPR serves our company as the legal basis for processing procedures for which we obtain consent for a specific processing purpose. When the processing of personal data is necessary for carrying out a contract to which the data subject is a party, as is the case, for example, with processing procedures that are necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Section 6 I lit. b GDPR. The same applies to such processing processes that are necessary to carry out pre-contractual measures, for example in cases of enquiries about our products or services. When our company is subject to a legal obligation that requires the processing of personal data, for example to fulfil tax obligations, the processing is based on Section 6 I lit. c GDPR. In rare cases, the processing of personal data may become necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information had to be passed on to a doctor, a hospital or other third parties. Then the processing would be based on Section 6 I lit. d GDPR. Ultimately, processing procedures could be based on Section 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis when the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not of greater importance. Such processing procedures are permitted to us, in particular, because they have been specifically mentioned by the European legislator. In this respect, the European legislator took the view that a legitimate interest could be assumed if the person concerned is a customer of the data controller responsible for processing data (recital 47, sentence 2 GDPR).

Objection to advertising mails

The use of contact data published within the scope of the obligation of the legal notice with the purpose of sending unsolicited advertising and information material is herewith objected to. The operators of these pages expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam e-mails.

Contact details of the data protection officer:

Creditreform Compliance Services GmbH
Hellersbergstr. 11
41460 Neuss
Germany
phone: + 49 (0) 21 31 – 109 1089
e-mail: datenschutz@hermann-weihrauch-revolver.de