Legal Notice | Privacy Notice

Logo_box_cut
Download as Pdf

Privacy Notice

In accordance with Art. 13 GDPR and § 32 BDSG

 

I. Controller’s Name and Address

The controller as defined by the EU General Data Protection Regulation (GDPR), national data protection laws of Member States, and other relevant data protection provisions is:

Böhmer GmbH
Managing Director: Peter Pilapl
Gedulderweg 95
45549 Sprockhövel
Germany

 

II. Data Protection Officer’s Name and Address

The data protection officer of the controller is:

ZWILLING | Datenschutz
Thomas Zwilling
Goethestraße 3f
D‑45549 Sprockhövel
Germany

Phone: +49 2324 344 1508
Fax:        +49 2324 344 9994
Mobile:   +49 173 811 53 63
Email: t.zwilling@zwilling‑datenschutz.de

 

III. General Information on Data Processing

1. Scope of Personal Data Processing

We process personal data of our users only to the extent necessary for providing a functional website and our content and services. Personal data processing is generally based on the user’s consent. Exceptions apply when obtaining prior consent is factually impossible and processing is permitted by legal provisions.

2. Legal Basis for Processing

If consent is obtained from the data subject, Art. 6 (1)(a) GDPR constitutes the legal basis.

If processing is necessary to fulfill a contract with the data subject or to take pre-contractual steps, Art. 6 (1)(b) GDPR applies.

If processing is required to comply with a legal obligation, Art. 6 (1)(c) GDPR applies.

If processing is necessary to protect vital interests of the data subject or another person, Art. 6 (1)(d) GDPR applies.

If processing is necessary to safeguard legitimate interests of our company or a third party, and those interests are not overridden by the interests or fundamental rights of the data subject, Art. 6 (1)(f) GDPR serves as the legal basis.

3. Data Deletion and Retention Period

Personal data are deleted or blocked as soon as the purpose for storage ceases. Further retention may occur if mandated by EU or national legislation. Data will also be erased when legally required retention periods expire—unless further storage is necessary for contract conclusion or performance.

 

IV. Website Provision

1. Description and Scope of Data Processing

Each time our website is accessed, the system automatically collects data and information from the user’s device. The following data are recorded:

  1. Browser type and version
  2. Operating system used by the user
  3. User’s Internet service provider
  4. IP address
  5. Date and time of access
  6. Referring website (from which the user reached our site)
  7. Websites accessed via our site by the user

The legal basis for this temporary storage is Art. 6 (1)(f) GDPR.

2. Purpose of Data Processing

Temporary storage of the IP address is necessary to allow delivery of the website to the user’s device. The IP address must remain stored for the session duration. This also constitutes our legitimate interest under Art. 6 (1)(f) GDPR.

3. Storage Duration

Data are deleted as soon as they are no longer required to serve their purpose. For session-related data, deletion occurs when the session ends.

4. Objection and Erasure Options

Logging and temporary storage of access data are essential for website operation. Consequently, the user has no option to object.

 

V. Use of Cookies

1. Description and Scope of Data Processing

Our website uses cookies—small text files stored by the browser on the user’s device. These enable identification of the browser when revisiting the site. Additionally, cookies are used to collect anonymous usage statistics (search terms, page views, feature usage) without identifying individuals. Users are informed about analytic cookies and their consent is obtained. A link to this privacy notice is provided during consent collection.

2. Legal Basis

Processing for analytics cookies requires the user’s consent (Art. 6 (1)(a) GDPR). For technically necessary cookies, Art. 6 (1)(f) GDPR applies in absence of consent.

3. Purpose

Technically necessary cookies enable essential website functions, e.g. language settings, login, satisfaction indicators. These cookies are not used to build user profiles. Analytical cookies support improvement in site quality and content, reflecting our legitimate interest under Art. 6 (1)(f) GDPR.

4. Retention, Objection and Erasure

Cookies are stored on the user’s device and transmitted to our site; users can manage, disable, or delete them via browser settings. If cookies are disabled, certain website features may be unavailable.

 

VI. Feedback / Ratings

1. Processing Description

Users may submit feedback via a satisfaction survey. Responses are entered on a form and stored. Satisfaction (“very satisfied”, “satisfied”, “unsatisfied”, “very unsatisfied”) and importance (“very important”, “important”, “unimportant”, “very unimportant”) are recorded. Optionally, users may provide order number, company industry, and their role, which may allow identification. No data are shared with third parties. Stored data includes date/time, and optionally order number, industry, and user’s role. Consent is obtained during registration.

 

2. Legal Basis

Consent of the user under Art. 6 (1)(a) GDPR.

3. Purpose

Feedback helps improve our offerings and product quality. When optional identification data are provided, we may follow up for clarification or take targeted actions.

4. Retention

Data are deleted once no longer required for the stated purpose.

5. Objection / Amendment / Erasure

Users may at any time request amendment or deletion of their stored data.

 

VII. Rights of the Data Subject

If we process your personal data, you have the following rights under the GDPR:

1.         Right of Access

You may request confirmation whether we process personal data about you and, if so, request information on: purposes; categories of data; recipients or recipient categories; storage duration or criteria; rights to rectification, erasure, restriction, and objection; complaint options; data source; and existence of automated decisions or profiling and their consequences (Art. 15 GDPR). You may also request whether data have been transferred to a third country or international organisation and about safeguards under Art. 46 GDPR.

2.         Right to Rectification

You may request correction or completion of inaccurate or incomplete data, which must be implemented without undue delay.

 

3.         Right to Restriction of Processing

You may request restriction under Art. 18 GDPR in specified circumstances (e.g., data accuracy in dispute; unlawful processing; data needed for legal claims; pending objection resolution).

4.         Right to Erasure (“Right to be Forgotten”)

You may request deletion when data are no longer necessary, consent is withdrawn, objection is upheld, data were unlawfully processed, or required by law (Art. 17 GDPR). If data were made public, we will inform other controllers to delete links or copies. Exceptions apply (e.g., public interest, legal obligations, archival, scientific or statutory claims).

5.         Right to be Informed

If you request rectification, erasure, or restriction, we must notify recipients to whom the data have been disclosed unless impossible or disproportionate. You may request information about these recipients.

6.         Right to Data Portability

You may receive personal data you provided in a structured, machine-readable format and request transmission to another controller if processing is based on consent or contract and automated (Art. 20 GDPR). This right does not apply to processing necessary in the public interest or under public authority.

7.         Right to Object

You may object at any time, on grounds relating to your specific situation, to processing based on Art. 6 (1)(e) or (f), including profiling. Processing must then cease unless we demonstrate compelling legitimate grounds or to defend legal claims. For direct marketing, you may object at any time, including profiling related to it. You may use automated means to exercise this objection.

 

8.         Right to Withdraw Consent

You may withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

 

9.         Right to Complain to a Supervisory Authority

Without prejudice to other remedies, you may lodge a complaint with a supervisory authority, particularly in your Member State of residence, workplace, or suspected infringement. The relevant authority for our company is:

State Commissioner for Data Protection and Freedom of Information North Rhine‑Westphalia

P.O. Box 20 04 44
40102 Düsseldorf
Germany
Main switchboard: +49 (0)211 38424‑0

The authority will inform you of the status and outcome of your complaint, including judicial recourse under Art. 78 GDPR.

 

Warning