DATA PRIVACY

The following privacy policy applies to the use of our online presence www.kauth.de (hereinafter referred to as “website”).

We consider data protection to be extremely important. Your personal data are collected and processed in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

 

1        CONTROLLER

The controller for collecting, processing and using your personal data within the meaning of Art. 4 para. 7 of the GDPR is

Paul Kauth GmbH & Co. KG

Friedrich-Kauth-Weg 1

78588 Denkingen

Telephone: +49 (0)7424 961 0

Email: info@kauth.de

 

If you wish to object to the collection, processing or use of your data by us in accordance with these data protection regulations as a whole or for individual measures, you can address your objection to the controller.

You can save and print this data privacy statement at any time.

 

2        GENERAL PURPOSES OF PROCESSING

We use personal information for the purpose of operating the website and responding to your enquiries via our website.

 

3        WHICH DATA WE USE AND WHY

3.1       HOSTING

The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating the website.

In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, metadata and communication data of customers, potential customers and visitors to this website based on our legitimate interests in an efficient and secure provision of this website pursuant to Art. 6 (1) Clause 1 f) of the GDPR in conjunction with Art. 28 of the GDPR.

3.2       ACCESS DATA

We collect information about you when you use this website. We automatically collect information about your usage behaviour and interaction with us and record data about your computer or mobile device. We collect, store and use data about every access to our website (so-called server log files). The access data includes:

-       Name and URL of the retrieved file

-       Date and time of retrieval

-       The amount of data transferred

-       Message about successful retrieval (HTTP response code)

-       Browser type and browser version

-       Operating system

-       Referrer URL (i.e., the previously visited page)

-       The websites accessed by the user’s system via our website

-       The user’s internet service provider

-       IP address and the requesting provider

We use this log data without allocation to your person or other profiling for statistical evaluations for the purpose of operating, security and optimisation of our website, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services as well as for billing purposes to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalised and location-based content, analyse traffic, troubleshoot and correct errors, and improve our services.

This is also our legitimate interest in accordance with Art. 6 (1) Clause 1 f) of the GDPR.

However, we reserve the right also to examine log data if there is concrete evidence leading to reasonable suspicion of unlawful use. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or for the provision or billing of a service, e.g., if you use one of our services. After the order process has been cancelled or payment has been received, we will delete the IP address if this is no longer required for security purposes. We also store IP addresses if we have a concrete suspicion of a criminal offence in connection with the use of our website. In addition, we store the date of your last visit as part of your account (e.g., when registering, logging in, clicking on links, etc.).

3.3       COOKIES

We use session cookies to optimise our website. A session cookie is a small text file that is sent by the respective servers when you visit a website and stored temporarily on your hard drive. These store a session ID which assigns the various requests made by your browser during the joint session. This allows your computer to be recognised when you return to the site. These cookies are deleted after you close your browser. They are used, for example, to enable you to use the shopping cart function across several pages.

We also use persistent cookies (also small text files that are stored on your terminal device) to a small extent, which remain on your terminal device and enable us to recognise your browser the next time you visit. These cookies are stored on your hard disk and are deleted automatically after the specified time. Their life span is 1 month to 10 years. This enables us to present our services to you in a more user-friendly, effective and secure manner and, for example, to display information on the site that is specifically tailored to your interests.

Our legitimate interest in the use of cookies pursuant to Article 6 (1) Clause 1 a) of the GDPR is to make our website more user-friendly, effective and secure.

The following data and information is stored in the cookies:

-        Log-in information

-        Language settings

-        Search terms entered

-        Information about the number of visits to our website and use of individual functions of our website.

When the cookie is activated, it is assigned an identification number and your personal data are not assigned to this identification number. Your name, IP address or similar data that would allow the cookie to be assigned to you will not be placed in the cookie. Based on the cookie technology, we only receive pseudonymised information, for example about which pages of our website were visited, what products were viewed, etc.

You can set your browser so that you are informed in advance about the setting of cookies and can decide in individual cases whether you want to exclude the acceptance of cookies for certain cases or in general, or that cookies are completely prevented. This may restrict the functionality of the website.

3.4       DATA FOR THE FULFILMENT OF OUR CONTRACTUAL OBLIGATIONS

We process personal data that we need to fulfil the services that we provide, such as name, address, and email address.

The data are deleted after expiry of the warranty periods and statutory retention periods. Data associated with a user account (see below) will always be retained for the duration of the account.

The legal basis for the processing of these data is Art. 6 (1) Clause 1 b) of the GDPR because these data are required to enable us to fulfil our contractual obligations to you.

3.5       EMAIL CONTACT

If you contact us (e.g., via contact form or email), we will process your details to process your enquiry and in the event that follow-up questions arise.

We only process personal data if you consent (Article 6 (1) Clause 1 a) of the GDPR) or if we have a legitimate interest in the processing of your data (Article 6 (1) Clause 1 f) of the GDPR). For example, there is a legitimate interest in replying to your email.

 

4        GOOGLE ANALYTICS

This website uses Google Analytics, a web analysis service provided by Google LLC (“Google”) Google Analytics uses “cookies”, which are text files stored on your computer that enable the analysis of the way in which you use the website. The personal data generated by the cookie about your use of the website will usually be transmitted to and stored on a Google server in the US. However, if IP anonymisation is enabled on this website, your IP address will first be truncated by Google within the member states of the European Union or other states party to the agreement on the European Economic Area. The full IP address will be sent to a Google server in the USA and abbreviated there only in exceptional cases. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and internet usage for the website operator.

 

The IP address provided by your browser as part of Google Analytics will not be combined with other data from Google. The data sent by us and linked with cookies, user IDs or advertising IDs are automatically deleted after 14 (fourteen) months. Data whose retention period has been reached is automatically deleted once a month.

You can prevent cookies from being stored by selecting the appropriate settings in your browser; however, we wish to point out that by doing so, you may not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies concerning your use of the website (incl. your IP address) from being passed to Google, and the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent the collection of your data by Google Analytics by clicking on the following link. This sets an opt-out-cookie, which prevents any future collection of your data when visiting our website:

Deactivate Google Analytics

This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses are further processed in truncated form, so that linking these to individuals can be ruled out. If the data collected about you are personally identifiable, they are blocked immediately and the personal data deleted as soon as possible.

We use Google Analytics to analyse and regularly improve the use of our website. We can improve our offer and make it more interesting for you as a user. Google has submitted to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework, for exceptional cases in which personal data are transferred to the USA. The legal basis for the use of Google Analytics is Art. 6 (1) Clause 1 lit. a of the GDPR.

Information about the third party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Conditions of use: www.google.com/analytics/terms/de.html, Overview of data protection: www.google.com/intl/de/analytics/learn/privacy.html, as well as the Data Protection Declaration: www.google.de/intl/de/policies/privacy.

 

5        STORAGE DURATION

Unless specifically stated, we only store personal data for as long as is necessary to fulfil the purposes pursued.

In some cases, the legislator provides for the storage of personal data, for example in tax or commercial law. In these cases, the data will only be stored by us for these legal purposes, but will not be processed in any other way and deleted after expiry of the legal retention period.

 

6        YOUR RIGHTS AS A DATA SUBJECT

According to applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please send your request by email or by post to the address specified in section 9, clearly identifying yourself.

Below you will find an overview of your rights.

6.1       RIGHT OF CONFIRMATION AND INFORMATION

You have the right to clear information about the processing of your personal data.

Specifically:

You have the right to receive confirmation from us at any time as to whether personal data relating to you is being processed. If this is the case, you have the right to request from us free of charge information about the personal data stored about you together with a copy of this data. Furthermore, there is a right to the following information:

1.     The purposes of processing;

2.     The categories of personal data being processed;

3.     The recipients or categories of recipients to whom the personal data have been or are still being disclosed, in particular recipients in third countries or international organisations;

4.     If possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this period;

5.     The existence of a right of rectification or erasure of personal data concerning them or of a restriction on processing by the controller or of a right to oppose such processing;

6.     The existence of a right of appeal to a supervisory authority;

7.     When personal data are not collected from the data subject, any available information concerning their source;

8.     The existence of automated decision-making, including profiling pursuant to in Art. 22 para. 1 and 4 of the GDPR and—at least in those cases—meaningful information about the logic involved as well as the significance and envisaged consequences of such processing for the data subject.

If personal data are transferred to a third country or an international organisation, you have the right to be informed of the appropriate guarantees in accordance with Art. 46 of the GDPR in connection with the transfer.

6.2       RIGHT OF RECTIFICATION

You have the right to request the correction of your personal data without undue delay.

Specifically:

You have the right to request the correction of your personal data without undue delay. Taking into account the purpose of the data processing, you also have the right to demand the completion of your incomplete personal data – also by means of a supplementary declaration.

6.3       THE RIGHT TO ERASURE / RIGHT TO BE FORGOTTEN

In a number of cases we are obliged to delete personal data concerning you.

Specifically:

Pursuant to Art. 17 (1) of the GDPR, you have the right to demand that we delete personal data concerning you without delay, and we are obliged to delete personal data without delay if one of the following reasons applies:

1.     The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.

2.     You revoke your consent to the processing pursuant to Art 6. (1) Clause. 1 a) of the GDPR or Art. 9 (2) a) of the GDPR, and there is a lack of any legal basis for the processing.

3.     You object to the processing pursuant to Art. 21 (1) of the GDPR and there are no overriding legitimate grounds for the processing, or object to the processing pursuant to Art. 21 (2) of the GDPR.

4.     The personal data have been unlawfully processed.

5.     the deletion of your personal data is necessary to fulfil a legal obligation under EU law or the law of the member states to which we are subject;

6.     The personal data have been collected in relation to the services offered by information society pursuant to Art. 8 (1) of the GDPR.

If we have made personal data public that concerns you and if we are obliged to delete them pursuant to Art. 17 (1) of the GDPR, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you as the data subject have requested the deletion of all links to this personal data or of copies or replications of this personal data.

6.4       THE RIGHT TO LIMITATION OF PROCESSING

In a number of cases you are entitled to request us to restrict the processing of your personal data.

Specifically:

You have the right to request us to restrict processing if one of the following conditions is met:

1.     The accuracy of your personal information is contested by you for a period of time that allows us to verify the accuracy of your personal information,

2.     The processing is unlawful and you oppose the deletion of the personal data and request the restriction of its use instead;

3.     We no longer need the personal data for the purposes of processing, but they are required by you for the establishment, exercise or defence of legal claims,

4.     You have filed an objection to the processing of your data pursuant to Art. 21 (1) of the GDPR, as long as it is not yet clear whether the justified reasons of our company outweigh yours.

6.5       THE RIGHT TO DATA PORTABILITY

You have the right to receive, transmit or have us transmit personal data concerning you in machine-readable form.

Specifically:

You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another person in charge without our interference, provided that:

1.     Processing is based on consent pursuant to Art. 6 (1) Clause 1 a) of the GDPR or Art. 9 (2) a) of the GDPR or on a contract pursuant to Art. 6 (1) Clause 1 b) of the GDPR.

2.     Processing is carried out using automated methods.

In exercising this right to data transferability under paragraph 1, the data subject shall have the right to have the personal data transferred directly by a data controller to another data controller, where technically feasible.

6.6       RIGHT OF OBJECTION

You have the right to object to the lawful processing of your personal data by us if this is justified by your particular situation and if our interests in the processing do not outweigh ours.

Specifically:

You have the right to object at any time to the processing of personal data concerning you based on Art. 6 (1) Clause 1 e) or f) of the GDPR for reasons arising from your particular situation, including profiling based on these provisions. We will no longer process your personal data unless we can prove compelling legitimate reasons for the processing, which outweigh your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him/her for the purposes of such advertising, including profiling in so far as it is related to such direct marketing.

You have the right to object on grounds arising from your particular situation to the processing of personal data concerning you, for scientific or historical research purposes or for statistical purposes pursuant to Art 89 (1) of the GDPR unless the processing is necessary for the performance of a task in the public interest.

6.7       AUTOMATED DECISIONS INCLUDING PROFILING

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Automated decision-making based on the collected personal data does not take place.

6.8       RIGHT TO WITHDRAW DATA PROTECTION CONSENT

You have the right to revoke your consent to the processing of personal data at any time.

6.9        YOU HAVE THE RIGHT TO FILE A LEGAL COMPLAINT WITH A SUPERVISORY AUTHORITY

You have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or the location suspected infringement if you consider that the processing of personal data concerning you is contrary to data protection law.

 

7         DATA SECURITY

We make every effort to ensure the security of your data in accordance with the applicable data protection laws and technical possibilities.

We transmit your personal data in encrypted form. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the internet (e.g. communication by email) can have security gaps. It is not possible to protect your data from third parties completely.

To secure your data, we maintain technical and organisational security measures in accordance with Art. 32 of the GDPR, which we constantly adapt to the state of the art.

Furthermore, we do not guarantee that our offer is available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are regularly and carefully secured.

 

8        DISCLOSURE OF DATA TO THIRD PARTIES; NO DATA TRANSFER TO NON-EU COUNTRIES

In principle, we only use your personal data within our company.

In the event that we outsource certain parts of data processing (“order processing”), we contractually oblige contractors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.

Data transmission to places or persons outside the EU outside the case mentioned in this declaration in number 4 does not take place and is not planned.

 

9        DATA PROTECTION OFFICER

If you have any questions about data protection, please contact:

Paul Kauth GmbH & Co. KG

Data protection officer

Friedrich-Kauth-Weg 1

78588 Denkingen

Telephone: +49 (0)7424 961 0

Email: datenschutz@kauth.de

 

 

10     CHANGES TO THIS PRIVACY POLICY  

This Privacy Policy may be updated by us from time to time to meet evolving legal, regulatory or operational requirements. You can always peruse the current version on our website.

 

Cookies