0 0
Этот интернет-магазин использует куки. Таким образом информация о сессии или языковые настройки хранятся на вашем компьютере. Без куки диапазон функциональных возможностей интернет-магазина ограничена. OK больше информации

Защита персональной информации

Data protection declaration according to GDPR

I. Name and address of the data controller

The data controller in the sense of the General Data Protection Regulation and other national data protection acts of the member states, together with other data protection law provisions, is:

BRINKO Werkzeuge Fellermann GmbH & Co. KG
Freiheitstraße 15-23
D-42853 Remscheid
Phone: +49 (0) 21 91 - 49 43 - 0
E-Mail: webshop(at)brinko.de

II. Name and address of the data protection officer

The data controller’s data protection officer is:

Jens Maleikat
Bohnen IT GmbH
Hastener Strasse 2
D-42349 Wuppertal
Phone: +49 (202) 24755 - 24
E-Mail: jm(at)bohnensecurity.it
Website: www.bohnensecurity.it

General information on data processing

1. Scope of the processing of personal data

As a fundamental principle, we collect and use the personal data of our users only insofar as this is required to provide a functional website together with our content and service. The collection and use of our users’ personal data is carried out regularly only after the users have given consent. An exception applies in those cases in which it has been impossible to obtain the prior consent for practical reasons and processing of the data is permitted by statutory provisions.

2. Legal basis for processing personal data

Insofar as we obtain consent from the data subject for the processing procedures of personal data, the legal basis is Art. 6 Section. 1 lit. a EU General Data Protection Regulation (GDPR).
For the processing of personal data required for the performance of a contract where the contract party is the data subject, Art. 6 Section 1 lit. b GDPR is the legal basis.
This also applies to processing procedures that are required for pre-contractual measures.
Insofar as processing of personal data is necessary to meet a legal obligation to which our company is subject, Art. 6 Section 1 lit. c GDPR is the legal basis. In the event that vital interests of the data subject or on another natural person necessitate processing of personal data, Art. 6 Section 1 lit. d GDPR is the legal basis.
If the processing is required to safeguard a justified interest of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not override the interest stated above, Art. 6 Section 1 lit. f GDPR is the legal basis for processing.

3. Deletion of data and period of storage

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data can be stored in excess of this limit if this has been provided for by the European or national legislator in legal Union regulations, laws or other provisions to which the data controller is subject. Blocking or deletion of the data will also be carried out if a storage period prescribed by the stated standards has expired, unless there is a need for further storage of the data to conclude or to perform a contract.

III. Preparation of the website and creation of log files

1. Description and scope of data processing

Every time our web page is called up, our system automatically records data and information from the system of the calling computer. The following data are collected:

Information about the browser type and the version used
The user’s operating system
The user’s internet service provider
Host name of the computer establishing access
Date and time of access
Websites from which the user’s system accesses our web page
Websites called up from the user’s website via our website

The data are also stored in the log files of our system. Theses data are not stored together with the user’s other personal data.

2. Legal basis for data processing

The legal basis for the temporary storage of the log files is Art. 6 Section 1 lit. f GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to facilitate the delivery of the website to the user’s computer. To do this, the IP address of the user must remain stored for the duration of the session.

Storage in log files is carried out to ensure the operability of the website. In addition, the data help us to optimise the website and to ensure the security of our information technology systems. In this context, there is no evaluation of the data for marketing purposes.
Our legitimate interest in data processing according to Art. 6 Section 1 lit. f GDPR is also based on these purposes.

4. Duration of storage

The data will be deleted as soon as they are no longer required for achieving the purpose of their collection. In the case of recording the data for providing the website, this will be once the relevant session has ended.

In the case of recoding the data in log files, this will happen after seven days at the latest. Storage times in excess of these limits are possible. In this case, the users’ internet protocol addresses are deleted or altered, meaning that an allocation of the calling client is no longer possible.

5. Options for objection and removal

Recording the data for providing the website and storage of the data in log files is essential for the operation of the web page. Consequently, there is no option for objection on the part of the user.

IV. Use of cookies

1. Description and scope of data processing

Our web page uses cookies. Cookies are text files that are stored in the internet browser or respectively from the internet browser on the user’s computer system. If a user calls up a website, a cookie can be stored in the user’s operating system. This cookie contains a typical character string that enables unambiguous identification of the browser if the website is called up again.
In this process, the following data are saved and transferred in the cookie:

(1) Language settings
(2) Articles in a shopping cart
(3) Log-in information

When calling up our website, users are informed by an info banner of the use of cookies for analytic purposes.

2. Legal basis for data processing

The legal basis for processing the data using cookies is Art. 6 Section 1 lit. f GDPR.

3. Purpose of data processing

The purpose of the use of technically required cookies is to simplify the use of websites for the user. Some functions of our web page cannot be offered without the use of cookies. These functions require that the browser will be recognised again even after a change of page. We require cookies for the following applications:

(1) Shopping cart
(2) Acquisition of language settings
(3) Noting of search terms

The user data collected by technically required cookies are not utilised to create user profiles.
Our justified interest in processing the personal data according to Art. 6 Section 1 lit. f GDPR is also based on these purposes.

4. Duration of storage, options for objection and removal

Cookies are stored on the user’s computer and sent to our page from there. This means that, as users, you also have full control of the use of cookies. By changing the settings in your internet browser, you can deactivate or limit the transmission of cookies. Cookies already saved can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it is possible that not all the functions of the website can be used to their full extent any longer.

V. Newsletter

1. Description and scope of data processing

Dispatch of the newsletter is based on the log-in of the user on the website:

Our web page offers you the option to subscribe to a free newsletter. In this process, the data from the input mask are transferred to us on log-in for the newsletter.
For this purpose, we save your e-mail address, your first name and your surname
In addition, we collect the following data on log-in:

(1) IP address of the calling computer
(2) Data and time of registration

As part of the log-in process, your consent for the processing of the data will be requested and reference will be made to this data protection declaration.

If you acquire goods and services from our web page and deposit your e-mail address in this process, this can as a consequence be used by us for the dispatch of a newsletter. In such a case only direct advertising for our own similar goods or services will be sent out via the newsletter.

There will in connection with data processing for the dispatch of newsletters be no transmission data to third parties. The data will be used exclusively for the dispatch of the newsletter.

2. Legal basis for data processing

The legal basis for processing the data after log-in by the user for the newsletter is, if there is consent by the user, Art. 6 Section 1 lit. a GDPR.
The legal basis for the dispatch of the newsletter following the sale of goods or services is § 7 Section 3 of the German Law against Unfair Competition, UWG.

3. Purpose of data processing

Collection of the user’s email address is for the purpose of sending the newsletter.
The collection of other personal data as part of the log-in process is intended to prevent misuse of the services or the e-mail address used.

4. Duration of storage

The data will be deleted as soon as they are no longer required for achieving the purpose of their collection. The user’s e-mail address will therefore be stored for as long as the subscription to the newsletter is active.

The other personal data collected as part of the log-in process are as a rule deleted after a period of seven days.

5. Options for objection and removal

The subscription to the newsletter can be terminated at any time by the user affected. There is a corresponding link for this purpose in every newsletter.

This link can also be used to enable withdrawal of consent to the storage of the personal data collected during the log-in procedure.

VI. Registration

1. Description and scope of data processing

We offer users the opportunity to register on our web page by submitting personal data. In this process, the data are entered into an input mask and transferred to us and stored. The data are not transmitted to third parties. The following data are collected as part of the registration process:

E-mail address password, invoice address, title, first name, surname, company, street, house number, postcode, town or city, VAT ID, country, phone, fax, mobile phone, phone (private), date of birth, wholesaler

At the time of registration, the following data are also saved:

(1) The user’s IP address
(2) Date and time of registration

The user’s consent to the processing of these data is requested as part of this registration process.

2. Legal basis for data processing

The legal basis for processing the data with the existence of consent by the user is Art. 6 Section 1 lit. a GDPR.
If the registration is for the purpose of performance of a contract where the user is the contract party or to implement pre-contractual measures, the additional legal basis for processing the data is Art. 6 Section 1 lit. b GDPR.

3. Purpose of data processing

Registration of the user is required for the performance of a contract with the user or to carry out pre-contractual measures.

4. Duration of storage

The data will be deleted as soon as they are no longer required for achieving the purpose of their collection.

This is the case for data collected during the registration procedure for the purpose of performance of a contract or implementing pre-contractual measures if the data are no longer required for implementing the contract. Even after the conclusion of the contract, a need to store personal data of the contract partner may exist, in order to comply with contractual or legal obligations.

5. Options for objection and removal

As a user, you have the option of cancelling your registration at any time. You may have your stored data changed at any time. Please contact us for this purpose using the contact data given above. If the data are required for the performance of a contract or to implement pre-contractual measures, early deletion of the data is possible only if there are no contractual or legal obligations opposed to deletion.

VII. Contact form and e-mail contact

1. Description and scope of data processing

A contact form is available on our web page which can be used to get in touch electronically. If a user takes up this option, the data entered into the input mask are transferred to us and saved. These data are:
Name, company, e-mail address and the options for sending further text information

At the time of sending the message, the following data are also saved:
(1) The user’s IP address
(2) Date and time of registration
As part of the registration process, your consent for the processing of the data will be requested and reference will be made to this data protection declaration.

As an alternative, you can contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.

There will in this connection be no transmission data to third parties. The data will be used exclusively for processing the conversation.

2. Legal basis for the data processing

The legal basis for processing the data with the existence of consent by the user is Art. 6 Section 1 lit. a GDPR.

The legal basis for processing the data transferred in the course of sending an e-mail is Art. 6 Section 1 lit. f GDPR. If the objective of the e-mail contact is conclusion of a contract, the additional legal basis for processing is Art. 6 Section 1 lit. b GDPR.

3. Purpose of data processing

The processing of the personal data from the input mask is for us solely the processing of making contact. If contact is made by e-mail, this is also the basis for the required legitimate interest in processing the data. Other personal data processed during the sending procedure serve to prevent misuse of the contact form and ensure the security of our technical information systems.

4. Duration of storage

The data will be deleted as soon as they are no longer required for achieving the purpose of their collection. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the relevant conversation with the user has ended. The conversation has ended when it can be assumed from the circumstances that the matter in question has been conclusively resolved.

5. Options for objection and removal

The user has the option of withdrawing his or her consent to processing of personal data at any time. If the user contacts us by e-mail, he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued.
In this case, please send us an informal e-mail to webshop(at)brinko.de All personal data saved as part of the contact procedure will in this case be deleted.

VIII. Google Maps

1. Description and scope of data processing

This page uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to save your IP address. This information is typically communicated to a Google server in the USA and saved there. The provider of this website has no influence on this data transfer. More information on the treatment of user data can be found in Google’s data protection declaration: https://www.google.de/intl/de/policies/privacy/.

2. Legal basis for data processing

The legal basis for the temporary storage of the data is a legitimate interest according to Art. 6 Section 1 lit. f GDPR.

3. Purpose of data processing

The use of Google Maps is in the interest of creating an attractive representation of our online offers and of making the locations mentioned on our website easy to find.

4. Options for objection and removal

Recording the data for providing the website and storage of the data in log files is essential for the operation of the web page. Consequently, there is no option for objection on the part of the user.

IX. Rights of the data subject

The following list comprises all the rights of the data subjects according to GDPR. Rights that do not have any relevance to an own website do not need to be stated. To that extent, the list can be shortened.
If your personal data are processed, you are a data subject in the sense of GDPR and you have the following rights where the data controller is concerned:

1. Right to information
You can demand a confirmation from the data controller as to whether we are processing any of your personal data.
If we are processing such data, you can request the data controller to disclose the following information:
(1) The purpose for which the personal data are being processed;
(2) The categories of personal data that are being processed;
(3) The recipients or categories of recipients to whom your personal data have been disclosed or are yet to be disclosed;
(4) The planned duration of the storage of your personal data or, if specific information on this topic is not available, criteria to establish the duration of storage;
(5) The existence of a right to rectify or delete your personal data, existence of the right to restrict processing by the data controller or of the right to object to such processing;
(6) The existence of a right to lodge a complaint with a supervisory authority;
(7) All available information about the origin of the data, if the personal data have not been collected from the data subject;
(8) The existence of an automated decision-making process, including profiling, in accordance with Art. 22 Sections 1 and 4 GDPR and – at least where such processes exist – meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.
You have the right to demand information as to whether your personal data are transferred to a third country or to an international organisation . In this context, you can demand to be informed about the appropriate guarantees according to Art. 46 GDPR in connection with the transfer.

2. Right to rectification

3. Right to restriction of processing

Under the following conditions, you have the right to demand restriction of the processing of your personal data:
(1) If you contest the accuracy of the personal data for a period of time that enables the data controller to verify the accuracy of the personal data;
(2) The processing is unlawful and you oppose the deletion of the personal data and request the restriction of their use instead;
(3) The data controller no longer needs the data for the purposes of processing, but you require these for the establishment, exercise or defence of legal claims, or
(4) If you have objected to the processing in accordance with Art. 21 Section 1 GDPR and it is not yet clear whether the data controller’s legitimate reasons override your reasons.
If the processing of your personal data has been restricted, these data – with the exception of their storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or to protect the rights of another natural person or legal entity or for reasons of important public interest of the Union or of a member state.

4. Right to deletion

a) Obligation of deletion
You can demand that the data controller immediately delete your personal data, and the data controller is then obliged to delete these data without delay if one of the following reasons applies:
(1) Your personal data are no longer required for the purpose for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing was based in accordance with Art. 6 Section 1 lit. a or Art. 9 Section 2 lit. a GDPR, and there is no other legal basis for the processing.
(3) You object to the processing in accordance with Art. 21 Section 1 GDPR and there are no overriding legitimate reasons for processing, or you object to the processing in accordance with Art. 21 Section 2 GDPR.
(4) Your personal data was processed unlawfully.
(5) The deletion of your personal data is necessary to fulfil a legal obligation under EU law or the laws of member states to which the data controller is subject.
(6) Your personal data were collected in relation to the offer of information society services according to Art. 8 Section 1 GDPR.

b) Information passed to third parties
If the data controller has made your personal data public and is obliged in accordance with Art. 17 Section 1 GDPR to delete these data, the data controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform the data controllers who are processing these personal data that you as the data subject have requested the deletion by such controllers of any links to, or copies or replications of, these personal data.

c) Exceptions
The right to deletion shall not apply insofar as processing is necessary
(1) For exercising the right of free expression and information;
(2) For compliance with a legal obligation which requires processing by Union or member state law to which the data controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) For reasons of public interest in the area of public health in accordance with Art. 9 Section 2 lit. h and i as well as Art. 9 Section 3 GDPR;
(4) For archiving purposes in the public interest, purposes of scientific or historical research or for statistical purposes according to Art. 89 Section 1 GDPR, insofar as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of this processing, or
(5) For the establishment, exercise or defence of legal claims.

5. Right to information

If you have asserted your claim to the data controller of the right to rectification, deletion or restriction of processing, the controller is obliged to notify all recipients to whom your personal data have been disclosed of this rectification or deletion of data or the restriction of processing, unless this proves to be impossible or involves unreasonable expenditure. You have the right to information from the data controller about these recipients.

6. Right to data portability

You have the right to receive the personal data you have provided to the data controller in a structured, common and machine-readable format. You also have the right to transmit these data to another data controller without hindrance by the controller to whom the personal data were provided, if
(1) Processing is based on consent according to Art. 6 Section 1 lit. a GDPR or Art. 9 Section 2 lit. a GDPR or on a contract according to Art. 6 Section 1 lit. b GDPR and
(2) The processing is carried out by automated means.
In exercising this right, you also have the right to have your personal data transmitted directly from one data controller to another, wherever this is technically feasible. The freedoms and rights of other persons may not be impaired by this action.
The right to data portability shall not apply to personal data required for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data carried out based on Art. 6 Section 1 lit. e or f GDPR; this also applies to profiling based on these provisions.

The data controller will no longer process your personal data unless the controller can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or serve the establishment, exercise of defence of legal claims.

If your personal data are processed for direct advertising purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies applies to profiling, to the extent that it is related to such direct advertising.

If you object to processing for the purposes of direct advertising, your personal data will no longer be processed for such purposes.

In the context of use of information society services, you have the option – regardless of Directive 2002/58/EC – of exercising your right to object by automated means using technical specifications.

8. Right to revoke your consent relating to data protection

You have the right to revoke your declaration of consent relating to data protection at any time. Withdrawal of consent does not affect the legality of the processing that was carried out with consent prior to its withdrawal.

9. Automated decisions in individual cases, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) Is necessary for entering into, or performance of, a contract between you and the data controller;
(2) Is permitted by Union or member state laws to which the data controller is subject and these laws also lay down appropriate measures to safeguard your rights and freedoms, as well as your legitimate interests, or
(3) Is carried our with your explicit consent.

However, these decisions may not be based on certain special categories of personal data according to Art. 9 Section 1 GDPR, unless Art. 9 Section 2 lit. a or g GDPR apply and appropriate measures to protect rights and freedoms, as well as your legitimate interests, have been taken.
With regard to the measures described in (1) and (3), the data controller will implement suitable measures to safeguard rights and freedoms together with your legitimate interests, among these at least the right to obtain human intervention on the part of the data controller, to express your point of view and to contest the decision.

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or legal remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual place of residence, your workplace or the place of the alleged infringement, if you are of the opinion that the processing of your personal data infringes the GDPR.
The supervisory body with which the complaint has been lodged will notify the complainant of the status and the results of the complaint, including the option of legal remedy according to Art. 78 GDPR.
The supervisory body for BRINKO Werkzeuge Fellermann GmbH & Co. KG is the:

Landesbeauftragte für Datenschutz und Informationsfreiheit

Nordrhein-Westfalen
Postfach 20 04 44
D-40102 Düsseldorf
Phone: +49 (0)211/38424-0
Fax: +49 (0)211/38424-10