Göpfert Maschinen GmbH Data Privacy Statement
1. Definition of terms
The data privacy statement of Göpfert Maschinen GmbH is based on the terminology used in the General Data Protection Regulation (GDPR) by the issuers of European directives and regulations. To obtain a better understanding of this data privacy statement, we want to explain the terminology that is used to the public, interested parties and our customers.
We use the following terms among others in this data privacy statement:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject” in the following). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
Data subject means any identified or identifiable natural person whose personal data are processed by the controller.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
j) Third party
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. Name and contact information of the controller and Data Privacy Officer
This data privacy statement applies to data processing by:
Göpfert Maschinen GmbH, Am Zollwasen 6, 97353 Wiesentheid, telephone: +49 93832050, fax: +49 9383 205543, e-mail: info@goepfert
The contact information for the external Data Privacy Officer of Göpfert Maschinen GmbH is as follows:
EIKONA Systems GmbH, Mr. Holeschak, Am Alten Bahnhof 8, 97332 Volkach, Germany, hotline: +49 (0) 9381 71 77 8 59, e-mail: firstname.lastname@example.org
3. Collection and storage of personal data, and type and purpose of their use
For website visits
When you access our website www.goepfert.de, information is automatically sent from the browser on your device to our website server. This information is temporarily stored in a logfile. The following information is recorded in this process without your input and stored until its automatic erasure:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the requested file
- Website from which access takes place (referrer URL)
- The browser being used,
- possibly the operating system of your computer, and the name of your access provider
The aforementioned data are processed by us for the following purposes:
- Maintaining a proper connection process for the website
- Ensuring the convenient use of our website
- Evaluating system security and stability
- Other administrative purposes
The legal basis for data processing is Art. 6 (1), sentence 1, point f GDPR. Our legitimate interests follow from the data collection purposes listed above. In no case do we evaluate the collected data for the purpose of drawing conclusions about you personally.
4. Dissemination of data
Your personal data are not transferred to third parties for purposes other than those listed below.
We only transfer your personal data to third parties when:
- You have given your express consent pursuant to Art. 6 (1), sentence 1, point a GDPR.
- Dissemination is required pursuant to Art. 6 (1), sentence 1, point f GDPR to assert, exercise or defend against legal claims and there is no reason to assume that you have a predominant legitimate interest in the non-dissemination of your data.
- There is a legal obligation of dissemination pursuant to Art. 6 (1), sentence 1, point c GDPR.
- It is legally permitted and required for the performance of contractual relationships with you pursuant to Art 6 (1), sentence 1, point b GDPR.
Cookies store information related to the specific device that is used. However, this does not mean we have direct knowledge of your identity as a result.
Cookies are used on the one hand to make the use of our offering more convenient for you. We use what are called session cookies to identify specific pages of our website you have visited. These are erased automatically after you leave our website.
We also use temporary cookies to optimise usability. These are stored on your device for a defined period of time. When you visit our website again to use our services, we automatically recognise that you have visited us before and what your input and settings were, so you do not have to repeat these.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer, or so you are always notified before a new cookie is created. Fully deactivating cookies can however mean that you may not be able to use all functions of our website.
6. Subscription to our newsletter
Goepfert Maschinen GmbH gives its customers the option of subscribing to our company newsletter. The following personal data are processed for this purpose: salutation, last name, first name and e-mail address.
Goepfert Maschinen GmbH regularly informs its customers and business partners about company offers through a newsletter. On principle, our company newsletter can only be received by the data subject when (1) the data subject has a valid e-mail address and (2) the data subject has registered for the newsletter or agreed to receive it. For legal reasons, a confirmation message is sent to the e-mail address provided for the newsletter subscription in a double opt-in process. The purpose of this confirmation message is to verify that the owner of the e-mail address as the data subject has authorised the subscription to the newsletter.
We also store the IP address of the data subject assigned by the Internet service provider (ISP) for the computer system used at the time of registration and the date and time of registration when you subscribe to our newsletter. Collecting these data is required so the (possible) misuse of the e-mail address of a data subject can be subsequently retraced, and thus serves as legal protection for the controller.
Personal data collected in the course of subscribing to the newsletter are used solely for sending out our newsletter. Newsletter subscribers may also be informed by e-mail insofar as this is required for the operation of the newsletter service or a related registration, for example when the newsletter offering or the technical conditions change. There is no dissemination to third parties of personal data collected within the scope of the newsletter service. The subscription to our newsletter can be cancelled by the data subject at any time. The data subject’s consent to the storage of personal data for sending out the newsletter can be revoked at any time. There is a link in each newsletter for revoking consent. It is also possible to unsubscribe from the newsletter at any time directly on the controller’s website, or to otherwise notify the controller.
7. Rights of the data subject
You have the right:
To request information about your personal data processed by us pursuant to Art. 15 GDPR. In particular, you can request information about the purposes of processing, category of the personal data, categories of recipients to whom the data were or will be disclosed, planned storage duration, existence of a right to correction, erasure, restriction of processing or objection, existence of a right to complain, origins of your data insofar as they were not collected by us, and existence of automated decision making including profiling, and if applicable informative details in their regard.
Pursuant to Art. 16 GDPR, to promptly request the correction of incorrect or incomplete personal data pertaining to you that is stored by us.
Pursuant to Art. 17 GDPR, to request the deletion of your personal data stored by us, insofar as processing is not required to exercise the right to freedom of expression and information, to meet a legal obligation, for reasons of the public interest or to assert, exercise, or defend against legal claims.
Pursuant to Art. 18 GDPR, to request the restriction of processing your personal data insofar as you dispute the accuracy of the data or the processing is unlawful, but you reject the erasure of the data and we no longer require them, but you require them to assert, exercise or defend legal claims or you have objected to processing pursuant to Art. 21 GDPR.
Pursuant to Art. 20 GDPR, to receive your personal data you provided to us in a structured, common and machine readable format, or to request their transfer to another controller.
Pursuant to Art. 7 (3) GDPR, to revoke your consent given to us at any time. This means we are no longer permitted to continue the data processing based on this consent with future effect.
Pursuant to Art. 77 GDPR, to complain to a supervisory authority. As a rule you can contact the supervisory authority for your usual place of abode or place of work, or our registered office, for this purpose. In case of Göpfert Maschinen GmbH, the responsible authority is the Bavarian State Office for Data Protection Supervision. Further information: https://www.lda.bayern.de/de/index.html.
8. Right to object
Insofar as personal data are processed based on legitimate interests pursuant to Art. 6 (1), sentence 1, point f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR insofar as there are reasons arising from your specific situation or in case of objection to direct advertising. In the latter case, you have a general right to object that is implemented by us without naming a specific situation.
If you want to exercise the right of withdrawal or revocation, just send an e-mail to email@example.com.
9. Data security
Within a visit to our website, we used the common SSL (Secure Socket Layer) protocol that is supported by your browser in conjunction with the respective highest encryption level. As a rule this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit V3 technology instead. Whether a specific page of our Internet presence is transmitted in encrypted form is identified by the key or lock symbol displayed in the status bar at the bottom of your browser.
That being said, we use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised third-party access. Our security measures are subject to continuous improvement according to the development of technology.
10. Timeliness and amendment of this data privacy statement
This data privacy statement is currently valid and was issued in May of 2018.
It may become necessary to amend this data privacy statement due to the further development of our website and offerings through the same, or due to changed legal and official requirements. The respective current data privacy statement can be obtained from our website and printed out at any time.