Data Protection Information by ATR Industrie-Elektronik GmbH
The following sets out how we collect personal data when you use our website:
§ 1 What is personal data and who is the person responsible?
(1) Personal data is all data that relates to you personally, e.g. name, address, email addresses, user behaviour.
(2) The body responsible pursuant to Art. 4 (7) of the EU’s General Data Protection Regulation (GDPR) is ATR Industrie-Elektronik GmbH, Siempelkampstr. 50, 47803 Krefeld, firstname.lastname@example.org.
(3) Our data-protection officer may be contacted at: email@example.com.
§ 2 What rights do you have?
(1) You have the following rights against us where the personal data that relates to you is concerned: right to information, right to correction or erasure, right to restriction of processing, right to object to the data being processed and right to data transferability.
(2) You are also entitled to complain to a data-protection supervisory authority about how we are processing your personal data. The supervisory authority of the federal state in which you reside is, for example, responsible to this end. You may also contact the Landesbeauftragter für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (State Commissioner for Data Protection and Freedom of Information for North Rhine-Westphalia) under whose jurisdiction we fall.
§ 3 Why do we process your data and on what legal basis is it processed?
a) Server log files and cookies
(1) When you use the website for informational purposes only, i.e. when you do not register or otherwise provide us with information, we will only collect the personal data that your browser sends to our server. We collect the following data when you wish to view our website:
- IP address
- Date and time of the request
- Difference in time zones in regard to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status / HTTP status code
- The amount of data sent in each case
- Website from which the request comes
- Browser operating system and its interface
- Language and version of the browser software
This data will be deleted as soon as you stop using our website.
(2) Cookies will be stored on your computer in addition to the above-mentioned data when you use our website. Cookies are small text files that are assigned to the browser you use and placed on your hard disk which then direct specific information to the entity that has set the cookie (which in this case is us). Cookies cannot launch programs or transfer viruses to your computer. Our website uses the following types of cookies whose scope and functionality are explained below:
- Transient cookies
- Persistent cookies
‘Transient cookies’ are automatically deleted when you close your browser. They in particular relate to session cookies. These store so-called session IDs that permit different requests from your browser to be assigned to the joint session. This will allow your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close your browser.
‘Persistent cookies’ are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in your browser’s security settings.
It is possible to configure your browser settings to suit your requirements and block the acceptance of third party cookies or all cookies, for example. We do, however, draw your attention to the fact that you may not be able to use all functions of this website and that it may, for example, be necessary for you to log back in every time you return.
(3) The legal basis for the data processing described is our legitimate interest pursuant to Art. 6 (1) (1) (f) GDPR. The data collected is technically necessary for us to display our website to you and to guarantee its stability and security, or is used to make the Internet offering more user-friendly and effective overall.
b) Contact by email or contact form
(1) We will store the data you provide when you contact us by email or contact form (your email address and, if applicable, your name and your telephone number, the content of your message) for the purposes of answering your questions. We will delete the data generated within this context when it is no longer necessary to store the data or will restrict how it is processed if legal obligations to retain data exist.
(2) The legal basis for this data processing is Art. 6 (1) (1) (b) GDPR as far as the initiation of a contractual relationship is concerned and Art. 6 (1) (1) (f) GDPR as far as other inquiries are concerned, as we have a legitimate interest in being able to answer your inquiries.
c) Orders through our webshop
(1) If you would like to place an order through our webshop, it will be necessary for the conclusion of the contract that you provide us with your personal data, which we require to process your order and, if necessary, to contact you in the event of queries regarding your order. Mandatory details required for the execution of the contracts (first name, last name, street / house number, town, postcode, telephone and email) have been identified separately; the provision of additional details is voluntary. We will process the data you have provided for the purposes of dealing with your order. We may forward your payment data to our house bank for this purpose. The legal basis for this is Art. 6 (1) (1) (b) GDPR.
(2) The IP address assigned to you at the time of the order will also be stored within the scope of your order for the purposes of clarifying cases of misuse (e.g. order under a false name). The legal basis for this is our legitimate interest in clarifying such cases of abuse pursuant to Art. 6 (1) (1) (f) GDPR.
(3) Your data will be deleted as soon as we no longer need it for the aforementioned purposes. We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. We will, however, restrict the processing of such data after two years, i.e. your data will only be used for compliance with legal obligations.
d) Web analysis and statistics collection using Matomo
(1) Scope of processing of personal data:
The controller uses on this website the software “Matomo” (www.matomo.org), a service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. The software evaluates the information stored by the web server for statistical purposes. If sub-pages of the website are called up, the following data is stored:
- the IP address of the user (anonymized)
- the sub-page called up and the time of the call-up
- the page from which the user accessed our website (referrer)
- which browser with which plugins, which operating system and which screen resolution is used
- the time spent on the website
- the pages that are visited from the sub-page accessed
The data collected with Matomo is stored exclusively on the server of the responsible party. It is not passed on to third parties.
(2) Legal basis
The legal basis for the processed personal data is Art. 6 para. 1 lit. a DSGVO in conjunction with. § 25 para. 1 TTDSG.
(3) Purpose of the data processing
The data is processed by the responsible party in order to evaluate the surfing behavior of users and to obtain information about the use of the individual components of the website. This makes it possible to optimize the website and its user-friendliness. Likewise, the data obtained is used to control digital advertisements.
The data will not be used to personally identify the user of the website and will not be merged with other data.
(4) Duration of storage:
The data will be deleted when it is no longer needed for our purposes or the user revokes his consent to the processing of the data on cookie preferences.
§4 Recipients of data
Only those bodies at our company that need to access your personal data in order to fulfil the above-mentioned purposes will be granted access. The above-mentioned data may also be processed by contract processors who operate or maintain our website and systems. The data will further be transferred to the service providers expressly mentioned in Clause 3, with whom an agreement for processing orders has been concluded, insofar as they act as contract processors for us.
§5 Is there an obligation to provide personal data?
You are neither legally nor contractually obliged to provide us with personal data. In some cases, however, we will be unable to offer all the website’s functionalities without this data.
§6 Does automated decision making or profiling take place?
We do not perform automated decisions or other profiling activities.
§7 Social Media
We maintain online presences within social networks and platforms in order to be able to communicate with customers, interested parties and users who are active on these social networks and to inform them about our services.
We would like to point out that user data may be processed outside the European Union. This could result in risks for users, e.g. it could make it more difficult to enforce the rights of users. With regard to US providers that are certified under the Privacy Shield Agreement, we would like to point out that by doing so they commit themselves to comply with EU data protection standards.
In addition, user data is usually processed for market research and advertising purposes. For example, user profiles can be created on the basis of user behavior and the resulting interests of users. The usage profiles can also be used, for example, to place advertisements inside and outside the platforms that are presumed to correspond to the interests of users. For these purposes, cookies are usually stored on the user’s computer in which the user’s usage behaviour and interests are stored. In addition, data can be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of personal data of users is based on our legitimate interests in the effective information of users and communication with users pursuant to Art. 6 para. 1 lit. f. GDPR. If the users are asked by the respective providers to give their consent to data processing (i.e. declare their consent, e.g. by ticking a checkbox or confirming a button), the legal basis for processing is Art. 6 para. 1 lit. a., Art. 7 GDPR.
For a detailed description of the respective processing operations and the opt-out options, please refer to the following linked information provided by the providers.
Also in the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and give information. Should you nevertheless need help, you can contact us.
– Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland) – Data Protection Statement: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
– Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – Data Protection Statement: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
– Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Data Protection Statement/ Opt-Out: http://instagram.com/about/legal/privacy/.
– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Data Protection Statement: https://twitter.com/en/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
– Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Data Protection Statement/ Opt-Out: https://policy.pinterest.com/en/privacy-policy.
– LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland) – Data Protection Statement https://www.linkedin.com/legal/privacy-policy , Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
– Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland) – Data Protection Statement/ Opt-Out: https://privacy.xing.com/en/privacy-policy.