Website Privacy Policy

Information concerning processing of your personal data pursuant to Art. 13 of the GDPR

We are delighted that you are interested in our website, products and services. The protection and privacy of personal information collected, processed or used during your visit to our website is very important to us. In accordance with Art. 13 of the GDPR, we provide you with the information below on how your personal data is processed by our website:

General information Processing of your data Rights of the data subject

I. General information

Name and contact details of the Controller

Controller for data processing: Crespel & Deiters GmbH & Co. KG, Groner Allee 76, 49479 Ibbenbüren.

Contact details of Data Protection Officer

You can contact our Data Protection Officer using the following details: Herr Rechtsanwalt Sascha Hesse, Hanauer Landstrasse 151-153, 60314 Frankfurt am Main, Telephone: +49 69 90437965, Fax: +49 69 90437974, Email: shesse@agor-ag.com.

II. Processing of your data

1. Provision of the website and log files

1.1 Purpose of data processing

Each time our website is accessed, our system, i.e. the web server, automatically records information from the system of the user’s computer or end device used to access the website, which may allow identification. We collect the following data in this context:

  • Date and time of access
  • IP address of the requesting computer
  • Host name of the accessing computer
  • Website from which the website is accessed (referrer)
  • Page of the website visited
  • Notification of whether access was successful
  • Amount of data transmitted
  • User agent
  • host name accessed
  • Information on the browser type and the version used
  • Operating system of the user’s end device
  • User’s internet service provider

Storage of data is used for system-related and statistical purposes. We use this information to update our website, improve its appearance and increase its attractiveness on an ongoing basis. We also use the data to detect and ward off attacks and to investigate the suspicion of criminally relevant use. We do not consolidate the data collected with other sources of data, in particular data that relates to a specific person. The temporary storage of the user’s IP address on our system is necessary in order to deliver the website to your end device. To do this, your IP address must be saved for the duration of the session.

1.2 Legal basis for data processing

The legal basis for the temporary storage of this data and the log files is Art. 6 Para. 1 lit. f) GDPR (our legitimate interests as responsible website operator). The processing of the personal data for the purposes listed under 1.2 also represents our legitimate interest in the processing of the personal data stated.

1.3 Storage term

The data is deleted as soon as it is no longer required for the purposes of its collection. In the case of data recording for the provision of the website, this is the case when the respective session is terminated. In the case of saving the data in log files, the data is deleted after 7 days. No back-ups are created of log files. Only the provider as a telecommunications provider is obligated pursuant to Para. 113 b TKG to store

  1. the internet protocol address assigned to the participant for internet use,
  2. a clear identifier of the connection via which the internet is used and an assigned user identifier,
  3. the date and time of the start and end of internet use under the assigned internet protocol address including the respective time zone

for a period of ten weeks. Storage in addition to this may be possible for the prosecution of administrative or criminal offences if an investigative process is launched.

1.4 Required by law or contract

You are neither legally nor contractually obligated to provide the personal data. However, not providing this data is not technically possible and would cause the content of the website to not appear on your end device.

1.5 Categories of recipients of the personal data

Crespel & Deiters GmbH & Co. KG does not disclose the personal data to third parties unless it is obligated to do so by statutory provisions or you have given your permission.

Exempt from this is the integration of service providers, e.g. for hosting the website, that have been carefully selected especially with regard to data protection and data security and for whom all measures required under data protection law for permissible data processing have been taken. Data processing does not take place outside the European Union.

2. Cookies

2.1 Purpose of data processing

Our website uses cookies. Cookies are text files that are saved in the web browser or by the web browser on the user’s computer system. When you access a website, a cookie can be saved on your end device. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is accessed again.

Our website uses cookies for the following purposes:

“pll_language”

This cookie saves the language setting you have chosen for your visit to our website. You can currently choose between English and German as language settings.

2.2 Legal basis for data processing

The legal basis for the processing of the personal data in the form of the cookie named in 2.1 is Art. 6 Para. 1 lit. f) GDPR (our legitimate interests as Controller). The processing of the personal data for the purposes listed under 2.1 also represents our legitimate interest in the processing of the personal data stated.

2.3 Storage term

Storage term of the individual cookies:

“pll_language”: One year from use.

2.4 Required by law or contract

You are neither legally nor contractually obligated to provide the personal data. Not providing the data would result in the website being displayed in English.

2.5 Categories of recipients of the personal data

Crespel & Deiters GmbH & Co. KG does not disclose the personal data to third parties unless it is obligated to do so by statutory provisions or the user has given permission.

Exempt from this is the integration of service providers, e.g. for hosting the website, that have been carefully selected especially with regard to data protection and data security and for whom all measures required under data protection law for permissible data processing have been taken. Data processing does not take place outside the European Union.

3. Contact form

3.1 Purpose of data processing

We can be contacted using our contact form and the email address provided. In this case, the personal data of the sender, i.e. the user, transmitted with the enquiry is saved.

Personal data that you share with us via email or via the contact form on this website is processed only for correspondence with you and for the purpose for which you have provided us with data.

3.2 Legal basis for data processing

The legal basis for the processing of the personal data transmitted in connection with sending an enquiry is Art. 6 Para. 1 lit. f) GDPR (our legitimate interests as Controller). The processing of the personal data for the purposes listed under 3.1 also represents our legitimate interest in the processing of the personal data stated.

3.3 Storage term

The data named above is deleted as soon as it is no longer required to achieve the purpose of its collection. For personal data sent to us via email or via the contact form, this is the case when the respective conversation with the user is completed. The conversation is completed when it can be assumed from the circumstances that the situation has been fully resolved.

3.4 Required by law or contract

You are neither legally nor contractually obligated to provide the personal data. If you do not wish to provide the data, this will result in us being unable to contact you.

3.5 Categories of recipients of the personal data

The website is hosted by our carefully selected service providers. The host receives the aforementioned data as data processor.

Crespel & Deiters GmbH & Co. KG does not pass your personal data on to third parties. In some circumstances, the data may be forwarded to associated companies in the Crespel & Deiters Group where your enquiry relates to products or services of the respective company. Where the data is forwarded to an associated company, you will be informed by the company pursuant to Art. 14 GDPR.

4. Vimeo without tracking (do-not-track)

4.1 Purpose of data processing

Videos from Vimeo are integrated on some pages. Videos are a practical way to transport content better and make it easier to understand. As local hosting of videos does not offer sufficient performance, we use the option of the external video provider Vimeo. When you visit one of our pages containing Vimeo videos, a connection to the Vimeo servers is made for technical reasons. The Vimeo server is informed which of our pages you have visited. Vimeo also receives your IP address. Vimeo is responsible for this data processing. Therefore, for information on the associated use of data on your browser or end device, please see the Vimeo privacy policy. You can find the Vimeo privacy policy at: https://vimeo.com/privacy. Furthermore, we have integrated Vimeo in such a way that Vimeo cannot trace your user activities and will not place any cookies.

4.2 Legal basis for data processing

The legal basis is Art. 6 Para. 1 lit. f. GDPR (legitimate interest). The legitimate interest in processing your personal data is the attractive presentation of our website.

4.3 The intention to transmit personal data to a third country

When the users access the video content, the IP address required to access the video is transmitted to Vimeo Inc., 555 West 18th Street, New York 10011, USA. In order to guarantee an appropriate level of data protection when data is transmitted to the USA, we have concluded EU standard contractual terms in the “Controller to Controller” version with Vimeo.

4.4 Storage term

The data is stored in the log files. You can find more detailed information in section 1.3.

4.5 Required by law or contract

You are neither legally nor contractually obligated to provide the personal data. If you do not wish to provide the data, this will result in you being unable to access the video.

4.6 Categories of recipients of the personal data

The recipient of personal data is the service provider Vimeo.

5. Advertising and customer care

5.1 Purpose of data processing

Crespel & Deiters GmbH & Co. KG stores your contact data in a customer relationship management system in order to inform you about the Group’s products.

5.2 Legal basis for data processing

The legal basis is Art. 6 Para. 1 lit. f. GDPR (legitimate interest). The legitimate interest in processing your personal data is product information.

5.3 Storage term

The data is stored for the period of the business activity with Crespel & Deiters GmbH & Co. KG and its associated companies.

5.4 Required by law or contract

You are neither legally nor contractually obligated to provide the personal data. If you do not wish to provide the data, this will result in us being unable to contact you. You can object to the processing of your data for the purposes of direct advertising at any time and will then receive no further advertising from us.

5.5 Categories of recipients of the personal data

Crespel & Deiters GmbH & Co. KG does not pass your personal data on to third parties. In some circumstances, the data may be forwarded to associated companies in the Crespel & Deiters Group where your enquiry relates to products or services of the respective company. Where the data is forwarded to an associated company, you will be informed by the company pursuant to Art. 14 GDPR.

6. Data processing in order to fulfil statutory obligations

6.1 Purpose of data processing

We process your personal data in order to meet legal obligations. The specific scope of the data processed here depends on the respective legal obligation.

The processing of your personal data in order to meet legal obligations comprises the following purposes in particular:

  • Cooperation in proceedings (including court proceedings) conducted by state bodies, in particular for the resolution, investigation and prosecution of illegal actions.
  • Prevention, detection and suppression of illegal actions (e.g. fraud, money laundering and funding of terrorism).
  • Guaranteeing the information security of our services.
  • Storage and saving of personal data in order to meet specific retention periods.
  • Management of Data Subject rights under data protection law.

6.2 Legal basis for data processing

Where processing is required in order to meet statutory requirements, we process your data in accordance with Art. 6 Para. 1 lit. c) GDPR.

6.3 Storage term

Your data is deleted as soon as it is no longer required for the purposes for which it was collected or otherwise processed. Where required, we process your personal data for the period to which we are legally obligated. Specific retention periods result from the purposes of processing described under 6.1.

6.4 Categories of recipients of the personal data

Where required, we transmit your personal data for one or more of the named purposes to data processors and the following other recipients:

  • Prosecution authorities, courts, other state bodies
  • Third parties involved in court proceedings where they submit a legal direction, a court decision or an equivalent legal order.

The website is hosted by our carefully selected service providers. The host receives the aforementioned data as data processor.

III. Rights of the Data Subject

Where personal data of a user is processed, this user is a “Data Subject” under the GDPR. He holds the following rights against us as the Controller:

  • Right of access
  • Right of rectification
  • Right to restriction of processing
  • Right to erasure
  • Right to notification
  • Right data portability
  • Right to withdrawal of permission under data protection law
  • Right of complaint to a data protection supervisory body

Information concerning your right to object pursuant to Article 21 of the GDPR

Due to reasons relating to your particular situation, you are entitled to object at any time to the processing of your personal data which is carried out on the basis of Article 6 para. 1 p. 1(f) of the GDPR (data processing on the basis of a balance of interests). If you lodge an objection, we will no longer process your personal data, unless we can prove compelling, protection-worthy reasons for doing so that outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

In individual cases, we process your personal data for the purpose of direct advertising. You have the right to object to the processing of the data affecting you for the purpose of such advertising at any time. If you object to the processing for the purposes of direct advertising, we will no longer process your personal data for these purposes. Objection can be made informally, using the following address if possible: Crespel & Deiters GmbH & Co. KG, Groner Allee 76, 49479 Ibbenbüren, E-Mailadresse: datenschutz.group@crespeldeitersgroup.com

Note on right of complaint to a supervisory authority

Irrespective of any other legal remedy under administrative law or through a court, a Data Subject has the right to make a complaint to a supervisory authority – in particular in the member state in which the user resides, in which the user works, or in which the alleged violation took place – where the user is of the opinion that our processing of his personal data violates the GDPR.

The supervisory body to which the complaint is submitted shall notify the complainant of the status and results of the complaint including the option of legal remedy through a court in accordance with Art. 78 GDPR.