bilsteinGroup

Data Protection
Statement

1. Data protection at a glance

General information

The following information gives a simple overview of what happens to your personal data when you visit our website. Personal data is any data that would allow you to be identified personally. Detailed information about data protection can be found in our data protection statement below.

Data collection on our website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. The website operator’s contact details can be found in the legal notice on this website.

How do we collect your data?

Some of the data we collect about you will be data that you provide us with yourself. This may, for example, involve data that you enter in a contact form.

Other data shall be collected automatically by our IT systems when you visit the website. This is technical data in particular (e.g. about your internet browser, operating system or time that you access our website). This data shall be collected automatically as soon as you go on to our website.

What do we use your data for?

Some of the data will be collected so that we can ensure that you do not encounter any problems during your time on the website. Other data may be used to analyse your behaviour as a user of the website.

What rights do you have regarding your data?

You have the right to obtain, free of charge and whenever you choose, information about the source of the personal data kept about you, the recipient of the data and the reason why your personal data has been processed. You also have the right to request that incorrect data is rectified, that access to your data is blocked or that your data is erased. You can contact us at any time about this and any other questions regarding personal data at the address given in the legal notice. You also have a right of appeal to the competent supervisory authority regarding anything to do with your personal data.

Analysis tools and tools belonging to third-party providers

When you visit our website, your browsing behaviour may be statistically analysed. This will mostly be done by cookies and so-called analytics programs. Your browsing behaviour will usually be analysed anonymously; there will be no way of tracing it back to you. You can object to your browsing behaviour being analysed or you can prevent it happening by not using certain tools. You can find detailed information about this in the following data protection statement.

You can object to analysis of your browsing behaviour. You will be informed about the opportunities to object in this data protection statement.

 

2. General information and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We will process your personal data in confidentiality and in accordance with statutory data protection requirements and this data protection statement.

When you use this website, a variety of personal data will be collected. Personal data is any data that would allow you to be identified personally. This data protection statement explains what data we collect and what we use it for. It also explains how and for what purpose we do this.

Please note that data transfer over the internet (e.g. through email communication) may feature vulnerabilities. It is not possible to protect data completely against third party access.

Information about the data controller

The controller responsible for data processing on this website is:

Ferdinand Bilstein GmbH + Co. KG
Wilhelmstr. 47
58256 Ennepetal
Telefon: 02333 911-0
E-Mail: info@bilsteingroup.com

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (such as names, email addresses, etc.).

Withdrawing your consent to data processing

A lot of data processing operations can only take place with your express consent. You can withdraw your consent at any time. All you have to do is send us a simple email. The legality of any data processing carried out before you withdraw your consent will not be affected by withdrawal of your consent.

Right to lodge a complaint with the competent supervisory authority

The data subject has the right to lodge a complaint with a supervisory authority regarding any infringement of data protection legislation. The responsible supervisory authority in data protection matters is the state data protection officer of the federal state in which our company has its registered office. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data that we process by automated means with your consent or for the performance of a contract to be transmitted to you or to a third party in a commonly used, machine-readable format. If you require the data to be transferred directly to another controller, this will only be done if it is technically feasible.

SSL and TLS encryption

For reasons of security and to protect the transfer of confidential content, such as the orders or enquiries that you send to us as the website operators, this site uses SSL and TLS encryption. An encrypted connection can be recognised by the fact that the browser’s address bar changes from "http://" to "https://" and the appearance of the padlock icon in your browser bar.

If SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties.

Access, blocking and erasure

You have the right to be given, free of charge and whenever you choose, information about any personal data kept about you, the source of the data, the recipient of the data, and the reason why your personal data was processed, and you have the right to ask for the data to be rectified or erased, and access to it blocked. If you have any questions about this or any other matters relating to personal data, you can contact us at the address given in the legal notice.

 

3. Data protection officer

Legally prescribed data protection officer

We have appointed a data protection officer for our company.

Sascha Hasselbach
c/o EDV-Fortress
Kronprinzstr. 47-49
40764 Langenfeld
www.datenschutz-extern-nrw.de

Phone: 021732041244
E-mail: privacy@bilsteingroup.com

 

4. Data collection on our website

Cookies

The websites may use so-called cookies. Cookies do not cause any damage to your computer and do not contain any viruses. The aim of cookies is to make our content more user-friendly, more effective and more secure. Cookies are small text files that are saved by your browser onto your computer.

Most of the cookies used by us are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies may be saved on your end device until you delete them. These cookies enable us to recognise your browser the next time you visit.

You can configure your browser in order to be informed of the usage of cookies and only accept cookies on a case-by-case basis, to block acceptance of cookies in specific cases or in general and to enable the automatic deletion of cookies when the browser is closed. The functionality of this website may be impaired if cookies are deactivated.

Cookies that are needed to carry out electronic communication processes or to provide certain functions that you wish to use (such as the shopping cart function) are stored on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in storing cookies on your computer to allow it to provide you with a technically flawless, streamlined service. If other cookies (such as cookies for analysing your browsing behaviour) are stored on your computer, they will be treated separately in this protection statement.

Server log files

The site provider automatically collects and stores information in so-called “server log files”, which your browser sends to us automatically. This information includes:

• browser type and version
• operating system used
• referrer URL
• time of the server enquiry
• IP address

This data will not be cross-referenced with other data sources.

The legal basis for processing the data is Article 6(1)(f) GDPR. Our legitimate interest follows from the data collection purposes listed below: System security and stability.

Contact form

If you submit queries to us using the contact form, the information you provide in the query form, including the contact data indicated by you therein, will be stored by us in order to process the query and for any follow-up questions. We shall not pass on this data without your consent.

The data entered into the contact form will therefore be processed solely with your consent (Article 6(1)(a) of the GDPR). You may withdraw your consent at any time. All you have to do is send us a simple email. The legality of any data processing operations already carried out before you withdraw your consent will not be affected by withdrawal of your consent.

The data you provide in the contact form will remain with us until you ask us to erase it, until you withdraw your consent to your data being stored or until the data no longer needs to be stored (once your enquiry has been processed, for example). Mandatory legal regulations - particularly concerning retention periods - will not affected.

Customer enquiries

We use the ticketing system, Zendesk, a customer service platform of Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102, to process customer enquiries. To this end, essential data such as first name, surname, postal address, phone number, email address, are collected on our website, in order to be able to respond to your need for information. Zendesk is a certified participant in the “Privacy Shield Framework” and therefore fulfils the requirements for lawful contract data processing.

You can find more detailed information about data processing by Zendesk in Zendesk’s Privacy Policy at https://www.zendesk.de/company/customers-partners/privacy-policy/. If you have any questions you can also contact Zendesk’s data protection officer directly: privacy@zendesk.comprivacy@zendesk.com

If you contact us by email or via the form on the website, we shall use the data transmitted by you only for processing your specific enquiry. The data provided shall be treated confidentially. The data provided and the message history with our service desk is stored for follow-up questions and contacting.

Use is optional and serves to improve and speed up our customer service. If you do not agree to data collection and data storage in Zendesk’s external system, we shall offer you alternative contact options for submitting service requests. You can find direct contact options via phone and post under the menu item “Contact” at the end of this page.

 

Salesforce Sales Cloud

Ми використовуємо програмне забезпечення Salesforce Sales Cloud для обробки даних споживачів. Власником є salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich (надалі "Salesforce").

Salesforce Sales Cloud це CRM система, яка надає можливість, окрім іншого, обробляти дані існуючих та потенційних клієнтів, на додачу до контактів, та організовувати процеси продажів та комунікацій. Використання CRM системи також надає нам можливість аналізувати процеси, пов'язані з відносинами із клієнтами. Всі дані щодо клієнтів зберігаються на серверах Salesforce. Під час цього процесу, персональні дані також можуть бути передані материнській компанії salesforce.com Germany GmbH, salesforce.com inc, Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.

Детальну інформацію щодо особливостей роботи Salesforce Sales Cloud можна знайти за посиланням: https://www.salesforce.com/de/products/sales-cloud/overview/.

Використання Salesforce Sales Cloud базується на Статті 6, Пункт 1, підпункт (f) Загального регламенту про захист даних (GDPR). Оператор веб-сайту має законний інтерес до максимально можливого ефективного управління даними клієнтів та комунікації з клієнтами. В разі запиту відповідної згоди, обробка здійснюється виключно на підставі Статті 6, Пункт 1, підпункт (a) GDPR; згода може бути відкликана в будь-який час.

Salesforce керується Обов’язковими Корпоративними Правилами (BCR), які затверджені Французькою Організацією із Захисту Даних (CNIL). Це є обов’язкові корпоративні правила, які дозволяють здійснювати легальну передачу корпоративних даних у треті країни за межами ЄС та ЄЕЗ. Детальну інформацію можна знайти за посиланням: https://www.salesforce.com/de/blog/2020/07/die-binding-corporate-rules-von-salesforce-erfuellen-hoechste-da.html.

Для отримання детальної інформації зверніться до політики конфіденційності Salesforce:https://www.salesforce.com/de/company/privacy/ 

 

Контракт на обробку замовлень

Ми уклали контракт із Salesforce на обробку замовлень. Цей контракт, передбачений законом про захист даних, гарантує, що Salesforce обробляє лише персональні дані відвідувачів нашого веб-сайту відповідно до наших інструкцій та у відповідності до Загального регламенту про захист даних (GDPR).

 

5. Social media

Sharing content via plugins (Facebook, Google+1, Twitter, etc.)

The content on our site can be shared on social networks such as Facebook, Twitter or Google+ in ways which comply with data protection regulations. This page uses the eRecht24 Safe Sharing Tool to do this. This tool does not establish direct contact between the social networks and users until the user actively clicks on one of these buttons.

This tool does not automatically transfer user data to the operators of these platforms. If the user is logged on to one of the social networks and uses the social buttons on Facebook, Google+1, Twitter etc., an information window will appear where the user can confirm the text before pressing send.

Our users can share the content of this site on social networks in ways which comply with data protection regulations, without allowing the social network operators to create full browser profiles.

 

6. Analytics tools and advertising

Google Analytics

This website uses functions from the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files saved on your computer which make it possible to analyse how you use this website. The information generated by the cookie concerning your use of this website will as a rule be passed on to a Google server in the USA and saved at that location.

The basis for storing Google Analytics cookies is Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its web content and the advertising shown with it.

IP anonymisation

We have activated the IP anonymisation function on this website. Google uses this to shorten your IP address within member states of the European Union or in other signatories to the Agreement on the European Economic Area before sending it to the USA. In exceptional cases only, the full IP address will be transmitted to a Google server in the USA and abbreviated at that location. Acting on behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide other services associated with website usage and internet usage to the website operator. The IP address of your browser transmitted in relation to Google Analytics will not be cross-referenced with other data held by Google.

Browser plugin

You can prevent a cookie from being saved by selecting the appropriate setting in your browser software. However, please note that you will not be able to use all the functions of this website to their full extent in this case. In addition, you can prevent the data generated by the cookie relating to your usage of the website (including your IP address) from being by collected and processed by Google by downloading and installing the available browser plugin from the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Demographics in Google Analytics

This website uses the “Demographics features” function in Google Analytics. Using this feature, reports can be produced that contain statements on the age, gender and interests of the visitors to the site. This data comes from Google’s personalised advertising and visitor data from third-party providers. This data cannot be matched to specific people. You can disable this feature at any time via the ad settings in your Google Account, or refuse to allow Google Analytics to collect your data at all, as outlined in the section “Objecting to having your data collected”.

Google AdWords and Google Conversion Tracking

Diese Website verwendet Google AdWords. AdWords ist ein Online-Werbeprogramm der Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).

This website uses Google AdWords. AdWords is an online advertising programme of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). As part of Google AdWords we use so-called “conversion tracking”. If you click on an advert placed by Google, a cookie will be deposited for conversion tracking. Cookies are small text files that the Internet browser places on the user’s computer. These cookies lose their effectiveness after 30 days and cannot be used for personal identification of the user. If the user visits certain pages on this website and the cookie has not yet expired, we and Google are able to recognise that the user has clicked on the advert and has been forwarded to this page.

Every Google AdWords customer receives a different cookie. Cookies cannot be traced via the websites of AdWords customers. The information that is gathered with the help of conversion cookies serves to produce conversion statistics for AdWords customers who have opted for conversion tracking. As a result, the customers are informed about the total number of users who have clicked on their advert and been forwarded to a site with a conversion tracking tag. However, they do not receive any information with which the users could be personally identified. If you do not wish to participate in tracking, you can object to this use by simply disabling the Google conversion tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics. The basis for storing “conversion cookies” is Article 6(1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its web content and the advertising shown with it. You can find more information about Google AdWords and Google conversion tracking in Google’s privacy policy: https://www.google.de/policies/privacy/

You can configure your browser to notify you of the usage of cookies and only accept cookies on a case-by-case basis, to block acceptance of cookies in specific cases or in general and to enable the automatic deletion of cookies when the browser is closed. The functionality of this website may be impaired if cookies are deactivated.

 

7. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we will require your email address as well as information allowing us to verify that you are the owner of the specified email address and that you have agreed to receive the newsletter. Additional data shall only be collected on a voluntary basis or not at all. This data is used exclusively to send the requested information and will not be shared with third parties.

The data entered into the newsletter subscription form is processed solely with your consent (Article 6(1)(a) GDPR). You may withdraw your consent to the storage of data, your email address and use thereof for sending of the newsletter by following the “unsubscribe” link in the newsletter. The lawfulness of any data processing operations already carried out will not be affected by withdrawal.

We will store the data you provide us in order to receive the newsletter until you cancel your subscription, and we will erase the data when you unsubscribe from the newsletter. Data that we have stored for other purposes (e.g. email addresses for the members area) will not be affected.

MailChimp

This website uses MailChimp‘s services for sending newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. MailChimp is a service which, amongst other features, allows the distribution of newsletters to be organised and analysed. If you provide data (such as your email address) so that you can be sent a newsletter, it will be stored on MailChimp’s servers in the USA.

MailChimp is certified according to the “EU-US Privacy Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA, which is supposed to guarantee compliance with the European data protection standard in the USA.

With the help of MailChimp we will be able to analyse our newsletter campaigns. When you open an email sent with MailChimp, a file included in the email (a so-called web beacon) will connect to MailChimp‘s servers in the USA. This will establish whether a newsletter email has been opened and which links have been clicked on. Technical information will also be collected (such as time of visit, IP address, browser type and operating system). It will not be possible to match this information to specific recipients of the newsletter. It will be used solely for statistical analysis of newsletter campaigns. The results of these analyses can then be used to better tailor future newsletters to the interests of the recipients.

If you do not want your data analysed by MailChimp, you will need to unsubscribe from the newsletter. To allow you to do this, we provide a link in each newsletter email. You can also unsubscribe from the newsletter directly on the website itself.

The data collected in this way will be processed with your consent (Article 6(1)(a) GDPR). You can withdraw your consent at any time by unsubscribing from the newsletter. The lawfulness of any data processing operations already carried out will not be affected by withdrawal.

We will store the data you provide us in order to receive the newsletter until you cancel your subscription and erase it from both our servers and MailChimp’s servers when you unsubscribe from the newsletter. Data that we have stored for other purposes (e.g. email addresses for the members area) will not be affected.

Further details can be found in MailChimp’s data protection provisions at: https://mailchimp.com/legal/terms/.

Concluding a data processing agreement

We have concluded a so-called “data processing agreement” with MailChimp in which we have required MailChimp to protect our customers' data and not to share it with third parties. This agreement can be viewed at the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.

123formbuilder

We use the function of the third-party provider, 123formbuilder (123FormBuilder, Flavia Palace, Vladimirescu n° 10, Ground Floor 300195, Timisoara, Romania, EU), on this website.

All contact forms have been or will be created with 123formbuilder.

123formbuilder uses the Amazon AWS server for its services, which are presumably located in the USA. That means that your data inputs are administered, processed and stored on this Amazon AWS server.

Amazon AWS is a certified participant in the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework.

Amazon AWS has undertaken to handle all personal data received from members of the European Union (EU) or Switzerland in accordance with the applicable principles of the Privacy Shield Framework. You can find additional information about the Privacy Shield Framework on the Privacy Shield list of the US Department of Commerce at https://www.privacyshield.gov/welcome.

123formbuilder provides its services in compliance with the GDPR and makes suitable technical and organisational measures to protect your personal data.

For more information, please visit the following links:

Technical and organisational measures: https://www.123formbuilder.com/how-do-we-handle-service-security/

GDPR Compliance: https://www.123formbuilder.com/gdpr-compliance/

Cookie policy: https://www.123formbuilder.com/cookie-policy/

Only use our contact forms if you agree fully with 123formbuilder’s Privacy Policy. By using our contact forms, you agree with this Privacy Policy, including the collection and processing of your personal data as explained above. Alternatively, you can contact us by telephone.

 

8. Plugins und Tools

 

YouTube with extended data protection

This website integrates videos of the YouTube website. The pages are operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We are using YouTube with extended data protection mode. According to YouTube, that mode causes YouTube to not store any information on the visitors on this website before they view the video. Forwarding of data to YouTube partners, in contrast, is not necessarily excluded by the extended data protection mode. Thus, YouTube will connect to the Google DoubleClick network no matter if you are viewing a video or not.

A connection to the YouTube servers will be established as soon as you start a YouTube video on this website. The YouTube servers will be informed of which one of our pages you visited. If you are logged in to your YouTube account, you will enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube may place various cookies on your terminal device or use comparable recognition methods (such as device fingerprinting) after you start a video. This enables YouTube to get information on visitors to this website. This information will be used, among other things, to improve user friendliness and to prevent attempts at fraud.

If applicable, further data processing processes may be triggered after starting a YouTube video. We cannot influence these.

We use YouTube in the interest of an attractive presentation of our online offers. This is a legitimate interest within the meaning of point (f) of Article 6 (1) GDPR. If a corresponding consent was requested, processing will take place exclusively based on point (a) of Article 6 (1) GDPR and § 25 (1) TTDSG, as far as the consent comprises storage of cookies or access to information in the user’s terminal device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent may be withdrawn at any time.

For more information on data protection at YouTube, see its privacy policy at: https://policies.google.com/privacy?hl=en

 

Google Web Fonts

In order to ensure the uniform display of fonts, this website uses so-called Web Fonts provided by Google. When you visit a website, your browser loads the necessary Web Fonts in your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google’s servers. In this way, Google is informed that our website has been visited via your IP address. We use Google Web Fonts in the interest of displaying our online platform in a consistent, appealing fashion. This represents a legitimate interest within the meaning of Article 6(1)(f) GDPR.

If your browser does not support Web Fonts, your computer will use a standard font.

Further information on Google Web Fonts can be accessed via https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://www.google.com/policies/privacy/.

Google Maps

This website uses the Google Maps service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

It is necessary to store your IP address in order to use the functionality of Google Maps. This information is usually transferred to a Google server in the USA, where it is stored. The provider of this website does not have any influence on data transmission.

The use of Google Maps is done to ensure the attractive presentation of our online service and to make it easy to find one of the locations specified on our website. This represents a legitimate interest within the meaning of Article 6(1)(f) GDPR.

You can find more information on dealing with user data in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

 

 

Refusal of consent to data collection

You can prevent your data from being collected by Google Analytics by clicking on the following link. This will enable an opt-out cookie, which will prevent your data from being collected in the event of future visits to this website: Disable Google Analytics.

Further information on how user data is handled by Google Analytics may be found in the Google Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de.