Handelsgesellschaft Sparrenberg mbH (hereinafter “we”) respects your private and personal sphere. We therefore take the protection of your personal data, such as name, company address, company e-mail address, etc. very seriously.

This data protection notice provides information about the processing of your personal data when and to the extent that it is generated when using our website (hereinafter “website”, “website” or “page”). In addition, all persons affected by the processing are informed of the rights to which they are entitled.

1. Responsible person

The following company is responsible for the processing of your personal data described in this data protection information:

Trading company Sparrenberg mbH
Brokstraße 77, 33605 Bielefeld, Germany
Phone: +49 521/155-2668
email: datenschutz-service@hgs-info.net

2. Definitions

The data protection notice contains the following terms of the EU General Data Protection Regulation 2016/679 (“GDPR”)

1. personal data
2. Personal data is any information relating to an identified or identifiable natural person (hereinafter “you”). An identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more particular characteristics that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
3. workmanship
4. Processing is any process carried out with or without the aid of automated processes or any such series of processes in connection with personal data, such as collecting, organizing, storing, adapting or modifying, reading, querying, using, disclosing through transmission, dissemination or any other form of provision, reconciliation or linking, restriction, deletion or destruction.
5. responsible
6. The controller is the natural or legal person, authority, agency or other body which alone or together with others decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its nomination may be provided for by Union law or the law of the Member States.
7. Contract processor
8. Contract processor is a natural or legal person, authority, agency or other body that processes personal data on behalf of the person responsible.
9. consent
10. Consent is any expression of will given voluntarily by the data subject in an informed and unequivocal manner in the form of a statement or other unequivocal affirmative action by which the data subject indicates that he or she agrees to the processing of personal data concerning him or her.
11. supervisory authority
12. The supervisory authority is an independent state body set up by a member state in accordance with Article 51 GDPR.

3. Legal basis for processing

1. We process your personal data if and insofar as this is necessary for the establishment, execution or termination of a contractual or contract-like relationship. The legal basis for processing personal data in connection with a contractual or contract-like relationship is Art. 6 para. 1 sentence 1 b GDPR. This also applies to processing that is necessary to carry out pre-contractual measures.
2. In addition, we process your personal data if and insofar as you have given us consent to do so. This data is only used for the purpose and scope stated in the consent. The legal basis for data processing based on your consent is Article 6 (1) sentence 1a GDPR.
3. If processing is necessary to protect a legitimate interest of us or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6 (1) sentence 1 f GDPR serves as the legal basis.

4. Duration of processing

We only process your personal data for the period necessary to achieve the storage purpose or if this is provided for by relevant legal regulations. If the storage purpose ceases to apply or if a storage period prescribed by the relevant legal regulations expires, the personal data will be deleted routinely and in accordance with legal requirements, or processing will be restricted. In the case of contractual relationships, this applies accordingly until the expiry of statutory limitation periods.

1. The personal data will be deleted after the termination of the contractual or contract-like relationships in compliance with legal storage obligations.
2. The personal data will be deleted after the purpose pursued with the consent has been completed in compliance with the legal storage obligations.
3. The personal data will be deleted after legitimate interests have been achieved or upon objection in compliance with legal storage obligations.

5. Categories of recipients of personal data

Data processing is carried out by ourselves and, unless we have expressly ruled this out, by contract processors and, with your appropriate consent or in accordance with the contracts concluded between us, also by third parties. Otherwise, disclosure to third parties will only take place if there are legitimate interests in accordance with Article 6 (1) sentence 1 f GDPR. Our web hosts then also have access to the data generated when using our website.

Otherwise, your personal data will not be disclosed. In particular, we will not sell or otherwise exploit them. We will only process the data, in particular transfer it to government agencies, in accordance with official or legal requirements and with legal notification obligations.

As part of the contractual relationships, your personal data may be transferred to third parties who process this data exclusively for the purpose of fulfilling the purpose of the contract.

As part of your consent, your personal data may be transferred to third parties who process this data exclusively for the purpose of giving your consent.

Within the framework of legitimate interests, your personal data may be transferred to third parties who process this data exclusively for the purpose of fulfilling your interests.

6. Transfers to third countries

In the event that your personal data is transferred to entities in third countries outside the EU/EEA, this will only be done if the EU Commission has decided that the third country, a region or several specific sectors in this third country offer an adequate level of protection or that there are adequate or appropriate data protection guarantees within the meaning of Art. 46 or Art. 47 or Art. 49 GDPR.

7. Rights of data subjects

1. Right to information
2. You have the right to request confirmation from us as to whether your personal data is being processed (Art. 15 GDPR). If your personal data is processed, you have the right to obtain information about the personal data processed about you (Article 15 GDPR).
3. Right to rectification
4. You have the right to request the immediate correction of incorrect personal data concerning you (Art. 16 GDPR).
5. Right to delete (right to be forgotten)
6. You have the right to request the immediate deletion of personal data concerning you (Art. 17 GDPR).
7. Right to restrict processing
8. You have the right to ask us to restrict processing (Art. 18 GDPR).
9. Right to data portability
10. You have the right to assert against us your right to data portability with regard to personal data concerning you (Article 20 GDPR).
11. Right to object
12. You have the right to object at any time to processing of personal data concerning you that is carried out on the basis of Article 6 (1) sentence 1 e or f GDPR (Article 21 (1) GDPR). The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.
13. If your personal data is used for direct marketing purposes, you have the right to object to this at any time (Article 21 (2) GDPR).
14. In the event of an objection, we will no longer process the personal data. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.

8. Right to withdraw consent

You have the right to withdraw your consent to the processing of personal data at any time. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation, in which case you have the right of withdrawal for the future. You can send the revocation by letter or e-mail to the contact details of the responsible body mentioned in section 1. The lawfulness of the data processing carried out until your rights have been asserted remains unaffected.

9. Right to lodge a complaint with a supervisory authority

In addition to these rights, you have the right to lodge a complaint with the supervisory authority responsible for data protection (NRW: State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Düsseldorf).

10. Obligation to provide personal data

The provision of your personal data is partly required by law (e.g. tax regulations) or also results from contractual regulations (e.g. information about the contractual partner).

In order to conclude a contract, it may also be necessary for you to provide us with personal data, which must then be processed by us. Failure to provide personal data would mean that the contract could not be concluded with you. If you do not wish to provide personal data in these cases, you can contact the responsible body by post or email in accordance with Section 1. On a case-by-case basis, we will explain to you whether the provision of personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what consequences the failure to provide the personal data would have.

‍

11. data protection officer

If you have any questions about the processing of your personal data, please contact our data protection officer:

Trading company Sparrenberg mbH
data protection officer
Brokstraße 77
33605 Bielefeld
email: hg-sparrenberg@corporate-data-protection.com

12. Legal basis, purposes and duration of processing

1. contacting
2. If you contact us by e-mail, via a contact form or via the suggestion system for new search terms, the personal data you provide will also be processed. However, this data processing is limited to the purpose of processing inquiries or contacting you.
3. If you contact us by e-mail, via a contact form or in a comparable form (e.g. inquiries about the future inclusion of search keywords you have requested), the personal data you provide will also be processed. However, this data processing is limited to the purpose of processing inquiries or contacting you.
4. If consent has been given, the legal basis for this processing is Art. 6 (1) sentence 1a GDPR
5. Visiting the website
6. When you visit our website, no personal data is stored in log files.
7. Online appointments
8. We use Microsoft Bookings, a service provided by Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, to book appointments electronically. The legal basis for this is your consent (Article 6 (1) a) GDPR). You can revoke this at any time with effect for the future, for example by contacting the person responsible by e-mail.

13. Server logging

Each time you visit our website or use our app, we log data in server log files that originate from your device and may also include personal data. This applies to the following data:

• The operating system of your device
• The type of browser you use (when you visit the website)
• Name of your provider
• your IP address
• date and time of the call
• The pages visited on our website, including any search words
• The websites from which you accessed our website (when you access the website)

Processing is necessary to ensure the functionality of the website and app, to optimize and correctly deliver the content of our website and app, and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. This is also the legitimate interest in data processing. The legal basis for this is our legitimate interest (Art. 6 para. 1 f) GDPR).

We regularly delete this data after 7 days, in cases of misuse after the completion of official or judicial proceedings.

14. Tracking and cookies

Our website uses tracking technologies, such as cookies, which store or read information on your device. Here, we differentiate between the following categories:

• Necessary features
• Analytics & personalization

Necessary features

We use cookies and similar technologies to enable certain features of our website. This is necessary in order to be able to provide you with our website. For example, we can

• save your preferred language version of our website or similar settings for your next visit,
• distribute requests to our website to various web servers (load balancing),
• Give several requests to our website a uniform context (session) and thus enable login-restricted areas of our website, for example,
• Save your choices or settings regarding consent for tracking and control tracking technologies in accordance with your choice.

The legal basis for this is our legitimate interest (Art. 6 para. 1 f) GDPR) and § 25 para. 2 no. 2 TDDDG. Our legitimate interest in data processing is to enable our website to be used as smoothly as possible and to ensure that user actions actually originate from an authenticated user.

Analytics & personalization

We use cookies and similar technologies to evaluate user behavior on our website and adapt it accordingly.

If you have given your consent, we process information about the device you use and your web browser each time you interact with our website. For example, we can find out which language settings you use to use our website, whether you are using a smartphone or a desktop computer, and from which country you access our website.

We also process information about how you interact with our website, e.g. from where you are referred to our website, how long you use our website and which path you use to navigate through individual sub-pages. For example, we can record whether you found us via a search engine (and if so, under which search term) or an advertisement, how long you spent browsing the content of a particular page and how many pages you visited in total.

We use this information to analyse user behavior on our website and to optimize the website accordingly. In some cases, we create different versions of our website, which we present to individual users or user groups, and to optimize our website using cookies or similar technologies, we evaluate which version is used and how.

The legal basis for this is your consent (Art. 6 para. 1 a) GDPR or § 25 para. 1 TDDDG).

Insofar as we use tracking technologies based on your consent, you can withdraw or adjust them at any time with effect for the future. To do so, you can visit our tracking settings menu. You can also make settings in your browser to use cookies and similar technologies.

We use the following products for analysis and personalization:

Google Analytics

Google Analytics is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google processes your data on our behalf. Our Google Analytics configuration does not allow Google to use the data collected via Google Analytics to improve Google products and services.

Information about the cookies used as part of Google Analytics and their duration can be found here.

Usercentrics

To obtain and document your consent to store cookies on your device, we use the Usercentrics Consent Management Platform. In this context, we use Usercentrics GmbH, Rosental 4, 80331 Munich as a contract processor.

15. Changes to this data protection information

We reserve the right to change this information at any time in compliance with applicable data protection regulations.

‍