1) INFORMATION ON THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE CONTROLLER
1.1 We are pleased that you are visiting our website and thank you for your interest. Below we will inform you about how we handle your personal data when you use our website. Personal data is all data that can be used to identify you personally.
1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Dursol Fabrik Otto Durst GmbH & Co. KG. The controller responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.
1.3 The controller has appointed an external data protection officer for this website, who can be contacted as follows:
Dursol-Fabrik Otto Durst GmbH & Co. KG
Data Protection Officer:
Stephan Viehoff
Martinstr. 22
42655 Solingen
Tel.: +49 (0)212 2718-0
Email: datenschutz@autosol.de
1.4 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser line.
2) DATA COLLECTION WHEN VISITING OUR WEBSITE
If you use our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
- visited website
- Date and time of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- browser used
- Operating system used
- IP address used (if applicable: in anonymized form)
The processing is carried out in accordance with Art. 6 Paragraph 1 Letter f of GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.
3) COOKIES
In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable us or our partner companies (third-party cookies) to recognize your browser the next time you visit (persistent cookies). If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data as well as IP address values. Persistent cookies are automatically deleted after a specified period of time, which can vary depending on the cookie.
In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the contents of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies implemented by us, the processing takes place in accordance with Art. 6 Para. 1 lit. b GDPR either to execute the contract or in accordance with Art. 6 Para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.
We may work with advertising partners who help us to make our website more interesting for you. For this purpose, cookies from partner companies will also be stored on your hard disk when you visit our website (third-party cookies). If we work with the aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case in the following paragraphs.
Please note that you can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general. Each browser differs in the way it manages cookie settings. Please note that if you do not accept cookies, the functionality of our website may be limited.
4) CONTACT
When you contact us (e.g. via contact form or email), personal data is collected. The data collected when you use a contact form can be seen in the respective contact form. This data is stored and used solely for the purpose of answering your request or for establishing contact and the associated administration. The legal basis for processing the data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted after your request has been processed. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention periods to the contrary.
5) DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT PROCESSING
In accordance with Art. 6 Paragraph 1 Letter b of GDPR, personal data will continue to be collected and processed if you provide it to us to execute a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. Your customer account can be deleted at any time and can be done by sending a message to the above-mentioned address of the person responsible. We store and use the data you provide to process the contract. After the contract has been fully processed or your customer account has been deleted, your data will be blocked with regard to statutory retention periods and deleted after these periods have expired, unless you have expressly consented to further use of your data or we have reserved the right to further use of the data that is permitted by law, about which we will inform you accordingly below.
6) USE OF YOUR DATA FOR DIRECT MARKETING
6.1 Registration for our email newsletter
If you sign up for our email newsletter, we will regularly send you information about our offers. The only mandatory information required to send the newsletter is your email address. Providing any other data is voluntary and will be used to address you personally. We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you an email newsletter if you have expressly confirmed to us that you consent to receiving newsletters. We will then send you a confirmation email asking you to confirm that you wish to receive newsletters in the future by clicking on a corresponding link.
By activating the confirmation link you give us your consent to use your personal data in accordance with Art. 6 Paragraph 1 Letter a of GDPR. When you register for the newsletter, we save your IP address entered by your Internet Service Provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your email address at a later date. The data we collect when you register for the newsletter is used exclusively for the purposes of advertising via the newsletter. You can unsubscribe from the newsletter at any time using the link provided for this purpose in the newsletter or by sending a corresponding message to the person responsible named at the beginning. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we inform you in this declaration.
6.2 Sending the email newsletter to existing customers
If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our range to those you have already purchased. In accordance with Section 7 Paragraph 3 of the German Act Against Unfair Competition (UWG), we do not need to obtain your separate consent for this. In this respect, data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 Paragraph 1 Letter f of GDPR. If you have initially objected to the use of your email address for this purpose, we will not send you any emails. You are entitled to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by notifying the person responsible named at the beginning. After receipt of your objection, the use of your email address for advertising purposes will be stopped immediately.
6.3 Advertising by post
Based on our legitimate interest in personalized direct advertising, we reserve the right to store your first and last name, your postal address and - if we have received this additional information from you as part of the contractual relationship - your title, academic degree, year of birth and your professional, industry or business name in accordance with Art. 6 (1) (f) GDPR and to use it to send you interesting offers and information about our products by post.
You can object to the storage and use of your data for this purpose at any time by sending a corresponding message to the person responsible.
7) DATA PROCESSING FOR ORDER PROCESSING
To process your order, we work with the following service provider(s), who support us in whole or in part in the implementation of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
The personal data we collect will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We will pass on your payment details to the commissioned credit institution as part of the payment processing, insofar as this is necessary for the payment processing. If payment service providers are used, we will inform you explicitly about this below. The legal basis for the transfer of data is Art. 6 Para. 1 lit. b GDPR.
7.1 PayPal
Product purchases can be paid for via PayPal. Data about the purchase will be passed on to PayPal. PayPal's privacy policy can be viewed here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
7.2 Credit card payment
If product purchases are paid for with credit cards, the transaction is carried out via SIX Payment Services (Europe) SA, German branch, Theodor-Heuss-Allee 108D-60486 Frankfurt am Main. The data relating to the respective purchase is passed on to SIX Payment Services (Europe) SA to process the payment. The data protection information of SIX Payment Services (Europe) SA can be viewed here: https://www.six-payment-services.com/de/services/legal/privacy-statement.html
8) USE OF SOCIAL MEDIA: VIDEOS
use of YouTube videos
This website uses the YouTube embedding function to display and play videos from the provider “YouTube”, which belongs to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
The extended data protection mode is used here, which, according to the provider, only starts saving user information when the video(s) is played. If the playback of embedded YouTube videos is started, the provider "Youtube" uses cookies to collect information about user behavior. According to information from "Youtube", these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive behavior. If you are logged in to Google, your data will be assigned directly to your account when you click on a video. If you do not want to be assigned to your YouTube profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in particular in accordance with Art. 6 Para. 1 lit.f GDPR on the basis of Google's legitimate interests in displaying personalized advertising, market research and/or designing its website to meet needs. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.
Regardless of whether the embedded videos are played, a connection to the Google “DoubleClick” network is established each time this website is accessed, which can trigger further data processing operations without our influence.
Google LLC, based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU.
Further information on data protection at “YouTube” can be found in the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy
9) RIGHTS OF THE DATA SUBJECT
9.1 The applicable data protection law grants you comprehensive rights as a data subject (rights to information and intervention) vis-à-vis the controller with regard to the processing of your personal data, about which we will inform you below:
- Right to information in accordance with Art. 15 GDPR: In particular, you have the right to information about your personal data processed by us, the purposes of the processing, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected from you by us, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing concerning you, as well as your right to be informed of the guarantees in accordance with Art. 46 GDPR when your data is forwarded to third countries;
- Right to rectification in accordance with Art. 16 GDPR: You have the right to have inaccurate data concerning you rectified without delay and/or to have incomplete data stored by us completed;
- Right to erasure in accordance with Art. 17 GDPR: You have the right to request the erasure of your personal data if the requirements of Art. 17 Para. 1 GDPR are met. However, this right does not apply in particular if the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you dispute, is being verified, if you refuse to delete your data due to inadmissible data processing and instead request the restriction of the processing of your data, if you need your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved, or if you have lodged an objection for reasons related to your particular situation, as long as it has not yet been determined whether our legitimate reasons outweigh yours;
- Right to information in accordance with Art. 19 GDPR: If you have asserted your right to rectification, erasure or restriction of processing vis-à-vis the responsible party, this party is obliged to inform all recipients to whom the personal data concerning you was disclosed of said rectification, erasure or restriction of processing, unless doing so should prove impossible or involve disproportionate expenditure. You have the right to be informed of these recipients.
- Right to data portability according to Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller, where technically feasible;
- Right to revoke consent granted in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation;
- Right to lodge a complaint pursuant to Art. 77 GDPR: If you consider that the processing of personal data concerning you violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, without prejudice to any other administrative or judicial remedy.
9.2 Right of objection
If we process your personal data based on our predominantly legitimate interest as part of a balancing of interests, you have the right to object to this processing at any time with effect for the future for reasons arising from your particular situation.
If you exercise your right to object, we will stop processing the data in question. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, fundamental rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising. You can exercise your objection as described above.
If you exercise your right of objection, we will stop processing the data concerned for direct marketing purposes.
10) DURATION OF STORAGE OF PERSONAL DATA
The duration of storage of personal data is determined by the respective statutory retention period (e.g. retention periods under commercial and tax law). After expiry of the period, the corresponding data is routinely deleted, provided that it is no longer required to fulfill or initiate a contract and/or we have no legitimate interest in continuing to store it.
Status: 25.05.2018
