Dear Steinbrecher-GmbH.de website user,
We understand that information about data processing does not generally make for particularly interesting reading, but it is in your own interest to read through the following information carefully as it explains which of your personal data we process.


Information about data processing

As at: 06/12/2018
Protecting your data is important to us. After all, we want you to be able to browse our website – www.steinbrecher-gmbh.de (operated by: Steinbrecher Dienstleistungs GmbH corporate group, owner: Martin Steinbrecher, Kurt-Schwitters-Platz 6, 26409 Wittmund, Germany [hereinafter referred to as “Steinbrecher Dienstleistungs GmbH”]) – with confidence. That is why we explain how we process data and which external services we have embedded on our website in the following section.

 

1. Responsible

The party responsible for data processing on this website as defined in Article 4(7) of the General Data Protection Regulation (GDPR) is:

Steinbrecher Dienstleistungs-GmbH corporate group
Owner: Martin Steinbrecher

Company data protection officer:
Marcel Bruhn

Kurt-Schwitters-Platz 6
26409 Wittmund, Germany
Tel.: +49 (0)4462/955-01
Email: datenschutz@steinbrecher-gmbh.de

 

2. Subject of data protection

The subject of data protection is personal data. In accordance with Article 4(1) of the GDPR, “personal data” refers to any information relating to an identified or identifiable natural person. This includes information such as a name, postal address, email address or telephone number, and can also include usage data such as an IP address.

 

3. Scope and purpose of data collection and data storage

In the following section, we will clarify the scope of data collection, data storage and data usage (hereinafter “data processing” in accordance with the definition provided in Article 4(2) of the GDPR) and we will explain the purpose of data processing in the context of the website.

 

4. Personal data

In principle, this website can be used without sharing any personal data. The IP address is an exception, however, as we need this for a short period (for further information, please see section 4.3).

If you would like to contact us using the contact form or via email, you may need to provide personal data so that we can respond to you.



4.1. Contact via email; email hosting

If you wish to contact us via email, you will need to provide us with at least the following personal data:

  • Email address
  • First name and last name
  • A telephone number if you would like us to call you back.

We use this data solely for the purpose of processing your enquiry, and then to respond to you regarding this enquiry.

Our email server is provided by one of our hosting providers. The email server receives and stores the emails that you send to us, and then forwards the emails to our own email server. We commission an Internet security service provider to filter out spam emails. We work with our service providers on the basis of data processing agreements.

The legal basis for processing this data is always Article 6(1)(b) of the GDPR, as we would not be able to get back to you in relation to your enquiry if you did not provide us with any personal contact details.


4.2. Contact via the contact form
If you would like to get in touch with us via the contact form, enter the following personal data into the contact form:

  • Email address
  • First name and last name
  • Your enquiry.

This data is also used solely for the purpose of processing your enquiry, and then to respond to you regarding this enquiry. The legal basis for processing this data is also Article 6(1)(b) of the GDPR, as we would not be able to get back to you in relation to your enquiry if you did not provide us with any personal contact details.


4.3. About IP addresses
The Steinbrecher Dienstleistungs GmbH website collects a range of general data and information each time the site is accessed by a data subject or an automated system. This general data and information is saved in the server log files. The following data may be collected:

  1. The browser type and version used
  2. The operating system of the system used to access the website
  3. The website that directed the system to our website (known as the “referrer”)
  4. The sub-sites that are activated by a system accessing our website
  5. The date and time that the website is accessed
  6. An Internet Protocol address (IP address)
  7. The Internet service provider of the system accessing the website
  8. Other similar data and information used to defend against threats in the event of attacks on our information technology systems.

When using this general data and information, Steinbrecher Dienstleistungs GmbH does not draw any conclusions regarding the identification of the data subject. Instead, this information is required to:

  1. Deliver the content of the website correctly
  2. Optimise the content of our website and the advertising for our website
  3. Ensure that our information technology systems and the technology for our website continue to function correctly
  4. Provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.
    This data and information collected anonymously is analysed statistically by Steinbrecher Dienstleistungs GmbH and evaluated with the aim of increasing the level of data protection and data security on our web server, with the ultimate aim of ensuring optimum protection for the personal data that we process. The anonymous data in the server log files is stored separately to all the personal data provided by a data subject.

In case you are wondering why we are explaining all of this: According to the current prevailing legal opinion, IP addresses are considered to be personal data. And since an IP address is considered to be personal data, we are required to explain that we need to process this data briefly to enable you to use the website.
We commission a hosting provider to host this website, to host the web server and also to process the IP addresses (as described above). We work with this hosting provider on the basis of a data processing agreement.
The legal basis for processing this data is always Article 6(1)(b) of the GDPR, as we need your IP address in order to deliver the website and the information it contains to you.


4.4. Collection of other data
We have implemented various external services on our website. The following section will provide more information on this subject.


4.4.1. Cookies
Our website uses cookies. Cookies are small text files that a website stores on the computer of a website visitor, i.e. can store locally. Cookies make it easier for you to use the website. They save the data that you enter, which saves you having to do this again.
You can see the exact cookies that we use in your browser by clicking on settings or advanced settings and then going to content settings and/or cookies (each browser has a slightly different menu path).
You can prevent cookies from being installed by configuring the appropriate setting in your browser software (under “Settings” in most browsers). However, please note that if you do this, you may not be able to use all functions on our website to their full extent.
You can also delete cookies that have already been stored on your computer (also under “Settings” in your browser).

 

5. Use of data for a specific purpose, transfer of data

As a matter of principle, we only use data for a specific purpose. We collect, store and process the data specified above exclusively for the afore-mentioned purposes. Accordingly, we process the data only so that we are able to provide the website and the services listed in section 4 to you in full. Your personal data will not be disclosed to third parties outside of the context explained here without your express consent. In addition to the parties responsible for the website, the data processors mentioned above also receive your data. These recipients are bound by an obligation towards us under a data processing agreement. The transmission of data to authorised state institutions and authorities is also carried out only to the extent required by law, or when we are ordered to provide information as a result of a judicial decision.

 

6. Duration of processing

The data that you send us via the contact form or via email is stored to process your enquiry and then deleted afterwards. However, if there is a statutory retention period under commercial law, the data is retained for up to 6 or 10 years and then deleted in accordance with Section 257 of the German Commercial Code. Your IP address is stored temporarily in the web server log files solely for the purposes of establishing a connection and preventing cyber attacks, and is then deleted within 7 days.

 

7. Rights of the data subject (including the right of access, the right to revoke consent, the right to object and the right to erasure)

You have the right to be provided with information regarding the personal data we process about you.
You may object to the processing of your data at any point, provided that the requirements set out in Article 21 of the GDPR are met, and you may revoke any consent to the processing of this data that you have provided at any time. When a data subject revokes their consent to the processing of their data or objects to the use of their data, this does not affect the lawfulness of data processing conducted prior to said revocation or objection.

You may also request the rectification or erasure of the data that we process or request the restriction of said processing at any time. We would like to explicitly state that there may be legal obligations, such as retention obligations, that require us to continue to store your data. If this is the case, the data can then only be restricted. This means that the data is processed only for the purpose of complying with the legal obligations and is not used for anything else.
Furthermore, you have the right to data portability in accordance with Article 20 of the GDPR, as well as the right to lodge a complaint with a supervisory authority in accordance with Article 77 of the GDPR.

Application process (Article 6(1)(b) GDPR)

There is supplementary data protection information relating to the application process. This information is provided separately in the context of the application.                       

 

8. Use of Google Analytics

  1. This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses cookies. These are small text files that are stored on your computer and enable your use of the website to be analysed. The information generated by the cookie regarding your use of the website is generally transferred to a Google server in the USA and stored there. If IP anonymisation is enabled on this website, however, your IP address will be truncated by Google in EU member states or other states that are party to the Agreement on the European Economic Area before this information is transferred to the server. The full IP address will be transferred to a Google server in the USA and then truncated there only in exceptional cases. On behalf of the operator of this website, Google uses this information to analyse your use of the website, to compile reports about website activities and to provide other services related to the use of the website and the Internet for the website operator.
  2. The IP address sent by your browser in the context of Google Analytics is not combined with other data that Google holds.
  3. You can prevent cookies from being stored on your computer by configuring the appropriate setting in your browser software. However, please note that if you do this, you may not be able to use all functions of our website to their full extent.
  4. You can also prevent the collection of data generated by the cookie relating to your use of the website (including your IP address) and the processing of this data by Google by downloading the browser plugin available at this link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
  5. This website uses Google Analytics with the “_anonymizeIp()”extension. This means that IP addresses are truncated before being processed further, ruling out the possibility of this data being used to identify an individual.
  6. We use Google Analytics to analyse the use of our website and to continuously improve it. The statistics we obtain enable us to improve our website and make it more interesting to you as a user. For exceptional cases in which personal data is transferred to the USA, Google complies with the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Article 6(1)(1)(f) of the GDPR.
  7. Google Analytics is used in compliance with the requirements that the German data protection authorities have agreed with Google. Information about the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of Service: https://marketingplatform.google.com/about/analytics/terms/us/, privacy overview: https://policies.google.com/, and Privacy Policy: https://policies.google.com/privacy.
  8. This site uses Google Analytics reports to store interests and demographic characteristics, such as age and gender, and stores these in a cookie. The data collected cannot be linked back to specific people and can be disabled directly via the Google Ad Settings (https://adssettings.google.com).

 

9. Use of Facebook

9.1. Facebook plugin

Our website uses the “visitor action” pixel provided by Facebook Inc. This pixel makes it possible to track the activity of users who have been directed to a provider’s website after clicking on a Facebook advertisement. This process enables the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and can help to optimise future advertising measures. The data collected by this tool is anonymous, so it gives us no information about the identity of the user. However, the data is stored and processed by Facebook, which means that the data could be linked to the relevant user profile and Facebook could use this data for their own advertising purposes in accordance with the Facebook Data Policy: https://www.facebook.com/about/privacy/

Facebook and its partners may use this information when placing ads on and outside of Facebook. Furthermore, a cookie may be stored on your computer for this purpose.

9.2. Facebook remarketing

Our website uses the “Custom Audiences” remarketing function provided by Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA; “Facebook”). This function enables tailored advertisements to be displayed to website visitors in the Facebook social network. For this purpose, the remarketing tag from Facebook has been integrated on the website. This tag establishes a direct connection to the Facebook servers when the website is visited. As a result, the Facebook server receives information about which of our pages you have visited. Facebook assigns this information to your personal Facebook user account. When you visit Facebook, you are then shown personalised Facebook ads relating to your interests. The data is processed in accordance with Article 6(1)(f) of the GDPR based on the legitimate interest in the purpose mentioned above.

You have the right to object to this processing of your personal data carried out on the basis of Article 6(1)(f) of the GDPR on grounds relating to your particular situation. To do so, you can disable the “Custom Audiences” remarketing function. You can find further information about the collection and use of data by Facebook, your rights in this regard and the options you have to protect your privacy in the Facebook Data Policy, which is available at https://www.facebook.com/about/privacy/.

Please feel free to contact us at any time with any questions you may have at datenschutz@steinbrecher-gmbh.de.