Privacy

Data protection

We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes this data is used.

This privacy policy applies to the internet offering of von Schaewen GmbH, which can be accessed under the domain www.von-schaewen.de and the various subdomains (“our website”).

Who is responsible and how can I reach you?

Responsible

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

von Schaewen GmbH
Kronprinzenstr. 14
45128 Essen
Germany
+4920181100
info@von-schaewen.de

Data protection officer

AGAD Service GmbH
Waldring 43-47
44789 Bochum
datenschutz@agad.de

What is it about?

This privacy policy meets the legal requirements for transparency in the processing of personal data. This is all information that relates to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or user behavior when visiting a website. Information that we cannot (or can only with disproportionate effort) establish a connection to you personally, e.g. by anonymizing, is not personal data. The processing of personal data (e.g. collection, querying, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data is deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We will inform you about the specific storage periods or criteria for storage in the individual processing operations. Irrespective of this, we store your personal data in individual cases to assert, exercise or defend legal claims and if there are statutory retention periods.

Who gets my data?

We only pass on your personal data that we process on our website to third parties if this is necessary to fulfil the purposes and is covered by the legal basis in the individual case (e.g. consent or protection of legitimate interests). In addition, we pass on personal data to third parties in individual cases if this serves the assertion, exercise or defense of legal claims. Possible recipients can then be, for example, law enforcement authorities, lawyers, auditors, courts, etc.

If we use service providers to operate our website who process personal data on our behalf as part of order processing in accordance with Art. 28 GDPR, these service providers may be recipients of your personal data. You can find more information on the use of order processors and web services in the overview of the individual processing operations.

Do you use cookies?

Cookies are small text files that we send to the browser on your device when you visit our website and that are stored there. As an alternative to using cookies, information can also be stored in your browser’s local storage. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to carry out various analyses, so that we are able, for example, to recognize the browser you use when you visit our website again and to transmit various information to us (non-necessary cookies). Cookies enable us, among other things, to make our website more user-friendly and effective for you by, for example, tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information using cookies, they collect the information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs and do not contain viruses.

We provide information about the respective services for which we use cookies in the individual processing operations. Detailed information about the cookies used can be found in the cookie settings or in the consent manager of this website.

What rights do I have?

Under the conditions of the legal provisions of the General Data Protection Regulation (GDPR), you as the data subject have the following rights:

How exactly is my data processed?

Below we will inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Provision of the website

Type and scope of processing

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

[Our website is not hosted by us, but by a service provider who processes the aforementioned data on our behalf for the purpose of this in accordance with Art. 28 GDPR.]

Purpose and legal basis

The processing is carried out to protect our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of Art. 6 (1) (f) GDPR. The collection of data and storage in log files is essential for the operation of the website. There is no right of objection to processing due to the exception under Art. 21 (1) GDPR. Insofar as the further storage of log files is required by law, processing is carried out on the basis of Art. 6 (1) (c) GDPR. There is no legal or contractual obligation to provide the data, but accessing our website is technically not possible without providing the data.

Storage period

The aforementioned data will be stored for the duration of the website display [and for technical reasons beyond that for a maximum of [7 days]].

 

contact form

Type and scope of processing

On our website we offer you the opportunity to contact us using a form provided. The information collected via mandatory fields is required in order to process the request. In addition, you can voluntarily provide additional information that you consider necessary to process the contact request.

When you use the contact form, your personal data will not be passed on to third parties.

Purpose and legal basis

Your data will be processed by using our contact form for the purpose of communication and processing your request on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. If your request relates to an existing contractual relationship with us, the processing will be carried out for the purpose of fulfilling the contract on the basis of Art. 6 (1) (b) GDPR. There is no legal or contractual obligation to provide your data, but processing your request is not possible without providing the information in the mandatory fields. If you do not wish to provide this data, please contact us by other means.

Storage period

If you use the contact form based on your consent, we will store the data collected from each inquiry for a period of three years, starting with the processing of your inquiry or until you revoke your consent.

[If you use the contact form as part of a contractual relationship, we will store the data collected from each request for a period of [three years] from the end of the contractual relationship.]

 

Newsletter

Type and scope of processing

If you register on our website to receive our newsletter, we will collect your email address [and your name…] and save this information together with the date of registration and your IP address. You will then receive an email in which you must confirm your registration for the newsletter (double opt-in). If you do not confirm your registration within [XX hours], it will automatically expire and the data will not be processed for sending the newsletter.

[The newsletter is sent directly by us. Your data will not be passed on to third parties or processors within the meaning of Art. 28 GDPR.]

[To send the newsletter, we use a service from [service providers] who process your personal data on our behalf in accordance with Art. 28 GDPR. Your data will not be passed on to third parties.]

Purpose and legal basis

We process your data for the purpose of sending the newsletter based on your consent in accordance with Art. 6 Paragraph 1 Letter a of GDPR. By unsubscribing from the newsletter, you can revoke your consent at any time with effect for the future in accordance with Art. 7 Paragraph 3 of GDPR. There is no legal or contractual obligation to provide your data, but sending the newsletter is not possible without providing your data.

Storage period

After registering for the newsletter, we store the data for a maximum of [XX hours] until the registration is confirmed. After successful confirmation, we store your data until you revoke your consent (unsubscribe from the newsletter) [and for technical reasons for a maximum of [7 days] beyond that.]

Presences on social media platforms

We maintain so-called fan pages, accounts or channels on the networks listed below in order to provide you with information and offers within social networks and to offer you further ways to contact us and find out about our offers. Below we will inform you about which data we or the respective social network processes in connection with your access to and use of our fan pages/accounts.

Data we process from you

If you would like to contact us via messenger or direct message via the respective social network, we generally process your user name, which you use to contact us, and store any other data you provide to the extent that this is necessary to process/answer your request.

The legal basis is Art. 6 Para. 1 Sentence 1 f) GDPR (processing is necessary to protect the legitimate interests of the controller).

(Static) usage data that we receive from social networks

We receive automated statistics about our accounts via insights functions. The statistics include, among other things, the total number of page views, likes, information on page activity and post interactions, reach, video views/views and information on the proportion of men/women among our fans/followers.

The statistics only contain aggregated data that cannot be linked to individual people. We cannot identify you using this.

What data social networks process about you

In order to view the contents of our fan pages or accounts, you do not have to be a member of the respective social network and a user account for the respective social network is not required.

Please note, however, that when you access the respective social network, the social networks collect and store data from website visitors without a user account (e.g. technical data in order to be able to display the website to you) and use cookies and similar technologies over which we have no influence. You can find details in the data protection provisions of the respective social network (see the relevant links above).

If you want to interact with the content on our fan pages/accounts, e.g. comment on, share or like our postings/contributions and/or contact us via messenger functions, you must first register with the respective social network and provide personal data.

We have no influence on the data processing by the social networks in the context of your use. To the best of our knowledge, your data is stored and processed in particular in connection with the provision of the services of the respective social network, and also to analyze usage behavior (using cookies, pixels/web beacons and similar technologies) on the basis of which advertising based on your interests is displayed both within and outside the respective social network. It cannot be ruled out that your data will also be stored by the social networks outside the EU/EEA and passed on to third parties.

Information on the exact scope and purposes of the processing of your personal data, the storage period/deletion and guidelines on the use of cookies and similar technologies in the context of registration and use of social networks can be found in the data protection provisions/cookie guidelines of the social networks. There you will also find information on your rights and options for objection.

 

Facebook site

When you visit our Facebook page, Facebook (Meta) records, among other things, your IP address and other information that is stored on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more information on this at the following link:https://facebook.com/help/pages/insights.

The statistical information provided does not allow us to draw conclusions about individual users. We only use it to respond to the interests of our users and to continually improve our online presence and ensure its quality.

We collect your data via our fan page only to enable communication and interaction with us. This data usually includes your name, message content, comment content and the profile information you make available “publicly”.

The processing of your personal data for the purposes stated above is based on our legitimate business and communicative interest in offering an information and communication channel in accordance with Art. 6 Para. 1 f) GDPR. If you as a user have given your consent to the respective provider of the social network for data processing, the legal basis for processing extends to Art. 6 Para. 1 a), Art. 7 GDPR.

Due to the fact that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorized to have full access to your data. As a result, only the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The most effective way to assert corresponding rights is therefore directly with the respective provider.

We and Facebook are jointly responsible for the personal content of the fan page. The rights of those affected can be asserted with Meta Platforms Ireland Ltd. and with us.

According to the GDPR, Facebook has primary responsibility for processing Insights data and Facebook fulfills all obligations under the GDPR with regard to the processing of Insights data. Meta Platforms Ireland Ltd. makes the essence of the Page Insights Supplement available to the data subjects.

We do not make any decisions regarding the processing of insights data and the storage period of cookies on user devices.

Further information can be found directly on Facebook (Supplementary Agreement with Facebook):https://www.facebook.com/legal/terms/page_controller_addendum.

Further information, including the exact scope and purposes of the processing of your personal data, the storage period/deletion as well as guidelines on the use of cookies and similar technologies in the context of registration and use, can be found in Facebook’s privacy policy/cookie guidelines:
https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
https://www.facebook.com/policies/cookies

 

LinkedIn page

LinkedIn is a social network operated by LinkedIn Inc., based in Sunnyvale, California, USA, which enables the creation of private and professional profiles of natural persons and company profiles. Users can maintain their existing contacts and make new ones within the social network. Companies and other organizations can create profiles on which they upload photos and other company information in order to present themselves as employers and recruit employees. Other LinkedIn users have access to this information and can write their own articles and share this content with others. The focus of the network is on professional exchange on specialist topics with people who have the same professional interests.

When using or visiting the network, LinkedIn automatically collects data from users or visitors during use or visit, such as user name, job title and IP address. This is done with the help of various tracking technologies. LinkedIn provides users with information, offers and recommendations based on the data collected in this way.

We collect your data via our company profile only to enable you to communicate and interact with us. This data usually includes your name, message content, comment content and the profile information you have made available “publicly”.

The processing of your personal data for the purposes stated above is based on our legitimate business and communicative interest in offering an information and communication channel in accordance with Art. 6 Para. 1 f GDPR. If you as a user have given your consent to the respective provider of the social network for data processing, the legal basis for processing extends to Art. 6 Para. 1 a, Art. 7 GDPR.

Due to the fact that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorized to have full access to your data. As a result, only the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The most effective way to assert corresponding rights is therefore directly with the respective provider.

We and LinkedIn are jointly responsible for the personal content of our company profile. The rights of those affected can be asserted with LinkedIn Inc. and with us.

We do not make any decisions regarding the data collected on the LinkedIn site using tracking technologies.

For more information about LinkedIn, visit: https://about.linkedin.com.

For more information about privacy at LinkedIn, please visit: https://www.linkedin.com/legal/privacy-policy.

Further information on storage duration/deletion as well as guidelines on the use of cookies and similar technologies in the context of registration and use of LinkedIn can be found at: https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy.

 

XING page

XING is a social network of XING SE, based in Hamburg, Germany, which allows the creation of private and professional profiles. Users can maintain their existing contacts and make new ones. Companies can create profiles to which they upload photos and other company information. Other XING users have access to this information and can write their own articles and share this content with others.

The focus is on professional exchange on specialist topics with people who have the same professional interests. In addition, XING is often used by companies and other organizations to recruit employees and present themselves as an interesting employer.

Further information about XING can be found at:https://corporate.xing.com/de/unternehmen/

Further information on data protection at XING can be found at:https://privacy.xing.com/de/datenschutzerklaerung.

We do not collect or process any personal data via our XING company page.

 

Facebook CDN

Type and scope of processing

We use Facebook CDN to properly deliver the content of our website. Facebook CDN is a service provided by Meta Platforms Ireland Limited, which acts as a content delivery network (CDN) on our website.

A CDN helps to make the content of our online offering, in particular files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the purposes stated above and to maintain the security and functionality of Facebook CDN.

Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimization of our online offering in accordance with Art. 6 Para. 1 lit. f. GDPR.

We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 Para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified according to the EU-US Data Privacy Framework (EU-US DPF).

In cases where there is no adequacy decision by the European Commission (including US companies that are not certified according to EU-US DPF), we have agreed other appropriate guarantees with the recipients of the data within the meaning of Art. 44 ff. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can find a copy of these standard contractual clauses athttps://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DEview.

In addition, before such a third country transfer, we will obtain your consent in accordance with Art. 49 Paragraph 1 Sentence 1 Letter a. of GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that with third country transfers, there may be risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact extent of which and the consequences for you of which we do not know, over which we have no influence and of which you may not be aware).

Storage period

We have no influence over the specific storage period of the processed data; it is determined by Meta Platforms Ireland Limited. Further information can be found in the privacy policy for Facebook CDN: https://www.facebook.com/privacy/explanation.

 

Google CDN

Type and scope of processing

We use Google CDN to properly deliver the content of our website. Google CDN is a service provided by Google Ireland Limited, which acts as a content delivery network (CDN) on our website.

A CDN helps to provide the content of our online offering, in particular files such as graphics or scripts, more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the purposes stated above and to maintain the security and functionality of Google CDN.

Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimization of our online offering in accordance with Art. 6 Para. 1 lit. f. GDPR.

We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 Para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified according to the EU-US Data Privacy Framework (EU-US DPF).

In cases where there is no adequacy decision by the European Commission (including US companies that are not certified according to EU-US DPF), we have agreed other appropriate guarantees with the recipients of the data within the meaning of Art. 44 ff. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can find a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DEview.

In addition, before such a third country transfer, we will obtain your consent in accordance with Art. 49 Paragraph 1 Sentence 1 Letter a. of GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that with third country transfers, there may be risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact extent of which and the consequences for you of which we do not know, over which we have no influence and of which you may not be aware).

Storage period

We have no influence over the specific storage period of the processed data; it is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google CDN: https://policies.google.com/privacy.

 

Google Maps

Type and scope of processing

We use the Google Maps map service to create directions. Google Maps is a service provided by Google Ireland Limited, which displays a map on our website.

When you access this content on our website, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the purposes stated above and to maintain the security and functionality of Google Maps.

Purpose and legal basis

The use of Google Maps is based on your consent in accordance with Art. 6 Para. 1 lit. a. GDPR and Section 25 Para. 1 TDDDG.

We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 Para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified according to the EU-US Data Privacy Framework (EU-US DPF).

In cases where there is no adequacy decision by the European Commission (including US companies that are not certified according to EU-US DPF), we have agreed other appropriate guarantees with the recipients of the data within the meaning of Art. 44 ff. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can find a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DEview.

In addition, before such a third country transfer, we will obtain your consent in accordance with Art. 49 Paragraph 1 Sentence 1 Letter a. of GDPR, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that with third country transfers, there may be risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact extent of which and the consequences for you of which we do not know, over which we have no influence and of which you may not be aware).

Storage period

We have no influence over the specific storage period of the processed data; it is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Maps: https://policies.google.com/privacy.