This translation ensues without any liability for the accuracy of
the translation. Legally binding is only the German version that is also available on this Website.
We have compiled information in the following that describes how we process your personal data when providing our internet services.
NIRONIT Edelstahl GmbH & Co. KG
Am Oheberg 8, 21224 Rosengarten
Tostedt Local Court, HRB No. 5290
Personally liable partner:
NIRONIT Beteiligungsgesellschaft mbH
Managing Director: Thomas Meyer
Contact DATA PROTECTION OFFICER
We have appointed a data protection officer whom you can contact at the following address:
NIRONIT Edelstahl GmbH & Co. KG />
Data Protection Officer
NIRONIT Edelstahl GmbH & Co. KG
Data Protection Officer
Am Oheberg 8
II. WHEN WE PROCESS WHAT PERSONAL DATA
We process personal data we have obtained from you in the following cases:
- When you visit our website or our online shop, the browser used on your device automatically sends information to the server hosting our website.
This information is temporarily stored in a so-called log file. The following information is captured without any action on your part and is stored
until it is automatically erased:
- IP address of the accessing computer
- Date and time of the access
- Name and URL of the accessed file
- Website from which the access originated (referrer URL)
- Browser you are using, possibly the operating system of your computer and the name of your access provider.
- In addition, we utilise cookies and analysis services during visits to our website. Additional information is available in the section “Analysis Tools”.
Whenever you have questions of any nature, you can contact us using the form that is available on the website/in the online shop. This requires you to enter a valid email
address so that we know who the query is from and can respond to it. Additional information can be provided voluntarily.
- If you want to send us a job application for an advertised position or an unsolicited application, we will process the documents and personal data you send to us.
We require your name, address and other contact details, date and place of birth, nationality
and qualification documents for unsolicited applications. You are also free to provide us with any other voluntary data that
you think would be useful in establishing an employment relationship.
- Registration for our newsletter — When you subscribe to our newsletter, we collect your email address, surname, first name, company,
position and city. We process the data you have provided at this time.
- We offer you the opportunity to register on our site. During this registration process, the data required in the input mask of the registration form — company, address,
VAT ID number, contact, email address, phone number — are collected and stored solely and exclusively for your use of our services. When you register on our site,
we will also store your IP address and the date and time of your registration.
III. PURPOSE OF THE DATA PROCESSING
We use the personal data you actively provide solely for the agreed purpose and solely to the extent necessary.
- a. We process the aforementioned data for the following purposes:
- To secure the trouble-free establishment of a connection to the website
- To secure the ease of use of our website
- To evaluate system security and stability
- For other administrative purposes.
The legal grounds for the data processing are found in point (f) of Art. 6 (1) GDPR [EU General Data Protection Regulation].
Our legitimate interest is derived from the purposes of the data collection listed above. Under no circumstances do we use the
collected data for the purpose of identifying you.
- Data are processed for establishment of the contact to us in accordance with point (b) of Art. 6 (1) GDPR as a necessary step prior to entering a contract.
If a contract is concluded, the data may be recorded in our customer care system. The data are not processed for any other purpose.
- Data are also processed for the purpose of establishing and implementing an employment relationship pursuant to Art. 88 GDPR in conjunction
with Section 26 Federal Data Protection Act [Bundesdatenschutzgesetz; BDSG]. If we decide to hire you, the personal data will go into our personnel file
and be used for the purposes of the “employee management” procedure.
- Data processing for the purpose of carrying out and processing orders through our online shop or contract enquiries using our online contact form is required
in accordance with point (b) of Art. 6 (1) GDPR for the fulfilment of a contract with us or as a necessary step prior to entering a contract.
- If you have given your express consent in accordance with point (a) of Art. 6 (1) GDPR, we will use your email address to send to you our newsletter
on a regular basis. Customers who have previously purchased goods or ordered services from us and have given us their email address will receive product
recommendations within the limits of the legal regulations pursuant to Art. 7 (3) Act Prohibiting Unfair Competition [Gesetz gegen den unlauteren Wettbewerb; UWG]
in conjunction with point (f) of Art. 6 (1) GDPR, provided that we notified them we would be doing so when the contract was concluded and they did not object.
IV. CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Your personal data will be treated confidentially and will transmitted to third parties solely insofar as:
- You have given your express consent to the transmission in accordance with point (a) of Art. 6 (1) GDPR;
- The transmission is necessary pursuant to point (f) of Art. 6 (1) GDPR for the establishment, exercise or defence of
legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-transmission of your data;
- In the event that a legal obligation exists for the disclosure pursuant to point (c) of Art. 6 (1) GDPR; and
- the transmission is lawful and necessary pursuant to point (b) of Art. 6 (1) GDPR for the fulfilment of contractual relationships with you.
In addition, your personal data will be transmitted to third parties in the following categories of recipients: companies that
assist us in assessing your creditworthiness (commercial credit insurers). The data processing in this case serves our legitimate
interest in minimising risks of losses from payment default. We receive solely a notification of the aggregated results from the
commercial credit insurers without any more specific details. You may object to processing on the basis of your legitimate interest at any time.
V. DURATION OF THE STORAGE OF PERSONAL DATA
- Cookies are stored in your browser. So-called session cookies are automatically erased by your browser when you leave the website.
The duration of the storage in this case is determined by the technical functionality of the browser you are using. So-called temporary
cookies remain stored for a certain period of time that is dependent on the cookie. For more information about the cookies used,
the duration of storage and the options for preventing the setting of cookies, please see Section VI.
- Personal data that are transmitted to us in connection with a contact enquiry on our website are stored solely for the period required
to process the enquiry. If you object to the data processing beforehand, the queries will not be processed and your data will be erased.
If a contract is concluded, the personal data you have provided will be stored in our customer care system for the duration of the statutory
retention periods and then erased; this is usually 10 years for tax-relevant documents beginning with the end of the year in which the contract
was fully performed or terminated (Section 147 Fiscal Code [Abgabenordnung; AO], Section 257 Commercial Code [Handelsgesetzbuch; HGB]), provided
there are no other legal obligations that obligate us to store the data for a shorter or longer period.
- The personal data collected during a job advertisement/application procedure will be stored:
- For at least three months if employment does not result. The storage period will not exceed six months;
- In accordance with our storage periods if employment results. The information to which you are entitled will be provided to you when you are hired.
- If you have given us your consent for the data processing (for example, when subscribing to our newsletter),
the personal data you have provided will be stored until consent is withdrawn.
- Personal data that are transmitted to us in relation to registration on our website or in our online shop are stored solely as long as the account
is maintained. If a contract is concluded, the data you provide will as a rule be stored in our customer care system for 10 years from the end of the
year in which the contract was performed or terminated unless there is another legal obligation that obligates us to store the data for a shorter or longer period.
We want to point out that we will erase your data if their storage is unlawful (in particular if the data are incorrect and rectification is not possible).
Data will be blocked instead of erased if there are legal or factual obstacles to the erasure (for example, special retention obligations pursuant
to commercial and tax law requirements).
VI. DATA PROTECTION QUESTIONS AND RIGHTS
You have the right at any time to obtain, free of charge, information about the origin, recipients and purpose of your stored personal data. You also have the
right to request the rectification , blocking or erasure of these data. You may contact us at any time (contact address shown above) to exercise your rights
and to submit additional questions about data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Specifically, you as the data subject have the following rights vis-à-vis us as the controller:
Right of access
You may request a confirmation whether we process any personal data concerning you. If data are being processed, you may obtain access to the following information:
- Processing purposes;
- The recipients or categories of recipient to whom the personal data concerning you have been or will be disclosed;
- If possible, the envisaged period for which the personal data concerning you will be stored or, if not possible, the criteria used to determine the storage period;
- See below regarding further rights to which you are entitled;
- If and when the personal data are not collected from you, any available information as to their source;
- The existence of automated decision-making, including profiling, and, if applicable, more detailed information on this subject.
You have the right to be informed of the appropriate safeguards in accordance with Article 46 GDPR when your data are transmitted to a third country or an international organisation.
- Right to rectification
You have the right to request from us the rectification without undue delay of any inaccurate or incomplete personal data concerning you.
- Right to restriction of processing
You have the right to request from us the restriction of processing if one of the following prerequisites has been met:
- You contest the accuracy of the personal data;
- The processing of the data is unlawful and you refuse the erasure of the personal data and request instead the restriction of their use;
- We no longer need the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims; or
- you have objected to the processing (see below) and it is not yet clear whether our legitimate grounds override yours.
Right to erasure
You have the right to request that we erase any personal data concerning you without undue delay and we are obligated to erase these
data without undue delay insofar as one of the following grounds applies:
- Your personal data are no longer required for the purposes for which they were collected or otherwise processed;
- You withdraw the consent you have given and there are no other legal grounds for the processing;
- You object to the processing (see below);
- Your personal data have been unlawfully processed;
- We must erase your personal data in compliance with a legal obligation in EU law or the law of the member states;
- We have collected the personal data on the basis of a child’s consent.
Right to notification
If you have exercised the right to rectification, erasure or restriction of processing vis-à-vis us, we are obligated to communicate any
rectification or erasure of personal data or restriction of processing to each and every recipient to whom the personal data concerning you have
been disclosed unless this proves impossible or involves disproportionate effort. You have the right to request information about those recipients.
Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured,
commonly used and machine-readable format. Moreover, you have the right to transmit those data to another controller
without hindrance from the controller to which the personal data have been provided insofar as:
- The processing is based on consent pursuant to point (a) of Art. 6 (1) GDPR or on a contract pursuant to point (b) of Art. 6 (1) GDPR; and
- the processing is carried out by automated means.
In exercising this right, you may also have the personal data transmitted directly from one controller to another, insofar as this
is technically feasible. The exercise of this right must not adversely affect the rights and freedoms of others. The right to data
portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or
in the exercise of official authority vested in the controller.
Right to object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you
that is based on one of the following grounds:
- Our processing of your personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us; or
- The processing is necessary for the purposes of protecting our legitimate interests or those of a third party, insofar as such interests
are not overridden by your interests or fundamental freedoms that require the protection of your personal data.
You also have the right to object to profiling based on these processing operations. If and when we process personal data for direct
marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes, including any
profiling to the extent that it is related to such direct marketing.
Right to lodge a complaint with a supervisory authority
In the event of infringements on data protection law, you as the data subject have the right to lodge a complaint with the competent supervisory authority. A list of data protection officers and their contact details can be found at the following
VII. AUTOMATED DECISION-MAKING, INCLUDING PROFILING
Under certain circumstances, automated profiling with the goal of analysing personal aspects may occur. We use these profiling measures
whenever we are obligated by legal and regulatory requirements to combat money laundering, terrorism financing and criminal offences that are a
threat to assets. Data analyses (including online comparison with legally prescribed lists) are also carried out at this time.
VIII. COOKIES AND ANALYSIS TOOLS
Description of data processing, purpose and legal grounds
device (laptop, tablet, smartphone etc.) when you visit our site. Cookies do not cause any harm to your device and
do not contain any viruses, Trojans or other malware.The information stored in the cookie is related to the specific device that is in use. This does not mean,
however, that we obtain direct information regarding your identity from it.
you have previously visited specific pages of our website. These cookies are automatically erased when you leave our site.
In addition, we use temporary cookies to optimise the user friendliness of the site; they are stored for a defined period of time on your device.
If you visit our site again to take advantage of our services, the site automatically recognises that you have previously visited the site and
remembers what entries and settings you made at that time, so you do not have to go through this process again
of our service for you. These cookies enable us to determine automatically that you have previously visited our site when you return for another visit.
These cookies are automatically erased after a specifically defined time.
Legal regulations generally permit the storage of information on your device — e.g. by setting cookies or retrieving information (tracking) —
solely if and when you have given your prior consent. However, consent is not required if this storage/retrieval is necessary for the
website to function (e.g. technically necessary cookies).
associated processing of the personal data will be obtained.
You may withdraw your consent, effective for the future, at any time by changing your settings on the cookie consent platform you can access on the
website. Moreover, you have the option of preventing the storage of cookies by making the appropriate settings in your browser (see VIII. 3.).
If and when consent must be obtained for the setting of cookies, cookies are set on the consent platform for the purpose of obtaining the legally
The processing of personal data using technically necessary cookies is based on point (f) of Art. 6 (1) GDPR. We have a legitimate interest
in storing cookies for the technically error-free and optimised provision of the services because this enables us to adapt our site technically
in line with requirements and simplifies your access to our sites. Cookies for statistical analysis of the website and cookies from third-party providers are used to
improve the quality of our website and to optimise our services. We use the data collected at this time solely in pseudonymised user profiles.
In particular, we use the services of the third-party providers described below to draw attention to our products and services with their help
and to make it easier for you to reach our locations. We carry out this processing solely if and when you have given us your consent to the
use of these cookies for analysis and statistics (point (a) of Art. 6 (1) GDPR).
- Cookies and social media sites on third-party platforms
If you have given your consent, cookies from partner companies may also be stored on your device when you visit our website (third-party cookies).
This is done to make our internet services more interesting for you. The use of these cookies and the scope of the data collected in each case are explained in more detail below.
The cookies we use from third party providers may in some cases result in data processing in the USA. In this case as well,
we set cookies solely with your consent (point (a) of Art. 6 (1) GDPR). In addition, we maintain social media sites on social networks,
some of which may lead to data processing in the USA. These providers (e.g. Google, YouTube) have committed to comply with the data protection
provisions of the EU-US Privacy Shield, the legal framework for transatlantic data transmissions agreed between the European Commission
and the United States (COMMISSION IMPLEMENTING DECISION (EU) 2016/1250 of 12 July 2016 pursuant to Directive 95/46/EC of the European Parliament
and of the Council on the adequate protection provided by the EU-US Privacy Shield (notified under document number C(2016) 4176)). Furthermore,
these providers are registered with the US Department of Commerce’s Privacy Shield programme. However, the European Court of Justice has declared
this agreement invalid and determined that the USA does not have a level of data protection comparable to that of the EU
(ECJ, decision of 16/07/2020 — C-311/18, margin note 200, Facebook/Schrems II). In the meantime, the third-party providers with whom we work
have accepted the EU standard contractual clauses and made them part of the user contracts to ensure compliance with the European data protection
standard. The laws of the USA give various security agencies surveillance authority, including the use of surveillance programmes that are
able to collect and analyse data. USA providers are obligated under national laws to give security authorities access to the data they process,
even if they are processed at an overseas company. When you give your consent, there is a risk that the data collected via cookies will become
part of surveillance operations in the USA. No legal remedy or effective judicial process against such surveillance is available in the USA.
Users can avoid this by not agreeing to the setting of cookies from third-party providers in the USA.
Duration of storage and possibility to object
“Session cookies” are erased automatically at the end of your browser session. Other cookies (“so-called "temporary cookies”) remain stored
on your device for a certain period of time or until you erase them. These cookies enable us or our partner companies (third-party cookies)
to recognise your browser on your next visit. Temporary cookies are erased automatically after a set period of time that can differ from one
cookie to the next.
You can set your browser to notify you whenever cookies are set and allow cookies solely in specific cases; preclude the acceptance of
cookies for certain cases or in general; and activate the automatic erasure of cookies when the browser is closed. The disabling of
cookies may restrict the available functions on our website.
Detailed instructions for these settings can be found in the help information of your browser.
You can find these instructions for your browser under the following links:
Alternatively, you will find information about the placement of cookies and making the desired settings at the internet address www.aboutads.info
of the Digital Advertising Alliance.
We use the open-source web analysis tool Matomo (formerly Piwik; see also www.matamo.org) on our website.
This provides us with anonymised reports on the use and the visitors to our online services, in particular the
search engines and keywords used, the languages used, the pages viewed and the files downloaded.
We use a variant of Matomo that does not set cookies. The data generated by Matomo make it possible to analyse
the use of our online services for marketing and optimisation purposes. The information generated about the use
of our online services during the use of Matomo is stored on our own server in Germany and analysed internally only.
IP addresses are recorded solely in truncated form. We anonymise the last three bytes of each visitor’s IP so that it
cannot be attributed personally to specific visitors to our online site. The data collected with Matomo are used
solely for the statistical evaluation of user access to improve our online services and are not merged with personal
data at a later date. We do not transmit these data to third parties.
You may object to the Matomo analysis by installing the following opt-out. If you change your mind later, you can always return to this page and change your settings.
Click for Opt-Out
X. GOOGLE FONTS
We use “Google Fonts” on our website. The provider of the fonts in the EU, EEA and Switzerland is Google Ireland, Limited,
Gordon House, Barrow Street, Dublin 4. Ireland, and in the USA Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
Google fonts are fonts that Google makes available to its users free of charge. We use Google fonts so that our website can be loaded as smoothly and clearly as possible.
A connection is established between your browser and the Google server for presentation. The IP address is the content of this communication.
Legal grounds justifying our legitimate interest in the above-mentioned processing operations to secure a uniform presentation of the site
are found in point (f) of Art. 6 (1) GDPR.
The possibility to opt out can be found at: adssettings.google.com/authenticated.
XI. SOCIAL MEDIA SITES
We do not use social plug-ins as active buttons on our website. We refer solely to our services on the following social networks via icons:
- LinkedIn, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
- Xing: New Work SE, Dammtorstraße 30, 20354 Hamburg, Deutschland
We merely display the social media icons on our site. They are designed as inactive icons. We ensure data protection by utilising
a solution that transmits solely the address of our server to these services and not your IP address if you have activated a social
media icon by clicking on it.
When you click on one of these social media icons on our site, it is activated with your consent and a connection to these third-party providers is
established via your web browser in a separate tab. This enables the third-party providers to track the visit to our pages. If you are a member
of one of the social networks, you can share the content of our site with other members from your social network by activating the button.
Your participation in social networks or a visit or access to our social media sites may result in your data being processed outside the EU.
This may entail risks such as greater difficulty in asserting your rights.
When you access a social network, cookies for the recording of user behaviour are usually stored on your device. If you have a user account on
the accessed network and are logged in, your use behaviour can be attributed to your user account and saved. The social networks may analyse
use behaviour and use it for market research and marketing purposes. This may result in advertisements being displayed to you inside and outside
of social networks. We have no control over this.
We have no control over the data concerning you that social networks collect and store. Our above-mentioned social media sites provide us with
analyses of user data so that can address users with advertising based on their interests. If users interact with our social media site and are
logged in with a user account, we can also recognise the user profile and see the content of comments or postings on our site. This data processing
is carried out in joint responsibility with the provider of the particular social network. We have concluded a joint responsibility
agreement with each of the providers for the analysis of data relating to our social media sites (Art. 26 GDPR) in which we have covenanted
specific social network. You may also assert the rights to which you are entitled against us. However, the social network provider
can satisfy your rights more comprehensively because that is also where the data for use and analysis are stored.
We operate a social media site at https://www.linkedin.com/company/nironitedelstahl/mycompany/
where we present photos and posts about our company, provide information about our services, publish job advertisements where applicable and communicate with customers.
When our LinkedIn site is used and accessed, user data are also processed by the Irish-based company LinkedIn Ireland Unlimited Company, Wilton
Place, Dublin 2, Ireland and the US-based LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA 94085 (hereinafter “LinkedIn”). A system via LinkedIn
becomes possible from LinkedIn’s distribution of advertising via its network.
We analyse the views and interactions on our LinkedIn site. For this purpose, LinkedIn creates use profiles, but provides us in this case solely with
anonymous data, so-called page analyses, aggregated data that enable us to draw conclusions concerning how users interact with our LinkedIn site.
The compiled statistics are transmitted to us exclusively in anonymised form. We do not have access to the underlying data. With respect to this
analysis service, we process your personal data jointly with LinkedIn. For this reason, we have concluded an agreement between joint controllers
with LinkedIn (Art. 26 GDPR).
You can access our LinkedIn site regardless of whether or not you yourself have a user account with LinkedIn. We process your personal data when you interact
with our LinkedIn page, e.g. by posting a comment, clicking a Like button or sending us a message. We do not disclose the data to other third parties.
The terms of service of LinkedIn at:
are also authoritative.
Legal grounds for this data processing are, depending on the nature of your activity, your consent (point (a) of Art. 6 (1) GDPR) or our legitimate
interest (point (f) of Art. 6 (1) GDPR) in customer-oriented marketing. LinkedIn users may withdraw their consent to the publication of their
comments or Likes at any time with effect for the future by erasing the specific comment or content. The withdrawal is without prejudice to the
lawfulness of the processing carried out on the basis of the consent prior to the withdrawal.
LinkedIn offers the opportunity to object to certain data processing; information and opt-out options for
this subject can be found at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out?trk=microsites-frontend_legal_cookie-policy.
LinkedIn users can control the extent to which their use behaviour may be recorded when visiting our LinkedIn site at
Data processing via cookies set by LinkedIn can also be prevented by adjusting the settings in the browser.
LinkedIn transmits user data solely to countries for which an adequacy decision has been issued by the European Commission in accordance with
Article 45 GDPR or on the basis of appropriate guarantees in accordance with Article 46 GDPR. LinkedIn Corporation is certified under the EU-US
Privacy Shield, but this does not provide an adequate level of data protection
We operate a social media site at https://www.xing.com/pages/nironitedelstahlhandelgmbh-co-kg where we
present photos and posts about our company, provide information about our services, publish job advertisements where applicable and communicate with customers. When using and
accessing our XING page, user data are also collected by the German-based company New Work SE, Dammtorstrasse 30, 20354 Hamburg (hereinafter “XING”). A system via XING becomes
possible from XING’s distribution of advertising via its network.
We analyse the views and interactions on our XING site. For this purpose, XING creates use profiles, but provides us in this case solely with anonymous data,
so-called visitor and subscriber analyses, aggregated data that enable us to draw conclusions concerning how users interact with our XING site. The compiled
statistics are transmitted to us exclusively in anonymised form. We do not have access to the underlying data. With respect to this analysis service,
we process your personal data jointly with XING. For this reason, we have concluded an agreement between joint controllers with XING (Art. 26 GDPR).
You can access our XING site regardless of whether or not you yourself have a user account with XING. We process your personal data when
you interact with our XING site, e.g. by posting a comment, clicking a Like button or sending us a message. We do not disclose the data to
other third parties. The terms of service of XING at: https://www.xing.com/terms are also authoritative. https://www.xing.com/terms
Legal grounds for this data processing are, depending on the nature of your activity, your consent (point (a) of Art. 6 (1) GDPR) or our legitimate interest
(point (f) of Art. 6 (1) GDPR) in customer-oriented marketing. XING users may withdraw their consent to the publication of their comments or Likes at any time
with effect for the future by erasing the specific comment or content. The withdrawal is without prejudice to the lawfulness of the processing carried out on the
basis of the consent prior to the withdrawal.
XING offers the opportunity to object to certain data processing; information and opt-out options for this subject can be found at
XING users can control the extent to which their use behaviour may be recorded when visiting our XING site at
Data processing via cookies set by XING can also be prevented by adjusting the settings in your browser.
To our knowledge, XING uses service providers located in the USA to provide its services. The European Court of Justice has determined
that the USA does not have a level of data protection comparable to that of the EU (ECJ, decision of 16/07/2020 — C-311/18, margin note 200, Facebook/Schrems II).
If personal data are transferred there, there is a risk that surveillance authorities will access and analyse them on a massive scale There is no effective legal protection from this.
We offer the possibility on our sites to contact us using the messenger service WhatsApp. This service is operated in the EU and EEA by WhatsApp
group. The icon on our sites is inactive; you will see merely the mobile phone number you can use to contact us on WhatsApp.
The offer on our website to contact us using WhatsApp is based on our legitimate interest in marketing, customer loyalty and customer
service (point (f) of Art. 6 (1) GDPR). You are free to decide whether you want to send us messages via WhatsApp. For you, the use of
WhatsApp is based solely on the consent you give to WhatsApp (point (a) of Art. 6 (1) GDPR). We process solely the content of the messages
you send to us and your associated mobile phone number and name. In addition to the aforementioned legitimate interests, this exchange
with you via WhatsApp also serves to initiate or conduct business transactions with you (point (b) of Art. 6 (1) GDPR).
We receive statistical analyses from WhatsApp for measurement of the interaction with us. All interactions with us are automatically available to the service.
When you use the service, WhatsApp collects data about you, your account, your messages, network, use (especially payment services),
log information, device and connection data and location information. Cookies are also installed on your device. WhatsApp transmits user
data solely to countries for which an adequacy decision has been issued by the European Commission in accordance with Article 45 GDPR or
on the basis of appropriate guarantees in accordance with Article 46 GDPR. WhatsApp Inc. and all affiliated companies are certified under
the EU-US Privacy Shield, but this does not provide an adequate level of data protection
You can delete or manage your personal information on WhatsApp yourself at any time by adjusting the settings for the service,
changing the profile data or deleting your account on WhatsApp. You will find more detailed information
XII. REGISTRATION OF A CUSTOMER ACCOUNT AND ORDERS VIA OUR ONLINE SHOP
- Description of the data processing
Corporate customers can purchase products from us in our online shop in the conduct of their commercial activity. You must create a
customer account if you want to make purchases. Personal data are collected and stored for the creation of the customer account. The following data
will be transmitted to us and processed by us: Company name, address, contact, email address, phone number, VAT ID and a required password.
your registration, you will receive a confirmation email about the activation of the customer account. You cannot
order any products from our online shop without registration as a customer. .
- Purpose and legal grounds for data processing
The data are processed solely if the customer registers a customer account and orders products from our online shop.
The personal data collected during registration will be used solely and exclusively for the creation and maintenance of a customer
account and for the fulfilment and processing of the purchase contract, not for any other purposes. The data that must be provided during
registration are required to create a customer account and/or to process the contract whenever products are ordered.
The processing of personal data is carried out during creation of the customer account for the conclusion, processing and performance of
the use agreement and, whenever products are ordered, for the conclusion, processing and fulfilment of the sales contract. Legal grounds for
the processing are found in point (b) of Art. 6 (1) GDPR.
- Duration of the storage
When you have created a customer account, you have the option of requesting the deletion of the customer account at any time (contact under Section I).
We store personal data for the duration of the existence of the customer account. The data are subsequently erased insofar as that there are no legal
obligations to retain data or you have expressly consented to the use of your personal data beyond this time.
Information and data on individual orders dating back more than three years are blocked in the customer account and erased at the latest 10 years after
the order date. You may give your consent for data concerning orders placed more than three years ago, but no more than 10 years ago, to be shown to you.
Your personal data are erased or blocked as soon as the purpose of the storage ceases to exist. Storage of data may continue beyond this time if
provision has been made by European or national legislatures in EU regulations, laws, or other statutes to which we are subject. Blocking or erasure
of the data also occurs whenever the storage period required by the specified norm expires unless the continued storage of the data is
required for the conclusion or performance of a contract..
- Possibility of objection
You have the option of requesting the updating or erasure of the data stored in your customer account at any time (contact under Section I.).
There are legal obligations to retain certain data concerning the performance of contracts (for example, for invoices, Section 147 (3) AO, Section 57 HGB);
the data retained in accordance with these periods will be erased after expiry of the legal retention period obligation. When products have been ordered,
the data are required for the processing of the contract. To this extent, you do not have a right of objection to the data processing.
- Disclosure of personal data to service providers for completion of the order, purpose and legal grounds; possibility to object
DWe treat the personal data concerned confidentially, and they will not be transmitted to third parties unless this is necessary to process the
order or you have consented to the data processing or we are legally obligated to do so.
For our financial security, we ask commercial credit insurers whether they would insure the customer for orders with payment on account before
the products are delivered. This requires that we disclose the company name and address to companies that assist us in assessing your
creditworthiness (commercial credit insurers).
The data processing in this case serves our legitimate interest in minimising risks of losses from payment default. We receive solely
a notification of the aggregated results from the commercial credit insurers without any more specific details.
The disclosure of data in this case is based on point (f) of Art. 6 (1) GDPR. We have a legitimate interest in financial security
in the event that we provide delivery of the products in advance of receiving payment. These companies receive solely the data that
are necessary for the performance of the requested service. They are obligated to handle your data confidentially. You may object to
processing on the basis of your legitimate interest at any time. You will find more details on this subject under “Your rights”
Moreover, we cooperate with service providers who support us in whole or in part in the performance of concluded contracts when processing your
orders. These companies are service providers who support us in the shipping of the products. We transmit your personal data to these service
providers solely for the purpose of shipping the products to you and solely to the extent that is absolutely necessary in each case. They are
obligated to treat your data confidentially.
We disclose the name and shipping address you have provided to our chosen shipping partner so that the
products can be shipped to you, point (b) of Art. 6 (1) GDPR.
XIII. REGISTRATION FOR THE NEWSLETTER AND PRODUCT RECOMMENDATION BY EMAIL TO CURRENT CUSTOMERS
There is an opportunity on the website to subscribe to a free newsletter sent by email. When subscribing, you use the input mask to provide to
us your personal data of first name, surname and email address, which are stored and processed by us. In addition, the IP address of your device
and the date and time of registration are collected.
If you purchase products or services from us and have provided your email address, we take the liberty, insofar as permitted by legal regulations,
of sending to you product recommendations for similar products we offer if we notified you of this when the contract was concluded and you did not object.
The personal data we process for sending the newsletter will not be transmitted to third-party companies. The data are used solely and
exclusively for sending the newsletter or the product recommendations.
Legal grounds for the processing of personal data when users subscribe to a newsletter, provided that the users have given their
consent to the processing, are found in point (a) of Art. 6 (1) GDPR. The legal grounds for product recommendations subsequent to the
sale of products are found in point (f) of Art. 6 (1) GDPR in conjunction with Section 7 (3) UWG. The collection of the personal data
for the newsletter is necessary for the delivery of the newsletter. The same applies to product recommendations to customers who have purchased products.
Users’ names and email addresses are stored as long as the users subscribe to the newsletter or until the users unsubscribe from the newsletter.
Any other data collected during the registration process are erased as a rule after seven days.
Users may unsubscribe from the newsletter at any time and object to receiving product recommendations by email by clicking on a separate
link at the end of every newsletter. In addition, it is possible to unsubscribe or withdraw from receipt of the newsletter by sending an
email to datenschutz(at)nironit.de
XIV. DATA SECURITY
We use the widespread SSL (Secure Socket Layer) protocol in conjunction with the highest encryption level supported by your browser during your
website visit. As a rule, 256-bit encryption is used. If your browser does not support 256-bit encryption, we fall back on 128-bit v3 technology
instead. You can see whether a page of our internet site is transferred in encrypted form by the display of the key or a closed padlock icon in
your browser’s status or address bar..
In other respects, we use appropriate technical and organisational security measures to protect your data from accidental or intentional manipulations,
partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in step with technological development.