1 Name and contact details of the person responsible for processing data and of the in-house data protection officer
This data privacy information applies for data processing by: Responsible: NEHER DIA GmbH & Co. KG Am Sägebach 6 88356 Ostrach-Einhart, Germany Email: info@neher-group.com Phone: +49 (0)7585/93206-0 Fax: +49 (0)7585/93206-21 The email address of the in-house data protection officer at Neher Dia GmbH & Co. KG is dsb@neher-group.com2 Collection and storage of personal data and the nature and purpose of its use
a) When visiting the website
When you visit our website (www.neher-group.com), the browser used on your device automatically sends information to our website server. This information is stored temporarily in a log file. The following information is read without any action on your part, and is stored until deleted automatically::- IP address of the computer accessing the site
- Date and time of the access
- Name and URL of the file accessed
- Website from which access is performed (referrer URL)
- Browser and, possibly, operating system used on your computer, and the name of your access provider
- To guarantee smooth connection set-up for the website
- To guarantee our website is easy to use
- To analyse system security and stability
- For other administrative purposes
b) When signing up to our newsletter
When you expressly consent as in Art. 6 para 1 sentence 1 lit. a GDPR, we use your email address to regularly send you our newsletter. All you need to do to receive the newsletter is specify an email address. You can unsubscribe at any time (by for example using the link at the end of every newsletter). Or you can email your wish to unsubscribe to info@neher-group.com.c) When using our contact form
For questions of any kind, we provide you with a form on the website for contacting us. A valid email address is required so we know who the query is from and are able to respond. Any additional information is voluntary. The legal basis for data processing for the purposes of contacting us is Art. 6, para. 1, sentence 1, lit. a GDPR provided that you voluntarily issue your consent. The personal data collected by us for usage of the contact form is automatically deleted once the query made by yourself is concluded.3 Forwarding of data
Your personal data will not be forwarded to third parties other than for the purpose stated below. We only pass on your personal details to third parties:- when you have expressly issued consent in accordance with Art. 6 para 1 sentence 1 lit. a GDPR
- when forwarding is required for enforcing, exercising or defending legal claims according to Art. 6 para 1 sentence 1 lit. f GDPR, and there are no grounds to believe you have a predominant interest in your data not being transferred that is worthy of protection
- when there is a legal obligation for data transfer as laid down in Art. 6 para 1 sentence 1 lit. c GDPR
- when it is permitted by law and, in accordance with Art. 6 para 1 sentence 1 lit. b GDPR, required for the performance of a contract with you As part of order processing, service providers contracted by us (carrier and logistics firms for example) receive details necessary for order processing and fulfilment. These details may only be used by our service providers to perform this task.
- when a creditworthiness check is required due to our upfront service. To protect our interests, we will seek as required creditworthiness information from SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany. Your interests worthy of protection are covered by legal regulations.
4 Cookies
We use cookies on our website. Cookies are small files created automatically by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies are not harmful to your device and do not contain any viruses, Trojans or other malware. A cookie stores information arising in each case in conjunction with the specific device used. This does not mean, however, that as a result we receive direct information about your identity. Cookies are used to make our website more user-friendly. For example, we use “session cookies” to identify whether you have already visited individual pages of our website. Session cookies are deleted automatically when you leave our site. Furthermore, we also use temporary cookies to optimise user-friendliness. They are stored on your device for a certain, fixed time. If you visit our site again to make use of our services, it will automatically recognise your device and your entries and settings you may have configured so you need not enter them again. We also use cookies to record the usage of our website statistically, and to analyse our site for the purpose of optimisation (see Section 5). When you visit our site again, these cookies enable us to automatically recognise that you have already visited us. These cookies are deleted automatically after a defined time. The data processed by cookies are required for the purposes stated to protect our legitimate interests, and those of third parties, as laid down in Art. 6 para 1 sentence 1 lit. f GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or that a message is always shown before a new cookie is created. Fully disabling cookies can however mean you cannot use all of the functions of our website.5. Analyse-Tools
a) Analysis tools
The tracking measures listed below and used by us are based on Art. 6 para 1 sentence 1 lit. f GDPR. With these tracking measures, we want to ensure a needs-based design and continual optimisation of our website. We also use tracking measures to record the usage of our website statistically and to analyse our site for the purpose of optimisation. These interests are to be deemed legitimate within the meaning of the aforementioned provision. Refer to the corresponding tracking tools for the relevant data processing purposes and data categories.b) Google Analytics
To continually optimise our website and design it in such a way that it meets users’ needs, we use Google Analytics, a web analysis service provided by Google Inc. (https://www.google.de/intl/de/about/) /) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereafter “Google”). This involves the creation of pseudonymised user profiles and the use of cookies (refer to Section 4). The information generated by a cookie about your use of this website, such as the- browser type/version,
- operating system used,
- referrer URL (the site visited previously),
- host name of the accessing computer (IP address),
- time of the server request,
c) Google Adwords conversion tracking
To record usage of our website statistically and to analyse our website for the purpose of optimisation, we also use Google conversion tracking. If a user is directed to our website from a Google advert, Google Adwords places a cookie (see Section 4) on your computer. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the website of the Adwords customer and the cookie has not yet expired, Google and the customer can tell that the user clicked the advert and was forwarded to this page. Every Adwords customer receives a different cookie. This means cookies cannot be tracked via the websites of Adwords customers. Information obtained using a conversion cookie is used to compile conversion statistics for Adwords customers who have opted for conversion tracking. They can see the total number of users who have clicked their advert and been forwarded to a page featuring a conversion tracking tag. But they do not receive any information that can identify users personally. If you do not want to be part of the tracking process, you can also reject the setting of the cookie required for it, by using for example a browser setting that generally disables the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser such that cookies from the domain „https://www.googleadservices.com“ are blocked. Google’s data protection instructions for conversion tracking are available under the following link: (https://services.google.com/sitestats/de.html).6. Social media plugins
To raise the profile of our company, we use on our website the Facebook social network plugin on the basis of Art. 6 para 1 sentence 1 lit. f GDPR. The underlying promotional purpose is to be deemed as a legitimate interest as defined by the GDPR. Responsibility for ensuring operation is data protection compliant must be guaranteed by the respective provider. To provide the best possible level of protection for visitors to our website, we use the two-click method to integrate these plugins.7 Rights of those affected
You have the right:- • under the terms of Art. 15 GDPR, to request information about your personal data we process. In particular, you have the right to request information on the purpose of such data processing, the category of personal data, the categories of recipients to whom your data is or has been disclosed, the planned duration of storage, the existence of a right for correction, deletion and restriction of data processing, or raising an objection, the existence of a right to lodge a complaint, the origin of this data if not collected by us, as well as about automated decision processes, including potential profiling and meaningful information on the details where applicable;
- under the terms of Art. 16 GDPR, to request immediate completion of personal data, or correction of incorrect personal data, stored by us;
- • under the terms of Art. 17 GDPR, to request deletion of your personal data stored by us, except where the processing is required for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the enforcement, exertion or defence of legal claims;
- under the terms of Art. 18 GDPR, to request the limitation of the processing of your personal data provided the correctness of the data is contested by you, its processing is unlawful but you reject its deletion and we no longer require this data, but you require this information to assert, exercise or defend legal claims, or you have objected to the processing of personal data in accordance with Art. 21 GDPR;
- under the terms of Art. 20 GDPR, to receive the personal data you have provided to us in a structured, common and machine-readable format, or to request it to be sent to another person/entity responsible.;
- under the terms of Art. 7 para. 3 GDPR, to revoke at any time your consent once issued to us. As a result, we are not allowed to continue the data processing based upon this consent for the future.
- • under the terms of Art. 77 GDPR, to lodge a complaint with a supervisory authority. In such cases, you can contact the supervisory authority for your usual location or workplace, or for our law office.
8 Right of objection
If your personal data is processed based on legitimate interests as laid down in Art. 6 para 1 sentence 1 lit. f GDPR, you have the right under Art. 21 GDPR to file an objection against the processing of your personal data provided there are grounds resulting from your specific situation or the objection is directed against direct advertising. For the latter, you have a general right of objection that is realised by us without specification of a particular situation. If you would like to enforce a right to revocation or objection, simply send an email to info@neher-group.com9 Data security
During website visits, we use the prevalent SSL (Secure Socket Layer) method in conjunction with the highest encryption level supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the locked key/lock icon in the lower status bar of your browser. We also deploy technical and organisational security measures to protect your data from accidental and wilful manipulation, partial and complete loss, corruption and unauthorised access by third parties. Our security measures are being improved continually in line with technological advancements.10 Validity of and changes to this data privacy statement
This data privacy statement is currently valid (as of May 2018). Continued development of our website and product offering, as well as amendments to statutory and regulatory requirements, can mean it is necessary to make changes to this data privacy statement. The most recent version of the data privacy statement is available for reference at any time from http://ww.neher-group.com, and can be printed.Our social media appearances
This privacy policy applies to the following social media presence
- https://www.facebook.com/NeherGroup
- https://www.instagram.com/neher.group/
- https://www.xing.com/pages/nehergroup
- https://www.linkedin.com/company/nehergroup
Data processing through social networks
We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as Facebook, X etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:
If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.
Legal basis
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).
Responsibility and assertion of rights
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g., Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
Storage time
The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.
We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g., in their privacy policy, see below).
Your rights
You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time and free of charge. You also have the right to object, the right to data portability and the right to file a complaint with the responsible regulatory agency. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.
Individual social networks
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter Meta). According to Meta’s statement the collected data will also be transferred to the USA and to other third-party countries.
We have signed an agreement with Meta on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Meta are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can customize your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
Details can be found in the Facebook privacy policy: https://www.facebook.com/about/privacy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/ and https://de-de.facebook.com/help/566994660333381.
For details on how they handle your personal information, see the Instagram Privacy Policy: https://privacycenter.instagram.com/policy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on their handling of your personal data can be found in the XING Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung.
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
For details on how they handle your personal information, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.