Imprint Data Protection
imprint
Hammer International GmbH
In Marxle 4
72119 Ammerbuch
Germany
Telephone: 07032 9185103
Email: info@hammer-international.de
Managing Director: Andreas Hammer
Commercial register: Stuttgart District Court, HRB 748396
VAT identification number: DE 294167788
EAR registration number: WEEE Reg. No. DE 33322647
The European Commission provides a platform for online dispute resolution (OS), which you can find here http://ec.europa.eu/consumers/odr/ . We are neither obliged nor willing to participate in a dispute resolution procedure before a consumer arbitration board.
Data protection
As the operator of this website, we take the protection of your personal data very seriously and treat it confidentially and in accordance with the current legal data protection regulations and this data protection declaration. Below we will inform you about the processing of your personal data (hereinafter referred to as “data”) in accordance with Article 13 of the EU General Data Protection Regulation (EU-GDPR).
1.Definition
The following data protection declaration is based on the terms used by the European legislator for directives and regulations when issuing the EU GDPR. In order to ensure easy readability and comprehensibility, we would like to explain the terms used in advance. We use the following terms, among others, in this data protection declaration:
a) personal data
Personal data is any information that relates to an identified or identifiable natural person (hereinafter “data subject”). A natural person is considered to be identifiable if he or she can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
b) data subject (user)
Data subject is any identified or identifiable natural person whose personal data is processed by the data controller.
c) Processing
Processing is any operation or series of operations carried out on personal data, whether or not by automated means, such as the collection, recording, organisation, structuring, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or other form of provision, alignment or association, restriction, deletion or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.
e) Profiling
Profiling is any type of automated processing of personal data which consists in using these personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal Analyze or predict the preferences, interests, reliability, behavior, location or movements of that natural person.
f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures that ensure that the personal data not be assigned to an identified or identifiable natural person.
g) Controller or controller
The person responsible or responsible for processing is the natural or legal person, public authority, institution or other body which, alone or jointly with others, decides on the purposes and means of processing personal data. If the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
h) Processor
Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller.
i) Recipient
The recipient is a natural or legal person, public authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, public authorities which may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
j) Third party
Third party is a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.
k) Consent
Consent is any voluntary, informed and unambiguous expression of wishes given by the data subject for a specific case, in the form of a statement or other unambiguous confirmatory act, by which the data subject indicates that he or she agrees to the processing of personal data concerning him or her is.
2.Person responsible for processing
Hammer International GmbH
In Marxle 4
72119 Ammerbuch
Legal representative: Andreas Hammer
Tel.: +4970329185103
Email: info@hammer-international.de
3.General information on data processing
a) Scope of data processing
In principle, we only process personal data of our users to the extent that this is necessary to provide a functional website and our content and services. The processing of our users' personal data regularly only takes place with the user's consent. An exception applies in cases in which obtaining prior consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.
b) Legal basis for data processing
If we obtain the consent of the data subject for processing personal data, Article 6 Paragraph 1 Letter a of the General Data Protection Regulation (EU GDPR) serves as the legal basis. When processing personal data that is necessary to fulfill a contract to which the data subject is a party, Article 6 (1) (b) of the EU GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. If the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6 (1) (c) of the EU GDPR serves as the legal basis. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) of the EU GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6 (1) (f) of the EU GDPR serves as the legal basis for the processing.
c) Duration of processing
We only process your data for as long as it is necessary to fulfill the contract, to maintain our relationship or in accordance with applicable legal regulations. Different retention periods apply to the storage of business documents. According to the tax code, a retention period of 10 years generally applies to data that is relevant to tax law, and 6 years applies to other data according to the requirements of the Commercial Code. As long as you do not object, we will use your data for mutual benefit as part of our trusting business relationship. If you wish your data to be deleted, we will delete it immediately, provided that deletion does not conflict with legal retention obligations.
4.SSL encryption
This website uses SSL (Secure Socket Layer) encryption to transmit data from your browser to our server and to servers that provide files that we include on our website. You can recognize the presence of SSL encryption by the text “https” in front of the address of the website that you visit in the browser.
5. Provision of the website and creation of log files
a) Description and scope of data processing
Every time our website is accessed, our system automatically collects data and information from the system of the accessing device.
The following data is collected:
- Browser type and version used
- User's operating system
- The user's Internet service provider
- IP address of the user
- Date and time of access
- Websites from which the system accesses ours
website arrives - Websites that are accessed by the user's system via our website
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
b) Legal basis for data processing
The legal basis for the temporary storage of data and log files is Article 6 (1) (f) EU GDPR.
c) Purposes of processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. To do this, the user's IP address must remain stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. The data also serves us to optimize the website and to ensure the security of our information technology systems. The data will not be evaluated for marketing purposes in this context. These purposes also include our legitimate interest in data processing in accordance with Article 6 (1) (f) of the EU GDPR.
d) Duration of processing
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the users' IP addresses are deleted or altered so that it is no longer possible to assign the calling client.
e) Possibility of objection and removal
The collection of data to provide the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility for the user to object.
6.Use of cookies
a) Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is accessed again. We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change. We also use cookies on our website that enable analysis of users' surfing behavior. The user data collected in this way is pseudonymized using technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the users.
b) Legal basis for data processing
The legal basis for the processing of personal data using cookies is Article 6 Paragraph 1 Letter f EU GDPR.
c) Purpose of processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change. The user data collected through technically necessary cookies is not used to create user profiles. The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies we learn how the website is used and can therefore continually optimize our offering. These purposes also include our legitimate interest in the processing of personal data in accordance with Article 6 (1) (f) of the EU GDPR.
d) Duration of storage, possibility of objection and removal
Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.
7.Online marketing
a) Description and scope of data processing
On our website we process personal data for online marketing purposes, which includes in particular the presentation of advertising and other content (collectively referred to as "content") based on the potential interests of users and the measurement of their effectiveness. For these purposes, so-called user profiles are created and stored in so-called cookies or similar processes are used, by means of which the user information relevant to the display of the aforementioned content is stored. This information may include, for example, content viewed, websites visited, online networks used, but also communication partners and technical information such as the browser used, the computer system used and information about times of use. If the user has consented to the collection of their location data, this can also be processed. The user's IP address is also stored. However, we use IP masking procedures (ie pseudonymization by shortening the IP address) to protect the user. In general, as part of the online marketing process, no clear user data (such as e-mail addresses or names) is stored, but rather pseudonyms. This means that the user's identity is not known, only the information stored in their profiles. The information in the profile is usually stored in cookies or using similar methods. These cookies can generally also be read later on other websites that use the same online marketing process and analyzed for the purposes of displaying content, as well as supplemented with further data and stored on the server of the online marketing process provider. In exceptional cases, clear data can be assigned to the profile. This is the case, for example, if the user is a member of a social network whose online marketing processes we use and the network connects the user's profile with the aforementioned information. It should be noted that the user can make additional agreements with the providers, for example by giving consent during registration. We generally only receive access to aggregated information about the success of our advertisements. However, as part of so-called conversion measurements, we can check which of our online marketing processes have led to a so-called conversion, ie, for example, to the conclusion of a contract with us. Conversion measurement is used solely to analyze the success of our marketing measures.
b) Legal basis for data processing
If the user has given consent, the legal basis for the processing of personal data is Article 6 Paragraph 1 Letter a of the EU GDPR. Otherwise, the legal basis for the processing of personal data is Article 6 (1) (f) EU GDPR, i.e. our legitimate interests (e.g. the provision of efficient, economical and recipient-friendly services).
c) Purpose of processing
The purposes of data processing are tracking (e.g. interest/behavior-related profiling, use of cookies), remarketing, visit action evaluation, interest-based and behavior-related marketing, profiling (creation of user profiles), conversion measurement (measuring the effectiveness of marketing measures), reach measurement (e.g. access statistics, recognition of recurring Visitors), target group formation (determination of target groups relevant for marketing purposes or other output of content), cross-device tracking (cross-device processing of user data for marketing purposes), click tracking. These purposes also include our legitimate interest in the processing of personal data in accordance with Article 6 (1) (f) of the EU GDPR.
Purposes of data processing are
- Tracking (e.g. interest/behavioral profiling, use of cookies)
- Remarketing
- Visit action evaluation
- Interest-based and behavioral marketing
- Profiling (creating user profiles)
- Conversion measurement (measuring the effectiveness of marketing measures)
- Reach measurement (e.g. access statistics, recognition of returning visitors)
- Target group formation (determination of target groups relevant for marketing purposes or other output of content)
- Cross-device tracking (processing of user data across devices for marketing purposes)
- Click tracking
d) Duration of storage, possibility of objection and removal
Cookies are stored on the user's computer and transmitted from the user to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.
e) services and service providers used
Google Analytics
Service provider: Google LLC. (Mountain View, California, USA) Website: https://analytics.google.com/ Data protection declaration: https://policies.google.com/privacy?hl=de
Google Tag Manager
Service provider: Google LLC. (Mountain View, California, USA) Website: https://marketingplatform.google.com/intl/de/about/tag-manager/ Data protection declaration: https://marketingplatform.google.com/about/analytics/tag-manager/ use-policy/ https://policies.google.com/privacy?hl=de
8.YouTube
a) Scope of data processing
We use YouTube videos on our website. The operator of the corresponding plugin is YouTube, LLC (901 Cherry Ave., San Bruno, CA 94066, USA). When the user visits a page with the YouTube badge, a connection to YouTube servers is established. This tells YouTube which website the user is visiting. If the user is logged into their YouTube account, YouTube can personally assign their user behavior. If a YouTube video is started, the provider uses cookies (see above) which collect information about user behavior. Further information is available at https://www.google.de/intl/de/policies/privacy/.
b) Legal basis for data processing
The legal basis is Article 6 Paragraph 1 Letter f EU GDPR.
c) Possibility of objection and removal
As already described above, users can prevent the setting of cookies at any time by making the appropriate settings in the Internet browser used and thus permanently object to the setting of cookies. This would also prevent Google from setting a cookie on the user's computer system. In addition, those that have already been set can be deleted at any time via the Internet browser or other software programs.
9.Google fonts (web fonts)
a) Scope of data processing
Our website uses certain fonts from Google to display it. When a page is accessed, the user's browser loads these fonts. The user's IP address, including the page (Internet address) that the user visited, is transmitted to a Google Inc. server (1600 Amphitheater Parkway, Mountain View, CA 94043, USA). Further information about Google fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy at https://www.google.com/policies/privacy/.
b) Legal basis for data processing
The legal basis for the processing of the user's personal data is Article 6 (1) (f) EU GDPR.
c) Purpose of data processing
The use of Google Fonts is used to visually display text content.
10.Google Maps
a) Scope of data processing
We use Google Maps API on our website. When using Google Maps, Google also collects, processes and uses data about how users use the map functions. The provider is Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA). Further information about data processing by Google can be found in the Google data protection information at https://www.google.com/policies/privacy/.
b) Legal basis for data processing
The legal basis for the processing of the user's personal data is Article 6 (1) (f) EU GDPR. c) Purpose of data processing The use of Google Maps serves to visually display geographical information.
d) Possibility of objection and removal
As already described above, users can prevent the setting of cookies through our website at any time by making the appropriate settings in the Internet browser used and thus permanently object to the setting of cookies. This would also prevent Google from setting a cookie on the user's computer system. In addition, those that have already been set can be deleted at any time via the Internet browser or other software programs.
11.Contact form and email contact
a) Description and scope of data processing
There is a contact form on our website that can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. This data is: The following data is also collected when registering: Your consent will be obtained for the processing of the data as part of the sending process and reference will be made to this data protection declaration. Alternatively, you can contact us using the email address provided. In this case, the user's personal data transmitted with the email will be stored. In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
b) Legal basis for data processing
The legal basis for processing the data, if the user has given his consent, is Article 6 (1) (a) of the EU GDPR. The legal basis for the processing of data transmitted when sending an email is Article 6 (1) (f) of the EU GDPR. If the email contact is aimed at concluding a contract, the additional legal basis for the processing is Article 6 (1) (b) of the EU GDPR.
c) Purpose of data processing
We process the personal data from the input mask solely to process the contact. If you contact us via email, this also represents the necessary legitimate interest in processing the data. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
d) Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be seen from the circumstances that the matter in question has been finally clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
e) Possibility of objection and removal
The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot continue. In this case, all personal data that was stored in the course of contacting you will be deleted.
12.Your rights as a data subject
According to the EU GDPR you have the following rights:
a) Right to information
You can request confirmation from the person responsible as to whether personal data concerning you is being processed by us. If such processing occurs, you can request information from the person responsible about the following information:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data that are processed;
(3) the recipients or categories of recipients to whom your personal data has been or will be disclosed;
(4) the planned duration of storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
(5) the existence of a right to rectification or deletion of personal data concerning you, a right to restrict processing by the controller or a right to object to this processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information about the origin of the data if the personal data is not collected from the data subject;
(8) the existence of automated decision-making including profiling in accordance with Article 22 Paragraphs 1 and 4 EU GDPR and - at least in these cases - meaningful information about the logic involved as well as the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organization. In this context, you can request to be informed about the appropriate guarantees in accordance with Article 46 EU GDPR in connection with the transfer.
b) Right to correct your data
You have the right to request correction and/or completion from the person responsible if the personal data processed concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
c) Right to restrict the processing of your data
You can request the restriction of the processing of personal data concerning you under the following conditions:
(1) if you contest the accuracy of the personal data relating to you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you refuse the deletion of the personal data and instead request the restriction of the use of the personal data;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have objected to the processing in accordance with Article 21 Para. 1 EU GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh your reasons. If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by the person responsible before the restriction is lifted.
d) Right to delete your data
aa) Obligation to delete
You can request that the person responsible delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based in accordance with Article 6 Paragraph 1 Letter a or Article 9 Paragraph 2 Letter a EU GDPR and there is no other legal basis for the processing.
(3) You object to the processing in accordance with Article 21 Paragraph 1 of the EU GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Article 21 Paragraph 2 of the EU GDPR processing.
(4) The personal data concerning you were processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) The personal data concerning you was collected in relation to information society services offered in accordance with Article 8 (1) of the EU GDPR.
bb) Information to third parties
If the person responsible has made the personal data concerning you public and is obliged to delete it in accordance with Article 17 Para. 1 EU GDPR, he will take appropriate measures, including technical ones, taking into account the available technology and the implementation costs To inform data controllers who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
cc) Exceptions
There is no right to deletion if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to comply with a legal obligation requiring processing under Union or Member State law to which the controller is subject, or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller became;
(3) for reasons of public interest in the area of public health in accordance with Article 9 Paragraph 2 Letters h and i and Article 9 Paragraph 3 EU GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) of the EU GDPR, insofar as the law referred to in section a) is likely to make the achievement of the objectives of this processing impossible or seriously impair it , or
(5) to assert, exercise or defend legal claims.
e) Right to information
If you have asserted the right to rectification, deletion or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or deletion of the data or restriction of processing, unless: this turns out to be impossible or involves disproportionate effort. You have the right to be informed about these recipients by the person responsible.
f) Right to data portability
You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. You also have the right to transmit this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided that
(1) the processing is based on consent in accordance with Article 6 (1) (a) EU GDPR or Article 9 (2) (a) EU GDPR or on a contract in accordance with Article 6 (1) (b) EU GDPR is based and
(2) the processing takes place using automated procedures. In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, to the extent that this is technically feasible.
The freedoms and rights of other people must not be impaired by this. The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
g) Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is carried out on the basis of Article 6 (1) (e) or (f) of the EU GDPR; This also applies to profiling based on these provisions. The person responsible will no longer process the personal data concerning you unless he can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; This also applies to profiling insofar as it is connected to such direct advertising. If you object to processing for direct advertising purposes, your personal data will no longer be processed for these purposes. In connection with the use of information society services - regardless of Directive 2002/58/EC - you have the opportunity to exercise your right to object using automated procedures that use technical specifications.
h) Right to revoke the declaration of consent under data protection law
You have the right to revoke your data protection declaration of consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.
i) Right to complain to the data protection supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you are of the opinion that the processing of personal data concerning you is contrary to violates the EU GDPR. The supervisory authority to which the complaint was submitted will inform the complainant of the status and results of the complaint, including the possibility of a legal remedy in accordance with Article 78 EU GDPR. The jurisdiction of the supervisory authority depends on your place of residence.
A list of regulatory authorities can be found here:
https://www.bfdi.bund.de/DE/Infothek/Anschrift_Links/anschrift_links-node.html
This data protection declaration was created by ASG Rechtsanwälte.