Data Protection
The companies in the Pöppelmann Group comply with data protection laws. We will use any personal data which are collected by us only for internal purposes, and they will be transmitted and/or saved only in accordance with the current data protection provisions. We will neither sell the collected data nor transmit them to third parties for other reasons under any circumstances.
However, we only can ensure data protection for the use of the website we offer, www.poeppelmann.com. The following explanations do not apply to websites or the content of external providers to which we link or make references.
This Data Protection Statement informs you about the nature, scope and purpose of the collection and use of personal data by the Pöppelmann Group on this website.
1. Non-personal data collected when visiting the website
The Pöppelmann Group collects and saves information on the web server for statistical analysis using log files, which are transmitted to us by your browser when you visit our website. Specifically: Browser type and version, operating system used, visitor's IP address, date and time of retrieval, the webpages visited, data volume transmitted, the report of successful retrieval and the requesting provider. The IP address is used by us solely to defend ourselves against attacks and to optimize our website, and will be deleted after seven days.
2. Cookies
If you as a user visit the webpages of Pöppelmann GmbH & Co. KG, one or more cookies will be saved on your computer. A cookie is a small file containing a given sequence of characters that can be used to clearly identify your browser. With the help of cookies, we can improve the convenience and quality of our services, e.g. by saving user settings. Cookies are stored as small text files on your computer and are saved by your browser. ‘Session cookies’ will be automatically deleted at the end of your visit. Cookies will not damage your computer and do not contain any viruses.
You can use our website without cookies as well. You can disable the saving of cookies in your browser or change the settings of your browser in order to receive a notification before the browser saves a cookie. You can delete the cookies at any time from the hard drive of your computer using the data protection features of your browser. In this case, however, the features and user-friendliness of our website may be restricted.
3. Handling personal data
Personal data are information by means of which a person is identifiable, i.e. particulars that can be traced back to a given person. This includes the name, email address or telephone number.
Personal data will be collected, used and forwarded by the Pöppelmann Group only as far as permitted by law, or if you as the user have agreed specifically to the collection of the data. When contacting the Pöppelmann Group (e.g. through the contact form or by email), your particulars will be saved to process your enquiry and to answer any additional questions. No further data will be collected. You can withdraw your consent to the saving of personal data by us at any time by sending us an email, fax or letter. Please send your objection to the following address (your decision will be applied to all companies in the Pöppelmann Group):
Pöppelmann GmbH & Co. KG
Plastic tool design and engineering
Bakumer Straße 73
49393 Lohne
Fax: +49 (0) 44 42 / 982-1003
Email: datenschutz(at)poeppelmann.com
As a cardinal rule, we save your data for the duration of the statutory retention periods.
4. Website Services, Tracking and Retargeting
In the following, we explain the website services, tracking and retargeting tools we use. These are tools that we use, for example, to measure the reach or use of our site and for advertising. The legal basis for the processing of your personal data is in each case your consent in accordance with Art. 6 Para. 1 lit. a DSGVO, insofar as you have given us this when visiting our site via Cookie optin and no other legal basis is named below.
You can revoke this consent for the future at any time by clicking on this link, then clicking on "Select cookies" and unchecking "Performance and tracking cookies".
4.1. Luware RTC Launcher
We use the Luware RTC Launcher by Luware AG to enable you to contact us spontaneously. The legal foundation for the processing of the data is point (f) of Article 6(1) GDPR. To enable contact with us and integrate the service, a connection is established with the Luware servers in Switzerland. The Commission has determined that the level of data protection in Switzerland is adequate. Your IP address is communicated to Luware through a connection with the server in Switzerland.
For further information on data protection, please visit the Luware website at www.luware.com/en/privacy.
4.2. Google services
We use various services of Google LLP, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google"), which are described individually below. The legal basis for this is Art. 6 para. 1 lit. a DSGVO. The standard contractual clauses of the European Commission for the transfer of data for online advertising and personal data originating from the European Economic Area, Switzerland and the United Kingdom have been concluded with Google.
Further information can be found in the following linked entry:
4.2.1. Google Analytics
The Pöppelmann Group website uses Google Analytics, a web analysis service by Google for the statistical evaluation of access by users. Google Analytics uses cookies, i.e. text files that are saved on your computer to allow your use of the website to be analysed. The information generated by the cookie about your use of this website will be transmitted as a rule to a Google server in the USA and saved there. However, if IP anonymisation is enabled on this website, your IP address will be truncated by Google in the member states of the European Union or in signatory states of the Agreement on the European Economic Area before transmission. Only in exceptional cases will the entire IP address be transferred first to a Google server in the USA and then truncated there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, compile reports on website activities, and provide other services relating to website activity and internet usage for the website operator.
The IP address transferred by your browser through the use of Google Analytics will not be merged with any other data held by Google. You can prevent the use of cookies by selecting the appropriate settings in your browser. However, please note that if you do so, you may not be able to use the full functionality of this website. You can also prevent the data generated by the cookie about your use of the website (including your IP address) from being recorded and transmitted to Google and its further processing by Google by downloading and installing a browser plugin available here: https://tools.google.com/dlpage/gaoptout?hl=en.
You can also prevent capture by Google Analytics and thus withdraw your consent by clicking the link below. An opt-out cookie is placed to permanently prevent the future recording of your data when you visit this website: Click here to object to the processing of your data by Google Analytics.
For more information on Google’s terms of use and privacy policy, please see www.google.com/analytics/terms/gb.html. We wish to point out that Google Analytics has been extended on this website by the ‘gat._anonymizeIp();’code to ensure anonymised capture of IP addresses (also referred to as ‘IP masking’).
4.2.2. Google Dynamic Remarketing
Google Dynamic Remarketing allows us to display our advertisements to you after your visit to our website during your further use of the internet. This is done by means of the cookies saved in your browser, which are used by Google to record and analyse your usage behaviour when visiting various websites. Google is able to identify your previous visit to our website. Google has stated that they do not merge the data collected as part of the Remarketing tool with any of your personal data which may be saved by Google. According to Google, pseudonymisation is used as part of the Remarketing tool.
We use Google Dynamic Remarketing for marketing and optimisation purposes, in particular to show you relevant and interesting advertising, to improve reports about advertising performance and to fairly calculate advertising costs.
4.2.3. Google Maps
We use Google Maps, an online map service of Google, on our website. This allows us to show you interactive maps directly on the website, and allows you to make convenient use of the map function. By visiting our website, Google will receive the information that you have retrieved the relevant subpage of our website. At the same time, your IP address will be transmitted irrespective of whether you have a Google user account and are logged into this account or whether you have no user account at all. If you are logged into your Google account, your data, such as the visit to our website, can be associated with your account. If you wish to prevent this allocation, you must log out of your Google account before visiting our website.
4.2.4. Google Fonts
We use Google Fonts to design our website. To integrate those fonts, Google servers are accessed, as a result of which your IP address is transmitted to those Google servers. The servers may be located in the USA or elsewhere outside the European Union. Google states that they do not use your IP address to track your activities; they use it only for a statistical analysis of the use of fonts. Google does not identify any individual visitors as a result. The legal foundation for this processing of the data is point (f) of Article 6(1) GDPR. For further information about the protection of data in connection with Google Fonts please see here on the Google website.
4.2.5. Google Display & Video 360 (formerly Doubleclick Bid Manager)
On this website we use the Display & Video 360 tool of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, which collects data for analysis, marketing and optimisation purposes and thereby helps us to improve our marketing measures and our website. The data collected is used by Display & Video 360 to link advertising contacts and clicks on advertisements with a resulting use of our website. In this way, we can determine whether Internet users who see our ads visit our website or which products they are interested in. This helps us to use our advertising budget more efficiently. We may also use the data collected to deliver advertising based on your interests (e.g. products viewed).
Pseudonymous online identification numbers (such as cookie IDs or IP addresses) are used for data collection. No unique user-related data such as name or address is stored. All IDs used by us only enable the recognition of your terminal device and your internet browser. The data collected will not be used by us to personally identify you as a user of our website without your separate consent.
We would like to point out that Google may link the visit to this website with the registered data of users who have registered with Google. You can find out exactly how Google handles your data on Google's data protection pages by clicking on the following link:
https://privacy.google.de/intl/de/take-control.html?categories_activeEl=sign-in
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. Under the following link you will find an explanation of how you can deactivate data collection by Google on your computer or mobile device:
4.2.6. Campaign Manager (formerly DoubleClick by Google)
This website continues to use the online marketing tool Campaign Manager by Google. Campaign Manager uses cookies to serve ads that are relevant to users, to improve campaign performance reports or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are shown in which browser and can thus prevent them from being shown more than once. In addition, Campaign Manager can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a Campaign Manager ad and later visits the advertiser's website with the same browser and makes a purchase. According to Google, Campaign Manager cookies do not contain any personal information.
Due to the marketing tools used, your browser automatically establishes a direct connection with Google's server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of Campaign Manager, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will obtain and store your IP address.
In addition, the Campaign Manager (DoubleClick Floodlight) cookies used enable us to understand whether you perform certain actions on our website after you have called up or clicked on one of our display/video ads on Google or on another platform via Campaign Manager (conversion tracking). Campaign Manager uses this cookie to understand the content you have interacted with on our websites in order to send you targeted advertising later.
You can prevent participation in this tracking process in a number of ways:
a) by adjusting your browser software settings accordingly, in particular suppressing third-party cookies will result in you not receiving third-party ads;
b) by disabling conversion tracking cookies by setting your browser to block cookies from the domain www.googleadservices.com, www.google.de/settings/ads, in which case this setting will be deleted when you delete your cookies;
c) by deactivating the interest-based ads of the providers that are part of the self-regulatory campaign "About Ads" via the link www.aboutads.info/choices, in which case this setting will be deleted when you delete your cookies;
d) by permanently deactivating them in your browsers Firefox, Internetexplorer or Google Chrome under the link http://www.google.com/settings/ads/plugin,
e) by means of the corresponding cookies setting. Please note that in this case you may not be able to use all the functions of this website to their full extent.
In addition, you can prevent Google from collecting the data generated by the cookies about your use of the websites and the processing of this data by Google by downloading and installing the browser plugin available at https://support.google.com/adsense/answer/142293?hl=de under "Display settings", "Extension for Campaign Manager deactivation".
For more information on Campaign Manager, please visit www.google.de/doubleclick and on data protection at Google in general: https://www.google.de/intl/de/policies/privacy. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.
4.2.7. Google Tag Manager
This website uses Google Tag Manager. This service allows website tags to be managed via an interface. The Google Tool Manager only implements tags, does not set any cookies and does not collect any personal data. The Google Tag Manager triggers other tags that may collect personal data. However, the Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager.
4.3. LinkedIn services
We use various services of LinkedIn Ireland Unlimited Company (hereinafter "LinkedIn") with which a data processing agreement has been concluded (https://de.linkedin.com/legal/l/dpa).
Insofar as this use involves the transfer of personal data to countries outside the European Union or EEA, LinkedIn has committed itself to the legal data protection assurance of compliance with the EU standard contractual clauses
Further information on data protection at LinkedIn can be found at:
https://www.linkedin.com/legal/privacy-policy?_l=de_DE
The LinkedIn services use, among other things, cookies. We use the LinkedIn services for marketing and optimisation purposes, in particular to analyse the use of our website and to continuously improve individual functions and offers as well as the user experience. When you access our site, a connection is established with the LinkedIn servers. These servers may also be located outside the European Union. If you have an account with LinkedIn, LinkedIn can assign the visit to our site to your account. You can counteract this by logging out of LinkedIn beforehand.
We use the following LinkedIn services:
LinkedIn Ads / LinkedIn Marketing Solutions to process information about your user behaviour for advertising purposes in order to show you targeted advertising. LinkedIn Analytics to process information about your user behaviour on our website in order to measure the reach of our website.
4.4. Outbrain
We use various tools from Outbrain UK Ltd (5 New Bridge Street, London, EC4V6JA, UK, hereafter referred to as: "Outbrain") on our website. Outbrain uses cookies that allow us to analyse how you use our website.
Outbrain enables us to direct you to further content on our website that may also be of interest to you, as well as to third-party websites. The reading recommendations, for example, are determined on the basis of the content you have read so far. The content displayed by Outbrain is automatically controlled and delivered by Outbrain in terms of content and technology. The display of reading recommendations by Outbrain on the basis of the information transmitted by the cookies is only pseudonymised, i.e. by a generated character string that is assigned to you. Personal data is not stored beyond this. Outbrain collects the following data:
- source device
- browser type
- anonymised IP address of the user.
To anonymise the IP address, the last octet of the IP address is removed.
In addition to Outbrain, we use "Outbrain Amplify" and "Outbrain Pixel" for marketing and optimisation purposes of our website. These tools allow us to analyse your usage behaviour and improve our offer.
To the extent that data is provided to Outbrain and/or transferred to Outbrain Inc. or to another recipient outside the EU / EEA, Outbrain will ensure that the transfer complies with EU data protection laws by providing an adequate level of protection and that appropriate safeguards are in place to protect the data (https://www.outbrain.com/legal#data-processing-agreement).
Visit http://www.outbrain.com/de/legal/privacy for more information on Outbrain's privacy policy.
4.5. Facebook
We use various tools from Facebook Ireland Ltd. (hereinafter "Facebook"), including Instagram, to show you interest-based advertising by having it delivered to Facebook audiences as well as to inform you about our training offers. Our data processing in connection with our Facebook and Instagram presence is carried out pursuant to Art. 6 (1f) DSGVO on the basis of our legitimate interest in public relations and communication. To integrate the Facebook tools, a connection is established with the Facebook server so that Facebook can assign the visit to our site to your account. These servers may also be located outside the European Union. You can prevent this by logging out of Facebook before visiting our website and deleting the corresponding cookies as well as closing and reopening the browser. However, even after you have logged out, your IP address will still be transmitted to Facebook and Facebook may be able to obtain further identifying information from you.
We have concluded an agreement with Facebook Ireland Ltd. on joint data protection responsibility pursuant to Art. 26 DSGVO. This agreement, the so-called "Page Insights Addendum" or “Page Insights Controller Attendum”, can be found here: en-de.facebook.com/legal/terms/page_controller_addendum. With regard to the so-called "Facebook Insights data" (hereinafter "Facebook Insights"), Facebook assumes essential obligations on the basis of this agreement, in particular to inform data subjects and to safeguard data subject rights.
If processing does not take place within the scope of joint responsibility, it shall take place in accordance with a contract for processing ("Data Processing Conditions ", https://www.facebook.com/legal/terms/dataprocessing), the "Data Security Terms and Conditions" (https://www.facebook.com/legal/terms/data_security_terms) and, with regard to processing in the USA, on the basis of standard contractual clauses ("Facebook-EU Data Transfer Addendum" https://www.facebook.com/legal/EU_data_transfer_addendum).
Further information on data protection at Facebook can be found here: https://www.facebook.com/about/privacy.
We receive statistical data from Facebook about visitors to our Instagram pages through the "Insights" feature. These are pseudonymised, which means that we cannot assign them to a specific person. This feature allows us to better analyse our site and tailor it to the interests of our users. Our legitimate interest in the operation of our Instagram page and use of Insights in accordance with Art. 6 Paragraph 1 f DSGVO is to conduct effective marketing via a frequently used platform. Further information on the "Insights" function can be found here:
4.5.2. Interaction with us via Instagram
Depending on users' privacy settings at Instagram, we may see when a particular Instagram user has liked, shared, or subscribed to our Instagram page/post/comments. We can also associate comments on our Instagram pages with specific Instagram users. The legal basis for this data processing is Art. 6 para. 1 f DSGVO. Our legitimate interest lies in the communication and interaction with you via Instagram.
4.9 Clarity
Our website uses Clarity, a tool from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, for statistical behavioral analysis of the use of the website and user interaction on our website.
This involves creating behavioral metrics, heatmaps and session replays, in particular user interactions such as mouse movements and other interaction with content and functions of the website, as well as pseudonymized usage profiles, graphical representations and session recordings for or as evaluation.
For this, we process usage data (such as websites visited, access times, geographic origin of the page view, language setting, interaction events, and behavioral metrics), particularly in the form of clicks, scrolls and mouse movements, for example, including stack trace, selection, window size, etc.
We use Clarity for needs-based design and continuous improvement of our online offerings, for tracking and optimizing the website's functionality, and for error analysis.
Without specially granted consent from the data subject, the data collected by Clarity is not used to identify the website user, and it is not combined with personal data about the bearer of the pseudonym.
The collected data and information are transferred to Microsoft servers in the United States and stored there. Microsoft reserves the right to use the transferred information for any purpose consistent with the Microsoft Privacy Policy, which includes providing the offerings, improving Microsoft products and services, including reporting and performance analysis, and profiling users for purposes that include advertising.
Data collected by Clarity is deleted after no more than 13 months.
The legal basis for processing your data is your consent – Art. 6 paragraph 1 letter a of the GDPR. You can revoke your consent at any time. To revoke your consent, deactivate the Clarity service in the "cookie consent tool" provided on the website. We also point out your browser's data protection function options and deletion of cookies from your hard drive as well as the opt-out option at https://choice.microsoft.com/en-US/opt-out.
Clarity's provider is headquartered in the United States. For data transfers to the United States, the European Commission has issued an adequacy decision under the EU-US Data Privacy Framework (EU-US DPF) in accordance with Art. 45 paragraph 1 of the GDPR; the level of data protection in the United States for certified organizations is therefore assessed as equivalent to that in the EU. Clarity's provider is certified on the EU-US DPF list of the US Department of Commerce.
Microsoft also uses what are called standard contractual clauses (= Art. 46 paragraphs 2 and 3 GDPR). Standard contractual clauses (SCC) are templates provided by the EU Commission and are intended to ensure that the processing of your data complies with European data protection standards even if it is transferred to third countries (such as the United States) and stored there. These clauses are based on an implementation decision of the EU Commission.
Through the EU-US Data Privacy Framework and standard contractual clauses, Clarity's provider is committed to complying with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the United States.
More details on terms of use and data protection can be found at https://privacy.microsoft.com/en-us/privacystatement.
4.10 Sentry
Our website uses Sentry, an application performance and error tracking tool from Functional Software, Inc. We use Sentry to improve our online offering and to follow up errors in our website's functionality. We process your IP address, data on the device and browser used, and any steps that have led to a technical error in the code (in the form of clicks, scrolls and mouse movements, for example, including stack trace).
The legal basis for processing your data is your consent – Art. 6 paragraph 1 letter a of the GDPR. You can revoke your consent at any time.
Your data is processed only for monitoring and ensuring the technical stability of our website. The data logged by Sentry is stored until the triggering error is fixed, but no longer than 90 days.
Sentry's provider is headquartered in the United States. For data transfers to the United States, the European Commission has issued an adequacy decision under the EU-US Data Privacy Framework (EU-US DPF) in accordance with Art. 45 paragraph 1 of the GDPR; the level of data protection in the United States for certified organizations is therefore assessed as equivalent to that in the EU. Sentry's provider is certified on the EU-US DPF list of the US Department of Commerce.
https://www.privacyshield.gov/participant?id=a2zt0000000YdenAAC&status=Active
Sentry also uses what are called standard contractual clauses (= Art. 46 paragraphs 2 and 3 GDPR). Standard contractual clauses (SCC) are templates provided by the EU Commission and are intended to ensure that the processing of your data complies with European data protection standards even if it is transferred to third countries (such as the United States) and stored there. These clauses are based on an implementation decision of the EU Commission.
Through the EU-US Data Privacy Framework and standard contractual clauses, Sentry's provider is committed to complying with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the United States.
More details on terms of use and data protection can be found at https://sentry.io/privacy/.
4.5.3. Facebook Custom Audience
This service allows us to deliver targeted and interest-based advertising to visitors of our website as part of the visit to Facebook or other websites that also use Facebook Custom Audience.
4.6. Mouseflow
This website uses Mouseflow, a web analysis tool of Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, to record randomly selected, individual visits (only with an anonymised IP address). This creates a log of the mouse activities, mouse clicks and keyboard interactions with the intention to randomly reproduce individual visits to this website as ‘session replays’, to analyse them in the form of ‘heat maps’ and to derive potential improvements for this website from those activities. The data recorded by Mouseflow are not personal and will not be disclosed to third parties. The recorded data are stored and processed within the EU. If you do not want Mouseflow to record your data, you can object to it on all websites that use Mouseflow here: https://mouseflow.com/opt-out/.
4.7. YouTube
We occasionally use YouTube videos on our website. Those videos are integrated as part of YouTube’s ‘advanced data protection mode’, which means, according to YouTube, that no information about visitors is stored as long as the video is not played. When you play the video, you express your consent to having your data stored by YouTube as the controller and accept that this processing cannot be influenced by us any further. For further information, we refer you to the YouTube Privacy Policy: https://www.youtube.com/privacy.
5. Right of access and other rights of the data subject
You have the right to request confirmation from the Pöppelmann Group as to whether personal data concerning you are being processed. Where that is the case, you have a right of access to the personal data and the specific information listed in detail in Article 15 GDPR.
You have the right to request without undue delay the rectification of inaccurate personal data concerning you and to have incomplete personal data completed by the Pöppelmann Group (Article 16 GDPR).
You have the right to request from the Pöppelmann Group the erasure of personal data concerning you without undue delay where one of the grounds specified in Article 17 GDPR applies, e.g. if the personal data are no longer necessary in relation to the intended purposes (right to erasure).
You have the right to request from the Pöppelmann Group a restriction of processing where one of the grounds specified in Article 18 GDPR applies, e.g. if the data subject has objected to processing pending verification by the controller. In addition, you have the right to data portability in instances covered by Article 20 GDPR.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the General Data Protection Regulation (Article 77 GDPR). You can exercise this right with a supervisory authority in the member state of your habitual residence, place of work or place of the alleged infringement. In Lower Saxony, the competent supervisory authority is: The Landesbeauftragte für den Datenschutz Niedersachsen [State Data Protection Commissioner for Lower Saxony] (contact details at: https://www.lfd.niedersachsen.de/wir_ueber_uns/impressum/impressum-56113.html).
If data are processed based on point (e) (data processing in the exercise of official authority or for the performance of a task carried out in the public interest) or point (f) (data processing for the purposes of legitimate interests) of Article 6(1) GDPR, you have the right to object to the processing on grounds relating to your particular situation at any time. In this case, we will no longer process the data unless compelling legitimate grounds for processing are demonstrated, which override the interests, rights and freedoms of the data subject, or if the processing serves for the establishment, exercise or defense of legal claims. If possible please direct your objection to: datenschutz(at)poeppelmann.com.
6. Newsletter
We use the newsletter to inform you about our company and our range of offers. If you would like to receive the newsletter, we need a valid email address for the double opt-in process as well as information which allows us to verify that you are the owner of the email address given or that the owner of the email address consents to receive the newsletter. The legal basis for sending the newsletter is your consent, which you agreed to during registration. No further data will be collected. These data will be used only for sending the newsletter and will not be disclosed to third parties. When you sign up for the newsletter, we will store your IP address for a period of seven days as well as the date of signup. This storage serves only as proof in the event that a third party abuses an email address and signs up for the newsletter without the knowledge of the owner of the email address. You can withdraw your consent to the storage of these data and your email address or to the use of the email address for the sending of newsletters at any time. You can withdraw your consent via a link in the newsletters themselves or in your profile section.
7. WhatsApp Broadcast
We use WhatsApp Broadcast messages by WhatsApp Inc., 1601 Willow Road Menlo Park, California 94025 to inform you about news from the TEKU division. In this case the encrypted communication is transmitted to WhatsApp Inc. servers in the USA. After you have signed up for this service and have given your consent by sending the message ‘Start’ to our telephone number, you will receive information from the Pöppelmann TEKU division directly on your smartphone. Your telephone number will be used only for this purpose and will be stored for the duration of the receipt of the messages. If you no longer wish to receive those messages, send the message ‘Stop’ (without the quotation marks) to the same number. The messages will then be paused. If you do not indicate that you wish to resume receiving messages by sending a ‘Start’ message within a period of six months, we will delete all data stored about you in this connection. If you wish to withdraw immediately and entirely from the service, please send us a message with the content ‘Remove all data’. You will then no longer receive any messages, and your personal data will be deleted from our system.
8. Right of access, rectification and erasure of personal data
You have the right to obtain information free of charge from us at any time about the data stored by us concerning you, their origin and recipients as well as the purposes of the storage. In addition, users are entitled to have inaccurate data rectified, or to have their personal data blocked and erased in the absence of a conflicting statutory duty of retention. The Pöppelmann Group Data Protection Officer, Peter Suhren (office(at)first-privacy.com), will provide information about the stored data.
9. Data Protection Officer
If you would like further explanations beyond the above or if you have any other questions regarding the processing of your personal data, please do not hesitate to contact us. To this end please contact the Data Protection Officer of the Pöppelmann Group:
Peter Suhren
FIRST PRIVACY GmbH
Konsul-Smidt-Straße 88
28217 Bremen
10. Information duties pursuant to Article 13 GDPR
Privacy Policy pursuant to Articles 13 and 21 GDPR
Controller:
The Pöppelmann Group is responsible for the collection and processing of data.
Pöppelmann GmbH & Co. KG
Plastic tool design and engineering
Bakumer Straße 73
49393 Lohne
Fax: +49 (0) 44 42 / 982-1003
Email: datenschutz(at)poeppelmann.com
We are also jointly responsible for data processing: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland ("Facebook").
Voluntary information:
As a cardinal rule, we only collect such data as are required by law or as necessary to conclude or fulfil a contract, or such data as have been made available to us voluntarily and based on consent. The provision of any other information is voluntary. Not providing such data does not entail any negative consequences. However, by not providing data, subsequent communication may be more complicated or delayed in individual instances.
Data processing for the fulfilment of a contract:
We process the collected data pursuant to point (b) of Article 6(1) GDPR for the fulfilment of a contract, or pursuant to point (f) of Article 6(1) GDPR for purposes of the legitimate interests of contract execution if you are a contact person of one of our business partners. This includes related activities as part of customer support. If necessary, the personal data will be forwarded to the companies involved in the execution of the contract, e.g. to banks for payment processing. The data necessary to fulfil the contract will be deleted after the relevant purpose has been served and only held available for any enquiries. The data will not be deleted if any receivables are still outstanding upon termination of contract and are to be collected. If statutory retention obligations apply, the data concerned will be archived for the term of such retention obligations.
Data processing to pursue legitimate interests:
In the absence of consent or of any other evident legal basis for data processing we will process your data only to pursue legitimate interests and only if the prerequisites of point (f) of Article 6(1) GDPR apply, in other words if our legitimate interests in the data processing, or those of a third party, override your interests or fundamental rights and freedoms in an individual case. The data will be deleted if the legitimate interest no longer exists, but will be retained for the term of any applicable statutory retention obligations at least.
You have the right to object to the data processing. For further information please see the following section, ‘Rights of the data subject’.
Data processing based on consent:
If you have consented to be informed by us by telephone or email about our company’s products and services, your data will be processed based on point (a) of 6(1) GDPR. You can withdraw your consent at any time; however, this will not in any way affect the lawfulness of processing prior to withdrawal. If you withdraw your consent, we will cease processing the data.
Data processing for direct marketing:
We process your data to the permissible extent for direct marketing purposes, especially for sending our advertising, such as product information or invitations to events. The processing is based on point (f) of Article 6(1) GDPR and is carried out in pursuit of our legitimate interest to inform you about new products, events and services. Each customer has an independent right to object to this processing; if this right is exercised, we will cease to process the data for direct marketing purposes. If data were stored exclusively for direct marketing purposes, the data will be erased after the objection.
Data processing to comply with legal obligations:
If so required, we process your data to comply with any legal obligations, e.g. vis-à-vis tax authorities. The data processing in this case is based on point (c) of Article 6(1) GDPR. The legal obligation is derived from section 147 of the German Abgabenordnung [Tax Code - AO]. The data will be erased after the expiry of the period stipulated by law, unless there is a legitimate interest in continued storage.
Recipients of data:
We will transmit your data to third parties (e.g. lawyers to enforce payments in arrears) if the data protection laws authorize such transmission (e.g. by reference to one of the aforementioned case groups). Furthermore, your data may be forwarded to external service providers (e.g. IT service providers, companies which erase or archive data, providers of printing services or cloud providers) which assist us in the processing of data as part of processing carried out on behalf of a controller and, in so doing, are strictly governed by instructions.
As a cardinal rule, no data processing takes place outside the EU or the EEA. If such processing does occur, it will take place only in countries in regard to which the EU has issued an adequacy decision and based on standard data protection clauses adopted by the EU pursuant to point (c) of Article 46(2) GDPR. Upon request, we will gladly allow you to view the contract or provide you with a copy thereof. We will neither sell your data to third parties nor otherwise market them.
Contact details of the Data Protection Officer:
Peter Suhren
FIRST PRIVACY GmbH
Konsul-Smidt-Straße 88, 28217 Bremen
Telephone: +49 (0) 421 69 66 32-0
Email: office(at)first-privacy.com
Rights of data subjects:
Data subjects have the right to obtain information from the controller about the personal data concerning them and to obtain rectification or erasure of inaccurate data provided that any of the reasons stated in Article 17 GDPR apply, e.g. if the data are no longer necessary in relation to the intended purposes. Data subjects also have the right to obtain a restriction of the processing of their data if any of the conditions stated in Article 18 GDPR applies as well as the right to data portability if any of the conditions stated in Article 20 GDPR applies. If data are processed based on point (e) (data processing in the exercise of official authority or for the performance of a task carried out in the public interest) or point (f) (data processing for the purposes of legitimate interests) of Article 6(1) GDPR, data subjects have the right to object at any time to the processing, based on grounds relating to their particular situation. In this case, we will no longer process the data unless compelling legitimate grounds for processing are demonstrated, which override the interests, rights and freedoms of the data subject, or if the processing serves for the establishment, exercise or defense of legal claims.
Right to lodge a complaint with a supervisory authority:
All data subjects have the right to lodge a complaint with a supervisory authority if they consider that the processing of data concerning them infringes data protection laws. The right to lodge a complaint may be exercised, in particular in the Member State of the data subject's habitual residence, place of work or the place of the alleged infringement. In Lower Saxony, the supervisory authority is the Landesbeauftragte für den Datenschutz Niedersachsen [Data Protection Commissioner of the Federal State of Lower Saxony], Prinzenstraße 5, 30159 Hannover.
Information about the right to object pursuant to Article 21 GDPR
If data are processed based on point (f) (data processing for the purposes of legitimate interests) of Article 6(1) GDPR, you have the right to object to the processing on grounds relating to your particular situation at any time. In this case, we will no longer process the data unless compelling legitimate grounds for processing are demonstrated, which override the interests, rights and freedoms of the data subject, or if the processing serves for the establishment, exercise or defense of legal claims. If possible, please direct your objection to: datenschutz@poeppelmann.com.
Information about the right to object to direct marketing
We process your data for direct marketing purposes. You have an independent right to object to this processing; if this right is exercised, we will cease to process the data for direct marketing purposes. If possible, please direct your objection to: marketing(at)poeppelmann.com