1. information on the collection of personal data and contact details of the person responsible
2. data collection when visiting our website
3. making contact
4. cookies
5. data processing for order processing
6. data processing when opening a customer account and for contract processing
7. use of your data for direct advertising
8. contact for evaluation reminders
9. online marketing
10. web analysis services
11. tools and other
12. rights of the data subject
13. duration of storage of personal data
1. information on the collection of personal data and contact details of the controller
1.1 Thank you for visiting our website. In the following, we would like to inform you about how we handle your personal data when you use our website. Personal data is basically all data with which you can be personally identified.
1.2 The controller responsible for the processing of data on our website within the meaning of the General Data Protection Regulation (GDPR) is
Gero Anacker
Am Katzenteich 11b
38855 Wernigerode
Wernigerode, Germany
Phone: 03943/2594550
E-mail: office@sigmagrav.de
1.3 In order to protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL or TSL) via HTTPS.
2. data collection when visiting our website
Each time you visit our website, our system automatically collects data and information that your browser transmits to our server (so-called “server log files”). The following data, which is technically necessary for us, is collected:
The website we visited
Date and time at the time of access
Amount of data sent in bytes
Source/reference from which you reached the page
Operating system used
Browser used
IP address used (if applicable: in anonymized form)
The legal basis for the processing is Art. 6 para. 1 lit. f GDPR due to our legitimate interest in improving the stability and maintaining the functionality of our website. The data will not be passed on or used in any other way. The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
We reserve the right to check the server log files retrospectively if there are concrete indications of illegal use. The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible to identify the accessing client. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.
3. contacting us
If you contact us via the contact form, the data entered in the input mask will be transmitted to us and stored. The data collected can be found in the respective input mask. If you contact us by e-mail, only the data you enter there will be transmitted to us.
The data is used exclusively for processing the conversation and your request. The legal basis for the processing of the data is Art. 6 para. 1 lit. a) GDPR if the user has given consent. The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 (1) (f) GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected and provided there are no statutory retention obligations to the contrary. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified. The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
4. cookies
Our website uses cookies.
Cookies are text files that are stored on the user's end device. When a user accesses a website, a cookie may be stored on the user's operating system. Some functions of our website cannot be offered without the use of cookies. This requires the browser to be recognized even after a page change. The user data collected by technically necessary cookies is not used to create user profiles. Our legitimate interest in the processing of personal data pursuant to Art. 6 para. 1 lit. f) GDPR also lies in the above-mentioned purposes.
In addition, our website may use cookies that enable an analysis of the surfing behavior of users (so-called third party cookies). Further information on the scope, purpose, legal basis and objection options can be found in the relevant sections of the respective chapter of this privacy policy.
As a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate, restrict or delete the transmission of cookies. If you deactivate cookies for our website, you may no longer be able to use all the functions of the website to their full extent. You can prevent the transmission of Flash cookies by changing the Flash Player settings.
You can find help on the settings in the respective help menu of your browser or under the following links:
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Some of the cookies used here are deleted again after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data and IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.
5 Data processing for order processing
5.1 If you wish to place an order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order. We process the data you provide to process your order.
In some cases, we work together with external service providers to process your order. For this purpose, we must pass on the personal data required for this.
If we commission transport companies to deliver your goods, we will pass on your data required for the delivery of the goods to the respective transport company. For the processing of payments, we pass on your data to the commissioned credit institution to the extent necessary. If we use payment service providers, you will also be informed of this below.
The legal basis for the transfer of your data is Art. 6 para. 1 lit. b GDPR.
5.2 In order to fulfill our contractual obligations, we work together with external shipping partners. We pass on your name and your delivery address (if necessary also further data) exclusively for the purpose of delivering the ordered goods in accordance with Art. 6 para. 1 lit. b GDPR to a shipping partner selected by us.
5.3 Forwarding of your personal data to shipping service providers
- DHL
If the goods are delivered to you by the transport service provider DHL (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn), we will only pass on the name of the recipient and the delivery address to DHL for the purpose of delivery and within the scope of necessity in accordance with Art. 6 Para. 1 lit. b GDPR. Only if you have given your express consent during the ordering process will we pass on your e-mail address to DHL in accordance with Art. 6 para. 1 lit. a GDPR before delivery of the goods for the purpose of coordinating a delivery date or for delivery notification. Your consent can be revoked at any time with effect for the future vis-à-vis the controller named above or vis-à-vis the transport service provider DHL.
5.4 Use of payment service providers
- PayPal
If you select the payment method PayPal, credit card via PayPal, direct debit via PayPal or - if offered - “purchase on account” or “payment by installments” via PayPal, payment will be processed via PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).
We pass on your personal data to PayPal in accordance with Art. 6 para. 1 lit. b GDPR to the extent necessary. PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - “purchase on account” or “installment payment” via PayPal.
For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 lit. f GDPR due to PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method.
The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Which other data is collected by PayPal can be found in PayPal's privacy policy. This can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.
6 Data processing when opening a customer account and for contract processing
If you open a customer account with us, personal data will be collected and processed in accordance with Art. 6 para. 1 lit. b GDPR. The scope of the data can be seen from the input form. The data you enter will be stored and used by us to process the contract.
You can delete your customer account at any time. This can be done by sending a message to the address of the person responsible or, if offered, directly in the customer account. In this case, we will also block your data with regard to retention periods under tax and commercial law and delete it after these periods have expired. This can only be opposed by your consent to permanent storage or a legally permitted further use of data on our part.
7 Use of your data for direct advertising
7.1 Newsletter
You can subscribe to a free newsletter on our website. When you register for the newsletter, the data from the input mask is transmitted to us. The only mandatory information is your email address. If you make further voluntary entries, these will only be used to address you personally.
The legal basis for the processing of your data after registration for the newsletter is Art. 6 para. 1 lit. a GDPR if the user has given consent. We obtain this consent by sending you a confirmation email containing a confirmation link after you have registered for the newsletter. If you click on this link, you also give your consent to receive the newsletter.
When you register for the newsletter, we store your IP address as well as the date and time of registration. The purpose of this storage is to be able to trace any possible misuse of your e-mail address.
We use the data collected by us when you register for the newsletter exclusively for the purpose of sending the newsletter.
You can cancel your subscription to the newsletter at any time. There is a corresponding link for this purpose in every newsletter. This also enables you to withdraw your consent to the storage of the personal data collected during the registration process.
7.2 Newsletter for existing customers
If you purchase goods or services on our website and enter your e-mail address, we may subsequently use it to send you a newsletter. In such a case, the newsletter will only be used to send direct advertising for our own similar goods or services.
The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 para. 3 UWG and Art. 6 para. 1 lit. f GDPR. In this respect, data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising.
If you have already objected to the use of your email address for the purpose of direct advertising, you will not receive this newsletter. However, you also have the option of objecting to the use of your email address for the advertising purpose stated here at any time with effect for the future by sending us a message. Upon receipt of your objection, the use of your e-mail address for advertising purposes will be discontinued immediately.
7.3 Advertising by letter post
If you have provided us with your first and last name, your postal address and any other personal data on the basis of an order, we reserve the right to store this data and send you our offers by post in order to protect our legitimate interest in personalized direct advertising in accordance with Art. 6 para. 1 lit. f GDPR.
You can object to the storage and use of your data for this purpose at any time by sending a corresponding message to the controller.
8. contacting us for the evaluation reminder
Own evaluation reminder
After your express consent in accordance with Art. 6 para. 1 lit. a GDPR, you will receive an e-mail from us as a one-time reminder to submit a review of your order. You can withdraw your consent at any time by sending a message to the controller responsible for processing your data.
9. online marketing
9.1 Google AdSense
We use Google AdSense on our website, a web advertising service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google AdSense uses so-called “DoubleClick DART cookies” (“cookies”), text files that are stored on your computer and enable your use of the website to be analyzed. In addition, so-called “web beacons” (small invisible graphics) are also used, which, for example, record visitor traffic on the website. The information generated by the cookie and/or web beacon (including your IP address) about your use of this website is usually transferred to a Google server and stored there, whereby a transfer to the USA is also possible.
The information obtained in this way is used by Google to evaluate your usage behavior with regard to the AdSense ads. The IP address transmitted by your browser as part of Google AdSense will not be merged with other Google data. The information collected by Google may be transferred to third parties if this is required by law and/or if third parties process this data on behalf of Google.
The legal basis is Art. 6 para. 1 lit. f GDPR; the purpose is the targeted advertising approach of the user by advertising third parties. At the same time, we have a legitimate financial interest in exploiting the economic potential of our website by displaying personalized third-party advertising content for a fee.
Google LLC, based in the USA, is certified for the us-European data protection agreement “EU-U.S. Data Privacy Framework”, which guarantees compliance with the level of data protection applicable in the EU. you can obtain further information about the data protection provisions of DoubleClick by Google at the following Internet address:
http://www.google.de/policies/privacy/
You can permanently deactivate cookies by setting your browser accordingly or download and install the browser plug-in available under the following link:
http://www.google.com/settings/ads/plugin?hl=de
You can find further information on data protection from Google here: https://business.safety.google/privacy/
Certain functions of this website may then not be usable or only to a limited extent.
9.2 Use of Google Ads conversion tracking
This website uses the online advertising program “Google Ads” and, as part of Google Ads, the conversion tracking of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
This involves advertising our offers on external websites with the help of advertising media (so-called Google Adwords). Our legitimate interest lies in displaying advertising that is of interest to you and in achieving a fair calculation of advertising costs. The legal basis is Art. 6 para. 1 lit. f GDPR.
Google Ads uses cookies for conversion tracking, which are set when you click on an AdWords ad placed by Google.
These cookies generally lose their validity after 30 days and are not used for personal identification. Each Google Ads customer receives a different cookie, which is why cookies cannot be tracked via the websites of Ads customers.
The information obtained in this way is used to generate conversion statistics for Ads customers about the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag.
You cannot be personally identified in this way.
If you wish to prevent tracking, you can deactivate the Google Conversion Tracking cookie via your Internet browser under user settings.
Google LLC, based in the USA, is certified for the US-European data protection agreement “EU-U.S. Data Privacy Framework”, which guarantees compliance with the level of data protection applicable in the EU. you can obtain further information about Google's data protection regulations at the following Internet address:http://www.google.de/policies/privacy/
Further information on Google's data protection can be found here: https://business.safety.google/privacy/
You can permanently deactivate conversion cookies by adjusting your browser settings accordingly or by downloading and installing the browser plug-in available at the following link:
http://www.google.com/settings/ads/plugin?hl=de
In this case, certain functions of this website may not be used or may only be used to a limited extent.
You can find further information on data protection from Google here: https://business.safety.google/privacy/
10. web analysis services
10.1 Google Analytics 4
We use Google Analytics 4 on our website, a web analytics service provided by Google Ireland Limited (Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) (hereinafter referred to as “GA4”).
Google Analytics uses “cookies”. These are small text files that are stored on your end device and enable your use of the website to be analyzed. The information generated in this way about your use of this website (including the shortened IP address) is transferred to a Google server, where it is stored and processed, whereby a transfer to the USA is possible. The IP addresses are anonymized by default. For IPv4 addresses, the last octet and for IPv6 addresses the last 80 bits in the memory are set to zero and thus “anonymized”. A personal reference is excluded. Transmission to servers of Google LLC based in the USA is not excluded.
During your website visit, GA4 records your user behavior in the form of “events”, such as Page views, first visit to the website, start of the session, your “click path”, interaction with the website, scrolls, clicks on external links, internal search queries, interaction with videos, file downloads, ads viewed / clicked on, language setting. GA4 also records your approximate location (region), your IP address (in anonymized form), technical information about your browser and the end devices you use (e.g. language setting, screen resolution), your internet provider, the referrer URL (via which website/advertising medium you came to this website).
Google uses this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. Your anonymized IP address collected in this context will not be merged with other Google data.
The data collected in this context is stored for fourteen months.
The legal basis for the data processing described here and the setting of cookies is your
express consent pursuant to Art. 6 para. 1 lit. a GDPR. This consent can be revoked at any time with effect for the future, for example by deactivating this Google service via the cookie consent tool in which you have already given your consent.
Without your consent, Google Analytics 4 will not be used during your visit to our website. You can revoke your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service using the “cookie consent tool” provided on the website.
Google LLC, based in the USA, is certified for the us-European data protection agreement “EU-U.S. Data Privacy Framework”, which guarantees compliance with the data protection level applicable in the EU.
We have also concluded an order processing contract with Google.
Further information on data protection by Google Analytics 4 can be found on the following websites:
https://policies.google.com/technologies/partner-sites
and
https://policies.google.com/privacy?hl=de&gl=de
Demographic characteristics
The “demographic characteristics” function of GA4 can generate statistics that can be used to determine the age, gender and interests of site visitors. For this purpose, advertising and information from third-party providers are analyzed and target groups for certain marketing activities are identified. However, this does not involve any personal allocation of data. The data is deleted after fourteen months.
UserIDs
If we use the extended “UserIDs” function, your activities (including conversions) can be analyzed across devices. In this case, the analysis is not pseudonymous.
This is possible if you have given your consent to the use of Google Analytics 4 in accordance with Art. 6 para. 1 lit. a GDPR, you have set up an account on this website and log in with this account on different devices.
Google Signals
If we use the “Google Signals” extension, we can generate cross-device reports on your usage behavior. However, we only receive statistics and no personal data. This analysis is only possible if you have activated personalized ads in your Google account and linked your devices to a Google account. You must also have given your consent to the use of Google Analytics in accordance with Art. 6 para. 1 lit. a GDPR. Cross-device analysis can be prevented by deactivating the “personalized advertising” function in your Google account. Further information about Google Signals can be found here: https://support.google.com/analytics/answer/7532985?hl=de
Further information on Google's data protection can be found here: https://business.safety.google/privacy/
10.2 Stetic
We use the web analysis service stetic, operated by Mr. Nico Puhlmann Schwanengasse 7, 64380 Roßdorf.
In order to safeguard our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes, StatCounter collects, evaluates and stores pseudonymized visitor data, from which pseudonymized user profiles can be created and evaluated. StatCounter uses cookies to recognize the browser and thus enable a more precise determination of the statistical data. Your IP address is also collected, but pseudonymized immediately after collection and before storage, so that a personal reference is excluded.
The legal basis is Art. 6 para. 1 lit. f GDPR.
In order to object to the collection and storage of your pseudonymized visitor data for the future, you can obtain an opt-out cookie from stetic under the following link, which means that no visitor data from your browser will be collected and stored by stetic in the future:
https://www.stetic.com/optout/?pid=100
11. tools and miscellaneous
Google reCAPTCHA
We use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”) in accordance with Art. 6 para. 1 lit. f GDPR due to our legitimate interest in avoiding abuse and spam. reCAPTCHA is a function designed to ensure that an entry is made by a natural person.
The service sends your IP address and any other data required by Google for the reCAPTCHA service to Google.
When using Google reCAPTCHA, your personal data may also be transmitted to the servers of Google LLC. in the USA.
Google LLC, based in the USA, is certified for the US-European data protection agreement “EU-U.S. Data Privacy Framework”, which guarantees compliance with the data protection level applicable in the EU. you can find more information about Google's data protection regulations at the following Internet address:http://www.google.de/policies/privacy/
Further information on Google's data protection can be found here: https://business.safety.google/privacy/
12 Rights of the data subject
12.1 The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, about which we inform you below:
- Right to information pursuant to Art. 15 GDPR:
You can request confirmation from the controller as to whether personal data concerning you is being processed by the controller. In addition, you have a right to information about the purpose, the categories of personal data, the recipients, the planned duration of storage and the existence of further rights such as rectification of the data or the existence of a right of appeal to a supervisory authority, the origin of your data if it was not collected by us, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing on you. meaningful information about the logic involved and the significance and envisaged consequences of such processing for you, as well as your right to be informed of the safeguards pursuant to Art. 46 GDPR relating to the transfer of your data to third countries;
- Right to rectification pursuant to Art. 16 GDPR:
You have the right to obtain without undue delay the rectification of inaccurate data concerning you and/or the completion of your incomplete data stored by us; the rectification or completion must be carried out without undue delay.
- Right to restriction of processing pursuant to Art. 18 GDPR:
You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you dispute, is being verified, if you refuse to delete your data due to unauthorized data processing and instead request the restriction of the processing of your data, if you need your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved or if you have lodged an objection for reasons of your particular situation, as long as it is not yet clear whether our legitimate reasons prevail;
If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If the restriction of processing has been restricted, you will be informed by the controller before the restriction is lifted.
- Right to erasure pursuant to Art. 17 GDPR:
You have the right to obtain the erasure of your personal data without undue delay if the requirements of Art. 17 (1) GDPR are met. However, this right to erasure does not exist in particular - not conclusively - if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims
- Right to information in accordance with Art. 19 GDPR:
If you have exercised your right to rectification, erasure or restriction of processing, the controller is obliged to notify all recipients to whom your personal data have been disclosed of this rectification or erasure of the data or restriction of processing, unless this is impossible or involves a disproportionate effort. You also have the right to be informed about these recipients.
- Right to data portability pursuant to Art. 20 GDPR:
You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller, where technically feasible;
- Right to revocation in accordance with Art. 7 para. 3 GDPR:
You have the right to object at any time to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 lit. e) or f) GDPR; this also applies to profiling based on these provisions.
You also have the right to withdraw your declaration of consent under data protection law at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
- Right to lodge a complaint pursuant to Art. 77 GDPR:
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
12.2 Right to object
You have the right to object to the processing of your data at any time with effect for the future if we process your data on the basis of our overriding legitimate interest after weighing up your interests.
If you make use of this right to object, we will stop processing your data unless there are demonstrably overriding compelling legitimate grounds for termination or if further processing serves the exercise or defense of legal claims.
13. duration of the storage of personal data
The duration of the storage of personal data depends on the statutory retention periods. After these periods have expired, we routinely delete the data if it is no longer required for the fulfillment or initiation of the contract and/or if we no longer have a legitimate interest in further storage.