1. Name and contact data of responsible person for processing and the company data protection officer
This data protection notice applies for data processing by:
BEB Stahlbearbeitung KG (hereinafter: BEB), Josef-Baumann-Str. 29a, 44805 Bochum, Germany
Telephone: +49 (0) 234 / 89 11 30, Email: email@example.com, Website: www.BEB-Stahl.de,
Our company’s data protection officer is accessible via
Heimann und Drabas, Steuerberater Rechtsanwalt Partnergesellschaft,
Pallastsstr. 80, 44575 Castrop-Rauxel, Germany,
Telephone: + 49 (0) 2305 / 35 60 40
2. Collection and storage of personal data and the nature and purpose of their usage and deletion
a) When visiting the website
When you enter our website www.BEB-Stahl.de, the browser used by your device automatically transfers information to the server of our website. This information is stored temporary in a so-called log file. The following information is, without action on your part, collected and saved until automatic cancellation:
Date and time of the access,
Name and URL of the accessed file(s),
Website, from which access was made (Referrer-URL)
Websites you are addressing after visiting our website;
Browser used and, if necessary, the operating system of your computer as well as the name of your access provider.
We are processing the aforementioned data for the following purposes:
Ensuring a smooth connection and operation of the website,
Ensuring a convenient use of the website,
Analysis of the system security and stability and
for further administrative purposes.
The legal basis for data processing is Art. 6 (1) sentence 1 (f) GDPR. Our legitimate interest is resulting from the abovementioned purposes of data processing. In no event we will use the collected data for any conclusions being drawn to your person.
The data is as well stored in the log files of our system. Not affected is your IP-address, because it is stored only anonymously (just the first two blocks of the IP address), or other data enabling the connection between the data and the individual user.
The data will be deleted as soon as it is are no longer necessary for the purpose it was first collected for. In case of data received by visiting the website, this is the case once the session is over. The (anonymised) IP-date, which is stored in the log files, is deleted after one year.
b) When using our contact form
For questions of any kind, we offer you the option to contact us by using the contact form on our website. It is necessary to provide a valid email address, in order to know about the sender and to answer your request. Further information can be provided voluntarily.
The personal data collected by using the contact form will be deleted automatically after execution of your request.
3. Data transfer
Your personal data will not be transferred to third parties for other than the following purposes.
We only transfer your personal data to third parties, if:
you have given your explicit consent by means of Art. 6 (1) sentence 1 (a) GDPR,
the transfer is required for assertion, exercise or defence of legal claims and if there is no reason to believe, that you have an overriding interest warranting the non-disclosure of your data, by means of Art. 6 (1) sentence 1 (f) GDPR
it is the case, that there is a legal obligation for the transfer, according to Art. 6 (1) sentence 1, (c) GDPR, and
this is permitted by law and in line with Art. 6 (1) sentence 1 (b) GDPR, for execution of contracts with you.
Information in connection with the specific device used is placed on the cookie. However, this does not mean, that we directly gain knowledge about your identity.
One purpose of the cookies is to make your use of our online services more convenient for you. For this, we use so-called “session cookies”, enabling us to recognise your prior visit of parts of our website. These cookies are automatically deleted after your visit.
In addition we use temporary cookies that are stored on your device for a specified period of time to improve usability. When you visit our website again, it will automatically recognize your prior visit, as well as which commands and settings you have made, in order to not have them entered again.
The data processed by cookies is necessary to safeguard our legitimate interests as well as of third parties, as per Art. 6 (1) sentence 1 (f) GDPR.
Most browsers accept cookies automatically. Alternatively, your browser can be configured to always reject the cookies or to inform you before a new cookie is created. Disabling cookies may limit the functionality of our website.
5. Analytical Tools
For marketing and optimization purposes, this website uses products and services from LeadForensics (Communication House, 26 York Street, London, W1U 6PZ United Kingdom). Lead Forensics determines the actual course of your visit to this website, including all pages visited and viewed by you, and how long you spent on this page. As far as IP addresses are collected, these will be anonymized immediately after collection. On behalf of the operator of this website, Lead Forensics will use the information collected to evaluate your visit to the website, to compile reports on website activity and to provide other services related to website usage and internet usage to the website operator.https://www.leadforensics.com/privacy-andcookies/ . As far as we process personal data, we do so because of our legitimate interests to better design our website. The legal basis is the protection of legitimate interests in accordance with Art. 6 (1) (f) GDPR. You can object to data processing at any time with effect for the future by clicking on the following link: http://lfwebproxy.westeurope.cloudapp.azure.com:5000/?clientID=72829 . We will not save any additional data.
6. Data security
Within the visit of our website, we use the widely-used SSL system (Secure Socket Layer) in connection with the highest level of encryption that is supported by your browser. In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether a single page of our website is encrypted is shown by the closed representation of the key or lock icon in the status bar at the bottom of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or total loss, destruction or against unauthorised access by third parties. Our security measures are constantly being improved according to the technological development.
7. Your rights as a data subject
As far as your personal data is processed during the visit of our website, you have the following rights as a "data subject" within the meaning of the GDPR:
.1 Right of access
You can request information from us about whether your personal data is processed by us. There is no right of access if the information must be kept secret for other reasons, in particular because of an overriding legitimate interest of a third party. Deviating hereof, there may be an obligation to provide the information if your interests outweighs the interests of secrecy, in particular taking into account any imminent damage. The right of access is also excluded if the data is stored only because it may not be deleted due to legal or statutory retention periods or serve exclusively for data protection or data protection control, if the exchange of information would require a disproportionate effort and processing for other purposes is excluded by appropriate technical and organisational measures. If in your case the right of access is not excluded, and your personal data is processed by us, you can ask us about the following information:
the purposes of the processing,
the categories of personal data concerned;
the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
the right to lodge a complaint with a supervisory authority;
where the personal data are not collected from the data subject, any available information as to their source;
the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
if applicable, in case of transfers to recipients in third countries, if there is no EU Commission decision on the adequacy of the protection level under Art. 45 (3) GDPR, information on appropriate safeguards pursuant to Art. Art. 46 (2) GDPR for the protection of personal data.
.2 Right to rectification
If you notice that we have inaccurate personal data, you shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. In case of incomplete personal data concerning you, you can request the completion.
7.3 Right to erasure (“right to be forgotten”)
You have a right to erasure (“Right to be forgotten”), unless the processing is necessary for the exercise of the right to freedom of expression, the right to information or to fulfil a legal obligation for the performance of a task of public interest, where one of the following grounds applies:
The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed
The justification for processing was only your consent, which you have revoked.
You have objected to the processing of your personal data which we have made public.
You have objected to the processing of personal data not disclosed by us and there are no overriding proper reasons for the processing.
Your personal data has been unlawfully processed.
The deletion of personal data is required to fulfil a legal obligation to which we are subject.
There is no claim for deletion where, in case of legitimate non-automated data processing, deletion is not possible or only possible with disproportionate effort due to the special type of storage and your interest in deletion is low. In this case, the deletion is replaced by the limitation of processing.
7.4 Limitation of processing
You may require us to restrict processing if any of the following applies:
You dispute the accuracy of your personal data. The limitation may be required in this case for the duration that allows us to verify the accuracy of the data.
The processing is unlawful, and you require the limitation instead of the deletion of the use of your personal data.
Your personal data will no longer be needed by us for the purposes of processing that you may need for the assertion, exercise or defence of legal claims.
You have objected per Art. 21 (1) GDPR. The limitation of processing may be required as long as it is not certain that our legitimate reasons prevail your reasons.
Limitation of processing means that the personal data are processed only with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of substantial public interest. Before we remove the limitation, we have a duty to inform you about it.
7.5 Data portability
You have the right to data portability if the processing is based on your consent (Article 6 (1) sentence 1 (a) or Article 9 (2) (a) GDPR) or on a contract to which you are a party and the processing is done using automated processes. The right to data portability in this case includes the following rights, unless this does not affect the rights and freedoms of others:
You may require us to receive the personal data you provide to us in a structured, common and machine-readable format. You have the right to transfer this data to another responsible person without hindrance on our part. As far as technically possible, you may require us to transfer your personal data directly to another controller.
7.6 Right to object
Insofar as the processing is based on Article 6 (1) sentence 1 (e) GDPR (performance of tasks carried out in the public interest or in the exercise of official authority) or on Article 6 (1) (1) (f) GDPR (legitimate interest of the controller or a third party), you have the right, at any time, to object to the processing of your personal data for reasons of your particular situation. This also applies to profiling based on Art. 6 (1) sentence 1 (e) or letter (f) GDPR. After exercising your right to object, we will no longer process your personal data unless we can provide compelling legitimate grounds for processing that prevail your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.
7.7 Revocation of a consent
You have the right to revoke your consent at any time with effect for the future. The revocation of the consent can be communicated informally by phone, by e-mail, or to our postal address. The revocation does not affect the lawfulness of the data processing which has taken place on the basis of the consent until receipt of the revocation. Upon receipt of the revocation, the data processing, which was based solely on your consent, is set.
7.8 Right to complaint
If you consider that the processing of your personal data is unlawful, you may lodge a complaint with a data protection supervisory authority that has jurisdiction over your place of residence or employment or the location of the possible breach.