1. Name and Contact Details of the Party Responsible for Processing

This privacy information applies to data processing by:

Hebmüller GmbH
Rudolf-Diesel-Strasse 7
40670 Meerbusch

Manager: Jörg Hebmüller
E-Mail: joerg.hebmueller(at)ht-amg.de
Phone: +49 2159 69730-50
(hereinafter: „we“ or „us“)

2. Collection and Storage of Personal Data as well as Type and Purpose of Processing

When you visit our website www.hebmueller-technik.de or www.ht-amg.de, the browser used on your terminal device automatically sends personal data to the server of our website. This personal data is temporarily stored in a log file. The following personal data is collected without your influence:

• IP address of the requesting computer,

• Date and time of access,

• Name and URL of the accessed file,

• Website from which the access is made (referrer URL),

• Browser used by you and, if applicable, the operating system of your computer and the name of your access provider.

The mentioned data is processed by us for the following purposes:

• ensuring a smooth connection setup of the website,

• ensuring an ease of use of our website,

• evaluation of system security and stability as well as

• for other administrative purposes in relation to the use and functionality of the website.

The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person. You can find more detailed explanations under point 4 of this data privacy policy.

For the data processing carried out by us, we indicate below in each case how long the data will be stored by us and when it will be deleted. If no explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for the storage no longer applies. Your data is generally stored for a period of 8 weeks, unless there is a case of lawful storage beyond this period. Storage may take place beyond the specified time in the event of a (threatened) legal dispute with you or other legal proceedings, or if storage is provided for by legal regulations to which we as the responsible party are obliged. If the storage period mandated by legal regulations expires, the personal data will be deleted unless further storage by us is necessary and a legal basis exists for such.

3. Transfer of Data

We do not transfer your personal data to third parties for purposes other than those listed below. We will only pass on your personal data to third parties if:

• you have given your explicit consent in accordance with Art. 6 para. 1 p. 1 lit. a GDPR to do so,

• the disclosure according to Art. 6 para. 1 p. 1 lit. f GDPR for the assertion, practice or defense of legal claims, and there is no reason to believe that you have an overriding legitimate interest in the non-disclosure of your data,

• in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 p. 1 lit. c GDPR a legal obligation exists, and

• this is legally permissible and according to Art. 6 para. 1 p. 1 lit. b GDPR for the processing of contractual relationships with you.

4. Integration of Third-Party Services and Content

We integrate the fonts ("Google Fonts") of the provider Google, whereby the user data is used solely for the purpose of displaying the fonts in the browser of the website users. The integration is based on our legitimate interests in a technically secure and efficient use of fonts, their uniform presentation and taking into account possible copyright restrictions for their integration. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
website: https://fonts.google.com/;
privacy policy: https://policies.google.com/privacy

As with any larger company, we also use external service providers to handle our business transactions (e.g. for IT). They only act on our instructions and have been contractually obligated to comply with data protection regulations in accordance with Art. 28 GDPR.

5. Data Subject Rights You have the right:

• Pursuant to Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about their details;

• Pursuant to Art. 16 GDPR, to immediately request the correction of incorrect or completion of your personal data stored by us;

• Pursuant to Art. 17 GDPR, to request the deletion of your personal data stored by us, provided that processing is not necessary to exercise the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the assertion, practice or defense of legal claims is necessary;

• Pursuant to Art. 18 GDPR, to request the restriction of the processing of your personal data, provided that the accuracy of the data is disputed by you, the processing is unlawful, but you object to its deletion and we no longer require the data, but you need it for the assertion, practice or defense of legal claims or you have submitted an objection to the processing pursuant to Art. 21 GDPR.

• Pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;

• Pursuant to Art. 7 para. 3 GDPR, to revoke your consent once given to us at any time. This has the consequence that we may no longer continue processing data, which was based on this consent, in the future; and

• To complain to a supervisory authority in accordance with Art. 77 GDPR. Typically, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.

6. Right of Objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are justifications for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation. If you would like to exercise your right of revocation or objection, it is sufficient to send an e-mail to joerg.hebmueller@ht-amg.de.

7. Data Security

Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. Usually, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Based on statutory provisions, our website contains data that enables a quick electronic contact to our company as well as direct communication with us, which also includes addresses of the electronic mail (e-mail addresses). If a data subject contacts us, one of our employees or the processor by e-mail or by means of a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to us, one of our employees or the controller will be stored for the purpose of processing or contacting the data subject. This personal data is not passed on to third parties.