Important data at a glance
Name and address of those responsible
Robert Kraemer GmbH & Co. KG
Zum Roten Hahn 9
General information on data processing
1. Scope of the processing of personal data
We collect and use the personal data of our users only to the extent necessary to provide a functioning website as well as our contents and services. The collection and use of personal data of our users only takes place with the consent of the user. An exception applies in cases where prior consent cannot be obtained for practical reasons and the data processing is permitted by law.
2. Legal basis for the processing of personal data
To the extent that we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis. Art. 6 para. 1 lit. b GDPR serves as the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis. In the event that vital interests of the person concerned or another individual necessitate the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis. If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.
3. Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. In addition, the data may be stored if the European or national legislator has made provision for this in EU ordinances, laws or other regulations to which the data controller is subject. The data shall also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless further storage of the data is necessary for the conclusion or performance of a contract.
Provision of the website and creation of log files
1. Description and scope of data processing
Our websites are hosted by the service provider Hetzner Online GmbH. When you access our website, data are collected by the hosting service's system. Hetzner Online GmbH states the following: "For data protection reasons, the host name or IP address of the client accessing your website is anonymised in the log files. In the log files, only the entries for the host of the client or, if this cannot be determined, the IP address of the client are anonymised. Only the last 6 weeks are available for selection." And to store the page views by Hetzner Online GmbH itself, Hetzner Online GmbH states: "When your website is viewed by visitors, the IP addresses of these visitors are recorded and stored in log files. We store the IP addresses of visitors to your website for a maximum of seven days in order to detect and prevent attacks." Each time you access our website, our system automatically collects data and information from the computer system of the accessing computer.
The following data will be collected:
(1) Information about the browser type and the version used
(2) The user's operating system
(3) The Internet Service Provider of the User
(4) The IP address of the user
(5) Date and time of access
(6) Websites from which the user's system accesses our website
(7) Websites accessed by the user's system via our website
2. Legal basis for data processing
The legal basis for the temporary storage of data is Art. 6 para. 1 lit. f GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session. The data are stored in log files in order to ensure the functionality of the website. The data are also used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes also include our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR.
4. Duration of storage
The data are deleted as soon as they are no longer required for the purpose of their collection. In the case of the collection of data for the purpose of providing the website, this is the case when the session in question has ended. If the data are stored in log files, this is the case after seven days at the latest. Subsequent storage is possible. In this case, the IP addresses of the users are deleted or distorted so that it is no longer possible to assign the accessing client. According to Hetzner Online GmbH, the log files can be evaluated anonymously for a maximum of the past 6 weeks.
5. Possibility of objection and removal
The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no possibility for the user to object.
Data protection officer
Our data protection officer is Oliver Dankmeyer (AmNetz GmbH, Im Doorgrund 9, 26160 Bad Zwischenahn). You can reach him for all data protection issues related to our company and for any reports of data protection violations at email@example.com.
Usage of Cookies
a) Description and scope of data processing
(1) Language settings
(2) Log-in information
(3) Technical information for the operation of the page
b) Legal basis for data processing
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.
c) Purpose of data processing
e) Duration of storage, possibility of objection and removal
Web analysis through Matomo
1. scope of the processing of personal data
We use the open source software tool Matomo (formerly PIWIK) on our website to analyse the surfing behaviour of our users. This is an open source tool for web analysis. Matomo does not transmit any data to servers that are outside the control of Robert Kraemer GmbH & Co. KG.
We use Matomo without cookies! Your IP address is anonymised immediately; this means that you remain anonymous as a user. The information generated by Matomo about your use of this website is not passed on to third parties. Robert Kraemer GmbH & Co. KG regards this analysis as part of its Internet service. It would like to use it to further improve the website and adapt it even more to the needs of the users.
If you do not agree to the storage and evaluation of this data from your visit, you can object to its storage and use below by clicking on it. A so-called deactivation cookie will then be stored in your browser. This means that Matomo does not collect any session data (note: if you delete your cookies, the deactivation cookie will also be deleted and may have to be reactivated by you on your next visit).
If individual pages of our website are called up, the following data is stored:
(1) 2 bytes of the IP address of the user's calling system.
(2) The web page called up
(3) The website from which the user accessed the accessed website (referrer)
(4) The sub-pages called up from the called-up website
(5) The time spent on the website
(6) The frequency with which the website is accessed
The software runs exclusively on the servers of our website. Personal data of the users is only stored there. The data is not passed on to third parties. You can decide here to allow Robert Kraemer GmbH & Co. KG to collect and analyse statistical data. If you wish to opt out, click the following link to place the Matomo deactivation cookie in your browser.
2. legal basis for the processing of personal data
The legal basis for the processing of users' personal data is Art. 6 (1) lit. e DSGVO in conjunction with. § 3 BDSG - new.
3 Purpose of the data processing
The processing of the users' personal data enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. By anonymising the IP address, the interest of users in the protection of their personal data is adequately taken into account.
4 Duration of storage
The data is regularly and automatically deleted every 90 days. The statistics generated and the underlying data are not deleted.
How to contact us and contact form
1. Description and scope of data processing
On our website there are forms which can be used for the electronic establishment of contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.
These data are:
(1) First name
(3) E-mail address
(4) Telephone number
(5) Postcode & city
(6) Street & house number
(7) Tittle / Salutation
At the time the message is sent, the following data will also be stored:
(1) The IP address of the user
(2) Date and time of registration
Your consent will be obtained for the processing of data as part of the submission process and reference will be made to this data protection declaration. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be stored. The data will not be passed on to third parties in this context. The data will be used exclusively for processing the conversation.
2. Legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given his or her consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the purpose of the e-mail communication is to conclude a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.
3. Purpose of data processing
The processing of personal data from the entry form serves us exclusively for the process of establishing contact. In the case of contact via e-mail, this also constitutes the necessary legitimate interest in the processing of data. Other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as they are no longer required for the purpose for which they were collected. For the personal data from the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the relevant facts have been conclusively clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
5. Possibility of objection and removal
The user has the possibility to revoke his consent to the processing of his or her personal data at any time. If the user contacts us by e-mail, he or she can object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued. The following is a description of how the withdrawal of consent and the objection to storage is made possible. All personal data stored in the course of contacting us will be deleted in this case.
a) Description and scope of data processing
You have the possibility to use the customer login on our website. The customer area is used to exchange specially protected documents with you.
The customer area can only be used by registered customers.
The following data is collected in the registration process (mandatory fields):
- First name
- Last name
Optionally you can enter the following data:
- Title/ Salutation
- Street & House number
- Zip code & City
b) What is the legal basis?
The legal basis for the processing of data in the event of the user's consent is Art. 6 (1) a of the GDPR.
The legal basis for the processing of personal data transmitted for the purpose of registering for the customer login is Art. 6 (1) f of the Basic Data Protection Regulation.
The legal basis for the processing of personal data transmitted in the course of pre-contractual measures, for the conclusion of a contract or for the performance of a contract is Art. 6 (1) b of the GDPR.
c) Purpose of the data processing
The processing of personal data during customer login serves the exchange of specially protected documents with our customers. The other personal data processed during the customer login serves to prevent misuse of the customer login and to ensure the security of our information technology systems.
d) Storage period and deletion periods
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the customer login, this is the case when the user deletes his account and the deletion process does not conflict with any legal retention periods.
If documents are transmitted via the customer login for the conclusion, a contract, the fulfillment of a contract or the implementation of contractual measures, the data will be deleted as soon as they are no longer required for the implementation of the contract. Even after conclusion and fulfillment of the contract, there may be a need to store personal data of the contractual partner in order to comply with contractual or legal obligations.
e) Right of objection
The user has the possibility to revoke his consent to the processing of personal data at any time by requesting the deletion of his account.
In the event of incorrect login attempts, the IP address is stored for 14 days. This is done in order to prevent and analyze hacking attempts. Furthermore, this data is required for registered users in order to be able to analyze and correct technical errors during login, for example.
Rights of the person concerned
If personal data are processed by you, you are the data subject within the meaning of the General Data Protection Regulation (GDPR) and you are entitled to the following rights towards the data controller:
1. Right to information
You may request confirmation from the data controller as to whether personal data concerning you will be processed by us. In the event of such processing, you may request the following information from the data controller:
(1) the purposes for which the personal data will be processed;
(2) the categories of personal data processed;
(3) the recipients or categories of recipients to whom the personal data relating to you have been or will be disclosed;
(4) the planned duration of the retention of the personal data relating to you or, if it is not possible to provide specific information in this respect, criteria for determining the retention period;
(5) the existence of a right to rectify or delete personal data concerning you, a right to limit the processing by the controller or a right to object to such processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) any available information on the origin of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making including profiling in accordance with Art. 22 para. 1 and 4 GDPR and – at least in these cases – meaningful information on the logic involved as well as the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transfer.
2. Right to correction
You have the right to have your personal data corrected and/or completed by the data controller if the personal data processed concerning you are inaccurate or incomplete. The data controller must carry out the correction immediately.
3. The right to restriction of processing
Under the following conditions, you may request that the processing of your personal data be restricted:
(1) if you dispute the accuracy of the personal data concerning you for a period of time which allows the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you refuse deletion of the personal data and instead request that the use of the personal data be restricted;
(3) the controller no longer needs the personal data for the purposes of processing, but you need them for the assertion, exercise or defence of legal claims, or
(4) if you have objected to data processing pursuant to Art. 21 para. 1 GDPR and it has not yet been established whether the legitimate reasons of the data controller outweigh your reasons.
If the processing of personal data relating to you has been restricted, such data may not be processed – beyond storage – without your consent or for the purpose of asserting, exercising or defending legal rights or protecting the rights of another natural or legal person or for reasons of an important public interest of the European Union or of a Member State.
If the processing restriction has been limited in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4)Right to deletion
a) Deletion obligation
You may request the controller to delete the personal data relating to you immediately and the controller is obliged to delete such data immediately if one of the following reasons applies:
(1) Personal data relating to you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR was based and there is no other legal basis for data processing.
(3) You object to the data processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate reasons for processing, or you object to the data processing pursuant to Art. 21 para. 2 GDPR.
(4) The personal data concerning you have been processed unlawfully.
(5) The deletion of your personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) The personal data relating to you have been collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.
b) Information to third parties
If the data controller has made the personal data concerning you public and is obliged to delete them in accordance with Art. 17 (1) GDPR, he or she shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform the persons responsible for data processing who process the personal data that you, as the person concerned, have requested them to delete all links to these personal data or copies or replications of these personal data.
The right to deletion does not exist if the data processing is necessary
(1) for the exercise of freedom of expression and information;
(2) to fulfil a legal obligation which the data processing requires under the law of the European Union or of the Member States to which the controller is subject, or to perform a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
(4) for archival purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the law referred to under a) is likely to make it impossible or seriously impair the attainment of the objectives of such processing, or
(5) for the assertion, exercise or defence of legal claims.
5. Right to information
If you have exercised the right to rectify, cancel or limit processing of your personal data against the controller, the latter is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this correction, cancellation or limitation of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed of such recipients by the data controller.
6. Right to data transmissibility
You have the right to receive personal data concerning you that you have provided to the data controller in a structured, common and machine-readable format. In addition, you have the right to communicate these data to another data controller without being hindered by the controller to whom the personal data were provided, provided that
(1) the data processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and
(2) the data processing is carried out by means of automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transferred directly by one data controller to another data controller, as far as this is technically feasible. Freedoms and rights of other persons must not be affected by this. The right to data transfer does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to objection
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data on the basis of Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions. The controller will no longer process the personal data relating to you unless he or she can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is connected with such direct marketing. If you object to the data being processed for direct marketing purposes, the personal data relating to you will no longer be processed for these purposes. You have the possibility to exercise your right of objection through automated procedures using technical specifications in connection with the use of Information Society services, notwithstanding Directive 2002/58/EC.
8. Right to revocation of declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of your consent does not affect the legality of data processing carried out before you revoked your consent.
9. Automated ruling in individual cases including profiling
You have the right not to be subject to any decision based solely on automated processing, including profiling, that has any legal effect on you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for the conclusion or performance of a contract between you and the data controller,
(2) is authorised by EU law or by the laws of the Member States to which the data controller is subject and contains adequate measures to safeguard your rights and freedoms and your legitimate interests; or
(3) is made with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests. With regard to the cases referred to in (1) and (3), the data controller shall take appropriate measures to protect the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the data controller, to state his or her own position and to challenge the decision.
10. Right to appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to appeal to a supervisory authority, in particular in the Member State of your residence, place of work or place of presumed infringement, if you consider that the processing of your personal data is contrary to the GDPR. The supervisory authority with which the complaint was lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.