We wish to inform you that transferring data over the Internet (e.g. such as when communicating by email) can carry security risks. It is not possible to perfectly protect data against access by third parties.
Notice: In the text below, we have referenced provisions of the GDPR, which will enter into force on 25 May 2018. Until the GDPR enters into force, these references should be understood as references to the corresponding provisions of the BDSG in the version then valid.
I. Data protection on the website
1. Name and contact information of the controller
The controller for data processing on this website is:
H-TEC SYSTEMS GmbH
Am Mittleren Moos 46
T: +49 (0) 821 507 697-0
F: +49 (0) 821 507 697-899
2. Name and contact information of the data protection officer
Our data protection officer is:
Meißner Datenschutz GmbH
T: +49 (0) 4671 93 10 31
3. General information about data processing
When you contact us by email, we save the information you share with us (your email address, your name and telephone number if relevant) to answer your question. We delete the data collected in this connection once it is no longer necessary to save it or limit processing if statutory retention periods apply.
If we use external service providers for some functions of our website or want to use your data for commercial purposes, we will inform you about the respective processes in detail. In the process, we will also name the set criteria for the length of storage.
a) Scope of processing personal data
We only process our user's personal data inasmuch as is necessary to provide a functioning website and our contents and services. Generally, the personal data of our users is only processed after we have received consent from our users. An exception applies in cases when it is not factually possible to obtain permission before collecting data and processing data is permitted by statutory provisions.
b) Legal basis for processing personal data
Inasmuch as we have obtained consent from the affected person to process personal data, Art. 6 para. 1 p. 1 lit. a GDPR is the legal basis.
When personal data is processed to fulfil an agreement to which the affected person is a contractual party, Art. 6 para. 1 p. 1 lit. b GDPR is the legal basis. This also applies for processing that is necessary to perform precontractual measures.
If processing personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 p. 1 lit. c GDPR is the legal basis.
If a vital interest of the affected person or another natural person renders processing of the personal data necessary, Art. 6 para. 1 p. 1 lit. d GDPR is the legal basis.
If processing is necessary to protect a legitimate interest of our company or of a third party and the interests, basis rights, and basic freedoms of the affected party do not outweigh this first interest, Art. 6 para. 1 p. 1 lit. f GDPR is the legal basis for processing.
c) Deleting data and terms of storage
The personal data of the affected person will be deleted or locked as soon as the purpose for storage lapses. Data can continue to be stored thereafter if this is provided for by the European or national legislature in Union law regulations, laws, or other provisions to which the controller is subject. Data will also be locked or deleted if a storage period prescribed by the laws listed above elapses, unless it is necessary to continue storing this data for contractual conclusion or contractual fulfilment. In addition, storage can continue if you have given your consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR.
4. Collection of your personal data when visiting our website
In purely informational use of our website, e.g. if you do not register or otherwise send information to us, we only collect the personal data that your browser sends to our server. When you view our website, we collect the following data, which is technologically necessary for us to show you our website and to ensure security. The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR:
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected.
The website uses what is referred to as cookies. Cookies do not damage your computer and do not contain viruses. Cookies help to make our website more user-friendly, more effective, and more secure. Cookies are small text files that are set on your computer and stored by your browser.
Most of the cookies used by us are what is called “session cookies”. They are deleted automatically at the end of your visit. Other cookies are stored on your end device until you delete them. These cookies allow us to recognize your browser at your next visit.
You can set up your browser to inform you when cookies are set and to only allow cookies in specific cases, to prohibit cookies from being accepted in certain cases or generally, and to activate the automatic deletion of cookies when your browser is closed. If cookies are deactivated, the functionality of this website may be restricted.
Cookies that are necessary to perform the electronic communication process or to provide certain functions that you could request are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for technologically correct and optimal provision of their services.
6. Application process
II. Rights of data subjects
You have the following rights with regard to your personal data:
III. Right to complain to responsible data protection supervisory authorities
You also have the right to complain about our processing of your personal data to the responsible data protection supervisory authorities pursuant to Art. 77 GDPR.
If you have issued consent for your data to be processed, you can revoke this consent pursuant to Art. 7 para. 3 GDPR at any time. Such revocation of consent influences the legality of processing your personal data once you have expressed it to us.
V. Right to object
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, inasmuch as there are reasons based in your particular situation.
If you want to use your right to object, send an email to: info(at)h-tec.com.
VI. Transferring data to third parties
In our “GP JOULE” corporate group (www.gp-joule.de), we work closely with other corporate groups. It may be necessary for us to process your personal data within the existing or future corporate group. Our legitimate interest consists of efficiently structuring business processes. The legal basis for processing your personal data is Art. 6 para. 1 lit. f GDPR in this case.
In addition to this, your personal data is processed within the existing or future corporate group, inasmuch as this is necessary for the foundation, content, or amendment of the legal relationship. The legal basis for processing your personal data in this case is Art. 6 para. 1 lit. b GDPR, which permits data to be processed to fulfil a contract or for precontractual measures.
The collected personal data will be deleted after the order is concluded or the business relationship has ended. Statutory retention periods remain reserved.
In some cases, we use external service providers to process your data. They are carefully selected and commissioned by us, are bound to follow our instructions, and are monitored by us on a regular basis. This generally occurs on the basis of order processing pursuant to Art. 28 GDPR.
Otherwise, we only send personal data to third parties if this is permitted under the law or you have issued your consent in advance. If you have issued consent, you can revoke this consent with effect for the future at any time.
VII. Data transferral to countries outside of the European Economic Area (EEA)
Inasmuch as we process data outside of the EEA, cause this to occur in the context of using third party services, or data is disclosed or transmitted to third parties, this only occurs if it is necessary to fulfil our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation, or on the basis of our legitimate interest.
Otherwise, we only transfer data to third party countries if it has been assured that the recipient of the data ensures an appropriate level of data protection in the sense of Chapter V of the GDPR and there are no other justified interests against data transferral. To ensure an appropriate level of protection with the recipient of the data, we particularly use the sample contracts of the EU Commission for the transfer of personal data to third party countries.
VIII. No automated individual decisions
We do not use your personal data for automated individual decisions in the sense of Art. 22 paragraph 1 GDPR.
IX. Links to other websites
X. Data security
We have taken the necessary technological and organizational measures to protect the personal data that you provide from loss, destruction, manipulation, and unauthorized access. All of our employees and all people who participate in data processing are obligated to comply with the GDPR, the BDSG, and other laws relevant to data privacy and confidential handling of personal data. Our employees are trained correspondingly. Both internal and external inspections ensure compliance with all data privacy processes.
To protect the personal data of our users, we use a secure online transfer process referred to as a “secure socket layer” (SSL) or “transport layer security” (TSL) transfer. You can see that this is the case if there is an “s” displayed in the address component (“https://”) or a green, closed lock symbol displayed in the browser. By clicking the symbol, you can get information about the SSL certificate that is used. The depiction of the symbol depends on the version of the browser that you use. SSL encryption ensures that your data is transferred securely and completely.
Version: May 2018