Legal notice
Legal notice
Publisher (legally responsible for content):
BEIT GmbH
Merkur Allee 1-15
32339 Espelkamp
Germany
Tel.: +49 5772 49 0
Email:
info@beit.de
Website:
www.beit.de
Managing Director (with authority to represent the company):
Christof Meier
Registration Court: District Court of Bad Oeynhausen
Company registration number: HRB 9131
VAT identification number pursuant to Section 27 a of the German VAT Act (Umsatzsteuergesetz, UStG): DE 171971829
Responsibility for content pursuant to Section 10 (3) of the German Interstate Agreement on Media Services (Mediendienstestaatsvertrag, MDStV):
Mario Hoffmeister
Privacy Policy
This Privacy Policy informs you about the nature, the scope and the purpose of processing of personal data (hereafter “data” for short) within our online presence and related websites, functions and content as well as external elements of our online presence, such as our social media profile (hereafter collectively referred to as “online presence”). With regard to the terms used, such as “processing” and “controller”, we refer you to the definitions in Art. 4 of the European General Data Protection Regulation (GDPR).
Controller
BEIT GmbH
Merkur Allee 1-15
32339 Espelkamp
Tel.: +49 5772 49-0
Email: info@beit.de
Internet: www.beit.de
Managing Director and authorised representative:
Christof Meier
Contact details for the Data Protection Officer:
datenschutzbeauftragter@gauselmann.de
Types of processed data:
- Master data (e.g. names, addresses).
- Contact data (e.g. email addresses, telephone numbers).
- Content data (e.g. text, photographs, videos).
- Usage data (e.g. websites visited, interest in content, times of access).
- Metadata/Communication data (e.g. device information, IP addresses).
Categories of data subjects
Visitors to and users of the online presence (data subjects are also collectively referred to as “users” hereafter).
Purpose of processing
- Provision of the online presence, the functions and content thereof.
- Replying to requests for contact and communication with users.
- Security measures.
- Audience reach measurement/marketing
Terms used
“Personal data” means any information relating to an identified or identifiable natural person (hereafter “data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and encompasses practically all handling of data.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Security measures
Pursuant to Art. 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes or processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisation measures to ensure a level of security appropriate to the risk.
Such measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data as well as access relating to the data, input, dissemination, ensuring availability and their segregation. Furthermore, we have put in place processes to ensure the exercise of data subjects’ rights, erasure of data and response to a data compromise. Moreover, we take personal data protection into account as early as the development/selection stage of hardware, software as well as processes, in accordance with the principle of data protection by design and by default (Art. 25 of the GDPR).
Rights of the data subjects
You have the right to obtain confirmation as to whether we process your personal data, the right to access to such data and the right to further information as well as a copy of the data in accordance with Art. 15 of the GDPR.
According to Art. 16 of the GDPR, you have the right to have any incomplete data concerning you completed and/or the rectification of inaccurate data concerning you.
According to Art. 17 of the GDPR, you have the right to obtain the erasure of data concerning you without delay or, alternatively, according to Art. 18 of the GDPR, the restriction of processing of data.
You have the right to receive the data concerning you, which you have provided to us, in accordance with Art. 20 of the GDPR and to transmit those data to another controller.
Furthermore, you have the right, according to Art. 77 of the GDPR, to lodge a complaint with a competent supervisory authority.
Right to object (opt out)
You may object at any time to the future processing of data concerning you in accordance with Art. 21 of the GDPR.
Cookies and right to opt out of direct marketing
“Cookies” are small files that are placed on a user’s computer. The cookie may contain various details. The primary purpose of a cookie is to save a user’s details (or the details of the device on which the cookie is placed) while or after visiting an online presence. Temporary cookies, that is, “session cookies” or “transient cookies” are cookies that are erased when the user leaves the online presence and closes the browser. Such cookies may contain the contents of a basket in an online shop or the user’s login details for example. “Permanent” or “persistent” cookies are cookies that remain stored even after the browser is closed. For example, the user’s login details can be retrieved when the user returns after a number of days. Such cookies may also contain the user’s interests, which are used for audience reach measurement or marketing purposes. A “third-party cookie” is a cookie set by a party other than the Controller who operates the online presence (otherwise they are called “first-party cookies”).
We may use temporary and permanent cookies and inform you about this in our Privacy Policy.
If users do not want cookies to be placed on their computer, they are prompted to change their browser settings accordingly. Stored cookies may be cleared in the browser settings. Disabling cookies may limit the functionality of this online presence.
You can opt out of the use of cookies for the purposes of online behavioural marketing by a number of businesses in general, especially in the case of tracking, on the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, you can disable cookies in your browser settings. Please note that if you do so you may not be able to use all the functions of this online presence.
Erasure of data
The data we process are erased, or their processing is restricted, pursuant to Art. 17 and 18 of the GDPR. Unless expressly stated in this Privacy Policy, the data stored by us are erased as soon as they are no longer required for their intended purpose and erasure does not conflict with statutory storage obligations. If the data are not erased because they are required for other, lawful purposes, their processing is restricted. That is, the data are blocked and not processed for other purposes. This applies, for example, to data that must be stored under commercial or tax law.
Making contact
When making contact with us (e.g. via the contact form, email, by phone or on social media) the user’s data are processed to deal with and process the contact request in accordance with Art. 6 (1) (b) of the GDPR.
Collection of access data and log files
We/our hosting provider collect data on every instance of access to the server on which this service is stored (server log files) on the basis of our legitimate interests within the meaning of Art. 6 (1) (f) of the GDPR. Access data include the name of the accessed website, file, the date and time of access, volume of data transferred, successful access message, browser type and version, user’s operating system, referrer URL (last page visited), IP address and the requesting provider.
Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for up to 7 days and then erased. Data whose continued retention is required for evidential purposes are excluded from erasure until final resolution of the incident in question.
Audience reach measurement with Matomo/Piwik
In the context of audience reach analysis from Matomo/Piwik, the following data are processed on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and commercial operation of our online presence within the meaning of Art. 6 (1) (f) of the GDPR): the browser type you use and the browser version, the operating system you are running, your country of origin, date and time of the server request, the number of visits, length of stay on the website as well as the external links you clicked. The user IP address is anonymised before it is stored.
Matomo uses cookies that are stored on the user’s computer and enable analysis of the use of our online presence by users. In the process, pseudonymous usage profiles on the users may be generated from the processed data. The cookies are stored for one week. The information about your use of this website that is generated by the cookie is only stored on our server and is not passed on to third parties.
Users can opt out of anonymised data collection by the Matomo programme at any time with future effect by clicking on the link below. In that event, an opt-out cookie will be placed in your browser. As a result, Matomo will no longer collect any session data. However, when users clear their cookies the opt-out cookie also gets deleted and therefore has to be set by users once again.
The logs containing the user data are erased after no more than 6 months.
Embedding third-party services and content
We use third-party content or services on our online presence on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and commercial operation of our online presence within the meaning of Art. 6 (1) (f) of the GDPR) in order to embed their content and services, such as videos or fonts (hereafter collectively referred to as “content”).
This is contingent upon the third-party providers of such content finding the user’s IP address, as without the IP address they would not be able to send the content to their browser. The IP address is therefore required to display such content. We endeavour only to use content the providers of which only use the IP address to deliver the content. Third-party providers may also use pixel tags (clear GIFs, also known as “web beacons”) for statistical or marketing purposes. Pixel tags enable information, such as visitor traffic on the pages of this website, to be evaluated. The pseudonymous information may also be stored in cookies on the user’s device and contain technical information on the browser and operating system, referrer URLs, time of visit as well as further details on the use of our online presence, amongst other things, and may also be collated with such information from other sources.
Google Fonts
We embed fonts (“Google Fonts”) provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-out: https://adssettings.google.com/authenticated.