Data Collection on Our Website
Privacy Policy
1. Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as this privacy policy. We adhere to the provisions of the European General Data Protection Regulation (EU GDPR) and the German Federal Data Protection Act (BDSG new).
The use of our website is generally possible without providing personal data. Insofar as personal data (e.g., name, address, email addresses via the contact form) is collected on our pages, this is always done on a voluntary basis. This data will not be passed on to third parties without your explicit consent.
For technical reasons, information may be processed on the server side and by scripts and plugins that can be associated with you, such as your IP address or information about the browser used (see below).
Please note that data transmission over the Internet (e.g., communication by email) may have security gaps. Complete protection of data against access by third parties is not possible.
2. Legal Basis for Data Processing
The processing of your personal data is based on the following legal grounds:
- Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
- Consent (Art. 6(1)(a) GDPR), in particular for the newsletter
- Legitimate interest (Art. 6(1)(f) GDPR), for example for security and technical optimization
- Legal obligations (Art. 6(1)(c) GDPR)
3. Cookies
Our website uses exclusively technically necessary cookies. Cookies are small text files that are stored on your device and are required for the operation and basic functionality of the website.
These technically necessary cookies serve in particular to ensure the security and stability of the website and to provide certain technical functions. Personal data is processed only to the extent technically required.
Consent is not required for these cookies, as they are essential for the operation of the website (Art. 6(1)(f) GDPR). No storage or evaluation of user data takes place via technically unnecessary cookies.
4. Provider and Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits. These include browser type, operating system, referrer URL, host name, and time of the server request. This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to subsequently review this data if we become aware of specific indications of unlawful use.
5. Contact Form
If you send us inquiries via the contact form, your details including the contact data you provide will be stored for the purpose of processing the inquiry. Data transmission takes place via an encrypted connection. Processing is based on your consent or for the performance of a contract or legitimate interest. Your data will be deleted once the purpose ceases to apply, provided that no statutory retention obligations exist.
6. Matomo (Local Installation)
This website uses a local version of the open-source web analytics service Matomo.
With the help of Matomo, we are able to collect and analyze data about the use of our website by website visitors. This allows us, among other things, to determine when which Gerweck GmbH Oberflächentechnik | 75015 Bretten-Gölshausen S e i t e 3 | 6 4 page views were made and from which region they originate. We also collect various log files (e.g., IP address, referrer, browser used, and operating system) and can measure whether our website visitors perform certain actions (e.g., clicks, purchases, etc.).
The use of this analytics tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both the web offering and advertising. If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as consent includes the storage of cookies or access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
IP Anonymization
When analyzing with Matomo, we use IP anonymization. Your IP address is shortened before analysis so that it can no longer be clearly assigned to you.
Cookie-Free Analysis
We have configured Matomo so that it does not store cookies in your browser.
Hosting
We host Matomo exclusively on our own servers so that all analytics data remains with us and is not passed on.
7. Google Maps
We use Google Maps for the convenient display of maps. Your IP address is transmitted to Google servers in the USA. You can block Google Maps by disabling JavaScript in your browser, but please note that this will limit the map display.
Google's privacy policy: https://policies.google.com/privacy?hl=en Google Maps is integrated only after your consent via our cookie manager in accordance with Art. 6(1)(a) GDPR. Google is certified under the EU-US Data Privacy Framework. Nevertheless, we point out that in the event of data transfer to the USA, a residual risk may remain.
8. Use of Google Web Fonts
Our website uses fonts that are stored locally on our own server. When accessing our website, no connection to servers of external providers is established. No personal data is transmitted to third parties in connection with the display of fonts.
9. SSL Encryption
To protect your data, SSL encryption is used on our website. You can recognize an encrypted connection by “https://” and the lock symbol in your browser’s address bar.
10. Newsletter
If you would like to subscribe to our newsletter, we require your email address and your explicit consent (double opt-in). We use your data exclusively for sending the newsletter and do not pass it on. You can revoke your consent at any time, e.g., via the “unsubscribe” link in the newsletter.
After unsubscribing, we delete your data from the newsletter distribution list but may store the email address in a blacklist to prevent future mailings (legitimate interest, Art. 6(1)(f) GDPR).
11. Further Tools and Plugins
Google reCAPTCHA: https://www.google.com/intl/en/policies/privacy/. To protect against automated requests, we use Google reCAPTCHA. Integration takes place only after your consent in accordance with Art. 6(1)(a) GDPR via our cookie management tool. Personal data (in particular IP address and usage data) may be transmitted to Google servers in the USA. Google is certified under the EU-US Data Privacy Framework. Nevertheless, we point out that in the event of data transfer to the USA, a residual risk may remain.
YouTube Videos: Embedded YouTube videos establish a connection to Google servers. YouTube videos are integrated in extended data protection mode and only after your consent in accordance with Art. 6(1)(a) GDPR. When playing a video, data may be transmitted to Google servers in the USA.
12. Technical and Organizational Measures (TOM)
We implement appropriate technical and organizational measures, such as SSL encryption, access controls, and firewalls, to protect your data against unauthorized access and loss.
13. Storage Duration
Personal data is stored only for as long as the purpose of processing exists or as required by statutory retention obligations. After the purpose ceases to apply, the data is deleted or anonymized.
14. Your Rights
You have the right to:
- Access to your processed data (Art. 15 GDPR)
- Rectification of inaccurate data (Art. 16 GDPR)
- Erasure (“right to be forgotten”) (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Withdrawal of granted consent at any time
- Objection to processing based on legitimate interests (Art. 21 GDPR)
To exercise your rights, please contact us or our data protection officer (see below). You also have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR (Art. 77 GDPR).
14a. Obligation to Provide Personal Data
The provision of personal data is partly required by law or contract (e.g., for contact inquiries or contract processing). Without this data, certain services or the processing of inquiries may not be possible. Automated decision-making or profiling does not take place.
15. Data Protection Officer and Supervisory Authority
Controller:
Gerweck GmbH Oberflächentechnik
Phone: +49 7252 963107-0
Email:
Data Protection Officer:
Email:
Supervisory Authority:
https://www.baden-wuerttemberg.datenschutz.de/