Data Protection

The Protection of Your Data Is Very Important to Us!

We attach great importance to the protection of your personal data when you use our website. Below you will find some information on the collection, processing and use of your personal data when you visit our web pages  and use the services offered.

1. Information on Personal Data

(1) Personal data are details that relate to an individual or can be used to identify an individual, such as the name, postal address, telephone number, email address, bank details, etc. The identity of a person may therefore be deduced from such personal data.

(2) Service providers pursuant to article 13 of the German Teleservices Act [Telemediengesetz (TMG)] and the body responsible for the protection of data pursuant to the German Federal Data Protection Act [Bundesdatenschutzgesetz (BDSG)] and the General Data Protection Regulation (GDPR) [Datenschutzgrundverordnung (DSGVO)] is: L. Possehl & Co. mit beschränkter Haftung, Beckergrube 38-52, 23552 Lübeck, Germany.

2. Rights of Data Subjects

You have the following rights with regard to our processing of your data:

(1) The right of information on our processing of your personal data pursuant to article 15 of the GDPR, namely on the purpose of such processing, the categories of data processed, the recipients or recipient categories of such data, the storage period or the criteria for determining such period, the right of rectification, deletion, restriction of or objection to such processing, the right of appeal to a supervisory body, and, if applicable, the right of information on the origin of such data and whether automated decision-making is used, and, if applicable, the right of information on guarantees pursuant to article  46 of the GDPR in the event that such data are  transmitted to a third country or to international organizations;

(2) the right to have inaccurate or incomplete personal data promptly rectified pursuant to article 16 of the GDPR;

(3) the right to have the personal data stored deleted pursuant to article 17 of the GDPR if such data are no longer necessary for the purposes they were collected or otherwise processed for, or if the consent given has been revoked and if there is no other legal basis for storing such data, or if an objection against such processing has been lodged so that such data may no longer be processed pursuant to article  21 sections 1 and 2 of the GDPR, or if such data have unlawfully been processed, or if the deletion of such data is necessary to comply with a legal obligation, or if such data have been collected with regard to the services offered by an information society pursuant to article 8 section 1 of the GDPR. This does not apply if such processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest, or to assert, exercise or defend legal claims;

(4) the right to restrict the processing of your data pursuant to article 18 of the GDPR if you dispute the accuracy of such data (namely for the period of time needed to verify their accuracy), or if such processing is unlawful and you refuse to have the data deleted and instead demand to restrict their use, or if we no longer need such data for processing purposes and you need the data to assert, exercise or defend legal claims, or if you object to such processing pursuant to article 18 section 1 of the GDPR for as long as it has not been established whether our legitimate reasons outweigh your legitimate reasons;

(5) the right to object to the processing of your personal data pursuant to article 21 section 2 of the GDPR (if such data are processed for the purpose of direct marketing), or pursuant to article 21 section 1 of the GDPR (if such processing is done pursuant to article 6 section 1 sentences 1 e) or f) of the GDPR for reasons arising from your particular situation, unless we have compelling grounds worthy of protection for such processing that outweigh your interests, or if such processing serves to assert, exercise or defend legal claims). For further information on the right of objection, please also refer to point 20. below;

(6) the right to have data transmitted pursuant to article 20 of the GDPR, i.e. to receive the personal data you have provided in a structured, common and machine-readable format, or to have such data transmitted to another competent person;

(7) the right to revoke the consent given at any time pursuant to article 7 section 3 of the GDPR. As a result of such revocation, we may no longer process your data from the date of such revocation onward. See also point 21. below;

(8) the right to appeal to a supervisory body pursuant to article 77 of the GDPR. Our competent supervisory body is stated in point 4. The right of appeal applies without prejudice to other remedies under administrative law or to judicial remedies.

(9) Please send all requests for information, inquiries or objections to the processing of your data by email to datenschutz@possehl.de or to the address stated in point 1. section 2. above.

3. Automated Decision-Making

Automated decision-making is not used.

4. Supervisory Body

The address of our competent supervisory body is as follows:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein, Holstenstraße 98, 24103 Kiel,
Phone: +49 431 988-1200, Fax: +49 431 988-1223
Email: mail@datenschutzzentrum.de
Website: www.datenschutzzentrum.de

5. Operation of and Access to Our Website

(1) Our hosting company provides the following hosting services: infrastructure and platform services, computing capacity, storage space and database services, security services, as well as the technical maintenance services needed for operating this website.

(2) To this effect, we and/or our hosting provider collect inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in the efficient and secure provision of this website pursuant to article  6 section 1 sentence 1 f) of the GDPR in conjunction with article 28 of the GDPR.

(3) We and/or our hosting company also collect and process the data accessed, including:

  • name and URL of the downloaded file;
  • date and time of download;
  • name of the requested file;
  • data volume transmitted;
  • notification of successful download (HTTP response code);
  • type and version of browser;
  • operating system;
  • referring URL (i.e. the webpage visited before);
  • websites visited by user’s system via our website;
  • user’s Internet service provider;
  • IP address and provider making the request.

(4) These protocol data are neither allocated to your person nor used for creating any other profile, but are instead used for statistical evaluations for the purpose of operating, ensuring the security of and optimizing our website, and are also used for anonymously recording the number of visitors to our website and for establishing the scope and type of use of our website and services, as well as for tracking the number of “clicks” received by our cooperating partners for billing purposes. This information enables us to provide personalized and site-specific content and analyze traffic, troubleshoot and correct errors, and improve our services.

The above are our legitimate interests pursuant to article 6 section 1 f  of the GDPR.

(5) We reserve the right to subsequently check all protocol data if there are concrete indications to justify the  suspicion of illegal use. IP addresses are stored in the log file for a limited period of time, in case this is necessary for security reasons, e.g. if you use one of our services. Once a process is aborted or the website is no longer used, the IP address is deleted if it is no longer required for security reasons. IP addresses are also stored if there are concrete suspicions that a criminal offense was committed while using our website.

6. Collection of Personal Data When Using Our Website for Information Purposes Only

When you use our website for information purposes only, i.e. if you do not log in to use our website, register or otherwise provide us with information, we do not collect any personal data, except for those mentioned in 5.3 above, which are transmitted by your browser to technically facilitate your visit to our website.

7. Cookies

(1) On our website, so-called session cookies are used to optimize our online service. Session cookies are small text files, which are sent by the respective server whenever you visit a website and are stored temporarily on your hard drive. These files contain a so-called session ID, which makes it possible to assign the various requests from your browser to a joint session. Your computer can thus be recognized when you return to our website. These cookies are deleted once you close your browser.

(2) We also use persistent cookies to a limited extent (they are also small text files, which are stored on your terminal) that remain on your terminal and enable us to recognize your browser the next time you visit our website. These cookies are stored on your hard drive and are automatically deleted after a certain time. Their lifespan is between 1 month and 10 years. This not only enables us to present our services to you in a more user-friendly, effective and secure manner, but also serves to provide information on our website that is specifically tailored to suit your interests.

(3) It is our legitimate interest to use cookies pursuant to article 6 section 1 sentence 1 f) of the GDPR, in order  to make our website more user-friendly, efficient and secure, and easier for you to use.

(4) The cookies are used to store the following data and information:

  • log-in information;
  • language settings;
  • search terms entered;
  • information on the number of visits to our website and the use of individual features of our website.

(5) When the cookie is activated, it is assigned an identification number, whereby your personal data is not attributed to this identification number. Your name, IP address or similar data enabling the cookie to be attributed to you will not be stored in the cookie. On the basis of such cookie technology, we therefore only get pseudonymized information, such as which pages you have visited.

(6) You can set your browser in such a way to be informed in advance if and when cookies are placed, so that you may decide on a case-by-case basis whether you wish to exclude the acceptance of cookies in certain cases or in general, or whether cookies should completely be blocked. You can delete cookies in the system settings of your browser. However, this may impair the functionality of our website.

8. Using the Features of Our Website

(1) In addition to the possibility to use our website for information purposes only, we offer various services that you may use. To this effect, you generally have to provide further personal data, which we use to provide the respective service. Any additional information provided on a voluntary basis is marked accordingly.

(2) When you contact the service provider by email or via the contact form, we will store your email address and, if you have provided such information, your name and telephone number in order to answer your questions.

9. Contact Form

(1) You may send us an encrypted email via the “contact” form on our website and inquire, for example, about our company, our products or our services.

In order to process your request, we will ask you to enter your personal data in our input mask. They include your  name, email address and other information, such as the subject of your request and your message. Besides the mandatory fields, you may also enter additional information. If you wish, you can also enter your address and/or phone number.

The information requested will enable us to provide a comprehensive response to your request. The provision of such data is expressly given on a voluntary basis.

(2) The personal data provided by you, as well as the time of your contact, will exclusively be used for the purpose you intended when contacting us – in particular for responding to your inquiry. The information provided will solely be used for processing your request. Such data will not be used for any other purpose or passed on to third parties without your express consent. This does not apply to affiliated companies and partner companies of L. Possehl & Co. mit beschränkter Haftung, in case they have to be involved so we may comply with your request. If there are no legal retention requirements, your personal data will be deleted once your request has been processed.

Article 6 section 1 sentence 1 f) of the GDPR form the legal basis for data processing. It is our legitimate interest to request your data in order to process and/or respond to your message.

10. Data Protection for Job Applications and Recruitment

Possehl & Co. mbH is the body responsible for collecting and processing the personal data of applicants for recruitment purposes. Such processing can be done by post or in electronic form. Electronic processing does in particular apply if a candidate has submitted his/her application documents by email or via a form on our website to the person in charge of recruitment. If this person concludes an employment contract with a candidate, the data transmitted will be stored for processing the employment data in compliance with statutory provisions. In the event that the person in charge of recruitment does not conclude an employment contract with a candidate, his/her application documents will automatically be deleted after six months from the date of the rejection letter, unless such deletion conflicts with any other legitimate interest of the person in charge of recruitment (article 6 section 1 b of the GDPR). Other legitimate interests in this respect include, for example, the duty to provide procedural evidence pursuant to the German General Equal Treatment Act [Allgemeines Gleichbehandlungsgesetz (AGG)].

11. (Monotype) Web Fonts

(1) On our website, we use the licensed web fonts for the uniform display of fonts provided by Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA, Fonts.com.

The licensed web fonts are hosted on our server and/or on the server of our hosting company. As stated in the End User License Agreement, our website must contain a tracking script that counts and stores all page views (web font usage). This tracking script must not be removed.

(2) In order to use the Fonts.com (Monotype) web fonts, it is necessary to store your IP address. This information is generally transmitted to a Monotype server in the US and stored there. The provider of this website has no control of the transfer of such data.

Fonts.com (Monotype) is used for the purpose of presenting an appealing website. This constitutes a legitimate interest within the meaning of article 6 section 1 f of the GDPR.

(3) For more information on the handling of user data, please refer to the privacy policy of Monotype: https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/. To generally prevent Java Script Code from running on Fonts.com, you can install a Java Script Blocker (e.g. https://noscript.net/ or https://www.ghostery.com/).

12. Google Maps

“Google Maps” provided Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA is integrated into our website. The data processed may in particular include the IP addresses and locations of users, which are, however, not collected without their consent (normally via the settings of their mobile devices). Such data may be processed in the US. Google’s privacy policy is available at https://www.google.com/policies/privacy/, and you may opt out at https://adssettings.google.com/authenticated.

13. Liability for Content

The content of our website has been compiled with utmost care. However, we cannot guarantee that it is correct, complete and topical. As a service provider, we are responsible for our own content in accordance with the general provisions of the law pursuant to article 7 section 1 of the German Teleservices Act.  Pursuant to articles 8 to 10 of the German Teleservices Act, as a service provider we are, however, not obliged to monitor information transmitted to or stored by third parties, or to investigate circumstances that indicate an illegal activity. This does not have a bearing on the obligations to remove or block the use of information in accordance with the general provisions of the law. However, any liability in this respect can only be assumed if and when we become aware of a concrete violation of the law.  As soon as we become aware of any infringement, we will immediately delete the content concerned.

14. Liability for Links

Our website may contain links to external third-party websites, the content of which we cannot control. We can therefore not assume any liability for such external content. The respective provider or operator of any website that we may provide a link to is always responsible for its content. The linked pages were checked for any violation of the law at the time the respective link was provided. No illegal content was found at that time. However, in the absence of any concrete evidence of an infringement, it is not reasonable to permanently monitor the content of any website that a link is provided to. As soon as we become aware of an infringement, we will immediately delete any such link.

15. Data Security

(1) We secure our website and other systems by taking appropriate technical and organizational measures against loss, destruction, access, or the alteration or distribution of your data by unauthorized persons. However, despite regular checks, it is not possible to provide total protection against all threats.

(2) On our website, we use the SSL (Secure Sockets Layer) industry standard for encryption, thereby ensuring the confidentiality of the personal information provided by you via the Internet. The turn or lock symbols in the display of your browser indicate whether the transmission of data is encrypted.

16. Disclosure of Data

Your personal data will only disclosed to third parties if

  • you have given your explicit consent pursuant to article 6 section 1 sentence 1 a) of the GDPR;
  • such disclosure is required in order to comply with contractual obligations pursuant to article 6 section 1 sentence 1 b) of the GDPR;
  • we are obliged by law to pass on such data within the meaning of article 6 section 1 sentence 1 c) of the GDPR;
  • the disclosure of data is in the public interest within the meaning of article 6 section 1 e) of the GDPR; or
  • the disclosure of data pursuant to article 6 section 1 sentence 1 f) of the GDPR is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests in the protection of your data outweigh ours or those of a third party.

17. Data Categories

We process the following data categories: master data (e.g. company, contact person if applicable, address), communication data, contract data, receivables data, payment and default information if applicable. See the information above.

18. Third-Party Beneficiaries

In order to process your requests in a satisfactory manner, we may have to pass on your personal data to third parties. Such third parties may be companies of the Possehl Group and our business partners.

19. Storage Period of Personal Data

We will store your data for as long as they are required for the respective processing purpose concerned. Moreover, we only store data to the extent that we are obliged to by law, e.g. due to legal retention requirements.

20. Information on the Right to Object – Part One

Pursuant to article 21 of the GDPR, an objection to the processing of your personal data can be lodged at any time in accordance with article 6 section 1 e) (data processing in the public interest) or f) (data processing to safeguard legitimate interests by weighing the interests of the parties concerned). If an objection is lodged, the personal data concerned will no longer be processed, unless compelling grounds worthy of protection for such processing are proven, which outweigh the interests, rights and freedoms of the data subject, or if such processing serves to assert, exercise or defend legal claims.

Please send your objection by email to datenschutz@possehl.de.

21. Information on the Right to Object – Part Two

In case you have consented to the processing of your personal data, you may revoke your consent at any time. This does, of course, also apply if you gave your consent prior to May 25, 2018 (when the GDPR came into force). Such revocation does only take effect after it has been lodged. The lawful processing of your personal data cannot retroactively be objected to.

Please send your objection by email to datenschutz@possehl.de.

22. Validity

This Privacy Policy is dated November 27, 2018. It is the current and prevailing version of our Privacy Policy.

However, we would like to point out that it may be necessary to revise this Privacy Policy from time to time due to actual changes or changes in the law.

23. Privacy Officer

If you have any questions regarding privacy, feel free to contact our privacy officer at

Vater Solution GmbH
Frau Manja Saß
Liebigstr. 26
24145 Kiel

Germany

or by email to datenschutz@possehl.de.