Privacy Policy

We take the protection of your personal data when collecting, processing and using it very seriously when you visit our website and we want you to know when we collect which data and how we use it. We have taken the technical and organizational measures to ensure that the data protection rules of both us and any service providers are respected.

This Privacy Policy clarifies the nature, scope and purpose of the processing of personal data (hereinafter referred to as „Data“) within our website and the websites, features and content associated with it, as well as our external online presence, such as ours. our social media profiles (hereafter referred to as „online offer“).

Responsibility

Responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 GDPR

Kurotec-KTS Kunststofftechnik Stade GmbH
At the Bullenhof 25
21680 Stade
Tel .: +49 (0) 4141 9995-0
E-Mail: info@kurotec-kts.de

Name and address of the data privacy person:

Lawyer
Michael H. Heng
c / o PJM + Partner
Rathausstr. 13
20095 Hamburg
E-Mail: heng@pjm-partner.eu

Any data subject can contact our data protection officer at any time for any questions and suggestions on data protection.

Types of processed data

• Inventory data (for example, your name, address)
• contact information (e.g., your e-mail address, telephone number)
• Content data (such as your text inputs on our page, photographs, videos you upload)
• Usage data (for example, the subpages you visit, access times)
• Meta / communication data (e.g., device information, IP addresses)

Categories of affected persons

Visitors and users of the online offer (hereinafter referred to as „users“), customers, prospects, business partners.

Purpose of processing

• Providing the online offer, its features and content
• Answering contact requests and communicating with users
• Safety measures
• Audience measurement / Marketing

Used terms

• „personal data“ means any information relating to an identified or identifiable natural person (hereinafter the „data subject“); as an identifiable natural person is considered, the direct or indirect, in particular by assignment to an identifier such as a name, to a identification number, to location data, to an online identifier (eg cookie) or to one o of several special features can be identified that express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person (Article 4 (1) GDPR).

• „Processing“ means any process or series of operations related to personal data, whether collected, collected, organized, organized, stored, adapted or modified, with or without the aid of automated procedures Reading out, querying, using, disclosing through transmission, dissemination or any other form of provision, reconciliation or linking, restriction, erasure or destruction (Article 4 (2) GDPR).

• „profiling“ means any kind of automated processing of personal data that involves the use of such personal data to evaluate certain personal aspects pertaining to a natural person, in particular aspects of work performance, analyze or predict the economic situation, health, personal preferences, interests, reliability, behavior, place of residence or change of location of that natural person (Article 4 (4) GDPR).

• „Pseudonymisation“ means the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures that ensure: that the personal data are not assigned to an identified or identifiable natural person (Article 4 (5) GDPR).

• „Responsible person“ means the natural or legal person, public authority, body or other body that alone or jointly with others decides on the purposes and means of processing personal data (Art. 4 (7) GDPR).

• „processor“ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller (Article 4 (8) GDPR).


Relevant legal base

Art. 13 GDPR stipulates that we inform you of the legal basis of our data processing. Unless the legal basis is explicitly stated in the following privacy policy, the following applies:

• The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR.
• The legal basis for the processing for the fulfillment of our services and the performance of contractual measures as well as the response to inquiries is Art. 6 para. 1 lit. b GDPR.
• The legal basis for processing in order to fulfill our legal obligations is Article 6 (1) lit. c GDPR.
• The legal basis for processing in order to safeguard our legitimate interests is Article 6 (1) lit. f GDPR.
• The legal basis for the event that vital interests of the data subject or another natural person require the processing of personal data is Article 6 (1) lit. d GDPR.

Safety measures

To safeguard your data, we maintain technical and organizational security measures in accordance with Art. 32 GDPR, which we always adapt to state-of-the-art technology. In particular, measures include ensuring the confidentiality, integrity and availability of data by controlling physical access to the data.
We have set up procedures to ensure the enjoyment of data subject rights, data erasure and data vulnerability.
Furthermore, we take into account the protection of personal data through technology design (privacy by design) and privacy-friendly default settings, Art. 25 GDPR.
Your personal data will be transmitted encrypted with us. This applies to the entire communication conducted via our website. We use the coding system SSL (Secure Socket Layer). Please note, however, that data transmission on the Internet is e.g. in communication via email may have security holes.

Collaboration with processors and third parties

If, as part of our processing, we disclose, transmit to, or otherwise grant access to the data to processors or third parties, we do so solely on the basis of a legal license, e.g. if you have consented, Art. 6 para. 1 lit. a GDPR, the transfer to third parties acc. Art. 6 para. 1 lit. b GDPR is required to fulfill the contract, a legal obligation provides for this, Art. 6 para. 1 lit. c GDPR, or based on our legitimate interests, Art. 6 para. 1 lit. f GDPR.

In the case of processors, the transfer takes place on the basis of the order processing contract concluded with the contract processor in accordance with Art. 28 GDPR.

Transmission to third countries

Transfer of data to a third country, e.g. If third-party services are used, this will only take place if it is to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our justified interests in accordance with the aforementioned legal basis. Subject to other legal or contractual permissions, we process or leave the data in a third country only if the special conditions of Art. 44 et seq. GDPR are fulfilled (eg on the basis of special guarantees, such as the officially recognized level of data protection in the EU ( For example, for the US through the „Privacy Shield“ o o the observance of officially recognized special contractual obligations (so-called „standard contractual clauses“).

Rights of data subjects

• Right to confirmation and information: You have the right under Art. 15 GDPR to obtain confirmation from us as to whether personal data relating to you are being processed. If this is the case, you have the right to demand that you provide us with an in-depth information about the personal data you have stored together with a copy of this data.
• Right to correction: According to Art. 16 GDPR you have the right to demand the correction of incorrect personal data concerning you. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data.
• Right to cancellation: According to Art. 17 GDPR you have the right to demand that your personal data be deleted immediately
• Right to restriction of processing: Under the conditions of Art. 18 GDPR, you have the right to demand a restriction on the processing of personal data.
• Right to Data Portability: Under Article 20 of the GDPR, you have the right to demand that the personal data that you provide us with be provided to us in a structured, common and machine-readable format and transmitted to you to demand other responsible persons, as far as this is technically feasible.
• Right of Withdrawal: According to Art. 7 (3) GDPR, you have the right to request consent to the processing of personal data at any time with effect for the future.
• Right to object: in accordance with Art. 21 GDPR, you have the right at any time, for reasons arising from your particular situation, to prevent the processing of personal data relating to you which, on the basis of Art. 6 (1) lit. e or f GDPR takes an objection.

The aforementioned rights you can at any time to the o.a. Responsible or the o.a. Data Protection Officer.

• Right to complain to a supervisory authority: According to Art. 77 GDPR, they have the right to lodge a complaint with the competent supervisory authority.

Deletion of data

Unless otherwise expressly stated, the data stored with us in accordance with. Art. 17 GDPR are deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with statutory retention requirements.

If the data are not deleted because they are required for other and legally permissible purposes, their processing is restricted in accordance with Art. 18 GDPR, i. The data is blocked and not processed for other purposes. This applies, for example for data that must be kept for commercial or tax reasons. According to legal requirements in Germany, the storage takes place especially for 10 years according to §§ 147 Abs. 1 Nr. 1, 4 and 4a, Abs. 3 AO, 257 Abs. 1 Nr. 1 and 4, Abs. 4 HGB (Bücher, Records, management reports, accounting documents, trading books, documents relevant for taxation, etc.) and 6 years pursuant to §§ 147 (1) nos. 2, 3 and 5, para. 3 AO, 257 (1) No. 2 and 3, para. 4 HGB (commercial letters).

Operation of the website and access to the website

The hosting services we use with our hosting provider are to provide the following services: infrastructure and platform services, computing capacity, storage and database services, collateral and technical maintenance services we use to operate the site ,

Here we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer acc , Art. 6 para. 1 p. 1 f) GDPR i.V.m. Art. 28 GDPR.

We, or our hosting provider, also process access data. These includes:

• Name and URL of the retrieved file
• Date and time of retrieval
• transferred amount of data
• message about successful retrieval (HTTP response code)
• Browser type and browser version
• Operating system
• Referer URL (i.e. the previously visited page)
• Websites accessed by the user’s system through our website
• Internet service provider of the user
• IP address and the requesting provider

We use this log data without assignment to you or other profiling for statistical evaluations for the purpose of operation, security and optimization of our online offer, but also for the anonymous recording of the number of visitors to our website and the scope and nature the use of our website and services, as well as for billing purposes, to measure the number of „clicks“ received from cooperation partners. With this information, we can provide personalized and location-based content, analyze traffic, troubleshoot and improve our services.

This also includes our legitimate interest in accordance with Art. 6 (1) lit. f GDPR.

We reserve the right to check the log data retrospectively if there is a reasonable suspicion of unlawful use due to concrete evidence. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes or for the provision of services or the billing of a service, eg. Eg if you use one of our offers. After termination of the order process or after receipt of payment, we will delete the IP address if this is no longer required for security purposes. We store IP addresses even if we have a specific suspicion of a crime in connection with the use of our website.

Contact

When contacting us (for example, by e-mail, telephone or via social media), the information provided by the user to process the contact request and its processing acc. Art. 6 para. 1 lit. b) GDPR processed. In answering your request, our legitimate interest lies in the processing of your transmitted data in accordance with Art. 6 (1) lit. f) GDPR.

We delete the requests, if they are no longer required. We check the requirement regularly, at the latest every two years. Furthermore, the statutory archiving obligations apply.

Cookies

We use so-called session cookies on our website to optimize our online offer. A session cookie is a small text file that is sent by the respective servers when visiting a website and stored on your hard disk. As such, this file contains a so-called session ID, with which various requests from your browser can be assigned to the shared session. This will allow your computer to be recognized when you return to our website. These cookies are deleted after you close your browser. They serve z. For example, you can use the goods basket function across multiple pages.

We also use a small amount of persistent cookies (also small text files stored on your device) that remain on your device and allow us to recognize your browser the next time you visit it. These cookies are stored on your hard drive and delete themselves after the specified time. Their lifespan is 1 month to 10 years. In this way, we can present our offer in a more user-friendly, effective and secure manner and, for example, show you information tailored to your interests on the page.

Our legitimate interest in the use of cookies in accordance with Article 6 paragraph 1 p. 1 f) of the GDPR is to make our website more user-friendly, more effective and safer and easier to use for you.

The cookies store about the following data and information:

• log-in information
• Language settings
• entered search terms
• Information about the number of visits to our website and use of individual functions of our website.

If the cookie is activated, it will be assigned an identification number and no assignment of your personal data to this identification number will be made. Your name, IP address or similar data that would allow the cookie to be associated with you will not be included in the cookie. Based on the cookie technology, we only receive pseudonymised information, for example, which pages were visited.

You can set your browser so that you are informed in advance about the setting of cookies and can decide on a case-by-case basis whether you exclude the acceptance of cookies for specific cases or in general, or that cookies are completely prevented. Saved cookies can be deleted in the system settings of the browser. This may limit the functionality of the website.

Google Maps

We include maps from the Google Maps service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, users‘ IP addresses and location data, which, however, are not collected without their consent (as a rule within the framework of their mobile terminal settings). The data can be processed in the USA. Google’s privacy policy can be found at https://www.google.com/policies/privacy/, and any opt out can be found here: https://adssettings.google.com/authenticated.

Jetpack (WordPress Stats)

Based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) lit. GDPR) we use the plugin Jetpack (here the subfunction „WordPress Stats“), which includes Includes Visitor Access Statistical Evaluation Tool, which originated from Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. Jetpack uses so-called „cookies“, text files that are stored on your computer and that allow an analysis of the use of the website by you.

The information generated by the cookie about your use of this online offer is stored on a server in the USA. User profiles can be created from the processed data, which are used only for analysis and not for advertising purposes. For more information, please see Automattic’s privacy statements: https://automattic.com/privacy/ and Jetpack Cookies: https://jetpack.com/support/cookies/.

Change of this privacy policy

We revise this Privacy Policy for changes to our website or other occasions that may require it. The current version is always available on our website.

Status of the Privacy Policy: May 25, 2018.