INDUSOL24.de

 

Introduction

​

With the following data protection declaration, we would like to explain to you which types of your personal data (hereinafter also referred to as "data") we process for which purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both as part of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offer"). ). ​

 

The terms used are not gender specific.

Stand: 24. Januar 2020

 

Table of Contents

​​

• Introduction Responsible

• Overview of processing

• Relevant legal bases

• Safety measures

• Transfer and Disclosure of Personal Data

• Use of cookies

• Commercial and Business Services

• Provision of the online offer and web hosting

• Web Analysis and Optimization

• Plugins and embedded functions and content

• Planning, organization and support tools deletion of data

• Change and update of the privacy policy

• Rights of data subjects

• definitions of terms

 

​

Responsible

Name: Klaus Göhlert

Street: Lünerner Dorfstraße 26
City: 59427 Unna

​

Authorized persons: Klaus Göhlert

​

email-Adress: info@indusol-dachlack.de

fon: +49 2303 40659

​

Impressum: https://indusol24.de/impressum

 

Overview of Data Processing

The following overview summarizes the types of data processed and the purposes of their processing, referring to the individuals affected.

Types of Processed Data

• Master Data (e.g., names, addresses).

• Content Data (e.g., text inputs, photographs, videos).

• Contact Data (e.g., email addresses, phone numbers).

• Meta/Communication Data (e.g., device information, IP addresses).

• Usage Data (e.g., visited websites, interest in content, access times).

• Contract Data (e.g., contract subject, duration, customer category).

• Payment Data (e.g., bank details, invoices, payment history).

Categories of Affected Individuals

• Business and Contractual Partners.

• Prospects.

• Communication Partners.

• Users (e.g., website visitors, users of online services).

Purposes of Processing

• Provision of our online offering and user-friendliness.

• Analysis of user actions on websites.

• Office and organizational procedures.

• Contact inquiries and communication.

• Profiling (creation of user profiles).

• Reach measurement (e.g., access statistics, identification of recurring visitors).

• Tracking (e.g., interest/behavior-based profiling, use of cookies).

• Contractual services and support.

• Management and response to inquiries.

Significant Legal Bases

The legal bases of the General Data Protection Regulation (GDPR) on which we process personal data are outlined below. Please note that, in addition to the GDPR regulations, national data protection regulations in your or our country of residence may also apply.

• Consent (Article 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for a specific purpose or purposes.

• Contractual Performance and Pre-contractual Inquiries (Article 6(1)(b) GDPR) – Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.

• Legal Obligation (Article 6(1)(c) GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.

• Legitimate Interests (Article 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require protection.

National Data Protection Regulations in Germany: In addition to the GDPR regulations, there are national regulations on data protection in Germany. These include the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), which contains specific provisions on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission and automated decision-making, including profiling. The BDSG also regulates data processing for employment purposes (Section 26 BDSG), particularly with regard to the establishment, implementation, or termination of employment relationships and the consent of employees. Additionally, state data protection laws in individual federal states may apply.

Security Measures

In accordance with legal requirements and considering the state of the art, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

These measures include, in particular, safeguarding the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data as well as access, input, transmission, availability, and separation of the data. Furthermore, we have established procedures to ensure the exercise of data subject rights, data deletion, and responses to data breaches. We also consider data protection when developing or selecting hardware, software, and procedures, following the principle of data protection by design and default privacy settings.

​

Transmission and Disclosure of Personal Data

In the course of processing personal data, it may happen that the data is transmitted to other entities, companies, legally independent organizational units, or individuals, or disclosed to them. Recipients of this data may include payment institutions in the context of payment transactions, service providers commissioned with IT tasks, or providers of services and content that are integrated into a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements with recipients of your data to protect your data.

Use of Cookies

Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user's computer. A cookie primarily serves to store information about a user during or after their visit within an online offering. Stored information may include, for example, language settings on a website, login status, a shopping cart, or the point at which a video was viewed. The term "cookies" also includes other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also known as "user IDs").

The following types of cookies and functions are distinguished:

Temporary Cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offering and closed their browser.

Persistent Cookies: Persistent cookies remain stored even after the browser is closed. For example, login status can be saved, or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users, which are used for reach measurement or marketing purposes, can be stored in such a cookie.

First-Party Cookies: First-party cookies are set by us ourselves.

Third-Party Cookies: Third-party cookies are primarily used by advertisers (so-called third parties) to process user information.

Necessary Cookies: Cookies can be absolutely necessary for the operation of a website (e.g., to store logins or other user inputs or for security reasons).

Statistics, Marketing, and Personalization Cookies: In most cases, cookies are also used in the context of reach measurement and when user profiles are stored based on the interests or behavior of users (e.g., viewing specific content, using features, etc.) on individual websites. Such profiles are used to show users content that matches their potential interests. This process is also known as "tracking," which involves tracking users' potential interests. If we use cookies or tracking technologies, we will inform you separately in our privacy policy or as part of obtaining consent.

Notes on Legal Bases: The legal basis on which we process your personal data using cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is your declared consent. Otherwise, the data processed using cookies will be processed based on our legitimate interests (e.g., in efficient and economical operation of our online offering and its improvement) or, if the use of cookies is necessary to fulfill our contractual obligations.

General Information on Withdrawal and Objection (Opt-Out): Depending on whether processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data using cookie technologies (collectively referred to as "opt-out"). You can initially declare your objection using the settings of your browser, for example, by deactivating the use of cookies (which may also restrict the functionality of our online offering). An objection to the use of cookies for online marketing purposes can also be declared through a variety of services, especially in the case of tracking, via the websites http://optout.aboutads.info and http://www.youronlinechoices.com/. In addition, you can receive further objection notices in the context of information about the service providers and cookies used.

Processing of Cookie Data Based on Consent: Before we process or have third parties process data using cookies, we ask users for revocable consent. Before consent has been given, only cookies that are necessary for the operation of our online offering are used. Their use is based on our interest and the users' interest in the expected functionality of our online offering.

Processed Data Types: Usage data (e.g., visited websites, interest in content, access times), meta/communication data (e.g., device information, IP addresses).

Affected Persons: Users (e.g., website visitors, users of online services).

Legal Bases: Consent (Article 6(1)(a) GDPR), Legitimate interests (Article 6(1)(f) GDPR).

 

Commercial and Business Services

We process data of our contractual and business partners, such as customers and prospects (collectively referred to as "contractual partners"), within the scope of contractual and similar legal relationships, as well as related measures and in the context of communication with contractual partners (or pre-contractually), for example, to respond to inquiries.

We process this data to fulfill our contractual obligations, to secure our rights, and for the purposes of associated administrative tasks and business organization. We only disclose the data of contractual partners to third parties to the extent required for the aforementioned purposes or to fulfill legal obligations, or with the consent of the contractual partners (e.g., to telecommunications, transport, and other auxiliary services, as well as subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). Contractual partners will be informed about other processing activities, such as for marketing purposes, within the scope of this privacy policy.

We communicate to contractual partners which data is necessary for the aforementioned purposes either before or during data collection, for example, in online forms, through special identification (e.g., colors) or symbols (e.g., asterisks), or personally.

We delete the data after the expiry of legal warranty and comparable obligations, i.e., generally after 4 years, unless the data is stored in a customer account, for example, as long as it must be kept for archiving purposes due to legal requirements (usually 10 years for tax purposes). Data disclosed to us as part of an order by a contractual partner will be deleted in accordance with the instructions of the order, generally after the end of the order.

Regarding the use of third-party providers or platforms to provide our services, the terms and conditions and privacy policies of the respective third-party providers or platforms apply to the relationship between users and providers.

Publishing Activities: We process data of our contact partners, interview partners, and other individuals who are subjects of our publishing, editorial, journalistic, and related activities. In this context, we refer to the application of protective provisions of freedom of expression and press freedom under Art. 85 GDPR in conjunction with the respective national laws. The processing serves the fulfillment of our editorial tasks and, moreover, takes place primarily based on the public's interest in information and media offerings.

Processed Data Types: Master data (e.g. names, addresses), payment data (e.g. bank details, invoices, payment history), contact data (e.g. email, phone numbers), contract data (e.g. subject of contract, term, customer category).

Affected Persons: Prospects, business and contractual partners.

Purposes of Processing: Contractual services and support, contact requests and communication, office and organizational procedures, administration and response to inquiries.

Legal Bases: Contractual performance and pre-contractual inquiries (Article 6(1)(b) GDPR), Legal obligation (Article 6(1)(c) GDPR), Legitimate interests (Article 6(1)(f) GDPR).

Provision of the Online Offering and Web Hosting

In order to securely and efficiently provide our online offering, we use the services of one or more web hosting providers, from whose servers (or servers managed by them) the online offering can be accessed. For these purposes, we can use infrastructure and platform services, computing capacity, storage space, and database services, as well as security services and technical maintenance services.

The data processed as part of the provision of the hosting service may include all information concerning the users of our online offering that arises in the course of use and communication. This regularly includes the IP address, which is necessary to deliver the contents of online offerings to browsers, and all inputs made within our online offering or on websites.

Email Sending and Hosting: The web hosting services we use also include sending, receiving, and storing emails. For these purposes, the addresses of the recipients and senders, as well as further information concerning email dispatch (e.g. the involved providers) and the contents of the respective emails are processed. The aforementioned data can also be processed for the purposes of identifying SPAM. Please note that emails sent over the internet are generally not encrypted. In most cases, emails are encrypted during transport, but (unless an end-to-end encryption method is used) not on the servers from which they are sent and received. Therefore, we cannot assume any responsibility for the transmission path of emails between the sender and the receiver on our server.

Collection of Access Data and Log Files: We (or our web hosting provider) collect data about every access to the server (so-called server log files). Server log files may include the address and name of the accessed websites and files, date and time of access, transferred data volumes, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), and, as a rule, IP addresses, and the requesting provider.

Server log files can be used for security purposes, for example, to avoid server overloads (especially in case of abusive attacks, so-called DDoS attacks), and, on the other hand, to ensure the utilization and stability of the servers.

Processed Data Types: Content data (e.g. text inputs, photographs, videos), usage data (e.g. visited websites, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Affected Persons: Users (e.g. website visitors, users of online services).

Purposes of Processing: Contractual services and support.

Legal Bases: Legitimate interests (Article 6(1)(f) GDPR).

 

​

Web Analytics and Optimization

Web analytics (also referred to as "reach measurement") involves evaluating the flow of visitors to our online offering and may include pseudonymous values of behavior, interests, or demographic information about visitors, such as age or gender. Through reach analysis, we can identify, for example, the times when our online offering or its functions or content are most frequently used or encourage reuse. Similarly, we can understand which areas need optimization.

In addition to web analytics, we may also use test procedures to test and optimize different versions of our online offering or its components.

For these purposes, so-called user profiles can be created and stored in a file (called a "cookie") or similar methods with the same purpose may be used. This information may include viewed content, visited websites, elements used there, and technical information such as the browser used, the computer system used, and usage times. If users have consented to the collection of their location data, these can also be processed depending on the provider.

IP addresses of users are also stored. However, we use an IP masking procedure (i.e., pseudonymization by shortening the IP address) to protect users. In general, clear user data (such as email addresses or names) is not stored as part of web analytics, A/B testing, and optimization. Instead, pseudonyms are used. This means that both we and the providers of the software used do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.

Regarding Legal Bases: If we ask users for their consent for the use of third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economical, and user-friendly services). In this context, we would like to draw your attention to the information on the use of cookies in this privacy policy.

Processed Data Types: Usage data (e.g. visited websites, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Affected Persons: Users (e.g. website visitors, users of online services).

Purposes of Processing: Reach measurement (e.g. access statistics, recognition of recurring visitors), tracking (e.g. interest/behavior-based profiling, use of cookies), conversion tracking, profiling (creation of user profiles).

Security Measures: IP masking (pseudonymization of IP address).

Legal Bases: Consent (Article 6(1)(a) GDPR), Legitimate Interests (Article 6(1)(f) GDPR).

Plugins and Embedded Features, as well as Content

We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These could include graphics, videos, social media buttons, as well as posts (hereinafter collectively referred to as "content").

Integration always requires that the third-party providers of this content process users' IP addresses, as they could not send the content to their browsers without the IP address. The IP address is thus necessary for the display of this content or functions. We make efforts to only use content from providers that solely use IP addresses for content delivery. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. "Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the users' device and may include technical information about the browser and operating system, referring websites, visit time, as well as additional information regarding the use of our online offering and may also be linked with such information from other sources.

Regarding Legal Bases: If we ask users for their consent for the use of third-party providers, the legal basis for data processing is consent. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economical, and user-friendly services). In this context, we would like to draw your attention to the information on the use of cookies in this privacy policy.

Processed Data Types: Usage data (e.g. visited websites, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Affected Persons: Users (e.g. website visitors, users of online services).

Purposes of Processing: Provision of our online offering and user-friendliness, Contractual services and support.

Legal Bases: Legitimate Interests (Article 6(1)(f) GDPR).

Services and Service Providers Used:

Typekit Fonts from Adobe: We integrate the fonts ("Typekit fonts") of the provider Adobe, where user data is used solely for the purpose of displaying fonts in users' browsers. Integration is based on our legitimate interests in a technically secure, maintenance-free, and efficient use of fonts, their uniform representation, and considering potential license restrictions for their integration. Service provider: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland; Website: https://www.adobe.com/de; Privacy Policy: https://www.adobe.com/de/privacy.html; Privacy Shield (Ensuring level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active

Google Fonts: We integrate the fonts ("Google Fonts") of the provider Google, where user data is used solely for the purpose of displaying fonts in users' browsers. Integration is based on our legitimate interests in a technically secure, maintenance-free, and efficient use of fonts, their uniform representation, and considering potential license restrictions for their integration. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://fonts.google.com/; Privacy Policy: https://policies.google.com/privacy; Privacy Shield (Ensuring level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

 

Planning, Organization, and Tools

We utilize services, platforms, and software provided by other providers (hereinafter referred to as "third-party providers") for the purpose of organization, administration, planning, and delivery of our services. When selecting third-party providers and their services, we adhere to legal requirements.

Within this context, personal data may be processed and stored on the servers of third-party providers. This could include various data that we process in accordance with this privacy policy. Such data may encompass master data, contact details of users, data relating to processes, contracts, other procedures, and their contents.

In cases where users are referred to third-party providers, their software, or platforms as part of communication, business relationships, or other interactions with us, these third-party providers may process usage data and metadata for security purposes, service optimization, or marketing purposes. Therefore, we ask you to take note of the privacy notices provided by the respective third-party providers.

Regarding Legal Bases: If we ask users for their consent for the use of third-party providers, the legal basis for data processing is consent. Additionally, their use might be part of our (pre)contractual services if the use of third-party providers has been agreed within this context. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economical, and user-friendly services). In this context, we would like to draw your attention to the information on the use of cookies in this privacy policy.

Processed Data Types: Master data (e.g. names, addresses), contact details (e.g. email, phone numbers), content data (e.g. text inputs, photographs, videos), usage data (e.g. visited websites, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Affected Persons: Communication partners, users (e.g. website visitors, users of online services).

Legal Bases: Consent (Article 6(1)(a) GDPR), Contract Performance and Pre-Contractual Inquiries (Article 6(1)(b) GDPR), Legitimate Interests (Article 6(1)(f) GDPR).

Data Deletion

The data processed by us will be deleted or its processing restricted in accordance with legal requirements as soon as the consents that allow processing are revoked or other permissions cease to apply (e.g. when the purpose of processing these data no longer applies or they are not necessary for the purpose anymore).

If the data is not deleted because it is necessary for other and legally permissible purposes, its processing will be limited. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons or whose storage is necessary for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person.

Further information about the deletion of personal data can also be found in the respective privacy notices within this privacy policy.

Changes and Updates to the Privacy Policy

We kindly ask you to regularly inform yourself about the content of our privacy policy. We adapt the privacy policy as changes in our data processing practices require. We will inform you as soon as these changes necessitate your cooperation (e.g. consent) or any other individual notification.

If we provide addresses and contact information of companies and organizations in this privacy policy, please note that addresses may change over time, and we advise verifying the information before contacting them.

​

Rights of Data Subjects

According to the GDPR, you, as a data subject, have various rights, particularly derived from Articles 15 to 18 and 21 of the GDPR:

Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, based on Article 6(1)(e) or (f) of the GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Right to Withdraw Consent: You have the right to withdraw your consent at any time.

Right to Information: You have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain additional information, in accordance with legal requirements.

Right to Rectification: You have the right to obtain the rectification of inaccurate personal data concerning you or the completion of incomplete personal data, in accordance with legal requirements.

Right to Erasure and Restriction of Processing: You have the right, subject to legal requirements, to request the erasure of personal data concerning you without undue delay or alternatively, to request the restriction of processing of your data.

Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller, in accordance with legal requirements.

Right to Lodge a Complaint with a Supervisory Authority: You also have the right, in accordance with legal requirements, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

 

Definition of Terms

In this section, you will find an overview of the terminology used in this privacy policy. Many of these terms are taken from the law, primarily defined in Article 4 of the General Data Protection Regulation (GDPR). The legal definitions are binding. The following explanations are primarily intended to aid understanding. The terms are sorted alphabetically.

Conversion Tracking: "Conversion Tracking," also known as "Besuchsaktionsauswertung" in German, refers to a method used to determine the effectiveness of marketing measures. Typically, a cookie is stored on users' devices within the web pages where the marketing measures take place, and then it is retrieved again on the target webpage. For example, this allows us to track whether the ads we placed on other websites were successful.

IP Masking: "IP Masking" is a method in which the last octet, i.e., the last two digits of an IP address, is deleted so that the IP address can no longer be used to uniquely identify a person. Therefore, IP masking is a means of pseudonymizing processing procedures, especially in online marketing.

Personal Data: "Personal data" refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie), or one or more specific factors expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Profiling: "Profiling" refers to any form of automated processing of personal data that involves the use of such personal data to analyze, evaluate, or predict certain personal aspects relating to a natural person (depending on the type of profiling, this may include information regarding age, gender, location data and movement data, interaction with websites and their content, purchasing behavior, social interactions with other people). Profiling is often used for purposes such as predicting interests in specific content or products, click behavior on a website, or location tracking. Cookies and web beacons are commonly used for profiling purposes.

Analytics: "Analytics," also known as "Reichweitenmessung" or "Web Analytics" in German, is the evaluation of visitor flows on an online offering and can encompass the behavior or interests of visitors regarding specific information, such as website content. With the help of analytics, website owners can, for example, identify when visitors access their website and which content they are interested in. This allows them to better tailor website content to the needs of their visitors. Pseudonymous cookies and web beacons are often used for analytics purposes to recognize recurring visitors and obtain more precise analyses of the use of an online offering.

Tracking: "Tracking" refers to the ability to trace user behavior across multiple online offerings. Typically, behavioral and interest information regarding the used online offerings is stored in cookies or on the servers of the providers of tracking technologies (known as profiling). This information can then be used, for example, to display advertisements to users that are likely to match their interests.

Controller: The "Controller" refers to the natural or legal person, authority, institution, or other entity that, alone or jointly with others, determines the purposes and means of processing personal data.

Processing: "Processing" encompasses any operation or series of operations performed with or without automated processes in connection with personal data. The term is broad and practically covers any handling of data, whether it involves collecting, evaluating, storing, transmitting, or deleting it.

​

​