Data privacy policy

As a controller in accordance with the GDPR, Hennecke GmbH is aware that the protection of your privacy is an important concern for you when using our websites. We take the protection of your personal data very seriously. Therefore, we would like you to know when we process which personal data, in which framework and under which conditions. We would therefore like to inform you with this data privacy policy in accordance with the provisions of the General Data Protection Regulation (GDPR).
 

Controller

As per Art. 4 No. 7 GDPR, the Controller is

Hennecke GmbH
Birlinghovener Str. 30
53757 Sankt Augustin
Phone.: 0049 (0) 22 41 33 9-0
Fax: 0049 (0) 2241 339 204
info@hennecke.com
www.hennecke.com
 

Data protection officer

The data protection officer of Hennecke GmbH is to be contacted via the above address of Hennecke GmbH and by email privacy@hennecke.com.
 

Explanations

Personal data is collected by the controller from you (hereinafter also referred to as: "Data subject") and processed only to the extent necessary, expedient and lawful; in the context of this website, data is collected primarily in order to guarantee the functionality of the website and the services offered. More information on the relevant collection and processing can be found below.

In connection with the structure of this website, it must be made clear that the controller not only decides on the purposes and the basic features of the processing of personal data in connection with its own appearance, but is also the controller for Hennecke Inc Polyurethane Technology, Hennecke Machinery Shanghai Ltd, Hennecke México S. der R. l. de C. V., Hennecke Asia Pte. Ltd, OOO Hennecke Polyurethane Technology Russia, Hennecke do Brasil, Hennecke GmbH Korea Branch Office and Hennecke S.R.O. (hereinafter: "the companies").

In practice, this means that the websites of the respective companies differ in terms of content and individual design, but are managed by the same Content Management System. Accordingly, the influence on the content design as well as the administrative arrangement and access authorizations lies with the controller. This means that the following explanations apply in principle, irrespective of whether the actual website of the controller or one of the companies mentioned is accessed; in due course, minor differences will be presented separately.

As a rule, data are deleted as soon as the purpose of data processing/storage has ceased to exist. Data may also be stored if European or German lawmakers specify longer storage periods. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract. You will find more information on this in the following.

The host of the Content Management System is Strato AG, Pascalstr. 10, 10587 Berlin, Tel.: 030-300 1460, email impressum@strato.de. In addition, reference is made below to the point Storage in the Content Management System of the controller.
 

Collection and processing of data

Operation of website; log files

When you visit www.hennecke.com or other sites of the above companies at www. Hennecke.com, the following personal data of the data subject will be collected and stored in a log file:

  • Information about the browser type and version used
  • The operating system of the data subject
  • The Internet service provider of the data subject
  • The IP address of the data subject
  • Date and time of access
  • Websites from which the system of the data subject reaches our website
  • Websites accessed by the data subject's system via our website

The data is processed or stored in log files in order to ensure the functionality of the website and its convenient usage. In addition, the data helps us to optimize the website and to ensure the security of our information technology systems. Administrative aspects are also a basis for processing. An evaluation of the data only takes place in connection with statistical evaluations, whereby the individual user remains anonymous

The legal basis for data processing is Art. 6 par. 1 sentence 1 lit. f) GDPR. Our legitimate interest follows from the above-mentioned purposes for data collection and/or for ensuring the functionality of the website. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. If data has been collected for the provision of the website, this occurs after seven days in any case. In this case the IP addresses of the users are deleted or alienated, so that an assignment of the client is no longer possible.

As a rule, there is no legal or contractual obligation to provide this data. If the data are not provided, the provision of a functional website is not possible.

 
Contact forms; email contact; registration

Description and scope of data processing

Within the framework of our website (and on the websites of the individual companies), several contact forms are available which can be used to make contact electronically. If you take advantage of this option, the data entered in the input mask will be transmitted to us and saved. Furthermore, the IP address as well as the date and time of transmission are stored. The data are then transmitted to the respective company which is actually to be contacted. There the further processing of your request takes place. The nature of the data transmitted depends on the information required from the controller, and also on the scope of information decided by the data subject.

In addition, we offer various ways to contact employees or departments of the controller or company by clicking on various e-mail addresses. IP addresses, email addresses, date and time are also transmitted here. In addition, any information you provide will be transmitted.

The data is collected and processed in order to deal with the data subject's request.

In addition, your request and/or your personal data is stored in the context of the use of a contact form or the establishment of contact by e-mail in the Content Management System.

The legal basis for the processing of this data is lawful based either on a contract with the data subject as a party to the contract pursuant to Art. 6 par. 1 sentence 1 lit. b) 1st alt. GDPR or based on the implementation of pre-contractual measures with the data subject pursuant to Art. 6 par. 1 sentence 1 lit. b) 2nd alt. GDPR. Processing may also be carried out on the basis of Art. 6 par. 1 sentence 1 lit. f) GDPR if there is a legitimate interest of the controller, for example in the context of customer loyalty. In the context of their economic activity, it is necessary for the controller to engage in customer contact and/or to be available for the customer/interested party.

In any case, the legal basis for storage in the Content Management System is lawful pursuant to Art. 6 par. 1 sentence 1 lit. f) GDPR. The storage is necessary to ensure the infrastructure and functionality of the website and also to secure the website against data breaches etc..

If the processing of the data subject's request is related to an existing contract with the data subject, the storage period will normally be based on this existing contract. Otherwise the data will be deleted when the purpose of processing has been achieved; this may be when a matter has been conclusively settled. In individual cases, legal storage periods must be observed.

As a rule (excluding exceptions), there will be no legal or contractual obligation to provide the relevant data in this way. If you do not provide the data, your eventual request can not be processed electronically.

 
Establishing contact within the scope of an application

When submitting an application, the application contact form must primarily contain the following personal data:

  • Title
  • Name and surname
  • Street, house number
  • Postcode, place of residence
  • Email address
  • Telephone/mobile phone number
  • Attachment uploads for the application process - application documents, CV, similar documents

In addition, the IP address, date and time of sending the documents are stored when the documents are sent.

Note on sensitive data: We expressly draw your attention to the fact that applications, in particular CVs, certificates and other data you submit to us, may contain special categories of personal data on racial or ethnic origin, political opinions, religious or ideological beliefs, membership in a trade union, the processing of genetic or biometric data, health data or on sex life or sexual orientation. However, we would like to point out that we do not need this information in order to process your application. If you nevertheless provide us with such information in your online application, you must give your separate consent for Hennecke GmbH to collect, process and use this data for the purpose of processing your application. Such data will be processed in accordance with this privacy policy and other relevant legislation.

This information is processed in order to assess and process your application. There is in any case no legal or contractual obligation to transmit such data when the application documents are initially sent. Failure to provide the relevant data may result in your application not being considered or being considered in a manner that produces a different result than that which would have been the case if the requested data had been provided.

Your data will be processed by a data processor, namely Talent Soft GmbH, Spichernstr. 6, 50672 Cologne, Tel. 0221 1688030, Email contact.de@talentsoft.com and/or stored and partially processed in the Content Management System. For the Content Management System we refer to storage in the Content Management System of the controller. This processing together with the data processor is necessary as the controller must make use of management systems and host services offered by third parties due to the company structure. The controller maintains data processing contracts in each individual case in order to comply with the provisions of the GDPR. In all other respects, the processing is carried out by the company addressed in each case.

In addition, the legal basis for the processing of data is Art. 6 par. 1 sentence 1 lit. b) in conjunction with Art. 88 GDPR in conjunction with Art. 26 par. 1 (if applicable in conjunction with par. 8 p. 2) BDSG new. In all other respects, the legal basis for consent is Art. 9 par. 2 lit. a) in conjunction with Art. 6 par. 1 sentence 1 lit. a) in conjunction with Art. 7 in conjunction with Art. 88 GDPR in conjunction with Section 26 par. 2 BDSG new.

In accordance with Art. 7 par. 3 sentence 1 GDPR in conjunction with Section 26 par. 2 sentence 4 BDSG new may be revoked at any time. The legality of the data received until revocation is not affected by this. The revocation can be made at the above address or under privacy@hennecke.com.

The data is stored during the application process, depending on the duration of the application process or its outcome. If the application process is successful, the data for the implementation of an employment relationship will continue to be stored. After termination of an employment relationship, the data will continue to be stored in accordance with the statutory retention periods. If the application procedure has a negative outcome, the data will be deleted 5 months after notification of the application result. This storage period follows from a justified interest of the controller to be able to defend himself against legal action by the data subject under labour law, if necessary, Art. 6 par. 1 sentence 1 lit. f) GDPR.

 
Contact TechCenter

When contacting us through the contact form in the TechCenter, the following information is required

  • Company
  • Last name
  • Country
  • Email
  • Telephone number

The following can be optionally provided

  • Name
  • Street address
  • Message

This personal data is collected in order to enable an answer for the data subject. In addition, the IP address and the date and time of contact are stored.

The legal basis for the processing of this data will be determined in accordance with Art. 6 par. 1 sentence 1 lit. b) 1st alt. GDPR in order to fulfil a contract with the data subject as a party to the contract, or for the implementation of pre-contractual measures with the data subject pursuant to Art. 6 par. 1 sentence 1 lit. b) 2nd alt. GDPR. In addition, processing may take place on the basis of Art. 6 par. 1 sentence 1 lit. f) GDPR if the controller has a legitimate interest, for example in the context of customer loyalty or orderly business operations.

If the processing of the data subject's request is related to an existing contract with the data subject, the storage period will normally be based on this existing contract. Otherwise, the data will be deleted when the purpose of the processing has been achieved; in individual cases, legal storage periods must be observed.

There is no legal obligation to provide personal data. In individual cases, contractual obligations may exist, so that the data subject could suffer economic and/or legal disadvantages if they are not made available. This must be assessed on a case-by-case basis.

 
Registration TechCenter

The following information must be provided when registering for the TechCenter:

  • Company
  • Name and surname
  • Country
  • Email
  • Phone/mobile phone
  • Task or end product concerned
  • Aim of the experiments
  • Information on raw material system and manufacturer
  • Sending additional data sheets, if necessary

In addition, the IP address and the date and time of dispatch are also stored. These data are processed on the basis of the respective request and/or to enable the best possible response to the data subject's request.

The legal basis for the processing of this data will be determined in accordance with Art. 6 par. 1 sentence 1 lit. b) 1st alt. GDPR in order to fulfil a contract with the data subject as a party to the contract, or for the implementation of pre-contractual measures with the data subject pursuant to Art. 6 par. 1 sentence 1 lit. b) 2nd alt. GDPR. In addition, processing may take place on the basis of Art. 6 par. 1 sentence 1 lit. f) GDPR if the controller has a legitimate interest, for example in the context of customer loyalty or for reasons of goodwill.

If the processing of the data subject's request is related to an existing contract with the data subject, the storage period will normally be based on this existing contract. Otherwise, the data will be deleted when the purpose of the processing has finally been achieved; in individual cases, legal deadlines must be observed.

There is no legal obligation to provide personal data. In individual cases, contractual obligations may exist, so that the data subject could suffer economic and/or legal disadvantages if they are not made available. This must be assessed on a case-by-case basis.

 
Contact 360° Service

As part of the 360° service, the following information must be provided, among other things:

  • Company
  • Last name
  • Country
  • Email
  • Telephone number

The following can also be optionally provided:

  • Name
  • Address
  • Message

In addition, the IP address and the date and time of dispatch are also stored. This personal data is collected to enable the best possible response to the data subject's request.

The legal basis for the processing of this data will be determined in accordance with Art. 6 par. 1 sentence 1 lit. b) 1st alt. GDPR in order to fulfil a contract with the data subject as a party to the contract, or for the implementation of pre-contractual measures with the data subject pursuant to Art. 6 par. 1 sentence 1 lit. b) 2nd alt. GDPR. In addition, processing may take place on the basis of Art. 6 par. 1 sentence 1 lit. f) GDPR if the controller has a legitimate interest, for example in the context of customer loyalty or for reasons of goodwill.

If the processing of the concern of the data subject's request is related to an existing contract with the data subject, the storage period will normally be based on this existing contract. Otherwise, the data will be deleted when the purpose of the processing has finally been achieved; in individual cases, legal deadlines must be observed.

There is no legal obligation to provide personal data. In individual cases, contractual obligations may exist, so that the data subject could suffer economic and/or legal disadvantages if they are not made available. This must be assessed on a case-by-case basis.

 
Registration/use of 360° service portal

Individual beneficiaries are given the opportunity to log in to 360° and take advantage of the benefits and information available there. For this purpose, the data subject must be provided with a login ID and a password must be generated by the data subject. The data is stored so that the data subject can log on to the service portal at any time. Further data from the data subject must be stored there.

During use, the IP address and time/date of the login and logout are also recorded in a log file.

The legal basis for the processing of this data will be determined in accordance with Art. 6 par. 1 sentence 1 lit. b) 1st alt. GDPR in order to fulfil a contract with the data subject as a party to the contract, or for the implementation of pre-contractual measures with the data subject pursuant to Art. 6 par. 1 sentence 1 lit. b) 2nd alt. GDPR. In addition, processing may take place on the basis of Art. 6 par. 1 sentence 1 lit. f) GDPR if the controller has a legitimate interest, for example in the context of customer loyalty or for issues of goodwill/service.

The data will be deleted once the data subject ceases to use the portal by deregistering. In individual cases, statutory storage periods may conflict with this.

There is no legal obligation to provide personal data. In individual cases, contractual obligations may exist, so that the data subject could suffer economic and/or legal disadvantages if they are not made available. This must be discussed on a case-by-case basis.

 
Registration for events

In individual cases, registration for events is offered. In this context, personal data is requested from the data subject individually. The data requested will only have the scope necessary to enable the data subject to participate in the event. If the relevant data are not provided, participation in the event may be denied by the organizer. In addition to this data, the IP address and the date and time of registration are stored.

The data are to be passed on regularly by the controller or a company to the respective organizer. The data may be transferred to a third country. Even if there may not be an adequate level of security in this state, a corresponding transmission of data is permissible pursuant to Art. 49 par. 1 sentence 1 lit. c) GDPR.

In all other respects, the collection and processing of data is based on the consent of the data subject pursuant to Art. 6 par. 1 sentence 1 lit. a) in conjunction with. Art. 7 GDPR.

The data will only be stored until the event is over.

 
Storage in the Content Management System of the controller

The controller uses a Content Management System, which in turn is hosted and maintained by a contract processor (see also Explanations). In other words, this Content Management System is a management program for operating and maintaining the website and the websites of the companies, the contact forms, the services, etc. All of the above-mentioned and represented personal processing procedures are additionally transferred into this Content Management System and stored there. This storage and/or the processing operations associated with the Content Management System serve the purpose, among other things, of ensuring the security of your personal data and acting as a backup. Within the scope of data processing, there is an order processing contract which specifies, among other things, sufficient technical and organizational measures.

Furthermore, the storage of personal data in the Content Management System is also technically necessary in order to operate the online content and the services offered.

Accordingly, processing in connection with the Content Management System is based on Art. 6 par. 1 sentence 1 lit. f) GDPR in order to guarantee the functionality of the web services and to be able to offer the services to the data subject. A corresponding order processing contract exists with the data processor pursuant to Art. 28 par. 3 sentence 1 GDPR.

Personal data is stored in the Content Management System for 5 weeks. A backup of the data is then made, which is stored securely and encrypted. This backup exists for another 5 weeks until a new backup is pulled from the Content Management System. For the preparation of the backup Art. 6 par. 1 sentence 1 f) GDPR is decisive for the reasons mentioned above.

There is no legal obligation to provide personal data. In individual cases, contractual obligations may exist, so that the data subject could suffer economic and/or legal disadvantages if they are not made available. This must be assessed on a case-by-case basis. Failure to provide personal data in the Content Management System could mean that your requests may not be processed and/or the use of the website may be disrupted.
 

Analysis tools

Use of Matomo

This website uses the open-source web analysis service Matomo.

Through Matomo, we are able to collect and analyze data on the use of our website-by-website visitors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addition, we collect various log files (e.g. IP address, referrer, browser, and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).

The use of this analysis tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the analysis of user patterns, in order to optimize the operator’s web offerings and advertising. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

The data is processed on the basis of Art. 6(1)(f) GDPR. We are pursuing our legitimate interest in optimizing our website for our external representation.

IP anonymization
For analysis with Matomo we use IP anonymization. Your IP address is shortened before the analysis, so that it is no longer clearly assignable to you.

Analysis without cookies
We have configured Matomo in such a way that Matomo will not store cookies in your browser.

Hosting
We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.

 
Google AdWords and Google Conversion Tracking

This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google").

In the context of Google AdWords we use Conversion Tracking. When you click on an ad powered by Google, a cookie is set for Conversion Tracking. Cookies are small text files that the Internet browser places on the user's computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, we, and Google, can recognize that the user has clicked on the ad and has been redirected to this page.

Each Google AdWords customer receives a different cookie. Cookies cannot be tracked through the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for Conversion Tracking. Customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google Conversion Tracking cookie via your Internet browser under User Settings. They are then not included in the conversion tracking statistics.

"Conversion cookies" are stored on the basis of Art. 6 par. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behaviour in order to optimize both his website and his advertising.

For more information about Google AdWords and Google Conversion Tracking, please see Google's privacy policy: https://www.google.de/policies/privacy/.

You can set your browser so that you are informed about the use of cookies, can permit cookies only in individual cases, can exclude the acceptance of cookies for certain cases or in general, and can activate the automatic deletion of cookies when closing the browser. When cookies are deactivated, the functionality of this website may be limited.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.

 
Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter"reCAPTCHA") on our websites. Provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

reCAPTCHA serves to check whether the data entry on our websites (e.g. in a contact form) is performed by a human being or by an automated program. To this end, reCAPTCHA analyzes the behavior of the web site visitor on the basis of different characteristics. This analysis starts automatically as soon as the website visitor enters the website. For analysis reCAPTCHA evaluates various information (e.g. IP address, amount of time the website visitor stays on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Visitors to the website are not informed that an analysis is taking place.

The use of reCAPTCHA is intended to protect our online content against improper automated information gathering and spam.

The legitimate interest in protection against automated data gathering or protection against spam is not only evident, but also benefits you as a website user if the content can be made available in this way.

Data processing is carried out on the basis of Art. 6 par. 1 sentence 1 lit. f GDPR.

Further information about Google reCAPTCHA as well as Google's privacy policy can be found in the following links: https://www.google.com/intl/en/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.
 

Plugins, tools and links

YouTube

Our website uses plugins from Google's YouTube site. This website is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited.

If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in the interest of presenting our online content in an appealing way and also for the presentation and presentation of our products. This represents a legitimate interest as per Art. 6 par. 1 sentence 1 lit. f) GDPR.

For more information on how we handle user data, please see YouTube's privacy policy: https://www.google.de/intl/en/policies/privacy.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.

 
Google Web Fonts

This site uses the Web Fonts provided by Google to uniformly display fonts. When you access a page, your browser loads the required Web Fonts into your browser cache to display texts and fonts correctly.

To do this, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. We use Google Web Fonts in the interest of a uniform and appealing presentation of our online content. This represents a legitimate interest within the meaning of Art. 6 par. 1 sentence 1 lit. f) GDPR.

If your browser does not support Web Fonts, a default font is used by your computer.

For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and read Google's privacy statement: https://www.google.com/policies/privacy/.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.

 
Google Maps

This page uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.

We use Google Maps in the interest of an appealing presentation of our online content and the easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 par. 1 sentence 1 lit. f) GDPR. You can also turn off the tracking capabilities of Google Maps using your browser. You will find more details in the description of your browser.

You can find more information on the handling of user data in Google's privacy policy: https://www.google.de/intl/en/policies/privacy/.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.

 
Links to Facebook, Twitter, Expo21xx, Pressbox

On Hennecke.com you can find links to YouTube, Facebook, Twitter, Expo21xx and Pressebox. These links are intended to integrate the social media presence of the controller and the companies into the website and thus to present the company as a whole or to provide content which is not provided within the framework of the website.

When a data subject clicks on such a link, his browser establishes a direct connection to the server of the respective web page. The server is informed of the location from which your IP address has accessed the page of the respective provider. If the user is also logged in to one of the social media, this medium receives corresponding information, which it can assign to your profile. The controller has no influence on this mechanism.

The use of the services is in the interest of the controller in any case, in order to be able to present the social appearance to the data subject in the simplest way. The legal basis is Art. 6 par. 1 sentence 1 f) GDPR.

For further information please contact:

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.
 

Cookies

In some areas of the website, so-called cookies are used in order to provide you with a more individualized service. Cookies are identifiers that a web server can send to your computer to identify it for the duration of your visit. In particular, cookies are used to recognize the language of your browser; after closing the corresponding tab, this cookie is deleted. Most browsers are set to automatically accept cookies. However, you can also deactivate the storage of cookies or set your browser so that it informs you about the use of cookies.

Cookies are used on the legal basis of Art. 6 Par. 1 sentence 1 lit. f) GDPR, as they guarantee the optimum functionality and security of our website. The provision of such online content is in our legitimate interest.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.

Edit cookie settings
 

Rights of the data subject

You have the following rights under the GDPR: You can

  • request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information on
    • the processing purposes,
    • the category of personal data,
    • the categories of recipients to whom your information has been or will be disclosed,
    • the planned storage period,
    • the existence of a right to rectification, erasure, restriction of processing or the right to object,
    • the existence of a right of appeal,
    • the origin of your data, unless it was collected by us,
    • and the existence of automated decision-making, including profiling and, where appropriate, meaningful information on its details
  • immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR;
  • request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • pursuant to Art. 18 GDPR, request the restriction of the processing of your personal data if you dispute the accuracy of the data, or if the processing is unlawful and you oppose erasure of the data, if we no longer require the data, but you require them to assert, exercise or defend legal claims or if you have filed an objection to the processing pursuant to Art. 21 GDPR;
  • obtain your personal data, which you have provided to us, in a structured, current and machine-readable format in accordance with Art. 20 GDPR or request its transfer to another controller;
  • as per Art. 7 par. 3 GDPR, withdraw at any time the consent given to us once, with the consequence that we may not continue with the data processing, which was based on this consent, in the future;
  • complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our office.
  • withdraw your consent at any time, e.g. as per Art. 7 par. 1, 9 par. 2 lit. a) GDPR or Section 26 par. 2 sentence 1 BDSG pursuant to Art. 7 par. 3 sentence 1 GDPR.

 
Right to object of the data subject

If your data are processed on the basis of legitimate interests pursuant to Art. 6 par. 1 sentence 1 lit. f) GDPR, you have the right to object to the processing for reasons arising from the particular situation pursuant to Art. 21 par. 1 sentence 1 GDPR. Your personal data will no longer be processed in such a case, unless the data controller can provide compelling reasons to protect the processing, which outweigh your interests, rights and freedoms; the same applies if the processing serves to assert, exercise or defend legal claims, Art. 21 par. 1 sentence 2 GDPR.

Please make contact using the above addresses.
 

Safety

Hennecke uses technical and organizational security measures to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. In the case of the collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in line with technological developments. Currently we use an SSL procedure during the website visit, which is secured by an RSA encryption with 2048 bits.
 

Validity

This data privacy policy is valid from 25th May 2018.