Data privacy statement

Data privacy statement for the
www.bergmann-goldenstedt.de website,
the etk.bergmann-goldenstedt.de parts catalogue, and the “Bergmann Sales” app (product configurator)

1. Introduction

This data privacy statement contains general information and special information for the website www.bergmann-goldenstedt.de, the website with a parts catalogue etk.bergmann-goldenstedt.de and the Bergmann Sales app with a product configurator. The special information for data processing is always highlighted or identified.

Data are processed electronically every time a website is accessed, or an app is used. In this document, we explain which data are processed and in what ways we process them.

2. Responsible party (Data controller)

Ludwig Bergmann GmbH
Hauptstr. 64-66
49424 Goldenstedt
Contact information: see Legal Notice

3. Data protection officer

Ralf Lohmann
- Certified external data protection officer -


HUBIT Datenschutz
E-mail: info(at)hubit.de
Website: www.hubit-datenschutz.de
Data protection Tel.: +49 (0)421-33114300

4. General information on data protection

Data processing on webpage access

When you access a webpage, various data – including personal data – are automatically transmitted vía the Internet. This is required from a technical point of view in order for webpage access to function at all and to allow us to give you the best possible result.

Whenever, for example, you access a webpage, display an image from a server, load an external plug-in or script, stream a video or use one of the many other forms of data transmission, your computer sends information to the server from where you accessed the above types of data. When you access a webpage, your browser (e.g. Firefox, Internet Explorer, Edge, Opera, Safari, Google Chrome) sends specific information about your system. These data may include, for example:

  • The webpage from which the webpage or a file (image, script, video) is accessed or in which the file is linked (“Referer”)
  • Operating system
  • Screen resolution
  • Keyboard layout (language)
  • IP address from which the webpage or file was accessed
  • Name of the webpage or file accessed
  • Timestamp (date and time) of the access
  • Browser name and version
  • Data volume transferred
  • Access status (file transferred, error code)

These data are logged by every server. Logging takes place for many purposes including:

  • Preservation and verification of IT security (e.g. to detect hacker attacks) and IT operation
  • Statistical evaluation (of the use of the website)
  • Improvement of the website
  • Suitable display of the website or files so that they can be optimally shown on your end device

No pseudo-anonymisation or anonymisation is used for the security logs, as otherwise it would not be possible to draw any conclusions about potential attackers. As a rule, the evaluation of the data for other purposes is anonymised and no profiling takes place. More information can be found below in this data privacy statement.

Data separation is implemented between database, session management and log information.

The legal bases for the data processing are your consent (Art. 6(1)(a) GDPR), initiation or fulfilment of a contract (Art. 6(1)(b) GDPR), legitimate interest of the data controller, e.g. to preserve IT security, for the rebuttal and assertion of claims (Art. 6(1)(f) GDPR).

For the use of our Parts catalogue (etk.bergmann-goldenstedt.de), as well as other data the following data are processed during registration and use:

Registered catalogue user:

  • Name
  • Profiling
  • Addresses (dealer, end customer)
  • Company
  • Position
  • Telephone number
  • E-mail address

Employees:

  • User name
  • User address
  • Windows user name of the catalogue author
  • PHP session (ID and details)
  • User token
  • Log information for e-mail transmission (ExportDynamic.log)
  • IIS/Apache access log (IP address)

During use of the Bergmann Sales app, as well as other data the following data are processed:

  • Role
  • Salutation
  • Name, First name
  • Language
  • Contact details (telephone number, address, e-mail address)
  • Configuration / quotation / contract information
  • Business relationship (e.g. dealer, end customer)

5. Data subject

The “data subject” (affected party) is the person whose personal data are collected and processed. Hereinafter, the “data subject” is also referred to as the “webpage visitor” or “user”.

Information about data subject rights

Every data subject may exercise their rights (data subject rights) against the controller. This can be done by e-mail, post or a preprepared form. Telephone enquiries are also possible, but they will only be accepted and not answered on the telephone. The controller chooses the medium (post, e-mail, other media) and sends the data subject his answer to the data subject’s enquiry using this medium. The answers to enquiries about data subject rights are supplied free of charge. A fee may be collected if there are excessive enquiries (e.g. high frequency) on data subject rights. The answer must be supplied within the legal period of one month. In exceptional cases, this period may be extended (e.g. due to a high number of enquiries or the high complexity of the enquiry). The extension of the period must be justified. The data subject rights are listed below. We have provided the items of data subject rights as a bullet list to allow an overall view. Each item is accompanied by a link to a detailed explanation (on the webpages of HUBIT-Datenschutz).

The data subject must authenticate themselves to the controller in order to verify that they are entitled to exercise the rights of the data subject.

On the HUBIT-Datenschutz website, you can find a form that you can use to exercise your data subject rights with us. Form to exercise data subject rights

6. Cookies

No cookies are processed when you use the Bergmann Sales app.

We have dispensed with the use of cookies on the www.bergmann-goldenstedt.de website.

The following cookies and associated time limits for deletion are used on etk.bergmann-goldenstedt.de:

- “PHP Session ID” cookie is deleted on closing the browser

- “Profile data” cookie is deleted 1 year after the last access to the profile

- “Remember login” cookie is deleted after the configured time

- “Privacy policy accepted” cookie is deleted 5 years after the last access

7. Encryption of the website

All the content on our webpages is transmitted using (TLS) encryption to protect your data.

Data transfer between the server and the Bergmann Sales app on your device takes place over an encrypted connection.

8. Forms

You can contact us or make enquiries, e.g. about specific products, using our forms. Please fill in all the mandatory fields. Alternatively, you can contact us by telephone or e-mail, or we can meet personally.

The legal basis for the data processing with consent is Art. 6(1)(a) GDPR or Art. 6(1)(b) GDPR if the matter concerns product enquiries or enquiries about an existing contract.
The legal basis for data processing by sending an e-mail is Art. 6(1)(f) GDPR. If the objective of making contact by e-mail is to conclude a contract, the legal basis for the data processing is Art. 6(1)(b) GDPR.

The processing of personal data from the contact form is only for the processing of your enquiry or your contact with us. If you contact us by e-mail, there is also a legitimate interest in the processing of the personal data.
No other data associated with the contact form are processed.

The data are erased as soon as the purpose for which they were collected is fulfilled. This happens if the data given in the contact form or the data that were sent by e-mail are no longer required for the conversation or reply, unless prevented by other legal retention periods.
Data additionally collected in connection with the sending of the data are deleted as soon as they are no longer required for the purpose.

Your consent to data processing can be withdrawn at any time. In this case, the conversation is discontinued, or no further processing of the enquiry takes place. In cases of objection, all data saved for contact reasons are deleted, unless legal retention periods apply.
You can find a form available for submitting your withdrawal of consent on HUBIT-Datenschutz’s website. Your enquiry will be accepted by our data protection officer and forwarded to the necessary people in our company. Form to exercise data subject rights

We have dispensed with the use of Captcha tools.

9. Statistical tools

Anonymised data are used for statistical analyses.

10. Special data processing for the Bergmann Sales app

Before the Bergmann Sales app can access data (e.g. contacts, position data) on your device, your consent is requested in a dialogue. As a rule, this request is made when you first start the app. Your consent is not required for the app to function. The app’s access to the data is merely to make it easier for you to use. Your consent can be revoked at any time by you deactivating the access in the settings on your device.

10.1 Position location

We do not use position location technology.

Our field sales employees can copy your current location into the app instead of entering an address. In this case, the position data is converted into address data. Therefore, the app does not perform continuous position location.

10.2 Access to contacts

If access to the contacts in the device is permitted, an address can be imported so that this information does not have to be entered by hand when creating a dataset. Other than this, no access to the contacts takes place.

10.3 Access to microphone and camera

No access to microphone and camera takes place.

11. Special data processing on www.bergmann-goldenstedt.de

11.1 YouTube

We have embedded YouTube videos using a two-click solution. This means that a data connection to YouTube will be set up only if you click on one of the videos.
We decided to adopt this option to protect your data.

The legal basis for data processing is Art. 6(1)(a) GDPR

By playing the videos, data is transferred to YouTube from your browser (see: General information). Data processing at the provider depends on whether you have a Google or a YouTube account or are logged in to them. If you are logged in, the data can be linked or assigned to your user account by Google.

Google stores the data and uses them to improve its service to you, for advertising and, if applicable, for market research. The precise purpose of the data processing and detailed information about privacy can be found on Google’s webpages (see information on objection and rectification).

If you do not wish the information to be linked or assigned to your Google account, log out of your Google account in advance.
Please read the information that Google provides about data processing and privacy.
Google privacy policy: https://policies.google.com/privacy
Statement about your personal privacy controls: https://privacy.google.com/take-control.html?categories_activeEl=sign-in
Google personal privacy checkup: https://myaccount.google.com/intro/privacycheckup
Statement about Google privacy policy: https://privacy.google.com/#
Statement about what data are collected and used: https://privacy.google.com/your-data.html

12. Miscellaneous

Data are often still available via the archive function of search engines, even if the information has been removed from or changed in the aforementioned Internet offer.

This data protection statement was prepared by HUBIT-Datenschutz.

youtube