Data protection

We look forward to your visit to our website www.eckelmann.hamburg and your interest in our company. The protection of your personal data is very important to us. Personal data is information about the personal or factual circumstances of a specific or identifiable natural person. This includes e.g. the real name, address, telephone number and date of birth, but also all other data that can be related to an identifiable person.
Since personal data enjoy special legal protection, we only collect them insofar as this is necessary for the provision of our website and the provision of our services. Below we present what personal information we collect during your visit to our website and how we use it.
Our data protection practice is in accordance with the legal regulations, in particular those of the Federal Data Protection Act (BDSG), the Telemedia Act (TMG) and the General Data Protection Regulation of the EU (GDPR). We will only collect, process and store your personal data insofar as this is necessary for the functional provision of this website and our content and services, as well as for processing inquiries and, if necessary, for processing orders / contracts, but only if this is necessary legitimate interest iSd Art. 6 Para. 1 S.1 lit.f GDPR or another type of permission exists. Only if you have previously given your consent separately will your data be used for other purposes that are precisely defined in the consent, e.g. for sending advertising information via newsletter.

1. Responsible i.S.d. Art. 4 No. 7 GDPR

Responsible within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:

Carl Robert Eckelmann GmbH
At the St. Pauli Landungsbrücken 3
20359 Hamburg

Email: info@eckelmann.hamburg
Tel .:+49 40 311703-0
Fax: +49 40 311703-33

2. Provision of the website and creation of log files

Each time our website is accessed, our system automatically records data and information from the computer system of the accessing computer. The following data is collected:
Scope of data processing

(1) Information about the browser type and the version used
(2) The operating system of the retrieval device
(3) The IP address of the access device
(4) Date and time of access
(5) Websites and resources (images, files, other page content) that were accessed on our website.
(6) Websites from which the user's system came to our website (referrer tracking)

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual page visitors are not identified.

- Legal basis for the processing of personal data


    Art. 6 para. 1 lit.f GDPR (legitimate interest). Our legitimate interest is to ensure that the purpose described below is achieved.
   
- Purpose of data processing

    Logging is carried out to maintain the compatibility of our website for as many visitors as possible and to combat misuse and troubleshooting. For this it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and / or errors in the functionality of our website. In addition, we use the data to optimize the website and to generally ensure the security of our information technology systems.
   
- Duration of storage

    The aforementioned technical data will be deleted as soon as they are no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.
   
- Opposition and removal options

    The possibilities of objection and elimination are based on the general rules for the right to object and the right to erasure described in this data protection declaration.

3. Special functions of the website

Our site offers you various functions, the use of which we collect, process and store personal data. Below we explain what happens to this data:

    Contact form (s):
      
- Scope of processing personal data

        The data you entered in our contact forms.
       
- Legal basis for the processing of personal data

        Art. 6 para. 1 lit. a GDPR (consent through clear confirming action or behavior)
       
- Purpose of data processing

        We will only use the data recorded via our contact form or via our contact forms to process the specific contact request received through the contact form.
       
- Duration of storage

        After processing your request, the data collected will be deleted immediately, provided there are no statutory retention periods.
       
- Opposition and removal options

        The possibilities of objection and elimination are based on the general rules for the right to object and the right to erasure described in this data protection declaration.

4. Integration of external web services and processing of data outside the EU

On our website we use active Java Script content from external providers, so-called web services. When you access our website, these external providers may receive personal information about your visit to our website. It may be possible to process data outside the EU. You can prevent this by using a Java Script blocker such as Install the browser plug-in 'NoScript' (www.noscript.net) or deactivate Java Script in your browser. This may result in functional restrictions on the websites you visit.
We use the following external web services:

CloudFlare

        A web service from CloudFlare Inc., 101 Townsend St, 94107 San Francisco, USA (hereinafter: CloudFlare) is downloaded from our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to CloudFlare. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The legitimate interest consists in the error-free functioning of the website. CloudFlare has certified itself under the EU-US Privacy Shield Agreement (see https://www.privacyshield.gov/list). The data will be deleted as soon as the purpose of their collection has been fulfilled. Further information on the handling of the transferred data can be found in the CloudFlare data protection declaration: https://www.cloudflare.com/security-policy/?utm_referrer=https://www.google.de/. You can prevent the collection and processing of your data by CloudFlare by deactivating the execution of script code in your browser or installing a script blocker in your browser (you can find this, for example, at www.noscript.net or www.ghostery. com).

Google Apis

A web service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google-Apis) is loaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google Apis. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The legitimate interest consists in the error-free functioning of the website. Google-Apis has certified itself under the EU-US Privacy Shield Agreement (see https://www.privacyshield.gov/list). The data will be deleted as soon as the purpose of their collection has been fulfilled. Further information on the handling of the transferred data can be found in the privacy policy of Google-Apis: https://policies.google.com/privacy. You can prevent the collection and processing of your data by Google Apis by deactivating the execution of script code in your browser or installing a script blocker in your browser (you can find this, for example, at www.noscript.net or www. ghostery.com).

gstatic

A web service from Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: gstatic) is loaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to gstatic. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR. The legitimate interest consists in the error-free functioning of the website. gstatic has certified itself under the EU-US Privacy Shield Agreement (see https://www.privacyshield.gov/list). The data will be deleted as soon as the purpose of their collection has been fulfilled. Further information on the handling of the transferred data can be found in gstatic's data protection declaration: https://policies.google.com/privacy. You can prevent gstatic from collecting and processing your data by deactivating the execution of script code in your browser or installing a script blocker in your browser (you can find this, for example, at www.noscript.net or www.ghostery. com).

website-check.de

A check seal of the company Website-Check GmbH, Beethovenstraße 24 in 66111 Saarbrücken, DE (hereinafter: website-check.de) is loaded on our site. We include this seal of approval on our site to show that we take the topic of data protection seriously. Due to the integration of the Website-Check seal of approval, non-personal data is transferred to Website-Check GmbH as the publisher of the seal of approval. In this context, this only receives your IP address in order to be able to deliver the image file of the test seal. Your IP address has no personal reference for Website-Check GmbH. The legal basis for data processing is Art. 6 Para. 1 lit. f GDPR (legitimate interest). The legitimate interest is to enable the website check test seal to be displayed correctly on the website. Further information on the handling of the transferred data can be found in the data protection declaration of website-check.de: https://www.website-check.de/datenschutzerklaerung/. You can prevent the reloading of the Website-Check test seal and thus the transmission of your IP address (anonymous for Website-Check GmbH) to Website-Check GmbH by executing the script code of Website-Check GmbH in your Deactivate browser or install a script blocker in your browser (you can find this at www.noscript.net or www.ghostery.com).

5. Information about the use of cookies

- Scope of processing personal data

    We use cookies on various pages to enable the use of certain functions of our website. The so-called 'cookies' are small text files that your browser can store on your computer. These text files contain a characteristic string that enables the browser to be clearly identified when you visit our website again. The process of storing a cookie file is also called 'setting a cookie'.
   
- Legal basis for the processing of personal data

    Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is to maintain the full functionality of our website, increase usability and enable a more individual approach to customers. We can only identify individual site visitors with the help of cookie technology if the site visitor has given us the relevant personal data beforehand on the basis of separate consent.
   
- Purpose of data processing

    Our website uses cookies to maintain the full functionality of our website and to improve its usability. In addition, cookie technology enables us to use individual pseudonyms, e.g. Recognize an individual, any ID, so that we are able to offer more individual services.
   
- Duration of storage

    Our cookies are stored in your browser until they are deleted or, if it is a session cookie, until the session has expired.
   
- Opposition and removal options

    You can set your browser yourself to prevent cookies from being set. You can then decide on a case-by-case basis whether to accept cookies or generally accept cookies. Cookies can be used for different purposes, e.g. to recognize that your PC has already connected to our website (permanent cookies) or to save recently viewed offers (session cookies). We use cookies to offer you increased user comfort. In order to use our convenience functions, we recommend that you accept cookies for our website. The possibilities of objection and elimination are otherwise based on the general regulations for the right to object and deletion as described in this data protection declaration.

6. Data security and data protection, communication by email

Your personal data are protected by technical and organizational measures during collection, storage and processing so that they are not accessible to third parties. In the case of unencrypted communication by email, we cannot guarantee complete data security on the transmission path to our IT systems, so that we recommend encrypted communication or the postal service for information with a high level of confidentiality.

7. Automatic email archiving

- Scope of processing personal data

    We expressly point out that our mail system has an automated archiving process. All incoming and outgoing emails are digitally archived in a revision-proof manner.
   
- Legal basis for the processing of personal data

    Art. 6 para. 1 lit.f GDPR (legitimate interest). Our legitimate interest is to comply with tax and commercial law requirements (e.g. sections 146, 147 AO).
   
- Purpose of data processing

    The purpose of archiving is to comply with tax and commercial law requirements (e.g. sections 146, 147 AO).
   
- Duration of storage

    Our mail communication is stored until the expiry of tax and commercial law retention requirements. The retention period can be up to 10 years.
   
- Opposition and removal options

    In addition, we point out that we only consider application documents in PDF file form. Zipped (WinZip, WinRAR, 7Zip, etc.) files are filtered out by our security systems and not delivered. We do not consider applications in Word file format and other file formats and delete them unread. Please note that application documents sent by e-mail, unencrypted, can be opened by third parties before they arrive in our IT systems. We assume that we can also answer unencrypted application emails unencrypted. If you do not want this, please give us a note in your application email.

8. Revocation of consent - data information and change requests - deletion & blocking of data

At appropriate intervals, you have the right to free information about your stored data and the right to have your data corrected, blocked or deleted at any time. Your data will be deleted by us on first request, unless this is contrary to legal regulations. You can revoke your permission to use your personal data at any time. Requests for information, deletion and correction of your data and any suggestions can be sent to the following address at any time:

Carl Robert Eckelmann GmbH
At the St. Pauli Landungsbrücken 3
20359 Hamburg

Email: info@eckelmann.hamburg
Tel .: +49 40 311703-0
Fax: +49 40 311703-33

9. Right to data portability

You have the right that we provide you with the personal data that you have transmitted to us in a structured, common and machine-readable format. You can also request that we immediately transmit this data to a third party on your first instruction, provided the processing is based on consent in accordance with. Art. 6 para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract acc. Art. 6 para. 1 lit. b GDPR is based and the processing by us takes place in the context of automated data processing.
When exercising this right of data portability, you also have the right to have your personal data transmitted directly to another person responsible, insofar as this is technically feasible. The freedoms and rights of other people must not be affected by this.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been transferred to the person responsible.

10. Right to lodge a complaint with the supervisory authority in accordance with Art. 77 Para. 1 GDPR

If you suspect that your data is being processed illegally on our site, you can of course bring the matter to a judicial clarification at any time. Regardless of this, you have the option to contact a supervisory authority. You have the right to lodge a complaint in the EU member state of your residence, your place of work and / or the place of the alleged violation, i.e. You can choose the supervisory authority you are contacting at the locations listed above. The supervisory authority to which the complaint was submitted will then inform you of the status and results of your submission, including the possibility of a judicial remedy in accordance with Art. 78 GDPR.

Created by:
© IT law firm DURY - www.dury.de
© Website-Check GmbH - www.website-check.de