Data Protection Declaration
1. Scope of application
The following privacy notice applies to the use of our online offer www.fuchs-ag.de (hereinafter „Website“).
Data protection is very important to us. The collection and processing of your personal data takes place exclusively in compliance with the valid data protection regulations, in particular the EU General Data Protection Regulation (GDPR).
2. Name und address of the responsible person
The responsible person defined by GDPR and other national data protection laws as well as other data protection regulations is:
FUCHS Verwaltungs AG
Am Knick 18
22113 Oststeinbek
Germany
Tel .: +49 40 7 100 10 0
Fax: +49 40 7 100 10 99
eMail: info (at) fuchs-ag.de
Web: http://www.fuchs-ag.de
3. Name und address of the data protection officer
The data protection officer of the responsible person is:
Mr. Robert Loll
Am Knick 18
22113 Oststeinbek
Germany
Tel.: +49 40 7 100 10 0
eMail: datenschutz(at)fuchs-ag.de
Web: http://www.fuchs-ag.de
In case of any questions, concerns or comments on the privacy notice of FUCHS so please feel free to contact him.
4. General information about data processing
4.1 Scope of processing of personal data
In principle we only process personal data of our users as far as this is necessary to provide a functioning website as well as our contents and services.
The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in such cases in which the processing of the personal data is permitted without the prior consent of the users by law.
4.2 Legal basis for the processing of personal data
Insofar as we obtain the consent of the person concerned for processing of personal data, Art. 6 par. lit. a GDPR serves as legal basis.
By processing of personal data which are necessary for the performance of the contract of which the contracting party is the person concerned, Art. 6 par. 1 lit. b GDPR serves as legal basis.
This also applies to processings that are necessary to carry out the pre-contractual measures.
Insofar as a processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 par. 1 lit. c GDPR serves as legal basis.
In case that essential interests of the person concerned or another individual require the processing of personal data, Art. 6 par. 1 lit. d GDPR serves as legal basis.
If processing is necessary for the protection of justified interests of our company or a third party and if the interests, basic rights and fundamental freedoms of the person concerned do not predominate the former Art. 6 par. 1 lit. f GDPR serves as legal basis for processing.
4.3 Data erasure and storage period
The personal data of the person concerned will be deleted or blocked as soon as the original purpose of storage is no longer relevant.
In addition such storage can be carried out in case this is envisaged by the European or national legislator in EU regulations, laws or other prescriptions to which the responsible person is subject.
Blocking or erasing also will be carried out if the prescribed storage period by the mentioned standards expires unless there is a requirement for the further storage of the data for a conclusion of a contract or contract fulfilment.
5. Contact form and eMail contact
5.1 Description and scope of data processing
A contact form which can be used for electronic contact is available on our website.
If a user takes this opportunity the data entered in the input mask will be transmitted to us and stored. These data are:
- First name
- Surname
- Company
- Function
- Street and house number
- Zip code
- City
- Phone
- Individual message of the user
Alternative contact is also possible via the provided eMail-address. In this case the personal data of the user transmitted with this eMail will be stored.
If you contact us via contact form or eMail we will process your data for the processing of your request as well as for the case that follow-up questions arise.
In this event there will be no forwarding of the data to third parties. The data will be exclusively used for this conversation.
5.2 Legal basis for data processing
Legal basis for the processing of data from eMail and/or contact form is in case of consent of the user Art. 6 par. 1 lit. a GDPR or in case of a legitimate interest on our part in the processing of your data (Art. 6 par. 1 sentence 1 lit. f GDPR). A legitimate interest lies e.g. in replying to your eMail and/or contact form input. If the contact is intended to conclude a contract or if data processing is carried out for the purpose of performing a contract or pre-contractual steps that will be made upon your request, then the legal basis for data processing is Art. 6 par. 1 sentence 1 lit. b GDPR.
5.3 Purpose of data processing
The processing of the personal data from the input mask serves us to handle the contacting. In case of contacting via eMail this contact entails the necessary legitimate interest in processing of the data. The other personal data processed during the sending process serves to prevent the misuse of the contact form and to ensure the security of our information technology systems.
5.4 Storage period
The data will be deleted as soon as they are no longer necessary to gain one’s end. For the personal data from the input form and these which were sent via eMail this aforesaid become valid when the respective conversation with the user is ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified. The additional personal data collected from the sending process will be deleted at the latest after a period of 7 days.
5.5 Possibility of objection and deletion
The user has the possibility to revoke his consent to the processing of the personal data at any time. If the user contacts us via eMail he can object to the storage of his personal data at any time. In such case the conversation cannot be continued. The objection of the consent to store the personal data can be made by phone, by eMail or in writing. All personal data stored in the course of the contacting will be deleted in this case.
6. General rights of the person concerned
If personal data is processed by you you are person concerned as defined by GDPR and you have the following rights to the responsible person:
6.1 Right of access
You may ask the responsible person for confirmation whether personal data concerning you are processed.If such processing exists you can request the following information from the responsible person:
- The purposes for which the personal data are processed,
- the categories of personal data that are processed,
- the recipients or categories of recipients to whom the personal data relating to you have been or will be disclosed,
- the planned period of the storage of your personal data or if specific information is not available the criteria for determining the storage period,
- the existence of the right to correction and to erasure of personal data concerning you the right to restrict the processing by the responsible person or a right of objection to such processing,
- the existence of a right of appeal to a supervisory authority.
You have the right to request information whether personal data relating to you is being transmitted to a third country or to an international organisation. In this context you can request information about appropriate guarantees in accordance with Art. 46 GDPR in connection with the transmission.
6.2 Right to rectification
You have a right to rectification and/or completion towards the responsible person in case the processed personal data concerning you are incorrect or incomplete. The responsible person must carry out the rectification without delay.
6.3 Right to restriction of processing
You may request the restriction of processing of your personal data under the following conditions:
- If you deny the accuracy of your personal data for a period of time that enables the responsible person to verify the accuracy of the personal data,
- the processing is unlawful and you refuse the erasure of your personal data and instead require the restriction of the use of your personal data,
- the responsible person no longer needs the personal data for the purposes of processing but you need them to enforce, execute or defend legal claims and/or
- if you have objected to the processing according to Art. 21 par. 1 GDPR and it is uncertain yet whether the legitimate reasons of the responsible person outweigh your reasons.
In case the processing was limited according to the above mentioned conditions you will be informed by the responsible person before the restriction will be derestricted.
6.4 Right to erasure
a) Duty of erasure
You may request the responsible person to erase the personal data related to you without delay and the responsible person shall immediately erase these data provided that one of the following is applicable:
- Personal data relating to you are no longer necessary for the purpose for which they were collected or otherwise processed.
- You revoke your consent to which the processing according to Art. 6 par. 1 lit. a. or Art. 9 par. 2 lit. a GDPR was supported and there is no other legal basis for the processing.
- You file an objection against processing according to Art. 21 par. 1 GDPR and there are no prior legitimate reasons for processing or you file an objection against processing according to Art. 21 par. 2 GDPR.
- Your personal data have been processed unlawfully.
- The erasure of personal data related to you is necessary to fulfil a legal obligation according to union law or the law of member states to which the responsible person is subject.
If we have made the personal data public and if we are obliged to delete them according to Art. 17 par. 1 GDPR we take appropriate measures considering the available technologies and the implementation costs including technical ones to inform all responsible persons for data processing that you request the erasure of all links to such personal data or copies or reproductions of such personal data.
b) Exceptions
The right to erasure does not exist if the processing is necessary
- to execute the right of freedom of expressions and information,
- to fulfil a legal obligation which requires processing according to Union or member state law to which the responsible person is subject or to perform a public interest task or which is executed of public authority which was assigned to the responsible person,
- for reasons of public interest in the field of public health according to Art. 9 par. 2 lit. h and i as well as Art. 9 par. 3 GDPR or
- for Enforcement, execution or defence of legal claims.
6.5 Right to information
If you have asserted the right to rectification, erasure or restriction of processing to the responsible person he/she is obliged to inform all recipients to whom personal data concerning you were transferred about this rectification or erasure of the data or restriction of processing unless this proves to be impossible or is connected with disproportional efforts.
You have the right to be informed about all recipients from the responsible person.
6.6 Data transferability
You have the right to receive all personal data concerning you which you provided to the responsible person in a structed, common and machine-readable format. Further you have the right to transmit these data to another responsible person without any obstruction by the person responsible who received these personal data provided that
- the processing is based on a consent according to Art. 6 par. 1 lit. a GDPR or Art. 9 par. 2 lit. 1 GDPR or on a contract according to Art. 6 par. 1 lit. b GDPR and
- the processing is done by automated process.
In executing this right your also have the right to obtain that the personal data relating to you will be transferred from one responsible person to another one directly as far as this is technically possible. Freedoms and rights of other persons may not be affected through this.
6.7 Right of objection and withdrawal
You have at any time the right for reasons that arise from your particular situation to object the procession of personal data relating to you according to Art. 6 par. 1 lit. e or f GDPR.
The responsible person will no longer process the personal data relating to you unless he/she can prove compelling legitimate reasons for the processing which outweighs your interest, rights and freedoms or the processing serves the enforcement, execution or defence of legal claims.
If the personal data relating to you are processing for direct marketing you have the right to file an objection at any time against the processing of personal data relating to you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you file an objection for processing for the purpose of direct marketing the personal data relating to you will no longer be processed for that purpose.
Regardless of Directive 2002/58/EG you have the possibility in connection with the use of Information Society Services to execute your right of objection by automated procedures using technical specifications. You have the right to revoke your data informed consent at any time. The revocation of consent does not affect the legality of the processing carried out on base of the consent until the revocation.
6.8 Right to complain to a supervisory authority
Irrespective of any other remedies – administrative or judicial – you have the right to complain to a supervisory authority, in particular in the Member State of your residence, your place of work or place of alleged irregularity if you consider that the processing of personal data relating to you contravene the rules of GDPR or is unlawful.
7. Data security
We endeavor to ensure the security of your data within the valid data protection laws and technical possibilities. Your personal data will be transmitted encoded by us. We use the coding system SSL (Secure Socket Layer) but point out that data transmission in the internet (e.g. communication via eMail) could have security holes. A complete protection of the data from access by third parties is impossible.
To safeguard your data we take technical and organizational security measures in accordance with Art. 32 GDPR which we always adapt to the best available state of technology.
We do not guarantee that our offer will be available at specific times; dysfunctions, interruptions or failures can’t be excluded.