Privacy Policy

 


As operators, we take the protection of your personal data on our website very seriously. We treat your personal data with confidentiality and in accordance with the legal guidelines on data protection.

The use of our website is generally possible without the provision of personal data. If a data subject wishes to use special services provided by our company via our website, this may necessitate the processing of personal data. If personal data are collected on our sites, this will always occur voluntarily, to the extent possible. These data are used only for the expressed reason and shall not be shared with third parties without your explicit consent. The personal data, such as the name, address, email address or phone number of a data subject are processed in accordance with the requirements of the EU's General Data Protection Regulation (GDPR), the German data protection act (new) (BDSG new), the applicable country-specific data protection provisions, and the telemedia act (TMG).

We hereby note that the transmission of data via the Internet (e.g. email communication) may contain security gaps. The seamless protection of data from third-party access is not possible. Any person is free to share personal data with us via alternative routes, for example over the phone.

 

Name and address of the data controller

 

The data controller pursuant to the General Data Protection Regulation:
Allweiler GmbH
Allweilerstr. 1
78315 Radolfzell, Germany

 

Name and address of the data security officer and supervisory authority

 

Data security officer:
Contact: +49 7732 86-863
Email: datenschutz@allweiler.de
Every data subject may contact our data security officer with privacy-related questions and suggestions at any time.

 

Supervisory authority:
The German state representative for data protection of Baden-Wuerttemberg
PO Box 10 29 32
70025 Stuttgart, Germany
Phone: +49 711/615541-0
Email: poststelle[at]lfdi.bwl.de


Every data subject has the right to lodge a complaint with the supervisory authority.

 

Legal basis for the processing of personal data

 

Insofar as we obtain the consent of the data subject for the processing of personal data, Artile 6 (1a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Article 6 (1b) of the GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.
Insofar as the processing of personal data is required to fulfill a legal obligation our company is subject to, Article 6 (1c) of the GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1d) of the GDPR serves as the legal basis.
If processing is necessary to safeguard the legitimate interests of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not prevail over the former interest, Article 6 (1f) of the GDPR serves as the legal basis said processing.

 

Routine erasure and blocking of personal data

 

We process and retain the data subject's personal data only for the time period that is necessary to fulfill the purposes of retention, if this is required by the European lawmakers, or other legislators of laws or provisions to which the data controller is subject.
If the purpose of retention no longer applies, or a retention period prescribed by European lawmakers or other competent legislators expires, the personal data shall be routinely blocked or erased in accordance with the legal guidelines.

 

Cookies

 

Our websites use cookies. Cookies are text files that are downloaded and stored on a computer via a web browser. Websites and servers use cookies. Cookies contain a so-called cookie ID. A cookie ID is the cookie's unique identifier. It consists of a string, through which web pages and servers can be allocated to the precise web browser, in which the cookie was stored. This enables distinguishing the visited web pages and servers as well as the data subject’s individual browser from other web browsers, which contain other cookies. A specific web browser can be recognised and identified by means of the unique cookie ID.
By using cookies, we can provide the users of this website with more user-friendly services, which would not be possible without the placement of cookies.
Through cookies, the information and offers on our website can be optimised based on user interest. As already mentioned, cookies allow us to recognise the users of our website. The purpose of this recognition is to simplify the use of our website for the users. A visitor of a website that uses cookies, for example, does not have to enter login information each time the website is accessed, because this is achieved by the website and the cookie stored on the user's computer.
The data subject can prevent the placement of cookies on his/her computer by our website at any time by means of the appropriate setting in the web browser being used and in doing so, permanently object to the placement of cookies. Furthermore, cookies that were already placed can be deleted at any time via a web browser or other software. This is possible with all standard web browsers. If the data subject deactivates the placement of cookies in the web browser being used, it may not be possible to use the full range of functions on our website.

 

Collection of general data, log files, and information

 

Each time the website is accessed by a data subject or automated system, it collects a series of general data and information. These general data and information are stored in the server's log files. The following may be collected:

  • the browser type used and versions,
  • the operating system used by the accessing system,
  • the website, from which a system accesses our website (so-called referrer),
  • the sub-websites, which directly access our website via an accessing system,
  • the date and time of access to the website,
  • an Internet protocol address (IP address),
  • the Internet Service Provider of the accessing system and
  • other similar data and information, which serve the aversion of danger in the case of attacks on our information technology systems.

No conclusions about the data subject are drawn in the use of the general data and information. Rather, the information is needed to

  • properly deliver the contents of our website,
  • to optimise the contents of our website as well as the advertising for it,
  • to ensure the permanent functionality of our information technology systems and the technology of our website as well as
  • to provide law enforcement authorities with the required information for prosecution in the case of a cyber attack.

Therefore, the anonymously data and information is statistically analysed on the one hand, as well as with the objective of increasing data protection and data security in our company, to ultimately ensure an ideal level of protection for the personal data we process. The anonymous data from the server log files are stored separately from all personal data indicated by a data subject.

 

Registration on the website

 

Users of our website can sign up using personal data, e.g. via the contact form, online application, donations, or seminar registrations. The type of personal data transmitted depends on the respective input screen used for registration. The personal data entered by the data subject are exclusively stared for internal use and purposes. The data processor can initiate the transfer of the data to one or multiple service providers, such as a parcel service, who will also use the personal data exclusively for internal purposes related to processing on behalf of the data processor.
By registering on the website, the Internet Provider Service (ISP) saves the data subject's IP address, as well as the date and time of registration. The data are retained to prevent the misuse of our service and to facilitate the investigation of committed crimes and copyright infringement, if necessary. This requires the storage of these data for security purposes. These data will not be passed on to third parties, unless there exists a legal obligation to share the data, or sharing serves the purposes of law enforcement.
The data subject's registration with voluntarily provided personal data enables us to provide contents or services that can only be offered to registered users due to the nature of the object. Registered persons may request to have the personal data provided upon registration fully erased from the database.
We provide information about which of the data subject's personal data are saved at any time. We correct or delete personal data upon request or notice from the data subject, unless legal obligations to retain the data exist. The data protection officer named in this privacy policy and the staff responsible for the processing are available to you as contact persons.
In this case, please contact them using the above-mentioned email address.

 

The data subject’s rights

 

Right of access

 

Right of access According to the European lawmakers, every data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to exercise this right, he or she may contact our data protection officer or any other individual employed by the data controller at any time.
In this case, please contact them using the above-mentioned email address.

 

Right to be informed

 

According to the EU lawmakers, every data subject has the right to receive information about the data being processed concerning him or her at any time and free of charge, and to receive a copy of this information. The EU lawmakers have given data subjects the right to receive the following information:

  • the purposes of processing,
  • the categories of personal data being processed,
  • the recipients or categories of recipients, whom the personal data was disclosed to, in particular in the case of recipients in third countries or in the case of international organisations,
  • if possible, the planned time period for which personal data will be retained, or, if this is not possible the criteria that drive the establishment of this time period
  • the existence of a right to correction or deletion of the personal data pertaining to the data subject or to a restriction of processing by the controller or a right of objection to this processing, if the personal data were not collected from the data subject.

The data subject has a right to obtain information regarding whether personal data were transmitted to a third country or an international organisation. If this is the case, the data subject also has the right to receive information on adequate guarantees in connection with the transmission.
If a data subject wishes to exercise his or her right to obtain information, they may contact our data protection officer or any other individual employed by the data controller at any time.
In this case, please contact them using the above-mentioned email address.

 

Right to rectification

 

According to the European Union's lawmakers, every data subject has the right to request the immediate rectification of incorrect personal data concerning him or her. Under consideration of the purposes of the processing, the data subject has the right to request the completion of incomplete personal data – also through a supplemental statement.
If a data subject wishes to exercise their right to rectification, they may contact our data protection officer or any other individual employed by the data controller at any time.
In this case, please contact them using the above-mentioned email address.

 

Right to erasure ("right to be forgotten")

 

According to the EU lawmakers, every data subject can request that the data controller immediately erases all personal data pertaining to the data subject, provided that one of the following reasons applies and that processing is not required:

  • The personal data were collected or otherwise processed for purposes for which they are no longer required.
  • The data subject revokes his/her consent, on which the processing was based, pursuant to Article 6 (1a) of the GDPR or Article 9 (2a) of the GDPR and there is no other legal basis for said processing.
  • The data subject files an objection to the processing pursuant to Article 21 (1) of the GDPR and there are no paramount legitimate reasons for said processing or the data subject files an objection to the processing pursuant to Article 21 (2) of the GDPR.
  • The personal data were processed illegally.
  • The erasure of personal data is required to meet a legal obligation according to EU law or the right of member states, to which the controller is subject.
  • The personal data was collected with regard to the offered services of the information society pursuant to Article 8 (1) of the GDPR.

In the event that one of the above-mentioned reasons applies and a data subject wishes to initiate the erasure of personal data we have stored, he or she may contact our data protection officer or any other staff employed by the data controller in this regard.
The data protection officer or another staff member will ensure that the erasure request will be completed immediately.
If the personal data were published by us and our company, as the data controller, is obligated to erase the personal data in accordance with Article 17 (1) of the GDPR, we will take adequate measures, also technological in nature, under consideration of the available technology and cost of implementation, to inform other data controllers who process the published personal data that the data subject has requested the erasure of all links to their personal data, or of copies and replications of these personal data from these data controllers, insofar as processing is not necessary. The data protection officer or another staff member will take the required action on a case-by-case basis.
In this case, please contact them using the above-mentioned email address.

 

Right to restriction of processing

 

According to the European Union's lawmakers, every data subject has the right to request the restriction of processing from the data controller if one of the following requirements is met:

  • The data subject disputes the accuracy of the personal data and he/she does so for a period, which enables the controller to review the accuracy of the personal data.
  • The processing is illegal, the data subject objects to the erasure of the personal data and instead demands the restricted use of the personal data.
  • The controller no longer requires the personal data for the purpose of processing; however, the data subject requires them to assert, exercise or defend legal claims.
  • The data subject has filed an objection to the processing pursuant to Article 21 (1) of the GDPR and it is yet to be determined if the data controller’s legitimate reasons outweigh those of the data subject.

In the event that one of the above-mentioned prerequisites is met and a data subject wishes to request the restriction of the personal data we have stored, he or she may contact our data protection officer or any other staff employed by the data controller in this regard. The data protection officer or another staff member will initiate the restriction of processing.
In this case, please contact them using the above-mentioned email address.

 

Right to data portability

 

The EU lawmakers have granted every data subject the guaranteed right to receive all personal data pertaining to the data subject, which were made available to a controller by the data subject, in a structured, conventional and machine-readable format. Furthermore, the data subject has the right to transmit these data to another controller without being hindered by the controller the personal data were made available to, provided that processing is based on consent pursuant to Article 6 (1a) of the GDPR or Article 9 (2a) of the GDPR or on a contract pursuant to Article 6 (1b) of the GDPR and processing is conducted with the help of automated processes, provided that processing is not required for the performance of a task, which is in the public interest or takes place in exercising public authority, which was transferred to the controller.
Pursuant to Article 20 (1) of the GDPR, the data subject, in exercising his or her right to data portability, has the right to enforce the direct transfer of the personal data from one controller to another controller, insofar as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.
The data subject may contact our commissioned data protection officer or any other staff member to exercise his or her right to data portability at any time.
In this case, please contact them using the above-mentioned email address.

 

Right to object

 

The EU lawmakers have granted every data subject the right to file an objection to the processing of personal data relating to the data subject at any time, for reasons, which result from his or her specific situation which is based on Article 6 (1) e or f of the GDPR.
In the case of an objection, we will cease to process your personal data, unless we can verify compelling grounds for processing worthy of protection, which override your interests, rights and freedoms, or if processing serves asserting, exercising or defending legal claims. In the case personal data are processed for the purpose of direct marketing, the data subject has the right to object to the processing of personal data for the purpose of such advertising. If the data subject objects to the processing to for purposes of direct marketing, the personal data will no longer be processed for these purposes.
Furthermore, the data subject has the right, for reasons resulting from his or her special situation, to object to the processing of personal data pertaining to the data subject for scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) of the GDPR, unless such a processing is required to fulfil a task, which is in the public interest.
The data subject may directly contact our commissioned data protection officer or any other staff member to exercise his or her right to data portability at any time.
In this case, please contact them using the above-mentioned email address.

Regardless of Directive 2002/58/EC, the data subject has the option, in connection with the use of information society services, of exercising his or her right to object using automated procedures, which apply technical specifications.

 

Right to withdraw data privacy consent

 

According to the EU lawmakers, every data subject has the right to withdraw his or her consent to the processing of his or her personal data at any time.
If a data subject wishes to exercise their right to withdraw consent, they may contact our data protection officer or any other individual employed by the data controller at any time.
In this case, please contact them using the above-mentioned email address.

Data protection for job applications and in the application process

We collect and process the personal data of applicants for the purpose of the hiring process. Processing can also be conducted electronically or using a form. This applies in particular, if an applicant sends application materials to us electronically, for example via email or online. In the event that an employment contract is concluded with an applicant, the data transmitted for entering the employment relationship are stored under consideration of the legal guidelines. If no employment contract is concluded with the applicant, the application materials are automatically deleted six months after the decision of rejection is announced, unless this is contrary to other legitimate interests. Other legitimate interest in this sense, for example, includes a burden of proof in legal proceedings pursuant to the German general equal treatment act (AGG).

 

Privacy guidelines for the use of Google Analytics (with anonymization)

 

We added Google Analytics (with anonymization feature) to this website. Google Analytics is a web analysis service. Web analysis refers to the collection, analysis, and evaluation of data about the behaviour of visitors to websites. Among others, a web analysis service collects data about the internet pages a data subject has visited prior to arriving at a site (so-called referrer), which sub-pages of the website were accessed, or how often and for how long a sub-page was viewed. Web analysis is primarily conducted for the optimisation of a website and to create cost-benefit analyses of online advertising.
Google Analytics is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
For web analyses via Google Analytics, we use the supplement „_gat._anonymizeIp." This supplement shortens and anonymizes the data subject's IP address, if websites are accessed from a member-state of the European Union or another state that is a contracting party in the Agreement on the European Economic Area.
The purpose of Google Analytics is the analysis of visitor flows on our website. Google uses the collected data and information to evaluate the use of our website, to create online reports that reflect the activities on our websites and to provide services connected to the use of our website, among other things.
Google Analytics places a cookie on the data subject's computer. An explanation of what cookies are is provided above. By placing the cookies, Google is able to analyse the use of our website. Each time individual pages containing Google Analytics on the website operated by the data controller, are accessed, the Google Analytics component in the browser on the data subject's computer system automatically initiates the transmission of data to Google for the purpose of online analysis. In the context of this technological process, Google receives information about personal data, such as the data subject's IP address, which, among others, serves the purpose of tracing the origin of visitors and clicks and to facilitate subsequent commission settlement.
The cookies are a means to storing personal data, such as the time of access, the place from which access occurred, and the frequency of a data subject's visits to our website. Every time our websites are visited, these personal data, including the IP address of the data subject's internet connection are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Under certain circumstances, Google may share these personal data collected through technical procedures with third parties.
The data subject can prevent the placement of cookies on his/her computer by our website, as described above, at any time by using the appropriate setting in the web browser and in doing so, permanently object to the placement of cookies. Adjusting this setting in the web browser also prevents that Google places a cookie on the data subject's computer. Furthermore, cookies that were already placed by Google Analytics can be deleted at any time via the web browser or other software programs.
The data subject has the option of objecting to and preventing that Google Analytics collects personal data relating to his or her use of this website, as well as the processing of this data by Google. To do so, the data subject is required to download and install the browser add-on using the following link https://tools.google.com/dlpage/gaoptout. This browser add-on communicates to Google Analytics via JavaScript that no data and information about the visits to websites may be transmitted to Google Analytics. Google considers the installation of the browser add-on an objection. If the data subject deletes, formats, or re-installs his or her information technology system at a later point, the data subject is required to re-install the browser add-on again to deactivate Google Analytics. If the browser add-on is un-installed or deactivated by the data subject or another authorized person, the browser add-on may be re-installed or reactivated.
Find additional information and the applicable privacy laws at accessed at https://policies.google.com/privacy and https://www.google.com/analytics/terms/us.html More information about Google Analytics is provided via the following link https://www.google.com/analytics/.

As an alternative to the browser add-on or within browsers on mobile devices, please click the following link to set an opt-out cookie that will prevent Google Analytics from collecting cookies from this site in the future (this opt-out cookie only works in this browser and only for this domain, if you delete your cookies in this browser, you must click this link again): Click link. An opt-out cookie is set to prevent your data from being collected in the future when you visit this website. The opt-out cookie applies only to this browser and only to our website and is placed on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again. You will find information on how to integrate the opt-out cookie at: https://developers.google.com/analytics/devguides/collection/gajs/?hl=en#disable].

Translated with www.DeepL.com/Translator

 

Data protection guidelines for the use of Google AdWords

 

We added Google AdWords to this website. Google Adwords is a web marketing service that enables advertisers to place ads in Google search engine results, as well as the Google advertising network. Google AdWords enables advertisers to predetermine particular keywords, based on which Google displays an ad in the search engine results only if a user enters a key-word relevant search result using the search engine. The ads are distributed the Google Advertising Network using an automatic algorithm and under consideration of the predetermined key words on theme-relevant websites. Google Analytics is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Google AdWords is used to advertise our website by displaying interest-relevant ads on third-party websites and in the search engine results of the Google search engine, as well as the display of third-party advertising on our website.
If a data subject arrives on our website, Google places a so-called conversion cookie on his or her computer. An explanation of what cookies are is provided above. A conversion cookie loses its validity after thirty days and does not serve the identification of the data subject. Provided that the cookie has not yet expired, the conversion cookie is used to determine whether certain sub-pages, such as the shopping cart of an online shop system, were accessed on our website. The conversion cookie allows us, as well as Google, to determine whether a data subject, who accessed our website via an AdWords ad, generated revenue, i.e. completed or aborted a purchase.
Google uses the data and information collected by the conversion cookies to create visitor statistics for our website. In turn, these visitor statistics are used to determine the total number of visitors referred to us by AdWords ads, i.e. to determine the success or lack of success of the respective AdWords ad and to optimise our AdWords ads in the future. Neither our company, nor other advertisers of Google AdWords obtain information from Google, with which the data subject can be identified.
The conversion cookies save personal data, such as the websites visited by the data subject. Each time our websites are visited, personal data, including the IP address of the data subject's internet connection, are transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Under certain circumstances, Google may share these personal data collected through technical procedures with third parties.
The data subject can prevent the placement of cookies on his/her computer by our website, as described above, at any time by using the appropriate setting in the web browser and in doing so, permanently object to the placement of cookies. Adjusting this setting in the web browser also prevents that Google places a conversion cookie on the data subject's computer. Furthermore, cookies that were already placed by Google AdWords can be deleted at any time via the web browser or other software programs.
The data subject has the option to object to interest-based advertising by Google. For this, the data subject must open the link www.google.de/settings/ads from each of the web browsers he or she is using and make the desired adjustments.
Find additional information and the applicable privacy laws at https://policies.google.com/privacy

 

SSL encryption

 

For security reasons, and to protect the transmission of confidential contents, such as the requests you send to us as a website operator, our website uses SSL encryption. You can recognize an encrypted connection when the browser's address line changes from "http://" to "https://" and the lock symbol in your browser header. If SSL encryption is activated, third parties are unable to access the data you transfer to us.

 

Data protection guidelines for the use of YouTube

 

We added YouTube components to this website. YouTube is an online video portal that allows video publishers to post video clips free of charge and other users to view, evaluate, and comment on these videos, also free of charge. YouTube permits the publication of all types of videos, which is why complete films and TV shows, as well as music videos, trailers, and videos created by users can be accessed via the web portal.
YouTube is operated by YouTube LLC, 901 Cherry Ave., San Bruno CA 94066, USA. YouTube LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the sub-pages of this website, which is operated by the data controller and contains a YouTube component (YouTube video), is accessed, the web browser on the data subject's computer automatically initiates through the respective YouTube component that the display of the corresponding YouTube component is downloaded from YouTube. Find additional information about YouTube at https://www.youtube.com/intl/en-US/yt/about/ Through this technical procedure, YouTube and Google learn which specific sub-page of our website was visited by the data subject.
If the data subject is simultaneously logged into YouTube, YouTube recognises, which specific sub-page of our website that contains a YouTube video is visited by the data subject. This information is gathered by YouTube and Google and is assigned to the respective YouTube account of the data subject.
Through the YouTube component, YouTube and Google receive information about each time a data subject visits our website, if the data subject is logged into his or her YouTube account at the time our website is opened; this occurs independently of whether the data subject clicks on a YouTube video, or not. If the transmission of this information to YouTube and Google is not desired by the data subject, he or she may prevent data transfer by logging out of his or her YouTube account before opening our website.
YouTube's privacy policy available at https://policies.google.com/privacy provides information about the collection, processing, and usage of personal data by YouTube and Google.