Data Privacy Policy

1. Data Privacy Policy at a glance

General information

The following is a simple overview of what happens to your personal data when you visit this website. Personal data means any data that might allow you to be personally identified. You can find out more details about data privacy from our Data Privacy Policy, which appears further below.

Data recording on this website

Who is responsible for recording data on this website?

Data on this website is processed by the website operator. You can find the operator’s contact information in the section of this Data Privacy Policy headed “About the controller.”

How do we record your data?

Your data are gathered, first of all, if you provide it to us, for instance on a contact form

Other data is recorded by our IT systems automatically, or after you give your consent when you visit our website. This data is most notably technical in nature (such as your Web browser, operating system, or the time when you opened the page). This data is recorded automatically as soon as you come to the website.

What do we use your data for?

Some of your data is collected to ensure that the website operates properly. Other data may be used to analyze what you do in using the site.

What rights do you have over your data?

You have the right at any time to obtain information, at no charge, about the source, recipients and purpose of your stored personal data. You also have the right to request the rectification or erasure of this data. If you have consented to data processing, you may withdraw that consent at any time with effect for the future. You also have the right, under certain circumstances, to request restriction of processing concerning your personal data. You have the right as well to lodge a complaint with the responsible supervisory authority.

You are welcome to contact us anytime about these rights, or if you have any other questions about data privacy.

Analytical tools and third-party tools

When you visit this website, your Web-surfing behavior may be analyzed statistically. That is done primarily with data analysis programs.

You can find out more details about these programs in the Data Privacy Policy below.

Matomo analytics

Opt-out complete; your visits to this website will not be recorded by the Web Analytics tool. Note that if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

The tracking opt-out feature requires cookies to be enabled.

2. Hosting

Strato

Our website is hosted on Strato. This service is provided by Strato AG, Pascalstrasse 10, 10587 Berlin (“Strato”). When you visit our website, Strato records various log files, including your IP addresses.

You can find out more in Strato’s Data Privacy Policy: https://www.strato.de/datenschutz/.

We use Strato on the basis of Article 6(1)(f) of the European General Data Protection Regulation, or GDPR. We have a legitimate interest in presenting our website as reliably as possible. Provided we have asked for your consent, the data will be processed solely on the basis of Article 6(1)(a) of the GDPR, together with Section 25(1) of the German Telecommunications and Telemedia Data Protection Act, or TTDSG, if your consent includes storing cookies or accessing information on the user’s device (such as device fingerprinting), as defined under the TTDSG. You may withdraw your consent at any time.

Third-party processing

We have a contract with the above provider for processing the data. This is a contract prescribed under data privacy law that guarantees that the processor will process our website visitors’ personal data only as instructed by us, and only in compliance with the GDPR.

3. General information and mandatory disclosures

Data privacy

This site’s operators take protecting your personal data very seriously. We treat your personal data confidentially and in compliance with the applicable legislation and regulations, as well as with this Data Privacy Policy.

When you use this website, various personal data is collected. “Personal data” is data that would make it possible to identify you personally. This Data Privacy Policy explains what data we collect, and what we use it for. It also explains how that is done, and for what purpose.

Please note that data transfer over the Internet (for instance, in an email communication) may be vulnerable to security lapses. It is not possible to make data entirely invulnerable to unauthorized access by third parties.

About the controller

The controller for data processing on this website is:

Neuhaus OHG
Dreikirchenstr. 12
91301 Forchheim

Phone: (+49) 09191 351 931-0
E-mail: info@neuhausohg.de

The “controller” means the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data (such as names, email addresses, etc.).

Storage period

Unless some more specific storage period is mentioned in this Data Privacy Policy, we will store your personal data until the purpose of the data processing is no longer applicable. If you make a legitimate request for erasure, or withdraw your consent to data processing, your data will be erased unless we have some other valid legal ground for storing your personal data (such as storage periods prescribed by tax or business laws); in the latter case, the data will be erased once these reasons no longer apply.

General information about legal basis for data processing on this website

If you have consented to data processing, we will process your personal data on the basis of Article 6(1)(a) of the European General Data Privacy Regulation (GDPR), or of Article 9(2)(a) of the GDPR if special data categories under Article 9(1) of the GDPR are being processed. If you have consented for cookies to be stored or information on your device to be accessed (e.g., via device fingerprinting), data will additionally be processed on the basis of Section 25(1) of the applicable German legislation, the TTDSG. You may withdraw your consent at any time. If your data is needed for the performance of a contract or to take steps prior to entering into a contract, we will process your data on the basis of Article 6(1)(b) of the GDPR. We will also process your data if necessary to perform a legal obligation under Article 6(1)(c) of the GDPR. Data may also be processed on the basis of our legitimate interests under Article 6(1)(f) of the GDPR. The following sections of this Data Privacy Policy explain the legal bases that apply for each case.

Withdrawing your consent to data processing

Many data processing operations are permitted only with your express consent. You may withdraw your consent at any time. The lawfulness of any data processing that has been performed up to the time when you declare your withdrawal will not be affected.

Right to object to data gathering in special cases and to direct marketing (Article 21 GDPR)

WHERE DATA IS PROCESSED ON THE BASIS OF ARTICLE 6(1)(E) OR (F) OF THE GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESSING OF YOUR PERSONAL DATA, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THOSE PROVISIONS. THIS DATA PRIVACY POLICY WILL EXPLAIN THE LEGAL BASIS ON WHICH YOUR DATA IS PROCESSED. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN SHOW COMPELLING LEGAL GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES FOR THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) GDPR).

WHERE YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING; THIS ALSO INCLUDES PROFILING TO THE EXTENT THAT IT IS RELATED TO DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR PURPOSES OF DIRECT MARKETING (OBJECTION UNDER ARTICLE 21(2) GDPR).

Right to lodge a complaint with a supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged infringement. This right is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to receive yourself, or to have transmitted to a third party, in a commonly used, machine-readable format, the data that we process by automated means on the basis of your consent or in fulfilling a contract. If you request direct transfer of the data to another controller, this will done only where technically feasible.

SSL and TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content such as orders or inquiries that you send us as the site operator. You can identify an encrypted connection by the fact that the USP line of your browser will change from “http://” to “https://” and also by the lock symbol in the browser line.

When SSL or TLS encryption is activated, the data that you send to us cannot be read by third parties.

Access, erasure and rectification

As provided by law, you have the right at any time to have access at no charge to your stored personal data; to know the source and recipients of that data and the purpose for which the data is being processed; and where applicable, the right to rectification or erasure of that data. You are welcome to contact us at any time about such matters, as well as with any other questions about personal data.

Right to restriction of processing

You have the right to request the restriction of processing of your personal data. You are welcome to contact us for this purpose at any time. You have the right to the restriction of processing in the following cases:

• If you contest the accuracy of the personal data that we have stored concerning you, as a rule we will need time to verify accuracy. For the duration of that verification, you have the right to request the restriction of processing of your personal data.
• If your personal data has been or is being processed unlawfully, you may request restriction of processing instead of erasure.
• If we no longer need your personal data, but you need it in order to establish, exercise or defend legal claims, you have the right to request restriction of processing of your personal data instead of erasure.
• If you have lodged an objection under Article 21(1) of the GDPR, we must verify whether your interests override ours. Until it can be established who has an overriding interest, you have the right to request restriction of processing of your personal data.

If you have requested restriction of processing of your personal data, that data – with the exception of storage – can only be processed with your consent or for the establishment, exercise or defense of legal claims, or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

Objection to marketing emails

We hereby object to the use of the contact data provided pursuant to our obligation to disclose publication information, for purposes of transmitting marketing and informational materials that have not expressly been requested. The site operators expressly reserve the right to take legal steps in the event that unrequested marketing information is received, for instance in spam emails.

4. Data recording on this website

Server log files

The site provider automatically gathers and stores information in what are called server log files, which your browser transmits to us automatically. This information is:

• Your browser type and version
• Your operating system
• The referrer URL
• The host name of the accessing computer
• The time of the server request
• IP address

This data is not combined with other data sources.

This data is recorded on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in the proper technical presentation and optimization of its website, and the server log files must be recorded for this purpose.

Inquiries by email, phone or fax

If you contact us by email, phone or fax, we will store and process your inquiry, including all the resulting personal data (name, inquiry) for the purpose of processing your request. We will not release this data to others without your consent.

This data is processed on the basis of Article 6(1)(b) of the GDPR in those cases where your inquiry is connected with the performance of a contract or is needed in order to take steps prior to entering into a contract. In all other cases, processing will be founded on our legitimate interest in effectively processing inquiries directed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if that consent has been requested.

We will retain the data you send us through contact inquiries until you request for it to be erased, you withdraw your consent to its storage, or the purpose for storing it no longer applies (for instance, after processing of your request has been completed). This will not be affected by requirements of mandatory law – in particular, statutory storage periods.

5. Plugins and Tools

Google Web Fonts (local hosting)

For a uniform presentation of type fonts, this site uses Web Fonts provided by Google. The Google Fonts are installed locally. No connection to Google servers is involved.

You can find out more about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s Data Privacy Policy: https://policies.google.com/privacy?hl=en.