Dallmeier Business Platform

Privacy Protection Declaration

1. Scope of application

Dallmeier electronic GmbH & Co.KG (hereinafter referred to as Dallmeier electronic or the Provider) thanks you for your visit to our Dallmeier Business Platform (hereinafter also referred to as the Website or Business Platform) and your interest in our company and products. We take the protection of your personal data very seriously, because we want you to feel safe when visiting our website.
Dallmeier electronic collects, stores or processes data only for its own business purposes. Personal data will only be requested, processed and used to the extent necessary to provide services or content that you have requested.
This privacy policy provides you as a user with an overview of the type, scope and purposes of the collection and use of personal data on this website by Dallmeier electronic. Furthermore, data subjects will be informed of their rights by means of this privacy policy. 
The collection and processing of personal data, such as the name, address, e-mail address or telephone number of a person concerned, is carried out in accordance with the requirements of the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to Dallmeier electronic, such as the German Federal Data Protection Act (BDSG-neu).
As far as we collect, store or process personal data, this is done within a data centre. To protect the security of your data during transmission, we use encryption methods (e.g. SSL) via HTTPS. Our servers are protected by firewall and virus protection. Back-up and recovery procedures as well as role and authorization concepts are a matter of course for us.
Our employees are obliged to observe the regulations of the EU-GDPR, the German Tele Media law (TMG) and the German Federal Data Protection Act (BDSG) when handling data.
As the data processor, Dallmeier electronic has implemented numerous technical and organisational measures to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, for example by post. 

2. Definitions 

Dallmeier electronic's data protection declaration is based on the terms used by the European guideline and regulation authorities when issuing the General Data Protection Regulation (GDPR). In this privacy policy and on our website we use the following terms, among others, which we would like to explain in advance:
a)      Personal Data
Personal data refers to all information relating to an identified or identifiable natural person (hereinafter "data subject"). Identifiable is a natural person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. 
b)      Data subject
Data subject refers to any identified or identifiable natural person whose personal data are processed by the data processor. 
c)      Processing
Processing means any operation or series of operations carried out with or without the aid of automated procedures in relation to personal data, such as the collection, organisation, sorting, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, erasure or destruction of these data. 
d)      Limitation of processing
Restriction of processing is the marking of stored personal data with the aim of restricting their future processing. 
e)      Pseudonymisation
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not assigned to an identified or identifiable natural person. 
f)       Data controller or data processor
Data controller or data processor is the natural or legal person, public authority, institution or other body which alone or jointly with others decides on the purposes and means of processing personal data. Where the purposes and means of such processing are laid down by EU law or by the law of the Member States, the controller or the specific criteria for his appointment may be laid down in accordance with EU law or the law of the Member States. 
g)      Contract data processor
Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the data controller. 
h)      Recipient
Recipient is a natural or legal person, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, authorities which may receive personal data under EU law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing. 
i)        Third Party
A third party is a natural or legal person, authority, institution or other body other than the data subject, the data processor, the data processor and the persons authorised to process the personal data under the direct responsibility of the data processor or the data processor. 
j)        Consent
Consent shall mean any informed and unequivocal expression of will voluntarily given by the data subject in the particular case in the form of a declaration or other clear affirmative act by which the data subject indicates his or her consent to the processing of personal data concerning him or her. 
k)      Violation of the protection of personal data
Violation of the protection of personal data is a breach of security that leads to destruction, loss or alteration, whether unintentional or unlawful, or to unauthorized disclosure or access to personal data that has been transmitted, stored or otherwise processed. 

3. Responsible legal entity and data protection officer 

The responsible legal entity within the meaning of the GDPR, other data protection laws in force in the Member States of the European Union and other provisions of a data protection nature is 
Dallmeier electronic GmbH & Co.KG
Bahnhofstr. 16
93047 Regensburg - Germany
Phone: 0941 / 8700 0
Fax: 0941 / 8700 180
Website: www.dallmeier.com
E-Mail: info-at-dallmeier.com
We will be happy to answer your questions regarding the processing of your personal data if this data protection declaration could not answer your questions. If necessary, please send us an e-mail or contact our data protection officer. 
Dallmeier data protection officer
Dallmeier electronic GmbH & Co.KG
Bahnhofstr. 16
93047 Regensburg
datenschutz-at-dallmeier.com
Phone: 0941 / 8700 0
Fax: 0941 / 8700 180 

4. Cookies 

Dallmeier electronic's Internet pages use cookies. Cookies are text files which are stored on a computer system via an Internet browser. They make it possible to store specific information related to the device on the user's access device (PC, smartphone, etc.). On the one hand, they serve the user-friendliness of websites and thus the users (e.g. storage of login data). On the other hand, the cookies are used to collect statistical data on the use of the website and to analyse them in order to improve the offer for the user. Users can influence the use of cookies. Most browsers have an option with which the storage of cookies is restricted or completely prevented. However, it is pointed out that the user experience and comfort can be limited without cookies. 

5. Use of Matomo (known as Piwik before January 2018) 

This website uses Matomo, an open source software for statistical analysis of user access. Matomo uses "cookies", which are text files placed on the user's computer, to help the website analyse how users use the site. The information generated by the cookie about the use of this website is stored on the provider's server in Germany. Users can prevent the installation of cookies by setting their browser software accordingly. However, we would like to point out to users that in this case they may not be able to use all functions of this website in full. 

6. Collection of general data and information 

Every time a person or an automated system accesses the website, the provider's website collects a series of general data and information. This general data and information is stored in the log files of the server. We may record (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the subwebsites which are accessed via an accessing system on our website, (5) the date and time of access to the Website, (6) an Internet Protocol address (IP address), (7) the Internet service providers of the accessing system, and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems. 
When using this general data and information, the provider does not draw any conclusions about the person concerned. Rather, this information is required to (1) correctly deliver the contents of our website, (2) optimize the contents of our website and the advertising for it, (3) ensure the permanent functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack. These anonymously collected data and information are therefore evaluated statistically by the provider on the one hand and also with the aim of increasing data protection and data security in our company in order ultimately to ensure an optimum level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a person concerned. 

7. Collection and processing of personal and other data

When a visitor registers on this website, personal data is collected by entry via an input mask. This information consists of the visitor's form of address, first name, last name, company, department, username and email address. Other personal- or company-related data that you communicate to us willingly and of your own accord during the course of your use of this website, such as free-text fields, online forms or files, will also be processed. This data is used solely for the purpose of enabling use of the Dallmeier Business Platform.
Registration can be revoked at any time, and you can have your data and user account deleted by sending an email to the Data Protection Officer.

8. Email notifications

If a website user contacts the provider by e-mail or contact form, the information provided by him will be stored for the purpose of processing the request and for possible follow-up questions. 

9. Contact Dallmeier

If a website user contacts the provider by e-mail or contact form, the information provided by him will be stored for the purpose of processing the request and for possible follow-up questions.

10. Deletion and blocking access of personal data and other data

We adhere to the principles of data avoidance and data economy. We therefore only store your personal data and any other data for as long as this is necessary to achieve the purposes stated herein or as provided for in the various storage periods provided for by law. After the respective purpose or expiry of these periods, the corresponding data will be blocked or deleted as a matter of routine and in accordance with statutory regulations. 

11. Rights of the data subject 

As a person affected by the processing of personal data, you have the following rights. If you wish to assert any of these rights, please contact our data protection officer. To ensure that data can be locked at any time, this data must be kept in a lock file for control purposes. You can also request the deletion of the data, as far as no legal archiving obligation exists. If such an obligation exists, we will block your data on request.
You can make changes or withdraw your consent by notifying us accordingly with effect for the future. 
a)        Right to confirmation
You have the right to ask Dallmeier electronic to confirm whether personal data concerning you will be processed. 
b)        Right to information
You have the right to receive free information from Dallmeier electronic about the personal data stored about you.
c)        Right to correction
You have the right to request the immediate correction, including completion, of any inaccurate personal data concerning you. 
d)         Right to data deletion (right to be forgotten)

  • You have the right to request Dallmeier electronic to delete your personal data immediately, provided that one of the following reasons applies and insofar as processing is not necessary: 
  • The personal data have been collected or otherwise processed for purposes for which they are no longer necessary.
  • You withdraw your consent on which the processing is based pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and there is no other legal basis for the processing.
  • You object to processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for processing, or you object to processing pursuant to Article 21(2) GDPR.
  • The personal data have been processed unlawfully.
  • The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which Dallmeier electronic is subject. 

e)        Right to limitation of processing
You have the right to request Dallmeier electronic to restrict processing if one of the following conditions applies:

  • The accuracy of the personal data is contested by the data subject for a period which enables Dallmeier electronic to check the accuracy of the personal data.
  • The processing is unlawful, the data subject refuses to delete the personal data and instead requests a restriction on the use of the personal data.
  • Dallmeier electronic no longer needs the personal data for the purposes of processing, but the data subject does need them to assert, exercise or defend legal claims.
  • The data subject has filed an objection to the processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether Dallmeier electronic's justified reasons outweigh those of the data subject. 

f)        Right to data portability
You have the right to receive the personal data concerning you, as the data subject, provided by you to a data controller in a structured, common and machine-readable format. You also have the right to transmit this data to another data controller without obstruction by the data controller to whom the personal data have been provided, provided that the processing is based on the consent provided for in Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract in accordance with Article 6(1)(b) GDPR and that the processing is carried out using automated procedures, unless the processing is necessary for the performance of a task in the public interest or in the exercise of public authority conferred on the data controller.
Furthermore, when exercising your right to data transferability pursuant to Art. 20 para. 1 GDPR, you have the right to request that the personal data be transferred directly by a data controller to another data controller, insofar as this is technically feasible and provided that the rights and freedoms of other persons are not affected by this. 
g)          Right to object
You have the right to object at any time to the processing of personal data concerning you on the basis of Article 6(1)(e) or (f) of the GDPR for reasons arising from your particular situation.
Dallmeier electronic will no longer process personal data in the event of an objection, unless we can prove compelling reasons worthy of protection for the processing, which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
If Dallmeier electronic processes personal data in order to carry out direct advertising, the person concerned has the right to object at any time to the processing of the personal data for the purpose of such advertising. If the data subject objects to Dallmeier electronic processing for direct advertising purposes, Dallmeier electronic will no longer process the personal data for these purposes. 
h)        Right to revoke consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time. 

12. Changes to our data protection regulations

We reserve the right to occasionally adapt this data protection declaration so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration will then apply for your next visit.