Privacy Statement

We as the operator of the website at www.krehl.com (also “website“) are responsible for the personal data of the user (“you“) of this website in accordance with the applicable data protection law, in particular the German Data Protection Act (“DSGVO”).

In the following, we will inform you clearly in the context of our duty to inform (Art. 13 ff. DSGVO) which data is processed when you visit our website and on what legal basis this is done. You will also receive information about what rights you have vis-à-vis us and the relevant supervisory authority.

1. Information on the person responsible

Name and contact details:

Krehl & Partner Unternehmensberatung für Produkt + Technik GmbH & Co. KG

Kriegsstraße 113
D-76135 Karlsruhe
Phone: +49 721 830890 – 0
E-Mail: kontakt@krehl.com

2. Informational use of our Website

If you call up our website in order to merely visit it, so-called log files are processed by our system automatically recording them.

The following log files are processed automatically:

  • IP address of the requesting computer
  • Type of internet browser used
  • Version of the internet browser used
  • Operating system and its version
  • Pages called up
  • Date and time of the visit
  • Time zone difference to Greenwich Mean Time (GMT)
  • Access status/http status code
  • Amount of data transmitted
  • Success or error of the charging process
  • Referrer
  • Websites that are called up by the visitor’s system via our website
  • Internet service provider of the user

The log files contain your IP address and possibly other personal data. Therefore, an allocation to you is basically possible. However, we only store your data temporarily and in particular not together with other personal data.

The processing of the above-mentioned data is necessary for the provision of our website. We also store the data for the purpose of the security of our information technology systems. These purposes also justify our justified interest in processing the data on the legal basis of Art. 6 (1) lit. f DSGVO. The log files, which also contain your IP address, are immediately deleted or made anonymous after they are no longer required to achieve the aforementioned purposes, but after one month at the latest.

3. Contact form/feedback

You can contact us electronically via our contact form, for example to give us feedback or to ask us questions. If you use this option, you will transmit the following data to us:

  • Name
  • Position (voluntary)
  • Company/company address (voluntary)
  • Phone number (we will get back to you as soon as possible!)
  • E-mail address
  • Your message

In addition to the data that you voluntarily provide us with, we store the time (date and time) of the transmission of your data to us, as well as your IP address. The processing of this data corresponds to our legitimate interest (Art. 6 (1) lit. f DSGVO), in order to guarantee the security of our systems and to counteract misuse. These data, which we additionally collect during your contact, will be deleted as soon as they are no longer required, at the latest when the request for your contact has been fully clarified.

The legal basis for processing your data for the purpose of handling your contact is Art. 6 (1) lit. f DSGVO. It is in our legitimate interest to process the data you have transmitted to us in order to contact you. The data will be stored until they are no longer required for the purpose of the conversation with you and the matter of your contacting us has been fully clarified.

If your contact is aimed at concluding a contract with us, the additional legal basis for the processing of your personal data is Art. 6 (1) lit. b DSGVO. This data is stored for as long as it is necessary for the execution of the contract. In addition, we only store your data in order to fulfil contractual or legal obligations (e.g. tax obligations) (Art. 6 (1) lit. c DSGVO).

4. Contact by e-mail or telephone

You have the possibility to contact us by e-mail or telephone. Your personal data transmitted in this way will be stored by us. The data will only be processed in order to process your contact. The legal basis for processing your personal data is Art. 6 (1) lit. f DSGVO. The data will be stored until it is no longer required for the purpose of the conversation with you and the matter of your contact has been fully clarified.

If the purpose of your contact is to conclude a contract with us, the additional legal basis for processing your personal data is Art. 6 (1) lit. b DSGVO. This data is stored for as long as it is necessary to implement the contract or pre-contractual measures. In addition, we only store your data in order to fulfil contractual or legal obligations (e.g. tax obligations) (Art. 6 (1) lit. c DSGVO).

In addition to the data that you provide us voluntarily, we may receive the time (date and time) of the transmission of your data to us as well as your IP address. The processing of this data corresponds to our legitimate interest (Art. 6 (1) lit. f DSGVO), in order to guarantee the security of our systems and to counteract misuse. These data, which we additionally collect during your contact, will be deleted as soon as they are no longer required, at the latest when the request for your contact has been fully clarified.

You can inform us at any time (see point 1 above) that we should delete the data provided during the conversation. In this case, as far as permissible, all personal data of the conversation will be deleted and a continuation of the conversation is not possible.

5. Social media

Icon links to social networks

We use small icons on our website, each of which refers to our web presence on third-party platforms (LinkedIn, XING). These are all hyperlinks, so no data is automatically transferred from you, but only when you click on the icons and a new tab with the third-party website opens in your browser.

6. Social media plugins (sharing in the news area)

Please note the following: Social media plug-ins from social networks are integrated on our website (LinkedIN, XING). When you call up the subpage where the plug-ins are integrated (e.g. news section), it is possible that the respective provider of the plugin (i.e. the social network) will transmit the information that you have visited one of our subpages, for example because your IP address is transmitted automatically. This happens when you click on the respective share button.

If you are already logged in on the social media platform at the time you click on the button, a window will appear to confirm whether you wish to share the contribution on the respective platform. If you are already logged in, the social network will associate this information with your user profile to make it easier to share the post. If you are not already logged in, the log-in field will appear on the platforms before the post is shared.

The legal basis for the integration of the plugins and possible transfer of your data to a social network (if you click the button) is our legitimate business interest (Art. 6 para. 1 p. 1 lit. f DSGVO) to offer and simplify the sharing of information and news about us.

Here you will find an overview of the integrated networks and links to the respective data protection information:

a. XING plugin

The social network XING is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany. XING is primarily responsible for data processing at XING. Further information about the Xing plug-ins can be found at https://www.xing.com/app/share%3Fop%3Ddata_protection.

b. LinkedIN plugin

The LinkedIn social network is provided by the LinedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA (hereinafter LinkedIn). LinkedIn is primarily responsible for data processing at LinkedIn. The LinkedIn data policy can be found here: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_join-form-privacy-policy

LinkedIn is certified under the Privacy Shield, so when you submit personal information to LinkedIn, we provide appropriate safeguards to protect personal information. You can find information about this at: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

7. Other contents of third parties, which are integrated on our website

a. Google Maps

The map service Google Maps (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or in Europe: Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland) is integrated on our website (hereinafter: “Google Maps” or “Google“). We use the service to enable you to locate us quickly and, if necessary, to plan your journey to us.

If you visit our “Contact” page, want to use Google Maps (and click on “Load Map” accordingly), it is possible that your IP address is transferred to Google servers in the USA, as a connection to Google servers is automatically established. In addition to the IP address, Google Maps may receive the date and time you access our site, the Internet address or URL of our site; Google may also process device IDs, cookie information and location information for various purposes. If you are logged into a Google service, Google may associate this information with your account (we have no control over this).

For information about how Google uses location information, please visit https://policies.google.com/technologies/location-data?hl=en-GB#why-use. For general information about Google’s privacy policy, please visit: https://policies.google.com/privacy?hl=en-GB.

Incognito mode: If you access our site from your iPad, iPhone, or Android device, if you have the Google Maps app installed on your device and have selected incognito mode, some Google Maps services will be disabled. This may also affect your use of Google Maps on our site. You can find more information about incognito mode at: https://support.google.com/maps/answer/9430563?co=GENIE.Platform%3DiOS&hl=en-GB&oco=0 (iPhone/iPad) and https://support.google.com/maps/answer/9430563?co=GENIE.Platform%3DAndroid&hl=en-GB (Android).

The legal basis for the integration of Google Maps and, if applicable, the transmission of your data to Google is Art. 6 para. 1 sentence 1 lit. f DSGVO. There is an agreement between us and Google Maps on joint responsibility pursuant to Art. 26 DSGVO. This can be accessed at: https://privacy.google.com/intl/de/businesses/mapscontrollerterms/.

Google is certified under the Privacy Shield, which is why there are suitable guarantees for the protection of personal data when it is transmitted to Google. You can find information on this at: :
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI and
https://policies.google.com/privacy/frameworks?hl=en-GB&gl=de.

b. Google Fonts

On our website we use fonts from Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (hereinafter referred to as “Google Fonts“). This helps us to optimize the fonts, especially for use on mobile devices, and serves to speed up loading time. It is in our legitimate interest to make our online presence as uniform and accessible as possible. The legal basis for data transfer is therefore Art. 6 para. 1 lit. f DSGVO.

To avoid multiple loading, Google fonts are transferred to your browser (cache). In addition, a connection to Google Fonts servers is automatically established. Your IP address will (inevitably) be transmitted.

The privacy policy of Google can be found under the following link: https://policies.google.com/privacy?hl=en-GB.

Google is certified under the Privacy Shield, therefore there are suitable guarantees for the protection of personal data when transmitting data to Google (and its subsidiary YouTube). For more information, please visit:
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI and
https://policies.google.com/privacy/frameworks?hl=en-GB&gl=de.

8. Use of service providers

We would like to point out that we may use service providers with whom we have concluded contracts for the processing of your personal data (e.g. for website hosting). If contract processors in a third country (not within the EU) carry out data processing, we ensure that the level of protection of your data guaranteed by the DSGVO is not undermined (Art. 44 ff DSGVO). The legal basis for the use of service providers is Art. 6 para. 1 sentence 1 lit. f DSGVO. The commissioning of service providers (specialists or other service providers in areas that we cannot serve ourselves) is in line with our legitimate interest. If you would like to receive a copy of the suitable or appropriate guarantees, please let us know (see point 1 above).

9. Your rights

When we process your data, you are “affected” in the sense of the DSGVO. You are entitled to the following rights: right of access, right of correction, right to limit processing, right of deletion, right of information and right of data transferability. In addition, you have a right of objection and withdrawal and the right to complain to the supervisory authority.

Below you will find some details of the individual rights:

a. Right of access

You have the right to ask us to confirm whether we are processing your personal data. If we process your personal data, you have the right, in particular, to receive information about processing purposes, categories of personal data, recipients or categories of recipients, if applicable, storage period.

b. Right of correction

You have the right to correct and/or complete the data we have stored about you if this data is incorrect or incomplete. We shall carry out the correction or completion without delay.

c. Right to limit processing

Under certain circumstances, you have the right to request us to limit the processing of your personal data. An example of this is when you dispute the accuracy of your personal data and we need to verify its accuracy for a certain period of time. For the duration of the verification, your data will only be processed to a limited extent. Another example of the restriction is when we no longer need your data, but you need it for a legal dispute.

d. Right of deletion

In certain situations, you have the right to demand that we delete your personal data immediately. This is the case, for example, if we no longer need your personal data for the purposes for which we collected it or if we have processed your data unlawfully. Another example would be if we process your data on the basis of your consent, you withdraw your consent and we do not process the data on any other legal basis. However, your right of deletion does not always exist. For example, it may be that we process your personal data in order to comply with a legal obligation or because we need it for a legal dispute.

e. Right of information

If you have asserted your right of correction, deletion or restriction against us, we are obliged to inform all recipients to whom we have disclosed your personal data of the correction, deletion or restriction of the processing of your data, unless this proves impossible or involves a disproportionate effort.

f. Right to data transferability

You have the right, under certain conditions, to receive the personal data you have provided us with in a structured, common, machine-readable format and the right to have this data communicated to another responsible party. This is the case if we process the data either on the basis of your consent or on the basis of a contract with you and that we process the data using automated procedures.

You have the right to request that we transfer your personal data directly to another responsible person, as far as this is technically feasible and does not affect the freedoms and rights of other persons.

g. Right of objection

You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data based on Art. 6 (1) lit. e or lit. f FADP. This also applies to any profiling referred to in these provisions.

After an objection, we will no longer process your personal data unless we can prove compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. This also applies to profiling, insofar as it is related to direct marketing. If you object to the processing of your personal data for direct marketing purposes, we will no longer process your personal data for these purposes.

h. Right of withdrawal

According to Art. 7 (3) DSGVO you have the right to revoke your consent at any time. By revoking your consent, the lawfulness of the processing will not become retroactively invalid.

i. Right to complain to the supervisory authority

They shall have the right to appeal to a supervisory authority, without prejudice to any other administrative or judicial remedy. In particular, you may exercise your right of appeal in the Member State in which you reside, work or the place of suspected infringement if you consider that the processing of your personal data is contrary to the DPA.
You will find an overview of the respective Data Protection Officers of the state and their contact details under the following link:

https://www.bfdi.bund.de/EN/Home/home_node.html

10. Status and topicality of this data protection information

Status: May 2020