In the following, we inform you about the processing of personal data when using our website (https://www.alfons-alfreda.com/) and contacting us. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour. In this way, we would like to inform you about our processing operations and at the same time comply with the legal obligations, in particular from the EU General Data Protection Regulation (GDPR).
The person responsible pursuant to Art. 4 (7) DS-GVO is
Alfons & alfreda AG
Erkrather Street 230
40233 Düsseldorf
e-mail: Aa@Alfons-alfreda.com
represented by the board members Friedrich Weil and Volker Busse
(1) If you contact us outside our website, e.g. by letter, fax, telephone or e-mail, the data you provide (e.g. surname, first name, address) and the information provided, together with any other personal data contained, will be processed for the purpose ofcontacting you and dealing with your request.
(2) The legal basis for the processing of personal data is Art. 6 (1) lit. b DS-GVO (in the case of an application in conjunction with Section 26 (1) BDSG), insofar as your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the enquiries addressed to us (Art. 6 para. 1 lit. f DS-GVO) or on any consent (Art. 6 para. 1 lit. a DS-GVO).
(3) The data sent will remain with us until you request us to delete it, the purpose for storing the data no longer applies. In the event that you take part in an application procedure and we reject your application, we regularly retain your personal data for up to six months after the rejection. This storage serves in particular as evidence in the event of a legal dispute. If it becomes necessary to retain the data after the six-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for retaining the data no longer applies.
Further storage takes place if this is required by law, in particular to comply with legal storage obligations or if we have a justified interest in further storage.
Our websites are hosted by an external service provider. This means that, in principle, all personal data processed in accordance with the following provisions that is collected on the website is stored on the servers of the service provider. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated through our website. Der Zweck der jeweiligen Datenspeicherung sowie die Rechtsgrundlage entnehmen Sie bitte den nachfolgenden Bestimmungen.
We use IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (domain) and united-domains AG, Gautinger Straße 10, 82319 Starnberg (web space) as external service providers. The service providers act as our order processors in accordance with our instructions. Personal data is processed exclusively on servers in the EU.
When using the website for information purposes, i.e. simply viewing it without registering and without you providing us with any other information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis is Art. 6 para. 1 p. 1 lit. f DS-GVO:
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested and use other usual functions to analyse or market our offers, which are presented in more detail below. For this purpose, you usually have to provide further personal data or we process such further data that we use to perform the respective services. The aforementioned data processing principles apply to all data processing purposes described here.
(2) In some cases, we use external service providers to process your data. These are carefully selected by us, are bound by our instructions and are regularly monitored.
(3) Furthermore, we may pass on your personal data to third parties if participation in promotions, competitions, conclusion of contracts or similar services are offered by us together with partners. Depending on the service, your data may also be collected by the partners on their own responsibility. You will receive more detailed information when you provide your data or below in the description of the respective offers.
(4) Insofar as our service providers or partners have their registered office in a state outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.
(1) In addition to the above-mentioned data, we use technical aids for various functions when you use our website, in particular cookies, which can be stored on your terminal device. When you call up our website and at any time later, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager. In the following, we first describe cookies from a technical point of view (2), before we go into more detail about your individual choices by describing technically necessary cookies (3) and cookies that you can voluntarily select or deselect (4).
(2) Cookies are text files or information in a database that are stored on your hard drive and assigned to the browser you are using so that certain information can flow to the body that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer, but are primarily used to make the website faster and more user-friendly. This website uses the following types of cookies, whose function and legal basis we will explain below:
(3) Mandatory functions that are technically necessary to display the website: The technical structure of the website requires us to use techniques, in particular cookies. Without these techniques, our website cannot be displayed (completely correctly) or the support functions could not be enabled. These are basically transient cookies that are deleted after the end of your website visit, at the latest when you close your browser. You cannot deselect these cookies if you wish to use our website. The individual cookies can be seen in the Consent Manager. The legal basis for this processing is Art. 6 para. 1 p. 1 lit. f DS-GVO.
(4) Optional cookies when you give your consent: We only set various cookies after you have given your consent, which you can select via the Consent Manager when you visit our website for the first time. The functions are only activated in the event of your consent and may serve in particular to enable us to analyse and improve visits to our website, to make it easier for you to use it via different browsers or terminal devices, to recognise you when you visit it again or to serve advertising (possibly also in order to orient advertising to interests, to measure the effectiveness of advertisements or to show interest-oriented advertising). The legal basis for this processing is Art. 6 para. 1 p. 1 lit. a DS-GVO. The revocation of your consent is possible at any time without affecting the permissibility of the processing until the revocation.
Optional cookies include:
a) Google Analytics
On our website we use the web tracking service "Google Analytics", which is offered by Google Ireland Limited; Gordon House, Barrow Street, Dublin 4, Ireland. The purpose of our use of this service is to enable the analysis of your user interactions on websites and in apps and to improve our offer through the statistics and reports obtained and to make it more interesting for you as a user. The specific cookies set in this process collect data on the device/browser, IP addresses and website or app activities. In addition, your IP addresses are recorded in order to ensure the security of the service and to provide us, as the website operator, with information about the country, region or location from which the respective user originates ("so-called IP location determination"). For your protection, we use the anonymisation function ("IP masking"), i.e. Google truncates the IP addresses within the EU/EEA by the last octet.
Google acts as an order processor and a corresponding order processing agreement exists. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Google server in the USA and processed there. According to its own information, Google complies with all data protection laws applicable to the international transfer of data. We have also agreed so-called standard contractual clauses with Google, the purpose of which is to ensure compliance with an appropriate level of data protection in the third country.
The legal basis for the collection and further processing of the information (which takes place for a maximum of 14 months) is your consent (Art. 6 para. 1 p. 1 lit. a DS-GVO). Revocation of your consent is possible at any time without affecting the permissibility of the processing until revocation. In apps, you can reset the advertising ID under the Android or iOS settings. The easiest way to revoke your consent is to use our Consent Manager or to install the Google browser add-on, which can be accessed via the following link: tools.google.com/dlpage/gaoptout?hl=de/.
For more information on the scope of services provided by Google Analytics, please visit marketingplatform.google.com/about/analytics/terms/de/. Google provides information on data processing when using Google Analytics at the following link: support.google.com/analytics/answer/6004245?hl=de/. General information on data processing, which according to Google should also apply to Google Analytics, can be found in Google's privacy policy at www.google.de/intl/de/policies/privacy/.
Data retention period is 2 months.
b) Mapbox
On our website, we use the online mapping service "Mapbox" provided by Mapbox Inc, 50 Beale St, Floor 9, San Francisco, California 94105. It is a cloud-based software to implement location applications such as search, navigation and maps in mobile or web-based applications. Thus, it aims to improve the navigation of people, goods and vehicles. The tool enables a visual representation of geographical information. User-defined maps can be created and the navigation tool includes functions such as lane instructions, traffic-aware routes and traffic information.
The specific cookies set in this process collected data on the device/browser, IP addresses and website activity such as the content, location, date and time of the request, limited location and usage data and the URL of the website visited.
Mapbox acts as an order processor and a corresponding order processing contract exists. The information generated by the cookie and the (usually shortened) IP addresses about your use of this website are usually transferred to a Mapbox server in the USA and processed there. According to its own information, Mapbox complies with all data protection laws applicable to the international transfer of data. We have also agreed so-called standard contractual clauses with Mapbox, the purpose of which is to ensure compliance with an appropriate level of data protection in the third country.
The legal basis for the collection and further processing of the information (which takes place for a maximum of 14 months) is your consent (Art. 6 para. 1 p. 1 lit. a DS-GVO). Revocation of your consent is possible at any time without affecting the permissibility of the processing until revocation. In apps, you can reset the advertising ID under the Android or iOS settings. The easiest way to revoke your consent is via our Consent Manager.
The company provides more detailed information on data processing when using Mapbox at the following link: https://www.mapbox.com/legal/privacy.
The functions we use, which you can select and revoke individually via the Consent Manager, are also described in the Consent Manager. Data retention period is 30 days.
(1) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name, telephone number and company, if applicable, as well as the other personal data you provide) will be stored by us in order to answer your questions and concerns.
(2) The processing of this data is based on Art. 6 (1) lit. b DS-GVO (in the case of an application in conjunction with Section 26 (1) BDSG), insofar as your enquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the enquiries addressed to us (Art. 6 para. 1 lit. f DS-GVO) or on any consent obtained (Art. 6 para. 1 lit. a DS-GVO).
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. In the event that you take part in an application process and we reject your application, we regularly retain your personal data for up to six months after the rejection. This storage serves in particular as evidence in the event of a legal dispute. If it becomes necessary to retain the data after the six-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for retaining the data no longer applies.
Further storage takes place if this is required by law, in particular to comply with legal storage obligations or if we have a justified interest in further storage.
(3) If we use commissioned service providers for individual functions of our offer or wish to use your data for advertising purposes, we will always carefully select and monitor these service providers and inform you in detail about the respective processes below. In doing so, we also state the defined criteria for the storage period.
(1) We currently use the following social media plug-ins: LinkedIn, Xing and Youtube, which are only loaded if you have previously activated the function by giving your consent. Via the plug-ins, we offer you the opportunity to interact with the social networks and other users. The legal basis for the use of the plug-ins is Art. 6 para. 1 p. 1 lit. a DS-GVO, i.e. the integration only takes place after your consent.
(2) The plug-in provider stores the data collected about you as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in to the plug-in provider, your data collected from us will be directly assigned to your account with the plug-in provider. If you click the activated button and, for example, link to the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this will help you avoid being assigned to your profile with the plug-in provider.
(3) The information collected is stored on servers of the providers, in the case of international providers also outside Europe. For these cases, the provider has promised, according to its own information, to comply with the applicable data protection laws during the international data transfer. We have agreed so-called standard contractual clauses with the providers, the purpose of which is to ensure compliance with an appropriate level of data protection in the third country.
(4)You can revoke your consent at any time without affecting the permissibility of the processing until revocation. The easiest way to revoke your consent is via our Consent Manager or via the functions of the social media providers.
(5) For further information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the data protection declarations of these providers provided below. There you will also receive further information on your rights in this regard and setting options for protecting your privacy. Addresses of the respective plug-in providers and URL of the respective data protection notices:
- LinkedIn: https://de.linkedin.com/legal/privacy-policy
- Xing: https://privacy.xing.com/de/datenschutzerklaerung
- Youtube/Google: https://policies.google.com/privacy?hl=de.
(1) In the course of establishing contact, we may conduct video conferences with you. For this purpose, we use the "Microsoft Teams" tool from Microsoft (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, United States) as a video conferencing system. For more information on data processing by the provider of the video conferencing system we use, please visit https://privacy.microsoft.com/de-de/privacystatement.
(2) When using our video conferencing system, the data you provide before or when participating in an "online meeting" is processed: User details: username, display name, email address (optional information), profile picture; Meeting metadata: Meeting ID, participant IP addresses, service data for the respective session and systems used, telephone numbers if applicable, location, name of the meeting and organiser's password if applicable; chat, audio and video data: In order for audio and video transmission to take place, the application needs access to your microphone or video camera. You can mute or unmute these yourself at any time via the respective application. Any text entries you make in the chat are also processed, e.g. for recording the results of an online meeting. For recordings (optional, or only with the consent of all participants): MP4 file of all video, audio and presentation recordings, text file of the online meeting chat. If "online meetings" are to be recorded, we will inform you transparently in advance and - if necessary - ask for your consent. Your consent is voluntary. You can revoke this at any time with effect for the future. After revocation, the recording will be stopped. In order to participate in an "online meeting" or to enter the "meeting room", you must at least provide information about your name (or pseudonym).
(3) The purposes and legal bases for data processing when conducting online meetings correspond to those when contacting us. Any consent obtained can be revoked by you at any time with effect for the future.
(4) A transfer of the data you have provided to a third country or an international organisation takes place if participants in "Online Meeting" are in a third country. In this case, the routing of data takes place via internet servers located outside the EU. The data is encrypted during transport via the internet and thus protected against unauthorised access by third parties.
(5) The personal data is processed exclusively on Microsoft servers in the EU. Nevertheless, a transfer to a third country cannot be excluded, as we use the video conferencing system of a provider whose headquarters is in the USA. An appropriate level of data protection is guaranteed by the conclusion of the so-called standard contractual clauses, which are centrally prescribed by the EU Commission. This agreement was reached between the provider and us.
(1) We have various presences in so-called social media platforms. We operate these presences with the following providers:
- LinkedIn: Linkedin Corporation; 1000 W Maude, Sunnyvale, CA 94085, United States;
https://www.linkedin.com/¸https://de.linkedin.com/legal/privacy-policy
- Xing: New Work SE; Am Strandkai 1, 20457 Hamburg, Deutschland;
https://www.xing.com/; https://privacy.xing.com/de/datenschutzerklaerung
- Youtube: Google Ireland Limited; Gordon House, Barrow Street, Dublin 4, Irland;
https://www.youtube.com/; https://policies.google.com/privacy?hl=de.
(2) We use the technical platform and services of the providers for these information services. We would like to point out that you use our appearances on social media platforms and their functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating). When you visit our websites, the providers of the social media platforms collect, among other things, your IP address and other information that is stored on your terminal device in the form of cookies. This information is used to provide us, as the operator of the accounts, with statistical information about the interaction with us.
(3) The data collected about you in this context is processed by the platforms and may be transferred to countries outside the European Union, in particular the USA. According to their own information, all of the aforementioned providers maintain an adequate level of data protection and we have concluded the standard data protection clauses with the companies (with the exception of Xing, as this provider is based within the EU). We are not aware of how the social media platforms use the data from your visit to our account and interaction with our posts for their own purposes, how long this data is stored and whether data is passed on to third parties. Data processing may differ depending on whether you are registered and logged in to the social network or visit the site as a non-registered and/or non-logged-in user. When you access a post or the account, the IP address assigned to your terminal device is transmitted to the provider of the social media platform. If you are currently logged in as a user, a cookie on your end device can be used to track how you have moved around the network. Buttons embedded in websites enable the platforms to record your visits to these website pages and assign them to your respective profile. This data can be used to offer content or advertising tailored to you. If you want to avoid this, you should log out or deactivate the "stay logged in" function, delete the cookies on your device and restart your browser.
(4) We, as the provider of the information service, also only process the data from your use of our service that you provide to us and that requires interaction. For example, if you ask a question that we can only answer by email, we will store your information in accordance with the general principles of our data processing, which we describe in this privacy policy. The legal basis for processing your data on the social media platform is Art. 6 para. 1 p. 1 lit. f DS-GVO.
(5) To exercise your data protection rights, you can contact both us or the provider of the social media platform. Insofar as one party is not responsible for responding or must receive the information from the other party, we or the provider will then forward your request to the respective partner. Please contact the operator of the social media platform directly for questions about the profiling, processing of your data when using the website. For questions about the processing of your interaction with us on our site, write to the contact details we have provided above.
(6) The providers describe what information the social media platform receives and how it is used in their data protection declarations (for links, see above under para. 1). There you will also find information on contact options as well as on the setting options for advertisements.
(1) Unless an explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for the storage no longer applies. Your data will only be stored on our servers in Germany.
(2) However, storage may take place beyond the specified time in the event of a (threatened) legal dispute with you or other legal proceedings or if storage is provided for by statutory regulations to which we are subject as the responsible party (e.g. § 257 HGB, § 147 AO). If the storage period prescribed by the legal regulations expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.
We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties (e.g. TSL encryption for our website), taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including its probability and impact) for the data subject. Our security measures are continuously improved in line with technological developments.
We will be happy to provide you with more information on request. Please use the contact details above.
(1) As with any larger company, we also use external domestic and foreign service providers (e.g. for IT, logistics, telecommunications, sales and marketing) to process our business transactions. These service providers act as processors only according to our instructions and have been contractually obligated to comply with the provisions of data protection law in accordance with Art. 28 DS-GVO.
If personal data from you is passed on by us to our subsidiaries or is passed on to us by our subsidiaries (e.g. for advertising purposes), this is done on the basis of existing order processing relationships.
(2) The following categories of recipients, which are usually processors, may have access to your personal data:
(3) Your personal data will not be transferred to third parties for purposes other than those listed. We will only disclose your personal data to third parties if:
We do not intend to use any personal data collected from you for any automated decision making process (including profiling).
(1) You can exercise your rights as a data subject regarding your processed personal data at any time by contacting us using the contact details provided in this privacy notice. As a data subject, you have the right to
(2) If you have given your consent to the processing of your data, you may revoke this consent at any time. Such a revocation affects the permissibility of the processing of your personal data after you have expressed it to us. The permissibility of the processing of your data up to the time of your revocation remains unaffected.
(3) Insofar as we base the processing of your personal data on the balance of interests, you can object to the processing. This is the case if the processing is not necessary, in particular, for the performance of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data in the way we have done. In the event of your objection, we will review the situation and either cease or adjust the data processing or show you our compelling legitimate grounds for continuing the processing.
(4) Of course, you can object to the processing of your personal data for the purposes of advertising and data analysis at any time. The best way to exercise your advertising objection is to contact us using the contact details provided above.
In the context of the further development of data protection law as well as technological or organisational changes, our data protection information is regularly reviewed to determine whether it needs to be adapted or supplemented. You will be informed of any changes in particular on our German website at https://www.alfons-alfreda.com/. This data protection notice is valid as of June 2022.