3. General and Mandatory Information
Data Protection
The provider of this site is committed to protecting the security of your personal data. We treat any personal data as confidential and according to statutory Data Protection Provisions as well as this Data Protection Declaration
When you use this website, various personal data is collected. Personal data is data with which you may be personally identified. This Data Protection Declaration explains what data is collected and what it is used for. It also explains how and for what purpose this is done.
Please note that data transfer on the internet such as communication by e-mail may be subject to security breaches. Complete protection of data from access by third parties is not possible.
Note on Responsible Body
The data controller for this website is
noltewerk GmbH & Co. KG
Mergenthalerstraße 15
48268 Greven, Germany
Germany
Phone: +49 (2571) 16-0
E-mail: info@noltewerk.de
Data Controller means the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data such as names, e-mail addresses, etc.
Storage Period
Unless a more specific storage period is stated within this data protection declaration, we will continue to store your personal data until the purpose for processing such data no longer applies. If you assert a legitimate request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once such reasons no longer apply.
General Information on the Legal Basis for Data Processing on this Website
If you have consented to data processing, we process your personal data pursuant Art. 6 (1) lit. a GDPR or Art. 9 (2) lit. a GDPR if special categories of data are processed in accordance with Art. 9 (1) GDPR. Insofar as you have consented to storage of cookies or access to information on your terminal device (e.g. device fingerprinting) data processing is additionally carried out pursuant Art. 25 (1) TTDSG. Consent may be revoked at any time. If your data is required contractual performance or implementation of pre-contractual measures, we process your data pursuant Art. 6 (1) lit. b GDPR. In addition, we process your data if necessary for the fulfilment of a legal obligation pursuant Art. 6 (1) lit. c GDPR. Data processing may also be carried out on the basis of our legitimate interest pursuant Art. 6 (1) lit. f GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this data protection declaration.
Data Protection Officer
We have appointed a Data Protection Officer for our company.
Mr Matthias Brüggemeier, Mergenthalerstr. 15, 48268 Greven, Germany
Phone: +49 (2571)/16-270
E-mail: datenschutz@noltewerk.de
Note on Data Transfer to the USA and Other Third Countries
Among other things, we use tools from companies located in the USA or other third countries that are, according to data protection law, non-safe. If such tools are in operation, your personal data may be transferred to and processed in such third countries. It should be noted that in these countries a level of data protection comparable to the level in the EU cannot be guaranteed. For example, companies in the US are obligated to provide personal data to security authorities without you as a data subject being able to take legal action against this. Therefore, it may be possible that US authorities (e.g. intelligence services) process, evaluate and permanently store your data which is stored on servers in the US for surveillance purposes. We have no influence over such processing operations.
Revocation of Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You may revoke given consent at any time. Lawfulness of data processing carried out until revocation remains unaffected by the revocation.
Right of Objection to the Collection of Data in specific cases and to direct marketing (Art. 21 GDPR)
IF DATA PROCESSING IS CARRIED OUT PURSUANT ART. 6 (1) LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS RELATED TO YOUR PARTICULAR SITUATION INCLUDING PROFILING BASED ON THOSE PROVISIONS AT ANY TIME. RESPECTIVE LEGAL BASIS ON WHICH PROCESSING TAKES PLACE CAN BE FOUND IN THIS DATA PROTECTION DECLARATION. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE ASSERTION, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT ART. 21 (1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES; YOU SHALL HAVE THE RIGHT TO OBJECT TO PROCESSING OF SUCH PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING; INCLUDING PROFILING; INSOFAR AS IT IS CONNECTED TO SUCH DIRECT MARKETING AT ANY TIME. IF YOU OBJECT TO PROCESSING FOR PURPOSES OF DIRECT MARKETING, YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR SUCH PURPOSES (OBJECTION PURSUANT ART. 21 (2) GDPR).
Right of Appeal to Competent Supervisory Authority
In case of breaches of the GDPR, data subjects shall have a Right of Appeal to a supervisory authority, in particular in the Member State of their regular residence, place of work or the place of alleged breach. The right of appeal exists irrespective of any other administrative or judicial remedy.
Right to Data Portability
You have the right to request provision of data - that we process automatically based on your consent or contractual performance - to be issued to you or a third party in a common, machine-readable format. If you request direct transfer of data to another controller, this will only be done as far as technically feasible.
SSL or TLS Encryption
This website uses SSL or TLS encryption for reasons of security and to protect the transmission of confidential content such as orders or enquiries to us as website operator. An encrypted connection can be recognized in the browser bar when the string changes from ‘http://‘ to ‘https://‘ and the symbol of a lock.
If SSL or TLS encryption is activated, data transmit to us cannot be read by third parties.
Disclosure, Deletion, Correction
Within applicable statutory provisions, you may request information about your personally identifiable data stored, its origin and recipient, and purpose of data processing at any time and free of charge. You may, where applicable, also have the right to have such data deleted and corrected. For further information in regards to personal data feel free to contact us at any time.
Right to Restriction of Processing
You have the right to demand restriction of processing of your personal data. To exercise such right please contact us at any time. Right to Restriction of Processing exists in the following cases:
- If the accuracy of personal data held by us is disputed, we will usually need time to verify. For the duration of verification, you have the right to demand restriction of processing of your personal data.
- If processing of your personal data was/is unlawful, you may demand the restriction of data processing instead of deletion.
- If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to demand restriction of processing of your personal data instead of deletion.
- If you have lodged an objection pursuant Art. 21 (1) GDPR, your interests and ours must be considered. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If processing of your personal data has been restricted, such personal data shall - besides its storage - not be processed, except with the consent of the data subject or for the assertion, exercise or defence of legal claims or the protection of rights of another natural or legal person or reasons of substantial public interest of the European Union or a Member State.