Privacy information for this website and other details on the duty of information pursuant to Article 13 GDPR when collecting personal data from the affected person
This privacy statement (version: GDPR 1.0 dated 22/5/2018) was created by:
Deutsche Datenschutzkanzlei – Munich Office – www.deutsche-datenschutzkanzlei.de
We, HARTER GmbH, are the party responsible for this website, and, as the provider of a teleservice, are obliged to inform you of the type, scope and purpose of the collection and use of personal data in a precise, transparent, comprehensible and easily accessible manner, using clear, simple language, at the start of your visit to our website. This information must be available for you to retrieve at all times. We are therefore obliged to advise you which personal data is collected or used. Personal data is classified as all information relating to an identified or identifiable natural person.
We place great emphasis on the security of your data and the compliance with privacy regulations. The collection, processing and use of personal data is subject to the currently applicable European and national laws.
We want to use the following privacy statement to describe how we use your personal data, and how you can contact us:
Commercial register no.: HRB 4412
Managing directors: Reinhold Specht, Norbert Feßler
Telephone: +49 8383 9223-0
Our data protection officer
If you have any questions, you can contact our data protection officer as follows:
Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
In the interests of maximum clarity, our privacy statement does not distinguish between genders. Relevant terms apply to both genders in the spirit of equal treatment.
Article 4 of the EU General Data Protection Regulation (GDPR) outlines the definitions of the terms used, such as “personal data” or the “processing” thereof.
User personal data processed as part of this website includes basic data (e.g. customer name and address), contract data (e.g. services used, names of processing agents, payment information), usage data (e.g. pages of our website visited, interest in our products) and content data (e.g. input in the contact form).
“User” in this context covers all categories of people affected by the data processing. This may include our business partners, customers, interested parties and other visitors to our website.
We guarantee that we will only collect, process, store and use your data in relation to processing your enquiries, both for internal purposes and to render your requested services or provide content.
Bases of data processing
We only process users’ personal data in accordance with the relevant privacy regulations. User data is only processed if the following statutory exemptions apply:
- To render our contractual services (e.g. order processing) and online services
- Processing is stipulated by law
- If you have provided your consent
- Based on our justified interest (i.e. interest in analysing, optimising and profitably operating and protecting our website as defined by Art. 6 Para. 1 f. GDPR, particularly for measuring reach, creating profiles for advertising and marketing purposes, and collecting access data and using services of third-party providers)
We will be glad to advise you where the aforementioned legal bases can be found in the GDPR:
Consent, Art. 6 Para. 1 a. and Art. 7 GDPR
Processing to fulfil our services and
take contractual measures, Art. 6 Para. 1 b. GDPR
Processing to fulfil our legal obligations, Art. 6 Para. 1 c. GDPR
Processing to protect our justified interests, Art. 6 Para. 1 f. GDPR
Data transmission to third parties
Data is only shared with third parties if this is permitted by law. We only share user data with third parties if this is required for contractual purposes or based on justified interests in running our business profitably and effectively.
Insofar as we employ subcontractors to provide our services, we take suitable legal precautions and appropriate technical and organisational measures to protect personal data in accordance with the relevant legal regulations.
We wish to advise that data is transmitted when using our website, due to the use of Google Analytics.
Data transmission to a third country or an international organisation
Third countries are countries in which the GDPR is not the directly applicable law. This generally covers all countries outside the EU/European Economic Area.
Data is transmitted to a third country or an international organisation. We make sure here that suitable/appropriate guarantees are in place, and that you have access to enforceable rights and effective legal remedies.
A copy of the suitable guarantees is available at the following links:
· Privacy Shield: https://www.privacyshield.gov/list
· Standard Contractual Clauses:
Storage duration for your personal data
We adhere to the principles of data economy and data reduction. This means that we only store your provided data for as long as it is necessary to fulfil the aforementioned purposes or as per the various storage periods stipulated by the legislators. If the respective purpose ceases to apply or the relevant periods elapse, your data is routinely locked/deleted in accordance with the legal regulations.
We have created an in-house concept for these procedures.
If you contact us by email, telephone, fax, the contact form etc., you agree to communicate electronically. Contacting us results in the collection of personal data. The respective contact form shows you which data is collected when said form is used. Your data is transmitted with SSL encryption. The information provided by you is solely stored for the purpose of processing your request or for possible follow-up queries.
We will be glad to cite the legal bases for this:
Processing to fulfil our services and take contractual measures, Art. 6 Para. 1 b. GDPR
Processing to protect our justified interests, Art. 6 Para. 1 f. GDPR
We use software to manage customer data (CRM system) or a comparable software based on our justified interests (fast, efficient processing of user enquiries).
The system is operated by us in-house, meaning no data is shared with third parties.
We wish to advise that emails may be illegally read or modified without your knowledge during transmission. We also wish to advise that we use software to filter unwanted emails (spam filter). This spam filter may reject emails that have been accidentally identified as spam based on certain properties.
What are your rights?
a) Right to information
You are entitled to obtain information on your stored data free of charge. Upon request, we will advise you in writing, in accordance with the applicable law, which of your personal data we have stored. This also includes the origin and recipients of your data, as well as the purpose of the data processing.
b) Right to correction
You are entitled to have your stored data corrected if necessary. In doing so, you can ask for processing to be restricted, e.g. if the accuracy of your personal data is in dispute.
c) Right to locking
You can also have your data locked. To ensure your data can be locked at any time, this data must be provided in a lock file for monitoring purposes.
d) Right to deletion
You can also ask for your personal data to be deleted, insofar as no statutory storage obligations apply. If such obligations do exist, we can lock your data upon request. If the relevant legal requirements have been met, we will also delete your personal data without you specifically requesting this.
e) Right to data transmissibility
You are entitled to ask us to provide the personal data sent by us in a format permitting it to be sent elsewhere.
f) Right of appeal to a supervisory authority
You may appeal to one of the privacy supervisory authorities.
Bavarian Data Protection Authority (BayLDA)
Promenade 27, D-91522 Ansbach
Telephone: +49 981 53-1300
Fax: +49 981 53-981300
The Bavarian Data Protection Authority’s appeals form is available at https://www.lda.bayern.de/de/beschwerde.html
g) Right of objection
You may revoke your consent to your data being used for internal purposes at any time. To do so, simply send an email stating as much to firstname.lastname@example.org. This revocation will, however, not affect the legitimacy of the processing performed prior to this. Data processing in relation to all other legal bases, e.g. contract initiation (see above), is similarly not affected.
Protecting your personal data
We take contractual, organisational and technical security measures in keeping with the latest standards of technology to ensure privacy laws are upheld, and to protect the data processed by us against accidental or deliberate tampering, loss, destruction or unauthorised access.
The security measures particularly include the encrypted transmission of data between your browser and our server. A 256-bit SSL (AES 256) encryption technology is used here.
Your personal data is protected as follows (excerpt):
a) Protection of your personal data’s confidentiality
To protect the confidentiality of your personal data stored by us, we have taken various measures to monitor and control access, storage media and memory.
b) Protection of your personal data’s integrity
To protect the integrity of your personal data stored by us, we have taken various measures to monitor and control sharing and input.
c) Protection of your personal data’s availability
To protect the availability of your personal data stored by us, we have taken various measures to monitor and control orders and availability.
The security measures used are constantly being improved in accordance with technological developments. Despite these measures, however, the insecure nature of the Internet means we are unable to guarantee the security of your data transmissions to our website. As such, any data you send to our website is done at your own risk.
Protection of minors
Persons aged under 16 may only send us personal information with the consent of their guardians. This data is processed in accordance with this privacy statement.
Our website uses: Browser cookies
User control over cookies
Browser cookies: You may configure all browser settings so that cookies are only accepted upon request, or for cookies to only be accepted for pages currently being visited. All browsers offer functions enabling the selective deletion of cookies. The acceptance of cookies can generally also be disabled, although this may result in this website being less user-friendly.
Use of first-party cookies (Google Analytics cookie)
Google Analytics cookies log:
• Unique users – Google Analytics cookies record and group your data. All activities performed during a visit are summarised. Creating Google Analytics cookies enables a distinction to be made between users and unique users.
• User activities – Google Analytics cookies also store data relating to the start and finish time of a website visit, and how many pages you viewed. When the browser is closed or if the user has been inactive for an extended period of time (generally 30 minutes), the user session ends and the cookie records the visit as having ended. The time and date of the first visit is also recorded, as is the total number of visits per unique user. External link: http://www.google.com/analytics/terms/de.html
You may prevent Google from recording and processing the data generated by the cookie in relation to the website usage (incl. your IP address) by downloading and installing a browser plug-in from the following link:
External link: http://tools.google.com/dlpage/gaoptout?hl=de.
More information is available under “Google Analytics / Universal Analytics web analysis service”.
Use of third-party cookies
Third-party providers create [additional] cookies (third-party cookies) on our website by importing editorial text or advertising. The third-party providers are also subject to strict privacy requirements regarding the availability of personal data.
Lifetime of cookies used
Cookies are managed by our website’s web server. This website uses:
Transient cookies/Session cookies (one-off use)
Lifetime: Until this website is closed
Persistent cookie (permanent browser recognition)
Lifetime: 2 years
Disabling or removing cookies (opt-out)
Every web browser provides options for restricting or deleting cookies. Further information on this is available on the following websites:
- Internet Explorer:
- Google Chrome:
Google Analytics / Universal Analytics web analysis service
We use Google Analytics, a web analysis service run by Google Inc. ("Google"). Google Analytics uses "cookies", text files stored on your computer, and which enable the website’s usage to be analysed. The information generated by the cookie about this website’s usage is generally sent to a Google server in the USA, where it is stored. Data is thus sent to a third country. We make sure here that suitable/appropriate guarantees are in place, and that you have access to enforceable rights and effective legal remedies.
A copy of the suitable guarantees is available at the following links:
• Privacy Shield: https://www.privacyshield.gov/list
• Standard Contractual Clauses:
In the event IP anonymisation is enabled on our website, your IP address will, however, be abbreviated by Google beforehand within the European Union or other member states of the European Economic Area.
Only in exceptional cases will the full IP address be sent to a Google server in the USA and then be abbreviated. Google will use this information on our behalf to analyse website usage, compile reports on website activities, and render additional services relating to website and Internet usage for us. The IP address sent by your browser as part of Google Analytics is not combined with other Google data. You may prevent cookies from being stored by configuring your browser software settings accordingly. Please note, however, that this may mean you are unable to use all of this website’s functions to their full extent.
We wish to advise that this website uses Google Analytics with the "_anonymizeIp()" extension, and that IP addresses are thus only processed if abbreviated, so as to prevent direct references to individuals.
The data sent by us and linked to cookies, user IDs or advertising IDs is automatically deleted after 14 months. Data whose storage period has elapsed is deleted automatically once a month. Further information on usage conditions and privacy is available at https://www.google.com/analytics/terms/de.html or https://policies.google.com/?hl=de
You can also prevent Google from recording and processing the data generated by the cookie and relating to the website usage (incl. your IP address) by downloading and installing a browser plug-in from the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively to the browser plug-in or in browsers on mobile devices, the following link can be used to create an opt-out cookie which will prevent Google Analytics from recording data on this website in future (this opt-out cookie only works in this browser, and only for this domain. If the cookies in this browser are deleted, click the link again):
Use of Google Maps
We use Google Maps to show maps and create access routes. Google Maps is run by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website, you agree for data entered by you or automatically collected (including IP address) to be recorded, processed and used by Google, one of its representatives or third-party providers. The conditions of use for Google Maps are available at the following link:
More details on transparency, options and the privacy regulations are available at the google.de privacy centre: https://www.google.de/intl/de/policies/privacy/?fg=1
We reserve the right to occasionally adjust our privacy statement to ensure it always complies with the latest legal requirements or to incorporate changes to our services into the privacy statement. This may, for example, relate to the introduction of new services. The new privacy statement will then apply to your subsequent visits.
Each of the company logos or trademarks stated here is the property of the respective company. Trademarks and names are provided purely for information purposes.
C. Russia-specific provisions
The following applies to users based in the Russian Federation:
The aforementioned services offered by our website are not intended for citizens of the Russian Federation residing in Russia.
If you are a Russia-based Russian citizen, you are hereby expressly informed that any personal data you provide to us through this website is done exclusively under your responsibility and at your own risk. You also agree not to hold us responsible for any non-compliance with the laws of the Russian Federation.