Data protection
Data protection and copyright for the use of our website
Terms of use
Access to and use of this website is subject to following provisions.
Our website contains links to websites of other providers. We have no influence on whether these providers comply with the statutory data protection provisions. You should therefore always check the provided privacy statements.
Data protection
a) General
Protecting your privacy when processing personal data, as well as the security of all business data, is an important concern for us and one that we take into account in our business processes.
We process personal data that is collected during your visit to our websites in confidence and only in accordance with the statutory provisions. Data protection and information security form part of our corporate policy.
b) Collection, storage and processing of personal data
When collecting, storing and processing personal data, we observe European regulations on data protection law and the resulting national regulations. As a company based in Germany, the EU General Data Protection Regulation and the German implementing regulations - the Telecommunications Act and the Telemedia Act - apply to us.
- Collection of general data and information
When you visit our websites, we will store the name of your internet service provider, the website from which you visit us, the web pages you visit on our site as well as the date and duration of the visit along with the IP address. This general data and information is stored in the server's log files. This data is collected for the legitimate interest of averting danger in the event of attacks on our information technology systems.
- Collection of further personal data
Further personal data is only stored if you provide it to us of your own free will, e.g. as part of a registration process, a survey, an inquiry or in order to perform a contract. We will use your personal data for the sole purpose of the technical administration of the websites, customer administration, product surveys and marketing, and only to the extent necessary in each specific case. Your data will only be transferred to third parties insofar as this is necessary to fulfil the contract or if there is a legal obligation to pass on the data. We implement technical and organisational security measures to protect any data under our control from manipulation, loss, or destruction, as well as unauthorised access or disclosure. Our security measures are improved on an ongoing basis and adapted in line with technological developments.
Name and address of the Data Controller
The responsible party within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions pertaining to data protection is:
HUECK System GmbH & Co. KG, Mr. Rafael Wilk, Loher Straße 9 58511 Lüdenscheid, Telephone +49 2351 151-1, Email info@hueck.de
Definitions
Our privacy statement is based on the terminology used by the European legislator in enacting the General Data Protection Regulation (GDPR). Our privacy statement is intended to be easy to read and understand both for the general public and for our customers and business partners. To ensure that this is the case, we would first like to explain the terminology it uses.
We use the following terms, among others, in this privacy statement:
- Personal data
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Data subject
A data subject is any identified or identifiable natural person whose personal data are processed by the controller.
- Processing
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- Restriction of processing
“Restriction of processing” means the marking of stored personal data with the aim of limiting their processing in the future.
- Pseudonymisation
“Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
- Controller or controller responsible for processing
“Controller” or “controller responsible for processing” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
- Processor
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
- Recipient
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
- Third party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
- Consent
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Collection and use of your data
Personal/non-personal data
When you visit our website, we save the name of your internet service provider, the website from which you are visiting us, which of our web pages you visit, and the date and duration of your visit. None of this is personal data, as none of the data can be used to establish a link to you. The data are stored exclusively for internal purposes, such as providing and improving our services and monitoring functionality.
Voluntary personal data
If we request personal data on a voluntary basis, you will be expressly informed of the voluntary nature of the request. Supplying this data is therefore not necessary and can be omitted. If you then provide your personal data voluntarily, e.g. as part of surveys, competitions at trade fairs, etc., we will store these data electronically and handle them in strict confidentiality. We use your personal data for the purpose of technical administration of the website, for customer administration, for product surveys and for marketing only to the extent necessary in each specific case; they are not passed on to third parties.
Further personal data will only be stored if you provide them yourself, e.g. during a registration process or for the purposes of executing a contract. In these cases, we will use your personal data for the purpose of customer administration and performance of the contract.
We take technical and organisational security measures in order to protect your data managed by us from manipulation, loss or destruction, or from access by unauthorised persons or unauthorised disclosure.
Registration for a user account
You have the option to create a user account on our website. For this purpose, we collect and store the following data:
username, surname, first name, address, customer number where applicable, area of work, telephone number, email address and password. You can then log into the customer area of our website with your username (which is the same as your email address) and your personal password.
Your email address
Your email address is also a form of personal data. Accordingly, this too is only used for the purpose for which you provided it.
Your email address is passed on only if this is necessary for contract handling or if Hueck Service GmbH is legally obliged to do so. Apart from that, your email address is never forwarded to third parties.
Newsletter
You will only receive newsletters from us if you have expressly requested them and, even then, only if you expressly confirm your newsletter request by email (double opt-in procedure). Every newsletter includes an unsubscribe function so that you can cancel this service again easily at any time.
Routine erasure and blocking of personal data
The controller processes and stores data subjects’ personal data only for as long as is necessary to achieve the purpose of storage or insofar as this has been provided for by the European legislator or another legislator in statutes or regulations to which the controller is subject. If the purpose of storage is no longer applicable or if a storage period prescribed by the European legislator or another relevant legislator expires, the personal data will be routinely blocked or erased in accordance with the statutory regulations.
Use of cookies
Cookies are small text files that are stored on users’ hard disks when they visit the platform; i.e. they are saved on your computer. The website is configured to place a temporary cookie on your hard disk in order to store certain information during your visit, e.g. the language or the duration of the visit. In addition, a longer-term cookie is created in order to enable the website’s functionality, among other things, as well as to count the number of your visits without automatically linking your PC to your personal data. The information contained in cookies makes navigation easier and allows our website to be displayed correctly. Our cookies cannot be used to identify you personally. We use the information stored in the cookies for the purpose of analysing the portal’s usage and to improve our website. You can adjust the settings of your browser software to prevent the installation of cookies with lasting effect. Moreover, you can delete existing cookies via a web browser or other software at any time. This is possible in all common web browsers. If you deactivate the setting of cookies in your web browser, you may not be able to use the full functionality of our website.
Data collection due to the use of Google Analytics
Our website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer to help the website analyse how visitors use the site. The information generated by the cookie about your use of the website is usually transmitted to and stored by Google on servers in the United States. However, in case of activation of IP anonymisation on this website, Google will first truncate your IP address within Member States of the European Union or in other countries which are parties to the Agreement on the European Economic Area. On behalf of the operator of this website, Google will use this information to analyse your use of the website in order to compile reports about the website activities and to provide further services in connection with the use of the website and the internet to the website operator. The IP address transmitted by your browser within the framework of Google Analytics will not be combined with other Google data. You may refuse the storing of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of this website. You can furthermore prevent the collection of the data created by the cookie with regard to your use of the website (incl. your IP address) for Google as well as the processing of this data by Google by downloading and installing the browser plug-in at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
In view of the discussion regarding the use of analysis tools with full IP addresses, please note that this website uses Google Analytics with the “_anonymizeIp()” extension and that IP addresses are therefore only processed in shortened form in order to prevent them from being linked directly to an individual. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes described above. You may withdraw your permission for the collection and storage of the data with future effect at any time.
Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to embed tracking or statistical tools and other technologies within our website. The Google Tag Manager itself does not create user profiles, nor does it store cookies or perform any independent analyses. It is only used for the administration and playout of the tools that are integrated using it. However, Google Tag Manager does collect your IP address, which may also be transferred to Google's parent company in the United States.
The use of the Google Tag Manager is based on Art. 6 (1) (f) of the General Data Protection Regulation (GDPR) The website operator has a legitimate interest in ensuring that the integration and administration of various tools on their website is both quick and uncomplicated. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 (1) (a) of the General Data Protection Regulation (GDPR) and Section 25(1) of the TTDSG (German Telemedia Act), to the extent that the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) as defined in the TTDSG. This consent can be revoked at any time.
Your rights in relation to your data
You can request the erasure of your profile and the data we have stored about you at any time, although we may be legally required (e.g. for tax reasons) to store and archive some of your data even after erasing your profile. However, these data are then blocked from any use. All data that we are not legally required to archive will be erased without undue delay once you request their erasure. You can request information about any data we have stored about you at any time. Your rights in detail:
- Right to confirmation
Every data subject has the right, granted by the European legislator, to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed. Should a data subject wish to exercise this right to confirmation, he or she can contact us, our staff or our data protection officer for this purpose at any time using the contact details below.
HUECK System GmbH & Co. KG can be contacted as follows: HUECK System GmbH & Co. KG, Loher Straße 9 58511 Lüdenscheid, Phone +49 2351 151-1, Email info@hueck.de
Contact details of data protection officer: Michaela Dötsch, specialist IT lawyer, Lösenbacher Straße 15, 58507 Lüdenscheid, Phone +49 2351 665970, Fax +49 2351 665969, doetsch@kanzlei-doetsch.de.
Right of access
Every data subject about whom personal data are processed has the right, as conferred by the European legislator, to obtain from the controller information about the personal data stored about them and a copy of this information free of charge. In addition, the European legislator has granted data subjects the right to access the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subject, any available information as to their source;
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
In addition, the data subject has the right to be informed whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject also has the right to be informed of the appropriate safeguards relating to the transfer.
Should a data subject wish to exercise this right to be informed, he or she can contact us, our staff or our data protection officer for this purpose at any time using the contact details above.
Right to rectification
Every data subject about whom personal data are processed has the right, as conferred by the European legislator, to obtain without undue delay the rectification of inaccurate personal data concerning him or her. In addition, taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Should a data subject wish to exercise this right to rectification, he or she can contact us, our staff or our data protection officer for this purpose at any time using the contact details above.
Right to erasure (right to be forgotten)
Every data subject about whom personal data are processed has the right, as conferred by the European legislator, to obtain from the controller the erasure of personal data concerning him or her without undue delay, provided that one of the following grounds applies and to the extent that the processing is not necessary:
- the personal data were collected or otherwise processed for purposes for which they are no longer necessary;
- the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing;
- the data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
- the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
Insofar as one of the above grounds applies and a data subject wishes to obtain the erasure of personal data stored at our companies, he or she can contact us, our staff or our data protection officer for this purpose at any time using the contact details above. The data protection officer or another employee will arrange for the erasure request to be fulfilled without undue delay.
If we have made the personal data public and our company, as the controller, is obliged pursuant to Article 17(1) of the GDPR to erase the personal data, then we – taking account of available technology and the cost of implementation – will take reasonable steps, including technical measures, to inform other controllers which are processing the published personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data, provided that the processing is not necessary. We will make the necessary arrangements in individual cases.
- Right to restriction of processing
Every data subject about whom personal data are processed has the right, as conferred by the European legislator, to obtain from the controller restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
- the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
- the data subject has objected to processing pursuant to Article 21(1) of the GDPR and it has not yet been verified whether the legitimate grounds of the controller override those of the data subject.
Insofar as one of the above conditions is met and a data subject wishes to request the restriction of personal data stored by us, he or she can contact us, our staff or our data protection officer for this purpose at any time using the contact details above. We will arrange the restriction of processing without undue delay.
- Right to data portability
Every data subject about whom personal data are processed has the right, as conferred by the European legislator, to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she also has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided in cases where the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) of the GDPR or on a contract pursuant to point (b) of Article 6(1) of the GDPR and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
In addition, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.
In order to establish the right to data portability, the data subject can contact us, our staff or our data protection officer at any time using the contact details above.
- Right to object
Every data subject about whom personal data are processed has the right, as conferred by the European legislator, to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on those provisions.
In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or the processing is necessary for the establishment, exercise or defence of legal claims.
Where we process personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him or her for such marketing. This also applies to profiling to the extent that it is related to such direct marketing. Where the data subject objects to our processing for direct marketing purposes, the personal data will no longer be processed for these purposes.
In order to exercise the right to object, the data subject can contact us, our staff or our data protection officer at any time using the contact details above. Furthermore, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject is free to exercise his or her right to object by automated means using technical specifications.
- Automated individual decision-making, including profiling
Every data subject about whom personal data are processed has the right, as conferred by the European legislator, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, unless the decision is (1) necessary for entering into, or performance of, a contract between the data subject and a data controller, (2) authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests or (3) based on the data subject’s explicit consent.
If the decision is (1) necessary for entering into, or performance of, a contract between the data subject and a data controller or (2) based on the data subject’s explicit consent, we will implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.
Should a data subject wish to assert rights relating to automated decision-making, he or she can contact us, our staff or our data protection officer for this purpose at any time using the contact details above.
- Right to withdraw consent under data protection law
Every data subject about whom personal data are processed has the right, as conferred by the European legislator, to withdraw his or her consent to the processing of personal data at any time.
Should the data subject wish to assert their right to withdraw consent, he or she can contact us, our staff or our data protection officer for this purpose at any time using the contact details above.
Protecting your data/Encryption
We take the protection of your personal data very seriously. Secure Sockets Layer (SSL) technology is used to record your sensitive data for the purpose of contract performance. We use generally accepted industry standards to secure and protect sensitive data against unauthorised access or unlawful use.
Statutory or contractual provisions regarding the provision of personal data; necessity for entering into a contract; obligation of data subject to provide personal data; possible consequences of failure to provide personal data
Please be aware that the provision of personal data is required by law (e.g. tax regulations) in some cases or can also result from contractual rules (e.g. details of the contracting party). When entering into a contract, it may sometimes be necessary for a data subject to provide us with personal data that we will subsequently need to process. For example, the data subject is required to provide us with personal data when our company enters into a contract with him or her. Failure to provide the personal data would mean that we could not enter into the contract with the person in question. Before providing personal data, the person in question must contact us using the contact details above. Our data protection officer will inform the person in question on a case-by-case basis whether the provision of personal data is legally or contractually required or necessary in order to enter into the contract, whether there is an obligation to provide the personal data, and what the consequences of failing to provide the personal data would be.
Changes
The operator reserves the right to update this privacy statement. In the event of changes that could be disadvantageous to you, you will be notified within a reasonable period of time and, if necessary, renewed consent will be obtained.
Withdrawal of consent
Where you expressly agree to a specific use of your data on our website, this is always done on a voluntary basis. You can withdraw your consent at any time with future effect. Please send notice of withdrawal to the contact details above. We have a legal obligation to ensure data protection and to compile a privacy statement. Therefore, and for technical reasons, it is not possible to make use of our services if you do not wish to give your consent to this privacy statement or parts thereof, or if you withdraw such consent. If you have any further questions regarding our privacy statement, we will be happy to provide assistance. Please contact us using the contact form or contact details on this website.
Permit of use
The above companies grant the user the non-exclusive, non-transferable right, territorially restricted to the Federal Republic of Germany, to utilise the content, software and databases that can be accessed online as part of the standard use of the website for the purpose of facilitating the user’s work with and planning of Hueck company products. Every reproduction or saving to storage media of any kind and/or forwarding of the software and/or databases and/or the contents, with the exception of buffering for technical reasons in the main memory or on the user’s hard drive as part of the normal access process, is not permitted without the explicit consent of Hueck GmbH & Co. KG. Furthermore, the user shall ensure that third parties – irrespective of the means – do not have access to the software and/or databases and/or the contents. Any use of the software and/or databases and/or contents other than the use stipulated in the first sentence of this paragraph is also not permitted.
Copyright and right of use
The content of our website is protected by copyright. One copy of the information on this website may be stored on a single computer for non-commercial and personal internal use. Graphics, texts, logos, images, etc. may only be downloaded, duplicated, copied, altered, published, sent, transmitted or used in any other form with prior written permission from Hueck GmbH & Co. KG. Product and company names mentioned on the website may be registered trademarks or brands. Unauthorised use may lead to claims for damages and injunctive relief.
Disclaimer
The above Hueck companies shall not be liable for damage and specifically not for direct or indirect consequential damage, loss of data, loss of profit, or system or production downtime that occurs as a result of using this website or downloading data. This disclaimer shall not apply in the event of damage that occurs as a result of using this website or downloading data if this is due to malicious intent or gross negligence.
Applicable law, place of jurisdiction
The legal relationship between you and the above companies resulting from the use of the website shall be governed by the laws of the Federal Republic of Germany. The place of jurisdiction shall be the Hueck GmbH & Co. KG headquarters in Lüdenscheid, Germany, for disputes with registered traders resulting from the use of this website.