Imprint

 

 

Imprint


Bültel Bekleidungswerke GmbH
Rheiner Str. 28
D-48499 Salzbergen


Fon: +49 (0) 5976 / 27-0
E-Mail: info(at)bueltel.com

Managing directors:
Frank Brüggemann, Thorsten Suska, Hendrik-Jan Muis
           
Register court: Amtsgericht Osnabrück HRB 100049

VAT Number: DE 117330232

Chairman  of the Advisory Board:
Dr. Waldemar Abel



Data privacy

I. Name and address of the data controller

The data controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states, as well as other data protection regulations, is:

Bültel Bekleidungswerke GmbH
Rheiner Straße 28
D-48499 Salzbergen
T +49 (0) 5976 / 27-0
F +49 (0) 5976 / 27-211

II. Contact details of the data protection officer

You can contact the data controller's data protection officer at:
datenschutz(at)bueltel.com

III. General information on data processing

1. Scope of personal data processing
We only ever collect and use the personal data of our users if this is necessary to provide a functional website as well as our contents and services. The personal data of our users is only collected and used routinely where the user has given their consent. One exception is in cases where it is not possible to obtain consent in advance for reasons of fact, and where legal regulations allow the data to be processed.

2. Legal basis for processing personal data
In cases in which we obtain the consent of the data subject to process personal data, the legal basis for the processing is Article 6 Paragraph 1 Point a of the EU General Data Protection Regulation (GDPR).
When processing personal data that is required to fulfil a contract whose contractual party is the data subject, the legal basis is Article 6 Paragraph 1 Point b GDPR. This also applies to processing that is required to carry out pre-contractual measures. Where it is necessary to process personal data to fulfil a legal duty to which our company is subject, the legal basis is Article 6 Paragraph 1 Point c GDPR. In cases where the vital interests of the data subject or another natural person make it necessary to process personal data, the legal basis is Article 6 Paragraph 1 Point d GDPR. If it is necessary to process personal data to protect a legitimate interest of our company or of a third party, and if the interests, basic rights and basic freedoms of the data subject do not override the first-named interest, the legal basis for the data processing is Article 6 Paragraph 1 Point f GDPR.

3. Erasure of data and retention period
The personal data of the data subject is deleted or blocked as soon as the purpose for which it was stored no longer applies. The data may continue to be stored beyond this period if that is provided for by European or national legislators in Union regulations, laws or other provisions to which the data controller is subject. The data is also blocked or deleted when the retention period prescribed in the above-mentioned standards expires, except where it is necessary to keep the data for longer in order to complete or fulfil a contract.

IV. Provision of the website and creation of log-files

1. Description and scope of data processing
Whenever someone visits our website, our system automatically collects data and information from the visitor's computer. The following data is collected:
• Information about the browser type and the version used
• The user's operating system
• The user's internet service provider
• The user's IP address
• Date and time of access
• Websites from which the user's system came to our website
• Websites that are accessed by the user's system via our website
The data is also stored in the log-files on our system. This data is not stored with any of the user's other personal data.

2. Legal basis for data processing
The legal basis for the temporary storage of the data is Article 6 Paragraph 1 Point f GDPR.

3. Purpose of data processing
The temporary storage of the IP address on the system is necessary in order to make it possible to deliver the website to the user's computer. To do this, the user's IP address must be stored for the duration of the session. Data is stored in log-files in order to guarantee the functionality of the website. Furthermore, the data helps us to optimise the website and to ensure the security of our IT systems. This data is not analysed for marketing purposes. For these purposes, our legitimate interest in the data processing is also derived from Article 6 Paragraph 1 Point f GDPR.

4. Retention period
The data is deleted as soon as it is no longer needed to achieve the purpose for which it was collected. Where the data is collected in order to facilitate the provision of the website, the data is deleted when the respective session comes to an end. Where the data is stored in log-files, the data is deleted after a maximum period of seven days. In some cases it is possible that the data is stored for longer. In these cases, the user's IP address is deleted or distorted so that it is not possible to identify the visiting client.

5. Right of revocation and erasure
Collecting data for the provision of the website and storing the data in log-files is essential for the operation of the website. The user cannot, therefore, opt out.

V. Use of cookies

1. Description and scope of data processing
Our website uses cookies. Cookies are text files placed on the internet browser or by the internet browser on the user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a distinguishing character string that makes it possible to specifically identify the browser when the user later returns to the website. To make our website more user-friendly, some of the features of our website require it to be possible to identify the visiting browser and the language settings even after the user has moved to another page. A technical cookie is placed to do this.

2. Legal basis for data processing
The legal basis for the processing of personal data when using technically essential cookies is Article 6 Paragraph 1 Point f GDPR.

3. Purpose of data processing
The purpose of using technically essential cookies is to simplify the use of the website for the user. Some functions on our website cannot be provided without the use of cookies. For these functions, it is essential that the browser can be identified even after the user transitions to other pages.

4. Retention period, Right of revocation and erasure
Cookies are stored on the user's computer and are transmitted from there to our webpage. Therefore, you as the user have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Previously stored cookies can be deleted at any time. This can also happen automatically. If cookies are deactivated for our website, it may not be possible to use all the functions of the site in their entirety.

VI. Contact form and email contact

1. Description and scope of data processing
Our website features a contact form that can be used to contact us electronically. If the user takes advantage of this service, the data they enter in the entry fields will be transmitted to us and stored. This data includes the following:
• The message
• The email address
• Date and time of registration
As part of the submission process, we obtain your consent to process your data and refer you to this privacy policy. Alternatively, it is possible to contact us via the email address given. In this case, the user's personal data that is transmitted with the email is stored. This data is not passed on to third parties. The data is only used to process the conversation.

2. Legal basis for data processing
The legal basis for the data processing is Article 6 Paragraph 1 Point f GDPR. If the purpose of sending the email is to eventually conclude a contract, there is an additional legal basis for data processing in Article 6 Paragraph 1 Point b GDPR.

3. Purpose of data processing
The personal data from the entry field is processed solely to allow us to deal with your communication. Where correspondence is sent by email, there is also an additional legitimate interest in processing the data. The other data processed during the submission process is used to prevent abuse of the contact form and to ensure the security of our IT systems.

4. Retention period
The data is deleted as soon as it is no longer needed to achieve the purpose for which it was collected. With regard to personal data from the contact form entry field and personal data sent by email, the data is deleted when the respective conversation with the user is finished. The conversation is deemed to be finished when the circumstances imply that the relevant situation has been conclusively resolved. The additional personal data collected during the process of submitting the correspondence is later deleted after a period of seven days.

5. Right of revocation and erasure
The user can revoke their consent to the processing of their personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. Please note that the conversation cannot be continued in this case. The user can revoke their consent and object to the data storage in writing by contacting the contact person given in Section I. In this case, all personal data stored during the course of the correspondence is deleted.

VII. Web analytics by Matomo (formerly PIWIK)

1. Scope of personal data processing
We use the Matomo tool (formerly PIWIK) on our website to analyse the browsing behaviour of our users. The software places a cookie on the user's computer (see above for more information about cookies). When individual pages on our website are viewed, the following data is stored:
• Two bytes of the IP address of the user's system
• The webpage visited
• The website from which the user arrived at the viewed webpage (referrer)
• The subpages that were viewed from the accessed website
• Time spent on the website
• Frequency of visits to the website
The software runs only on the servers of our website. The user's personal data is only stored on these servers. This data is not passed on to third parties. The software is set up so that the IP addresses are not stored in full: 2 bytes of the IP address is masked (for example: 192.168.xxx.xxx). As a result, it is not possible to assign the truncated IP address to the visiting computer.

2. Legal basis for processing personal data
The legal basis for processing the personal data of the user is Article 6 Paragraph 1 Point f GDPR.

3. Purpose of data processing
Processing the user's personal data allows us to analyse the browsing behaviour of our users. Analysing the collected data also allows us to gather information about the use of individual elements on our website. This helps us to continuously improve our site and make it more user-friendly. For these purposes, our legitimate interest in the data processing is also derived from Article 6 Paragraph 1 Point f GDPR. By anonymising the IP addresses, we sufficiently take into account the user's interest in the protection of their personal data.

4. Retention period
The data is deleted as soon as it is no longer needed for record-keeping purposes.

5. Right of revocation and erasure
Cookies are stored on the user's computer and are transmitted from there to our webpage. Therefore, you as the user have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Previously stored cookies can be deleted at any time. This can also happen automatically. If cookies are deactivated for our website, it may not be possible to use all the functions of the site in their entirety. Below this privacy policy we offer our users the option of opting out of this analysis on our website. If you do so, an additional cookie is placed on your system that tells our system not to store your data. If the user temporarily deletes the respective cookie from their system, they will need to set the opt-out cookie anew.

VIII. Rights of the data subject

If your personal data is processed, you are the data subject within the meaning of GDPR, and you have the following rights with respect to the data controller:

1. Right to be informed
You have a right to receive confirmation from the data controller regarding whether we process personal data relating to you.
If your personal data is being processed, you have the right to receive the following information from the data controller:
• the purposes for which the personal data is processed
• the categories of personal data processed
• the recipients and categories of recipients to which your personal data has been and is being disclosed
• the planned retention period of your personal data or, if it is not possible to provide concrete information in this regard, criteria for establishing the retention period
• the existence of the right to rectify or erase your personal data, of the right to restrict the processing of data by the data controller, and the right to object to this processing
• the existence of the right to lodge a complaint with a supervisory authority
• all available information about the origins of data if the personal data is not collected from the data subject;
• the existence of automated decision-making including profiling in accordance with Article 22 Paragraph 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved and the consequences and the pursued effects of such processing for the data subject
You have the right to receive information about whether your personal data is transmitted to a third country or to an international organisation. In this context, you can demand to be informed about the appropriate guarantees in connection with the transmission in accordance with Article 46 GDPR.

2. Right to rectification
You have the right to rectify any inaccurate or to complete any incomplete personal data the data controller stores about you. The data controller must rectify the data without delay.

3. Right to restrict data processing
Under the following provisions you can demand a restriction of processing of your personal data:
• if you contest the accuracy of your personal data, for a period of time that allows the data controller to verify the accuracy of the personal data
• the data processing is unlawful but you object to the erasure of the personal data and request the restriction of its use instead
• the data controller no longer needs the personal data for the purposes of the processing but you need the data to establish, exercise or defend legal claims, or
• if you have objected to the data processing pursuant to Article 21 Paragraph 1 GDPR pending the verification whether the legitimate grounds of the controller override yours
Where the processing of your personal data has been restricted, this data shall, with the exception of its storage, only be processed with your consent or to establish, exercise or defend legal claims, or to protect the rights of another natural or legal person, or for reasons of important public interest of the Union or of a member state. If the processing has been restricted in accordance with the above-listed conditions, you will be informed by the data controller before the restriction is lifted.

4. Right to erasure
a) Duty to erase
You have the right to ask the data controller to erase your personal data without delay, and the data controller must then delete this data immediately if one of the following applies:
• Your personal data is no longer required for the purposes for which it was collected or processed in another way.
• You revoke your consent, which served as the basis for the processing pursuant to Article 6 Paragraph 1 Point a or Article 9 Paragraph 2 Point a GDPR, and there is no alternative legal basis for the data processing.
• You object to the data processing pursuant to Article 21 Paragraph 1 GDPR and there are no overriding legitimate grounds for the data processing, or you object to the data processing pursuant to Article 21 Paragraph 2 GDPR.
• Your personal data was processed unlawfully.
• The erasure of your personal data is required to fulfil a legal duty under Union laws or under the laws of the member states to which the data controller is subject.
• Your personal data was collected in relation to information society services pursuant to Article 8 Paragraph 1 GDPR.

b) Passing information to third parties
If the data controller has made your personal data public and if they have a duty to erase it in accordance with Article 17 Paragraph 1 GDPR, the data controller must, bearing in mind the available technology and the implementation costs, take appropriate measures, including ones of a technical nature, to inform data controllers that are processing the personal data that you as the data subject have demanded that they erase all links to this personal data or erase copies and duplications of this personal data.

c) Exceptions
The data subject does not have a right to erasure if the processing is necessary:
• to exercise the right to free expression and information
• to fulfil a legal duty that necessitates the data processing in accordance with Union or member state law to which the data controller is subject, or to perform a task carried out in the public interest or carried out in the exercise of official authority vested in the data controller
• for reasons of public interest in the area of health pursuant to Article 9 Paragraph 2 Point h and i, as well as Article 9 Paragraph 3 GDPR
• for archival purposes in the public interest, for scientific or historical research purposes, or for statistical purposes pursuant to Article 89 Paragraph 1 GDPR, in so far as the rights stated under Paragraph a are likely to render impossible or seriously impair the achievement of the specific purposes of this processing, or
• to establish, exercise or defend legal claims

5. Right to be informed
If you have asserted your right to rectify, erase or restrict the processing with regard to the data controller, the data controller must inform all recipients with whom they have shared relevant personal data about the rectification or erasure of the data or about the restriction of processing, unless this proves to be impossible or involves disproportionate effort. You have the right to be informed by the data controller about these recipients.

6. Right to data portability
You have the right to receive the personal data that you have provided to the data controller in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data was provided, as long as
• the processing is based on consent pursuant to Article 6 Paragraph 1 Point a GDPR or Article 9 Paragraph 2 Point a GDPR, or is based on a contract pursuant to Article 6 Paragraph 1 Point b GDPR and
• the processing is carried out by automated means.
When exercising this right to data portability, you also have the right to have your personal data transmitted directly from one data controller to another where this is technically feasible. The rights and freedoms of other persons shall not be adversely affected by this. The right to data portability does not apply to the processing of personal data carried out in the public interest or carried out in the exercise of official authority vested in the controller.

7. Right to object
You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation when this data is processed on the basis of Article 6 Paragraph 1 Point e or f GDPR; this also applies to profiling based on these provisions.
The data controller shall no longer process your personal data unless they can demonstrate compelling legitimate grounds for this processing that override your interests, rights and freedoms, or the data processing serves to establish, exercise or defend legal claims.
If your personal data is processed in order to conduct direct marketing, you have the right to object at any time to the processing of your personal data for the purposes of conducting such marketing; this also applies for profiling to the extent that it is related to this direct marketing.
If you object to the processing for direct marketing purposes, your personal data will no longer be processed for this purpose.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

8. Right to revoke consent regarding the privacy declaration
You have the right to revoke your consent regarding the privacy declaration at any time. This revocation of consent does not affect the lawfulness of the processing carried out up to the time of revocation on the basis of that consent.

9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply when the decision
• is necessary for entering into, or to perform, a contract between you and the data controller,
• is based on your explicit consent
• is authorised by Union or member state law to which the data controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests.
However, these decisions may not be based on special categories of personal data referred to in Article 9 Paragraph 1 GDPR unless Article 9 Paragraph 2 Point a or g GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. With regard to the first two cases referred to above, the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

10. Right to lodge a complaint with a supervisory authority
Without prejudice to another administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.


Web Analytics Opt-Out-Cookie