Privacy policy

We are delighted that you are visiting our website www.mauthe-drehteile.de and are interested in our company.

We attach a great deal of importance to protecting your personal data, such as your date of birth, name, phone number, address, etc.

The purpose of this privacy policy is to inform you of how your personal data that we collect from you when you visit our website is processed. Our data protection practices comply with the legal regulations set down in the EU’s General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The following privacy policy serves to fulfil the duties to provide information arising from the GDPR. These can be found in the likes of Arts. 13 and 14 et seq. of the GDPR.

Controller

The controller according to Art. 4 (7) of the GDPR is the party that, alone or jointly with others, determines the purposes and means of personal data processing.

With regard to our website, the controller is:

A & W Mauthe GmbH & Co. KG
Riegertsbühlstrasse 32
78601 Mahlstetten
Email: info@mauthe-drehteile.de
Tel.: +49 (0)7429 940 210
Fax: +49 (0)7429 940 2121

Providing the website and creating log files

Each time our website is accessed, our system automatically records data and information from the accessing device (e.g. computer, mobile phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and the version used;
(2) The accessing device’s operating system;
(3) The host name of the accessing computer;
(4) The accessing device’s IP address;
(5) The date and time of access;
(6) Websites and resources (images, files, other page contents) that were accessed on our website;
(7) Websites from which the user’s system accessed our website (referrer tracking);
(8) Message confirming whether access was successful;
(9) The amount of data transmitted

This data is stored in our system’s log files. This data is not stored together with personal data belonging to a specific user, so individual site visitors are not identified.

Legal basis for personal data processing

Art. 6 (1) f of the GDPR (legitimate interest). Our legitimate interest is to guarantee achievement of the purpose outlined below.

Purpose of data processing

Temporary (automated) data storage is necessary for a visit to a website to proceed to enable delivery of the website. Personal data is also stored and processed to maintain our website’s compatibility for all visitors where possible and to combat misuse and eliminate faults. To this end, it is necessary to log the accessing computer’s technical data, so that we can respond to display errors, attacks on our IT systems and/or functionality errors on our website as early as possible. Additionally, we also use the data to optimise the website and to ensure the general security of our IT systems.

Duration of storage

The above technical data is deleted as soon as it is no longer needed to guarantee the website’s compatibility for all visitors, but at the latest within three months of our website being accessed.

Opportunity for objection and erasure

You may object to processing at any time according to Art. 21 of the GDPR and request that your data be erased according to Art. 17 of the GDPR. You will find the rights that you are entitled to and information on how to assert them at the bottom of this privacy policy.

Automated credit check / scoring

If you would like to conclude a contract with us, we reserve the right to perform exclusively automated processing of your personal data to check your creditworthiness. We are also entitled to make an automated decision such as this according to Art. 22 (2) a of the GDPR. Whether the contract can be concluded or not depends on the result of the automated credit check. Statistical probabilities of default are calculated during a credit check. The credit report may include probability values (score values), which are calculated based on scientifically recognised mathematical / statistical methods. Conclusions are thereby drawn as to the customer’s future risk of payment default using a wide range of features, such as income, address data, occupation, marital status and previous payment history. The result is expressed in the form of a payment value (‘score’). The information obtained in this way forms the basis of our decision on whether to establish, execute or terminate a contractual relationship. If you believe that you have been wrongfully excluded from concluding a contract due to the credit check, you are welcome to send us an email explaining your point of view. We will then review the automated decision according to Art. 22 (3) of the GDPR on a specific case-by-case basis. We may store and process your personal data according to Art. 6 (1) b of the GDPR to be able to carry out the credit check.

Due to the possibility of a contract being concluded imminently, in the following cases we shall transfer your data to the following provider(s):

  • Creditreform Reutlingen Degner KG:

    When it concludes contracts and in certain cases in which a legitimate interest exists, our company regularly checks your creditworthiness even if you are an existing customer. To this end, we work together with Creditreform Reutlingen Degner KG, Auwiesenstrasse 30, 72770 Reutlingen (www.creditreform-reutlingen.de), from which we receive the necessary data. On behalf of Creditreform Reutlingen Degner KG, we would like to share the following information with you in advance according to Art. 14 of the EU GDPR:

    Creditreform Reutlingen Degner KG is a consumer credit agency. It maintains a database in which creditworthiness information about private individuals is stored.

    Creditreform Reutlingen Degner KG provides its customers with credit reports on this basis. Its customers include the likes of credit institutions, leasing companies, insurance companies, telecommunications companies, receivables management companies, shipping, wholesale and retail companies, and other companies that deliver or provide goods or services. In the context of the legal provisions, some of the data available in the information database is also used for supplying other company databases, e.g. for use for address trading purposes, among other things.

    In particular, information about people’s name, address, date of birth, email address if necessary, payment behaviour and shareholdings is stored in the Creditreform Reutlingen Degner KG database. The stored data is processed to provide information about the queried person’s creditworthiness. The legal basis for processing is Art. 6 (1) f of the EU GDPR. Information about this data may only be provided if a customer has a credibly stated a legitimate interest in knowledge of this information. If data is transferred to states outside of the EU, this is done based on what are known as the ‘standard contractual clauses’, which you can view at or that can be sent to you from the following link:

    https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32001D0497&from=EN

    .

    The data will be stored for as long as knowledge of the same is necessary for fulfilling the purpose for which it is stored. Knowledge is generally necessary for a storage period of three years initially. Once this period of time has elapsed, it is checked whether the data still needs to be stored, otherwise it is deleted three years to the day it was stored. If a situation is being dealt with, the data will be deleted three years to the day following completion of the same. Entries in the debtor’s register are deleted, as per Section 882e of the German Code of Civil Procedure (ZPO), once three years to the day have elapsed since the entry was arranged.

    Legitimate interests under the terms of Art. 6 (1) f of the EU GDPR may be: a credit decision, initiation of business, shareholdings, a claim, a credit check, an insurance contract and enforcement information. You have a right of access vis-à-vis Creditreform Reutlingen Degner KG with regard to the data that it has stored concerning you. If the data stored about you is incorrect, you are entitled to have the same rectified or erased. If it cannot be immediately determined whether the data is incorrect or correct, you are entitled to have the data in question blocked until the same is clarified. If your data is incomplete, you can request that it be completed.

    If you have given your consent to processing of the data stored by Creditreform Reutlingen Degner KG, you have the right to revoke this consent at any time. Revocation does not affect the lawfulness of the processing of your data carried out based on your consent up until the same is revoked.

    If you have objections, requests or complaints regarding data protection, you can contact the Creditreform Reutlingen Degner KG data protection officer at any time. They will help you with all matters relating to data protection quickly and confidently. You can also complain about data processing by Creditreform Reutlingen Degner KG to the competent state representative for data protection in your state.

    The data that Creditreform Reutlingen Degner KG has stored about you comes from publicly accessible sources, collection agencies and their customers.

    To describe your creditworthiness, Creditreform Reutlingen Degner KG forms a score value from your data. Data concerning your age and gender, address details and sometimes payment experience data is incorporated into the score value. This data is incorporated into the calculation of the score value with different degrees of importance. Creditreform Reutlingen Degner KG customers use the score values as an aid when making their own credit decisions.

    Right to object:

    Processing of the data stored by Creditreform Reutlingen Degner KG is performed for compelling legitimate grounds of creditor and credit protection that regularly take precedence over your interests, rights and freedoms, or that are used to establish, exercise or defend legal claims. You can only object to processing of your data on demonstrable grounds relating to your particular situation. If such particular grounds demonstrably exist, the data shall no longer be processed. If you object to processing of your data for advertising and marketing purposes, the data shall no longer be processed for these purposes.

    The controller under the terms of Art. 4 (7) of the EU GDPR is Creditreform Reutlingen Degner KG, Auwiesenstrasse 30, 72770 Reutlingen (www.creditreform-reutlingen.de). If you have any questions, you can contact Creditreform Reutlingen Degner KG as follows: Tel.: +49 (0)7121 9509-0, Fax: +49 (0)7121 9509-30, Email: info@reutlingen.creditreform.de

    You can contact the competent data protection officer on: Creditreform Reutlingen Degner KG, Data Protection Officer, Auwiesenstrasse 30, 72770 Reutlingen, www.creditreform-reutlingen.de.

Integration of external web services and data processing outside the EU

We use active contents from external providers (‘web services’) on our website. When you access our website, these external providers may receive personal information about your visit to our website. Data may be processed outside the EU in this regard. You can prevent this from happening by installing an appropriate browser plugin or by disabling the execution of scripts in your browser. This can lead to functional restrictions on websites you visit.

We use the following external web services:

  • website-check.de

    A web service provided by Website-Check GmbH, Beethovenstrasse 24, 66111 Saarbrücken, Germany (hereinafter referred to as ‘website-check.de’) is downloaded on our website. We use this data to guarantee the full functionality of our website. Your browser may transfer personal data to website-check.de in this regard. The legal basis for data processing is Art. 6 (1) f of the GDPR. The legitimate interest lies in the error-free operation of our website. The data is deleted as soon as the purpose of its collection has been fulfilled. You will find further information about how the transferred data is handled in the website-check.de privacy policy: https://www.website-check.de/datenschutzerklaerung/

    You can prevent website-check.de from collecting and processing your data by disabling the execution of script codes in your browser or by installing a script blocker in your browser.

Data security and data protection, communication by email

When it is collected, stored and processed, your personal data is protected by means of technical and organisational measures to ensure that it is inaccessible to third parties. Since we cannot guarantee complete data security on the transmission path to our IT systems during unencrypted communication by email, we advise sending highly confidential information using encrypted communication or by post.

Right of access and rectification requests – Erasure and restriction of data – Revocation of consent – Right to object

Right of access

You have the right to request confirmation as to whether we process your personal data. If we do, you have a right of access to the information specified in Art. 15 (1) of the GDPR, provided that the rights and freedoms of others are not adversely affected (cf. Art. 15 (4) of the GDPR). We are also happy to provide you with a copy of the data.

Right to rectification

According to Art. 16 of the GDPR, you have the right to have incorrectly stored personal data (such as your address, name, etc.) corrected by us at any time. You can also request that the data we store be completed at any time. Adjustment to this effect shall be performed without delay.

Right to erasure

According to Art. 17 (1) of the GDPR, you have the right to request that we erase the personal data collected about you if

  • the data is either no longer needed;
  • the legal basis of processing is no longer applicable due to you revoking your consent;
  • you have objected to processing and there are no legitimate grounds for processing;
  • your data is being processed unlawfully;
  • a legal obligation requires this or collection according to Art. 8 (1) of the GDPR has taken place.

According to Art. 17 (3) of the GDPR, the right does not exist if

  • processing is necessary to exercise the right to freedom of expression and information;
  • your data was collected based on a legal obligation;
  • processing is necessary for reasons of public interest;
  • the data is necessary to establish, exercise or defend legal claims.

Right to restriction of processing

According to Art. 18 (1) of the GDPR, you have the right to request on a case-by-case basis that processing of your personal data be restricted.

This applies if

  • you dispute the correctness of the personal data;
  • processing is unlawful and you do not consent to erasure of the data;
  • the data is no longer required for the purpose for which it is being processed, but the data collected is being used to assert, exercise or defend legal claims;
  • an objection has been made against processing according to Art. 21 (1) of the GDPR and it is still unclear which interests take precedence.

Right of revocation

If you have given us express permission to process your personal data (Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR), you can revoke this consent at any time. Please note that revocation of consent does not affect the lawfulness of processing carried out based on such consent up until the same is revoked.

Right to objection

According to Art. 21 of the GDPR, you have the right to object at any time to the processing of personal data concerning you that has been collected based on Art. 6 (1) f (in the context of a legitimate interest). You are only entitled to this right if special circumstances preclude storage and processing.

How do I exercise my rights?

You can exercise your rights at any time by using the contact details provided below:

A & W Mauthe GmbH & Co. KG
Riegertsbühlstrasse 32
78601 Mahlstetten
Email: info@mauthe-drehteile.de
Tel.: +49 (0)7429 940 210
Fax: +49 (0)7429 940 2121

Right to data portability

According to Art. 20 of the GDPR, you are entitled to have personal data concerning you transferred. We provide the data in a structured, commonly used and machine-readable format. The data can be sent either to yourself or to a controller named by you.

We shall provide you with the following data on request according to Art. 20 (1) of the GDPR:

  • Data collected based on express consent according to Art. 6 (1) a of the GDPR or Art. 9 (2) a of the GDPR;
  • Data that we have received from you according to Art. 6 (1) b of the GDPR in the context of existing contracts;
  • Data processed in the context of an automated procedure.

We shall transfer the personal data directly to a controller of your choosing insofar as doing so is technically feasible. Please note that we are not allowed to transfer data that interferes with the rights and freedoms of others according to Art. 20 (4) of the GDPR.

Right to lodge a complaint with the supervisory authority according to Art. 77 (1) of the GDPR

If you suspect that your data is being processed unlawfully on our website, you can naturally obtain judicial clarification of the issue at any time. Every other legal option is open to you too. Regardless of this, you have the option of contacting a supervisory authority according to Art. 77 (1) of the GDPR. You have a right to lodge a complaint according to Art. 77 of the GDPR in the EU member state of your place of residence, your workplace and/or the place of the suspected violation, i.e. you can choose the supervisory authority you wish to contact from the aforementioned locations. The supervisory authority with whom the complaint was lodged then informs you of the status and results of your petition, including the possibility of a judicial remedy according to Art. 78 of the GDPR.

Created by:

© IT law firm DURY – www.dury.de

© Website-Check GmbH – www.website-check.de