Responsible handling of your data has always been important to us. We are pleased to take into account the increased requirements for the protection of your data and the transparency in handling it with the transfer of the EU General Data Protection Regulation (GDPR) into national legislation.
One of the most obvious changes to the GDPR is the comprehensive information obligations to which we are now subject. Therefore, we would like to teach you how and why we collect your information, how it is processed, and what rights you enjoy.
The GDPR refers to personal data. These are data that are directly or indirectly attributable to a person or can be assigned. These are e.g. clearly recognizable name, address, etc. But even abstract data such as the IP address of your Internet connection, if they are assigned to your person, becomes to personal data.
Essentially, Professional Products M. Naumann GmbH obtains data in the following locations:
By visiting one of the websites of Professional Products M. Naumann GmbH, information is exchanged between your device and our server and stored in log files as well as statistically evaluated.
These data (IP address, location, provider, browser possibly including plugins used, screen resolution) are initially abstract and serve to optimize our website for your visit.
In addition, we use so-called cookies on our websites. These small files, created automatically by your browser, are used to identify you across multiple pages in a site. Without cookies, for example, it would not be possible to assign the articles placed in the shopping cart of an online shop across multiple pages. Cookies are also required for the statistical purposes mentioned above, in order to assign the viewing of multiple pages to a single visit.
Cookies do not give us immediate knowledge of your identity. In the further course, for example by logging into your customer account, an allocation of cookies to your person may become possible.
In connection with contacting us through one of our web forms or placing an order in one of our online shops, we will collect further data from you that we process for the purpose for which you provided us with the data. The data mentioned above in this case would be linked to each other and become personal data.
- by phone / on site:
If you contact us by phone or visit us personally, we will most likely also collect information from you. The scope may vary depending on the intention of your call or visit, such as a catalog request or an order.
- by fax and email:
For orders or inquiries via fax and email, we process your data as far as we need to process your request.
Under certain circumstances you send us a product due to a complaint, which you bought over third. Hereby we record both your address data and basic data (model, if necessary type, serial number) of the product complained about as well as via which dealer the device was sold. This serves the settlement with the respective dealer.
Purposes of data collection and legal basis
The data initially collected when visiting our websites are stored in so-called log files and contain information such as your IP address, your location, details of the pages you visit on our website, as well as the time and date of access, if applicable the website address from which you have come to us, as well as information about the web browser you use (possibly including plugins), the operating system you are using, your screen resolution and your provider.
These data are broken down into statistics using the tracking software Motomo. For illustration, portions of the IP address are masked (e.g., 192.168. ***. ***). For the operation of this software, unlike e.g. for Google Analytics, we do not pass data to third parties.
This data is used to optimize our websites, to make the navigation and use of our pages as easy and pleasant as possible.
The information that we collect from you (contact form, telephone inquiry, online orders, telephone or on-site) includes all the information we need for each fulfillment. If we already have your data available, we will coordinate it with you to ensure the accuracy of the data. If these datasets contain information that is not necessarily required for the fulfillment of the respective order, they are, of course, fully subject to the regulations of the GDPR and the German BDSG (neu).
The fundamentals of the recording of this data are the business initiation or order fulfillment.
Passing on your data
The transfer of your data is only and exclusively to the extent necessary to fulfill the order or to fulfill legal requirements. Recipients of the records are e.g. (but not exclusively) the parcel services DHL, DPD and UPS, Deutsche Post, the Datev or the payment service providers we use, such as Paypal or Amazon Pay.
Duration of data storage
We typically retain your information for as long as required by law or for the purposes for which the data was collected. After expiration of such deadlines or for records which we are not obliged to keep and which we no longer need, the records will be deleted twice a year, but after two years at the latest during regular maintenance and cleaning.
Your rights - our commitment
The GDPR defines in more detail that you are the sole owner of your data and only grant companies such as ours the right to process them. In addition, Chapter 3 of the GDPR defines your rights in the handling of your data.
These express themselves in addition to the right to revoke the consent given to us to process your data at any time, as follows:
- You have the right to obtain information about the data we have stored about you and about the purposes of processing, the category of your personal data and the recipients to whom your data has been disclosed, the planned retention period and the source of your data, if they not directly were collected from you.
- You have the right to correct incorrect or to complete data.
- You have the right to delete your data, provided that no statutory or contractual retention periods or other statutory obligations for further storage contrary.
- You have the right to restrict the processing of your data, provided that
- the accuracy of the data is disputed by you;
- the processing is illegal, but you refuse the deletion;
- the controller (us) no longer needs the data for processing, but you need the data to assert, exercise or defend legal claims;
- You have objected to the processing of your data.
- You have the right to transfer your data to you or another person in a standard, structured machine-readable format.
- You have the right to a complaint to a supervisory authority. As a rule, you can contact the supervisory authority at your regular place of residence or at our registered office.
In addition, under the conditions of Article 21 (1) GDPR, data processing may be objected to for reasons that arise from the particular situation of the data subject.
The above general right of objection applies to all processing purposes described in this Privacy Notice, which are processed on the basis of Article 6 (1) (f) GDPR. According to the GDPR, we are only obliged to implement such a general objection if you give us reasons of overriding importance (for example, a possible danger to life or health).
In order for you to enforce your rights, we have set up the email address email@example.com. We will examine your concerns as soon as possible and inform you about the progress and / or measures taken.
The "data protection" in our company
To ensure the security of your information, all of the information you transmit online through our websites, as well as the information that we hand over to our transport partners, are transmitted using the generally accepted and secure standard SSL (Secure Socket Layer). Please note that we have no control over the security of the emails you send to us.
Our infrastructure, where your data is processed, is protected against unauthorized access, disruption, loss or alteration of your data through customary and additional measures.