Kallfass GmbH - Maschinen plus Automation
Röter Straße 44
Phone: +49 74 42 / 84 46 - 0
Fax: +49 74 42 / 84 46 - 50
Dipl.-Ing. Ernst Kallfass
Amtsgericht Stendal 104356
Data protection officer:
Contact details of the data protection officer
The company's data protection officer is available at the above-mentioned corporate address and at firstname.lastname@example.org.
Types of processed data:
- ☒ Inventory data (e.g., names, addresses, only in case of visitors contacting website).
- ☒ Contact details (e.g., e-mail, phone numbers, only in the case of visitors contacting website).
- ☐ Content data (e.g., text input, photographs, videos).
- ☐ Contract data (e.g., contract objective, term, customer category).
- ☐ Payment data (e.g., bank details, payment history).
- ☒ Usage data (e.g., visited web pages, interest in content, access times).
- ☒ Meta/communication data (e.g., device information, IP addresses).
Processing of special categories of data (Article 9, (1) of the GDPR):
- ☒ Special categories of data are not processed.
- ☐ Particular categories of data are not processed unless they are sent by the users for processing purposes, e.g. entered in online forms.
- ☐ The following special categories of data are processed:
Categories of persons who are effected by the processing:
- ☒ Customers / interested persons / suppliers.
- ☐ Visitors and users of the online offer.
Issue: May 24, 2018
1. Relevant legal basis
3. Safety measures
3.1. We take appropriate technical measures in accordance with Art. 32 GDPR, taking into account the state-of-the-art-technology, the implementation costs and the type, the scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons and organisational measures in order to ensure a level of protection appropriate to the risk. Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as their access, input, disclosure, availability and separation. Furthermore, we have also set up procedures to ensure the perception of data subject rights, data deletion and data vulnerability. Moreover, we consider the protection of personal data already in the development, or selection of hardware, software and procedures, according to the principle of data protection by technology design and by privacy-friendly default settings taken into account (Article 25 GDPR).
3.2. One of the security measures is the encrypted transfer of data between your browser and our server.
4. Collaboration with persons processing orders and third parties
4.1. If, in the context of our processing, we disclose data to other persons and companies (persons processing orders or third parties), transmit them to them or otherwise grant access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, as required by payment service providers, pursuant to Art. 6 (1) (b) GDPR to fulfill the contract), you have consented to a legal obligation or based on our legitimate interests (e.g. the use of agents, the host of the web, etc.).
4.2. If we commission third parties to process data on the basis of a what is referred to "contract processing contract", this is done on the basis of Art. 28 GDPR.
5. Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure, or transmission of data to third parties, this will only be done if it is to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only in the presence of the special conditions of Art. 44 et seq. DSGVO. That is to say, the processing is for example on the basis of specific guarantees, such as the officially recognised level of data protection (e.g. for the US through the “Privacy Shield”) or in compliance with officially recognised special contractual obligations (what is referred to as "standard contractual clauses").
6. Rights of affected persons
6.1. You have the right to ask for confirmation as to whether the data in question is being processed and for information about this data as well as for further information and a copy of the data in accordance with Art. 15 GDPR.
6.2. According to Art. 16 DSGVO you have the right to demand the completion of the data concerning you or the correction of the incorrect data concerning you.
6.3. In accordance with Art. 17 GDPR, you have the right to demand that the relevant data be deleted without delay, or, alternatively, to require a restriction of the processing of data in accordance with Art. 18 GDPR.
6.4. You have the right to demand that the data relating to you, which you have provided to us, be obtained in accordance with Art. 20 GDPR and request their transmission to other persons responsible.
6.5. According to Art. 77 DSGVO you also have the right to file a complaint with the responsible supervisory authority.
7. Right of rescission
You have the right to withdraw from previously granted consent with effect for the future in accordance with. Art. 7 para. 3 DSGVO.
8. Right of objection
You can object to the future processing of your data in accordance with Art. 21 GDPR at any time. In particular, the objection may be made against processing for direct marketing purposes.