Privacy Policy

1. General

We take the protection of your personal data very seriously. Data is ‘processed’ by us in line with the applicable statutory data protection provisions, particularly in line with the European General Data Protection Regulation (hereinafter referred to as: GDPR) and country-specific data protection provisions.

‘Personal data’ means any information relating to an identified or identifiable natural person; an identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

‘Processing’ means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

In the following, we inform you about the processing of your data, in particular about the type, scope and purpose of the collection and use of your personal data when you visit our website and use our offers and services, as well as the corresponding legal bases for the individual processing operations. In addition, we explain to you in our privacy policy which rights you are entitled to with regard to data processing.

2. Name and address of the data protection officer

Visitors to our website can contact our externally appointed data protection officer regarding data protection issues by using the following details:

Swen Goslar
aigner business solutions GmbH
Telefon: +49 8505 91927 – 0
E-Mail: datenschutz@fact.de

3. Processing your data

The type, scope and purposes of the processing of your data differ depending on whether you only visit our website or make use of services and/or benefits offered by us:

a) Visiting our web pages (server log files)
When you visit our website, the server stores data in ‘server log files’, which your web browser automatically transmits to the server. These log which page views have taken place and when. They contain the following data:

  • Website visited
  • Time at the time of access
  • Amount of data sent in bytes
  • Source/reference from which you reached the page
  • Directory protection user
  • Status code
  • Host name accessed
  • Browser used
  • Operating system used
  • IP address used in anonymised form

Error logs, which record page views with errors, are deleted after seven days. In addition to the error messages, these contain the accessing IP address and, depending on the error, the website accessed.

The data collected is only used for statistical evaluations and to improve the website. However, the website operator reserves the right to check the server log files retrospectively if there are specific indications of unlawful use.

The processing of this data takes place to enable the use of the web pages accessed by you in the first place, for statistical purposes, to improve our online offering and for security against illegal cyber attacks as well as to exercise, assert or defend legal claims. Your IP address will only be stored for as long as is necessary to defend against possible cyber-attacks and to provide law enforcement authorities with the information they need to prosecute.

The aforementioned data will be processed separately from all personal data that you provide to us when visiting our website and/or using a service and will not be merged under any circumstances.

The legal basis for the data processing described above is Article 6 (1) (b) of the GDPR for the implementation of necessary pre-contractual measures which take place at your request to allow you to use the web pages you access. Insofar as the above data is processed for the purpose of security against unlawful cyber attacks, or to exercise, assert or defend legal claims, this is done on the legal basis of Article 6 (1) (f) of the GDPR. Our legitimate interest for this data processing is to analyse the data to improve our online services, to exercise, assert or defend legal claims where appropriate and to protect our systems from unlawful cyber-attacks.

b) Processing of personal data when using the services and/or benefits we offer:
Personal data will only be processed by us if this is permitted by law or if you consent to the processing of your personal data.

If you wish to make use of the services we offer on our website, it may be necessary for you to provide or communicate further personal data.

We process your personal data for the above purposes on the legal basis of Article 6 (1) (b) of the GDPR in order to fulfil a contract with you or to carry out necessary pre-contractual measures which take place at your request. The purpose of processing your personal data would therefore be to process enquiries or to provide the requested service, for example. Without the provision of personal data, we cannot process your enquiry and/or conclude the contract with you and provide the services offered.

In addition, we process your data for the purpose of exercising, asserting or defending any legal claims arising from the contractual relationship and, if necessary, for allowing law enforcement authorities to prosecute any misuse of our services. The above data processing is carried out on the legal basis of Article 6 (1) (f) of the GDPR. Our legitimate interest for data processing on the legal basis of Article 6 (1) (f) of the GDPR is to be able to exercise, assert or defend legal claims arising from the contractual relationship, if applicable, and to allow law enforcement authorities to prosecute, if applicable.

We also process your personal data for the purpose of complying with our statutory retention obligations. The legal basis for the fulfilment of our legal retention obligations is standardised in Article 6 (1) (c) of the GDPR.

Your data may be passed on to service providers who support us for the fulfilment of the contract or for the implementation of necessary pre-contractual measures, which are carried out at your request, and who we have of course carefully selected. These may be technical service providers or service providers who assist us with shipping, payment processing or accounting.

We also reserve the right to integrate external content from third-party providers (e.g. YouTube videos, external map services, external graphics, etc.) on our web pages. If we use tools from third-party providers, we will inform you about the use, the mode of operation, the legal basis and further details regarding the respective tools under section 15. of this privacy policy.

Otherwise, your personal data will only be disclosed to other third parties if we are legally obliged to do so on the legal basis of Article 6 (1) (c) of the GDPR and, if applicable, to lawyers and tax advisors on the legal basis of Article 6 (1) (f) of the GDPR. Our legitimate interest in disclosing your data to tax advisors and lawyers is to meet our tax obligations or to exercise, assert or defend legal claims.

Furthermore, we do not pass on your personal data to third parties without your explicit consent.

c) Contact form
If you send us enquiries via the contact form (if offered), your details from the enquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up enquiries. We do not share this data without your consent or legal permission.

The legal basis for the data processing described above is Article 6 (1) (b) of the GDPR for the implementation of necessary pre-contractual measures, which are carried out at your request.

4. Using cookies

We use ‘cookies’ on our website. Cookies are small text files that are sent to your browser by our web server when you visit our website and the browsers saves them on your device (e.g. PC, smartphone, tablet) for a limited period of time for various purposes. We inform you about the use of cookies on our website below:

Session cookies
We use session cookies on our website which are saved when you access the homepage and are only valid until your browser is closed again. The purpose of the session cookies used by our website is to allow you to use our website more effectively and to collect statistical data about our website and to analyse and improve it.

The use of cookies described above is based on our legitimate interests and thus on the legal basis of Article 6 (1) (f) of the GDPR. Our legitimate interests are to provide you with a user-friendly and modern website that serves our business interests as well as meeting users’ expectations.

Third-party cookies
Where appropriate, cookies may also be used by third-party providers of tools (programs) which we use on our website. If we use tools from third-party providers, we will inform you about the use, the mode of operation, and further details regarding the respective tools under section 15. of this privacy policy.

Preventing the use of cookies via browser settings
You can determine yourself whether cookies can be saved and accessed via your browser settings. For example, you can disable cookies being saved altogether in your browser, restrict cookies for certain websites or change your browser settings so that you are automatically notified you as soon as a cookie is going to be saved, where you are asked for permission to do so. You can also change your browser settings so that cookies are automatically deleted when you close the browser. Finally, you may be able to enable a Do-Not-Track (‘DNT’) function in your browser so that you are not automatically tracked by any web analytics tools that may be used. You can find information about configuring your browser settings in the help section for your respective web browser.

5. Storage and erasure periods for personal data

If the processing purpose for your personal data required in each case ceases to apply, your personal data processed by us will be routinely erased or suppressed, unless you have consented to the permanent storage of your personal data.

If individual data must be retained after the processing purposes cease to apply due to statutory retention periods (e.g. retention requirements under tax and commercial law), erasure shall be replaced by data suppression. The data to be retained may then be processed on the legal basis of Article 6 (1) (c) of the GDPR exclusively for the aforementioned purposes.

6. Your rights as a data subject

You have the rights described below at any time:

  • Right of confirmation and access to personal data processed by us pursuant to Article 15 of the GDPR
  • Right to rectify your personal data in accordance with Article 16 of the GDPR
  • Right to erasure of your personal data (‘right to be forgotten’) pursuant to Article 17 of the GDPR
  • Right to restrict the processing of your personal data pursuant to Article 18 of the GDPR
  • Right to data portability for your personal data pursuant to Article 20 of the GDPR
  • In accordance with Article 22 of the GDPR, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or which significantly affects you in a similar way.

Please send us your request using the contact details provided in section 2. of this privacy policy.

7. Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) (e) or (f) of the GDPR; this also applies to profiling based on these provisions.

In this case, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if processing serves the purpose of asserting, exercising or defending legal claims.

If personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is associated with such direct marketing.

You also have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out for scientific or historical research purposes or for statistical purposes pursuant to Article 89 (1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest. If you object to processing for direct marketing purposes, the personal data will no longer be processed for these purposes.

8. Right of withdrawal for consent

You may withdraw any consent explicitly given to us under data protection law at any time with effect for the future. The lawfulness of processing carried out on the basis of the consent until withdrawal shall not be affected by the withdrawal.

9. Lodging complaints about data protection breaches with supervisory authorities

If you are of the opinion that your data protection rights are being violated, you can contact the supervisory authority of your federal state or the federal state of our registered office. If a complaint concerns a company that has its registered office in another federal state, the supervisory authority shall forward the complaint to the supervisory authority responsible there.

10. Notification obligation in connection with the rectification or erasure of personal data or the restriction of processing

We shall notify all recipients to whom personal data has been disclosed of any rectification or erasure of the personal data or restriction of processing pursuant to Article 16, Article 17 (1) and Article 18 of the GDPR, unless this proves impossible or involves a disproportionate effort. We will also inform you about these recipients if you request us to do so.

11. Legal or contractual requirements for providing your personal data and information regarding the necessity of the conclusion of a contract and your obligation to provide the personal data, as well as potential consequences of not providing it:

As described above, we particularly collect and process your personal data for the performance of a contract with you or for the implementation of pre-contractual measures that take place at your request. In some cases, the provision of personal data when concluding contracts (e.g. for invoices) is required by law due to tax and/or commercial regulations, otherwise it is a contractual or pre-contractual obligation. If you do not provide us with personal data, this will mean that we will be unable to conclude a contract with you and/or respond to your enquiries.

Insofar as we process your personal data on the basis of a legitimate interest pursuant to Article 6 (1) (f) of the GDPR, it is not a contractual or legal requirement to provide your data for these purposes. The details of data processing on the basis of legitimate interest can be found in the above information in the relevant places. If you do not provide us with personal data for these purposes, this may result in you being unable to use our web pages and services, or being unable to use them to their full extent.

12. Automated decisions in individual cases, including profiling

We do not use automated decision-making, including profiling in accordance with Article 22 (1) and (4) of the GDPR.

13. Data security

We use technical and organisational security measures to protect the processing of personal data, in particular against accidental or intentional manipulation, loss, destruction or against any attacks by unauthorised persons. Our security measures are continuously improved in line with technological developments.

14. Questions/comments

If you have any questions or comments about this privacy policy or about data protection in general, please contact us using the contact details provided in section 2. of this privacy policy.

15. Using third-party tools and content

We use the following third-party tools on our website:

Google-Analytics:
It is of great importance to us that our website is designed in the most optimal way to make it attractive for our users. To do this, we need to know which parts of our website resonate with our visitors.

For this purpose, we use the web analytics service Google Analytics on our website, which is a web analytics service provided by Google Inc (‘Google’). Google Analytics uses ‘cookies’, which are text files that are saved on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. We use Google Analytics on this website with IP anonymisation enabled, i.e. your IP address will be truncated by Google beforehand within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and Internet use to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent cookies from being saved by changing your browser software settings accordingly. You can find information about configuring your browser settings in the help section for your respective web browser. However, we would like to point out that in this case you may be unable to use all of the features of this website to their full extent.

In addition, you can prevent the collection of data by using a browser plugin. Such a plugin saves an opt-out cookie on your device, therefore preventing the future collection and processing of your data by Google Analytics. You can download and install a browser plugin via http://tools.google.com/dlpage/gaoptout?hl=de.

You can also prevent Google Analytics from collecting data by clicking on the following link to disable Google Analytics. An opt-out cookie will be saved to prevent the future collection of your data when visiting this website:

For more information about Google’s terms of use and privacy policy, please visit http://www.google.com/analytics/terms/de.html or http://www.google.de/intl/de/policies/terms/regional.html.

The use of Google Analytics described above is for the analysis and improvement of our online presence. This constitutes a legitimate interest for the legal basis of Article 6 (1) (f) of the GDPR.

Notes on YouTube videos:
We integrate videos from ‘YouTube’, a service provided by the company YouTube LLC 901 Cherry Ave, San Bruno, CA 94066, USA in privacy-enhanced mode on our website.

YouTube videos are not saved on our own server, but on YouTube servers. According to information provided by YouTube, when a YouTube video is embedded, information is not saved by YouTube regarding visitors to a website unless a visitor watches the embedded video. In this case, YouTube saves cookies to collect video statistics, prevent fraud and improve the user experience, and saves your IP address. In addition, when a video is viewed, contact is made with Google’s advertising network ‘DoubleClick’. As soon as an embedded YouTube video is played, we therefore no longer have any control over this data processing by YouTube. For more information about privacy at YouTube, please see their privacy policy at:

http://www.youtube.com/t/privacy_at_youtube

We use YouTube as described above in order to present you with videos regarding our products and/or services and to provide you with a modern user experience for our website, as well as for advertising purposes. This constitutes a legitimate interest for the legal basis of Article 6 (1) (f) of the GDPR.

Adobe Typekit web fonts:
Our website uses ‘web fonts’ from Adobe Typekit to uniformly display certain fonts. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (‘Adobe’).

When you access our pages, your browser loads the required fonts directly from Adobe to display them correctly on your end device. Your browser will connect to Adobe’s servers in the USA to do so. This will notify Adobe that our website has been accessed via your IP address. No cookies are saved when providing the fonts.

Adobe is certified under the EU-US Privacy Shield. The Privacy Shield is an agreement between the United States of America and the European Union to ensure compliance with European data protection standards. You can find more information at: https://www.adobe.com/de/privacy/eudatatransfers.html.

The use of Adobe Typekit web fonts is necessary to ensure a consistent typeface on our website. This constitutes a legitimate interest within the meaning of Article 6 (1) (f) of the GDPR.

For more information on Adobe Typekit web fonts, please visit: https://www.adobe.com/de/privacy/policies/typekit.html.

You can find Adobe’s privacy policy at: https://www.adobe.com/de/privacy/policy.html

Newsletter:
We use Sendinblue (formerly Newsletter2Go) newsletter software. Your data will be transmitted to Newsletter2Go GmbH. Sendinblue (formerly Newsletter2Go) is prohibited from selling your data and using it for purposes other than sending newsletters. Sendinblue (formerly Newsletter2Go) is a German certified provider, which was selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act (Bundesdatenschutzgesetz).

Further information can be found at https://de.sendinblue.com/informationen-newsletter-empfaenger/.

You can withdraw your consent to the storage of the data, the e-mail address and the use of these to send the newsletter at any time, for example by clicking on the ‘Unsubscribe’ link in the newsletter.

The data protection measures are always subject to technical updates. For this reason, we ask you to check our privacy policy on a regular basis to stay up-to-date on data protection measures.