Skip to main content

Privacy Statement

We are delighted that you are visiting our website www.happich.de and are interested in our company.

The protection of your personal data, such as e.g. date of birth, name, telephone number, address, etc., is important to us.

The purpose of this privacy statement is to inform you about the processing of your personal data which we collect when you visit the website. Our data privacy policy is consistent with the statutory regulations of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). The following privacy statement serves to fulfil the duties to inform that emerge from the GDPR. They are found e.g. in Art. 13 and Art. 14 et seqq of the GDPR.

1. Controller

The controller in the sense of Art. 4 No. 7 of the GDPR is the person who, alone or collectively with others, makes decisions about the purposes and means of the processing of personal data.

In regards to our website, the controller is:

Happich GmbH
Lise-Meitner-Str. 14
42119 Wuppertal
Email: info@happich.de
Tel.: +49 202.8703-0
Fax: +49 202.8703-599

2. Contact details for the data protection officer

We have appointed a data protection officer according to Art. 37 of the GDPR. Our data protection officer can be reached using the following contact details:

Dirk-Michael Mülot
Westfalenweg 2
Freelance Expert on Data Privacy & Security & IT Forensics
33449 Langenberg
Email: d.muelot@muelot-graf.de

3. Providing the website and creating log files

Each time our website is accessed, our system automatically records data and information from each accessing device (e.g. computer, mobile phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information on the type of browser and the version used;
(2) The operating system of the accessing device;
(3) Host name of the accessing computer;
(4) The IP address of the accessing device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content), which have been accessed on our website;
(7) Websites from which the system of the user arrived to our website (referrer tracking);
(8) Notification of whether the access was successful;
(9) Transmitted volume of data

This data is stored in our system’s log files. This data is not stored together with personal data belonging to a specific user, so individual site visitors are not identified.

Legal basis for personal data processing

Art. 6, Para. 1, lit. f of the GDPR (legitimate interest). Our legitimate interest is to guarantee achievement of the purpose outlined below.

Purpose of data processing

The temporary (automated) storage of the data is required to process a visit to the website in order to enable delivery of the website. The storage and processing of the personal data is also carried out to maintain our website’s compatibility for all visitors where possible and to combat misuse and eliminate faults. To this end, it is necessary to log the accessing computer’s technical data, so that we can respond to display errors, attacks on our IT systems and/or functionality errors on our website as early as possible. Additionally, we also use the data to optimise the website and to ensure the general security of our IT systems.

Duration of storage

The above technical data is deleted as soon as it is no longer needed to guarantee the website’s compatibility for all visitors, but at the latest within three months of our website being accessed.

Opportunity to object and delete

You can object to the processing at any time according to Art. 21 of the GDPR and request the deletion of data according to Art. 17 of the GDPR. You can see what rights you have and how you can assert them in the bottom section of this privacy statement.

4. Special features of the website

Our site offers you a variety of features which, when used, personal data is collected, processed and saved by us. We have provided an explanation of what happens to this data below:

Contact form(s):
  • What personal data is collected and to what extent is it processed?
    The data input by you into our contact forms which you have entered into the input mask of the contact form.
  • Legal basis for personal data processing
    Art. 9, Para. 1, lit. a of the GDPR (consent by means of unequivocal confirmatory act or behaviour)
  • Purpose of data processing
    We will use the data captured by means of our contact form(s) only to process the specific contact request received through the contact form(s). Please note that we may also send you emails to the indicated address under certain circumstances in order to fulfil your contact requests. The purpose of this is for you to receive a confirmation from us that your request has been sent to us correctly. The sending of this confirmation email is, however, not obligatory for us and is only for your information.
  • Duration of storage
    The data captured is deleted immediately after your request has been processed, provided that there are no statutory retention periods.
  • Opportunity to revoke and delete
    The opportunities to revoke and delete are based on the general regulations on the right to revoke and delete under data protection legislation which are outlined below in this privacy statement.
  • Need to provide personal data
    The contact forms are used on a voluntary basis and are neither contractually nor legally prescribed. You are not required to initiate contact with us via the contact form, but rather you can also use the other contact options indicated on our website. If you would like to use our contact form, you must complete the fields marked as mandatory. If you do not complete the required fields of the contact form, you can neither send the request nor, unfortunately, can we process your request.

5. Automatic credit check / scoring

If you would like to conclude a contract with us, we reserve the right to carry out exclusively automated processing of your personal data to check your credit. We are entitled to such an automated decision according to Art. 22 Para. 2 lit. a of the GDPR. Whether or not the contract can be concluded depends on the result of the automated credit check. Statistical probabilities of a payment default are calculated for a credit check. The credit report may include probability values (score values), which are calculated based on scientifically recognised mathematical / statistical methods. Conclusions are thereby drawn as to the customer’s future risk of payment default using a wide range of features, such as income, address data, occupation, marital status and previous payment history. The result is expressed in the form of a payment value (“score”). The information obtained in this way forms the basis of our decision on whether to establish, execute or terminate a contractual relationship. If you believe that you have been unfairly excluded from concluding the contract based on the credit check, you can clarify your position in an email to us. We will then verify the automated decision according to Art. 22 Para. 3 of the GDPR in the specific case. In order to carry out the credit check, we may process and store your personal data according Art. 6 Para. 1 lit. b of the GDPR.

We will send your data in the cases listed below to the following provider(s) based on the pending contract:

Creditsafe Deutschland GmbH:

Creditsafe Deutschland GmbH, Schreiberhauer Straße 30, 10317 Berlin (www.creditsafe.com): Our company regularly checks your credit rating when concluding contracts and in certain cases where there is a legitimate interest for doing so, this applies to existing customers too. To this end, we work together with Creditsafe Deutschland GmbH, Schreiberhauer Straße 30, 10317 Berlin, from which we receive the necessary data. We send your name and contact details to Creditsafe Deutschland GmbH for this purpose.

Creditreform Wuppertal Brodmerkel & Kötting KG:

Our company regularly checks your credit rating when concluding contracts and in certain cases where there is a legitimate interest for doing so, this applies to existing customers too. To this end, we work together with Creditreform Wuppertal Brodmerkel & Kötting KG, Werth 91+93, 42275 Wuppertal (www.creditreform-wuppertal.de), from which we receive the necessary data. On behalf of Creditreform Wuppertal Brodmerkel & Kötting KG, we would like to share the following information with you in advance according to Art. 14 of the EU GDPR:

Creditreform Wuppertal Brodmerkel & Kötting KG is a consumer credit agency. It maintains a database in which creditworthiness information about private individuals is saved.

Creditreform Wuppertal Brodmerkel & Kötting KG provides its customers with credit reports on this basis. Its customers include credit institutions, leasing companies, insurance companies, telecommunications companies, receivables management companies, shipping, wholesale and retail companies as well as other companies which supply goods and provide services. In the context of the legal provisions, some of the data available in the information database is also used for supplying other company databases, e.g. for use for address trading purposes, among other things.

In particular, information about people’s name, address, date of birth, email address if necessary, payment behaviour and shareholdings is saved in the Creditreform Wuppertal Brodmerkel & Kötting KG database. The saved data is processed to provide information about the queried person’s creditworthiness. The legal basis for processing is Art. 6, Para. 1, lit. f of the EU GDPR. Information about this data may only be provided if a customer has proven a legitimate interest in knowledge of this information. Where data is sent to states outside of the EU, this takes place on the basis of what are referred to as the “standard contractual clauses. You can view these or request to have these sent to you via the following link:

http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32001D0497&from=DE

This data will be saved as long as is necessary to fulfil the purpose for which it was stored in the first place. Knowledge is generally necessary for a storage period of three years initially. Once this period of time has elapsed, a further check is made to see whether the data still needs to be stored, otherwise it is deleted three years to the day it was stored. If a situation is being dealt with, the data will be deleted three years to the day following completion of the same. Entries in the debtor’s register are deleted, as per Section 882e of the German Code of Civil Procedure (ZPO), once three years to the day have elapsed since the entry was arranged.

Legitimate interests under the terms of Art. 6, Para. 1, lit. f of the EU GDPR may be: a credit decision, initiation of business, shareholdings, a claim, a credit check, an insurance contract and enforcement information. You have a right of access vis-à-vis Creditreform Wuppertal Brodmerkel & Kötting KG with regard to the data concerning you that it has saved. If the data saved about you is incorrect, you are entitled to have the same rectified or deleted. If it cannot be immediately determined whether the data is incorrect or correct, you are entitled to have the respective data blocked until the same is clarified. If your data is incomplete, you can request that it be completed.

If you have given your consent to processing of the data saved by Creditreform Wuppertal Brodmerkel & Kötting KG, you have the right to revoke this consent at any time. Revocation does not affect the lawfulness of the processing of your data carried out based on your consent up until the same is revoked.

If you have objections, requests or complaints regarding data protection, you can contact the Creditreform Wuppertal Brodmerkel & Kötting KG data protection officer at any time. He or she will provide you with fast and reliable assistance in all data protection concerns. You can also complain about data processing by Creditreform Wuppertal Brodmerkel & Kötting KG to the competent state representative for data protection in your state.

The data that Creditreform Wuppertal Brodmerkel & Kötting KG saves in relation to you comes from publicly accessible sources, from debt collection companies and their customers.

To describe your creditworthiness, Creditreform Wuppertal Brodmerkel & Kötting KG forms a score value from your data. Data concerning your age and gender, address details and sometimes payment experience data is incorporated into the score value. We incorporate this data in the score calculation process with different weighting. Creditreform Wuppertal Brodmerkel & Kötting KG customers use the scores as an aid when making their own lending decisions.

Right of objection:

The processing of the data held by Creditreform Wuppertal Brodmerkel & Kötting KG takes place on the compelling and legitimate grounds of creditor and credit protection which regularly outweigh your interests, rights and freedoms or serve to assert, exercise or defend legal claims. You may only object to the processing of your data on grounds relating to an exceptional situation applicable to you, for which evidence must be provided. If you can provide evidence that such special reasons apply, this data will cease to be processed. If you object to your data being processed for advertising and marketing purposes, this data will no longer be processed for these purposes.

The controller under the terms of Art. 4, Para. 7 of the EU GDPR is Creditreform Wuppertal Brodmerkel & Kötting KG, Werth 91+93, 42275 Wuppertal (www.creditreform-wuppertal.de). You can contact Creditreform Wuppertal Brodmerkel & Kötting KG with any questions using the following contact details: tel.: +49 (0) 2 02 / 2 55 66-0, Fax: +49 (0) 2 02 / 59 40 20, Email: info@wuppertal.creditreform.de

You can contact the relevant data protection officer using the following contact details: Creditreform Wuppertal Brodmerkel & Kötting KG, Data Protection Officer, Werth 91+93, 42275 Wuppertal, www.creditreform-wuppertal.de.

6. Statistical evaluation of visits to this website - web trackers

When this website or individual files on the website is / are called up, we collect, process and save the following data: IP address, web page from which the file was retrieved, name of the file, the retrieval date and time, the data volume transmitted and the retrieval success notification (so-called web log). We only use this access data in a non-personalised form with a view to continuously improving our website and for statistical purposes. We also use the following web trackers to analyse visits to this website:

Google Tag Manager
  • What personal data is collected and to what extent is it processed?
    On our site we use the service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google Tag Manager). Google Tag Manager offers a technical platform for running and jointly managing other web services and web tracking programs using what are referred to as “tags”. Google Tag Manager saves cookies to your computer in connection with this and analyses your surfing behaviour, insofar as web tracking tools are run using Google Tag Manager (referred to as tracking). This data transmitted by the individual tags integrated within Google Tag Manager is pooled, saved and processed by Google Tag Manager under one common user interface. All integrated “tags” are listed again separately in this privacy statement. You can find out more about the privacy of the tools integrated in Google Tag Manager in the respective section of this privacy statement. By using our website with the integration of Google Tag Manager tags enabled, your data, specifically your IP address and your user activity, will be transmitted to servers of the company Google Ireland Limited and processed and stored outside of the European Union, e.g. in the USA. The EU Commission has established that an appropriate level of privacy can be deemed to exist in the USA provided the company processing the data has agreed to the terms of the US-EU Privacy Shield Framework, thus rendering the export of data to the USA permissible. This is the case with Google Ireland Limited. The provisions in the respective section of this privacy statement apply with regard to the web services integrated by Google Tag Manager. The tracking tools used in Google Tag Manager ensure through source code IP anonymisation that the IP address is anonymised by Google Tag Manager before transmission. Here Google Tag Manager can only collect IP addresses in anonymised form (referred to as IP masking).
  • Legal basis for personal data processing
    The legal basis for the data processing, is according to Art. 6 Para. 1 lit. a of the GDPR, your consent to our notice banner in relation to the use of cookies and web tracking (consent by unequivocal confirmatory act or behaviour).
  • Purpose of data processing
    Google uses this information obtained by means of Google Tag Manager on our behalf to analyse your visit to this website, to generate reports about your website activity and to provide us with further services associated with website use and internet use.
  • Duration of storage
    Google will save the data relevant for the function of Google Tag Manager as long as is necessary to provide the web service which has been booked. Data will be collected and stored anonymously. However, if any reference to persons should become apparent, this data will be deleted immediately provided these are not subject to any statutory retention obligations. The data will be deleted upon expiry of the retention obligation in any case.
  • Opportunity to object and remove
    You can prevent your personal data from being collected and forwarded to Google (in particular your IP address) and your data from being processed by Google by disabling the running of script code in your browser, installing a script blocker in your browser or enabling the “Do not track” setting in your browser. You can also prevent the data generated by the Google cookie in relation to your use of the website (including your IP address) from being registered and processed by Google by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=de ). You can find Google’s security and privacy policies at https://policies.google.com/privacy.

Google Analytics
  • Extent of personal data processing
    On our site we use the web tracking service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google Analytics). As part of its web-tracking services Google Analytics uses cookies which are saved on your computer and enable an analysis of the use of our website and your surfing behaviour (referred to as tracking). We conduct this analysis based on the tracking service provided by Google Analytics with a view to continually optimising our web presence and improving its availability. By using our website, your data, specifically your IP address and your user activity, will be transmitted to servers of the company Google Ireland Limited. We conduct this analysis based on the tracking service provided by Google with a view to continually optimising our web presence and improving its availability. Similarly, we require web tracking on security grounds. We can track, using web tracking, whether third parties attack our website. The web tracking information allows us to take effective countermeasures and to protect the personal data processed by us against these cyber attacks. By enabling IP anonymisation within the Google Analytics tracking code for this website, your IP address will be anonymised by Google Analytics before transmission. This website uses a Google Analytics tracking code which has been given the extension gat._anonymizeIp(); to allow only for the anonymised collection of IP addresses (referred to as IP Masking).The EU Commission has established that an appropriate level of privacy can be deemed to exist in the USA provided the company processing the data has agreed to the terms of the US-EU Privacy Shield Framework, thus rendering the export of data to the USA permissible. This is the case with Google Ireland Limited. The provisions in the respective section of this privacy statement apply with regard to the web services integrated by Google Tag Manager. The tracking tools used in Google Tag Manager ensure through source code IP anonymisation that the IP address is anonymised by Google Tag Manager before transmission. Here Google Tag Manager can only collect IP addresses in anonymised form (referred to as IP masking). 

  • Legal basis for personal data processing
    The legal basis for the data processing, is according to Art. 6 Para. 1 lit. a of the GDPR, your consent to our notice banner in relation to the use of cookies and web tracking (consent by unequivocal confirmatory act or behaviour).

  • Purpose of data processing
    Google uses this information on our behalf to analyse your visit to this website, to generate reports about the website activities and to provide us with further services associated with website use and internet use. Similarly, we require web tracking on security grounds. We can track, using web tracking, whether third parties attack our website. The web tracking information allows us to take effective countermeasures and to protect the personal data processed by us against these cyber attacks.

  • Duration of storage
    Google will save the data relevant for providing web tracking as long as is necessary to provide the web service which has been booked. Data will be collected and stored anonymously. However, if any reference to persons should become apparent, this data will be deleted immediately provided these are not subject to any statutory retention obligations. The data will be deleted upon expiry of the retention obligation in any case.

  • Opportunity to object and remove
    You can prevent your personal data from being collected and forwarded to Google (in particular your IP address) and your data from being processed by Google by disabling the running of script code in your browser or enabling the “Do not track” setting in your browser. You can also prevent the data generated by the Google cookie in relation to your use of the website (including your IP address) from being registered and processed by Google by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=de). You can find Google’s security and privacy policies at https://policies.google.com/privacy?hl=de.

7. Integration of external web services and data processing outside the EU

We use active contents from external providers (“web services”) on our website. When you access our website, these external providers may receive personal information about your visit to our website. Data may be processed outside the EU in this regard. You can prevent this by installing a corresponding browser plug-in or by disabling the running of scripts in your browser. This can lead to functional restrictions on websites you visit.

We use the following external web services: 

Google Fonts

Our site downloads a service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google Fonts). We use this data to ensure the full functionality of our website. Your browser may transmit personal data to Google Fonts in connection with this. The legal basis for data processing is Art. 6, Para. 1, lit. f of the GDPR. The legitimate interest is to ensure error-free operation of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. You will find further information about how the transferred data is handled in the Google Fonts privacy policy: https://policies.google.com/privacy

You can prevent your data from being recorded and processed by Google Fonts by disabling the running of script code in your browser or installing a script blocker in your browser.

Google Maps
  • What personal data is collected and to what extent is it processed?
    On our site we use the maps service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google Maps). Google Maps is integrated on the website via the Google API in order to view location information and to display it in the form of a map. The processing of the your IP address by Google Maps is technically required to display the map. The provisions in the respective section of this privacy statement on Google APIS apply with regard to the other web services integrated by Google APIS.
  • Legal basis for personal data processing
    Art. 6, Para. 1, lit. f of the GDPR (legitimate interest). Our legitimate interest is in being able to visually present to you the depiction of location information as is common on the internet.
  • Purpose of data processing
    The information obtained by Google Maps is used on our behalf to display the map to you. You can find us quicker and more accurately using Google Maps than with a simple, non-interactive location sketch.
  • Duration of storage
    Google will save the data relevant for the function of Google Maps as long as is necessary to provide the web service which has been booked. Data will be collected and stored anonymously. However, if any reference to persons should become apparent, this data will be deleted immediately provided these are not subject to any statutory retention obligations. The data will be deleted upon expiry of the retention obligation in any case.
  • Opportunity to object and delete
    You can prevent your personal data from being collected and forwarded to Google (in particular your IP address) and your data from being processed by Google by disabling the running of script code in your browser, installing a script blocker in your browser or enabling the “Do not track” setting in your browser. You can find Google’s security and privacy policies at https://policies.google.com/privacy.
  • Joint processing
    We have concluded a contract with Google in relation to Google Maps to jointly process data. You can find the content at https://privacy.google.com/intl/de/businesses/mapscontrollerterms/.
Google APIS

Our site downloads a web service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: Google APIS). We use this data to ensure the full functionality of our website. Your browser may transmit personal data to Google APIS in connection with this. The legal basis for data processing is Art. 6, Para. 1, lit. f of the GDPR. The legitimate interest is to ensure error-free operation of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. You will find further information about how the transmitted data is handled in the Google APIS privacy policy: https://policies.google.com/privacy

You can prevent your data from being recorded and processed by Google APIS by disabling the running of script code in your browser or installing a script blocker in your browser.

Gstatic

Our site downloads a web service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: Gstatic). We use this data to ensure the full functionality of our website. Your browser may transmit personal data to Gstatic in connection with this. The legal basis for data processing is Art. 6, Para. 1, lit. f of the GDPR. The legitimate interest is to ensure error-free operation of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. You will find further information about how the transmitted data is handled in the Gstatic privacy policy: https://policies.google.com/privacy

You can prevent your data from being recorded and processed by Gstatic by disabling the running of script code in your browser or installing a script blocker in your browser.

  • website-check.de
    Our website downloads a web service provided by Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany (hereinafter referred to as: website-check.de). We use this data to ensure the full functionality of our website. Your browser may transfer personal data to website-check.de in connection with this. The legal basis for data processing is Art. 6, Para. 1, lit. f of the GDPR. The legitimate interest is to ensure error-free operation of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. You will find further information about how the transmitted data is handled in the website-check.de privacy policy: https://www.website-check.de/datenschutzerklaerung/

    You can prevent your data from being recorded and processed by website-check.de by disabling the running of script code in your browser or installing a script blocker in your browser.

  • Unpkg
    Our website downloads a web service provided by the company Npm, Inc., 1999 Harrison Street #1150, CA 94612 Oakland, United States of America (hereinafter referred to as: Unpkg). If you enable Java Script in your browser and have not installed a Java Script blocker, your browser may transmit personal data to Unpkg. You will find further information about how the transmitted data is handled in the Unpkg privacy policy: https://www.npmjs.com/policies/privacy

    You can prevent your data from being recorded and processed by Unpkg by disabling the running of script code in your browser or installing a script blocker in your browser.

8. Information about the use of cookies

Extent of personal data processing

We integrate and use cookies on different pages in order to enable certain functions of our website and to integrate external web services. The so-called ‘cookies’ are small text files which your browser can save on your access device. These small text files contain a characteristic string that unequivocally identifies the browser when you return to our website. The process of saving a cookie file is also called “setting a cookie”. Cookies can be set here both by the website itself and also by external web services.

Legal basis for personal data processing

Art. 6, Para. 1, lit. f of the GDPR (legitimate interest) or Art. 6, Para. 1, lit. a or Art. 9 Para. 1, lit. a of the GDPR (consent).

It emerges from the cookie table listed later in this point which legal basis is relevant.

It generally applies that in the case of cookies collected based on a legitimate interest, our legitimate interest is in the functionality of our website and ensuring the services integrated therewith (technically required cookies). In addition, it may be that the cookies increase user friendliness and enable a more customised experience. We have weighed up your interests and our interests here.

Using cookie technology, we can then identify, analyse and track individual website visitors if the website visitor has consented to the use of cookies according to Art. 6 Para, 1 lit. a of the GDPR.

Purpose of data processing

Cookies are set by our website or the external web services in order to maintain the full functionality of our website, to improve user friendliness or to pursue the purposes indicated with your consent. Cookie technology also allows us to detect individual visitors based on pseudonyms, e.g. an individual or random ID such that we can offer more customised services. Details are listed in the following table.

Duration of storage

The following cookies are saved in your browser until they are deleted or, in the case of session cookies, until the session has ended. Details are listed in the following table:

Cookie nameServerProviderPurposeLegal basisDuration of storageType
_gidhappich.deGoogle-AnalyticsThis cookie allocates an ID to a user so that the web tracker can compile the actions of the user under this ID.ConsentApprox. 24 hoursAnalytics
_gahappich.deGoogle-AnalyticsThis cookie allocates an ID to a user so that the web tracker can compile the actions of the user under this ID.ConsentApprox. 24 monthsAnalytics
cookieconsent_statushappich.deWebsiteoperatorThis cookie saves your information in relation to our cookie banner.Technically requiredApprox. 12 monthsCookie banner

9. Opportunity to object, revoke the consent and delete

You can configure your browser to reject all cookies. You can then decide on a case by case basis whether to accept cookies or generally accept cookies. Cookies can be used for different purposes, e.g. to detect if your access device has already connected to our website before (permanent cookies) or to save the last offers viewed (session cookies). If you have explicitly given us permission to process your personal data, you can revoke this consent at any time. Please note that the legality of the processing carried out based on the consent up to the revocation is not affected by this.

10. Data security and data protection, communication by email

When it is collected, saved and processed, your personal data is protected by means of technical and organisational measures to ensure that it is inaccessible to third parties. Since we cannot guarantee complete data security on the transmission path to our IT systems during unencrypted communication by email, we advise sending highly confidential information using encrypted communication or by post.

11. Right to information and request to rectify - deletion and restriction of data - revocation of consents - right to object

Right to information

You have the right to request confirmation of whether we process your personal data. If this is the case, you have a right to disclosure of the information mentioned in Art. 15 Para. 1 of the GDPR, as far as the rights and freedoms of other persons are not negatively affected (see Art. 15 Para. 4 of the GDPR). We are also happy to provide you with a copy of the data.

Right to rectify

According to Art. 16 of the GDPR, you have the right to arrange for personal data (such as e.g. address, name, etc.) incorrectly stored by us to be corrected at any time. You can also at any time request that the data stored by us be completed. A corresponding adjustment will be made without delay.

Right to delete

According to Art. 17 Para. 1 of the GDPR, you have the right to arrange for us to delete the personal data collected about you if

  • the data is either no longer required;
  • based on the revocation of your consent, the legal basis for the processing is not longer required;
  • you have lodged an objection to the processing and there are no legitimate reasons for the processing;
  • your data is processed unlawfully;
  • a legal obligation requires this or collection took place according to Art. 8 Para. 1 of the GDPR.

According to Art. 17 Para. 3 of the GDPR, there exists no right when

  • the processing is required to exercise the right to freedom of expression and information;
  • your data has been collected based on a legal obligation;
  • the processing is required for reasons in the public interest;
  • the data is required to assert, exercise or defend legal claims.
Right to restrict the processing

According to Art. 18 Para. 1 of the GDPR, you have the right in individual cases to request that the processing of your personal data be restricted.

This is the case when

  • the accuracy of the personal data is disputed by you;
  • the processing is unlawful and you do not consent to deletion;
  • the data is no longer required for the processing purposes, but the collected data is used to assert, exercise or defend legal claims;
  • an objection has been lodged against the processing according to Art. 21 Para. 1 of the GDPR and it is still unclear what interests override.
Right to revoke

If you have given us explicit consent to process your personal data (Art. 6 Para. 1 lit. a of the GDPR or Art. 9 Para. 2 lit. a of the GDPR), you may revoke this consent at any time. Please note that the legality of the processing carried out based on the consent up to the revocation is not affected by this.

Right to object

According to Art. 21 of the GDPR, you have the right to lodge an objection at any time against the processing of personal data concerning you that has been collected based on Art. 6 Para. 1 lit. f (in the context of a legitimate interest). You are entitled to the right only when special circumstances argue against storage and processing.

How do I exercise my rights?

You can exercise your rights at any time by using the contact information below:

Happich GmbH
Lise-Meitner-Str. 14
42119 Wuppertal

Email: info@happich.de
Tel.: +49 202 8703-0
Fax: +49 202 8703-599

12. Right to data portability

According to Art. 20 of the GDPR, you have a right to transmission of the personal data concerning you. The data will be provided by us in a structured, conventional and machine-readable format. The data can optionally be transmitted to you or to a controller nominated by you.

We will provide the following data to you upon request according to Art. 20 Para. 1 of the GDPR:

  • Data that has been collected based on explicit consent according to Art. 6 Para. 1 lit. a of the GDPR or Art. 9 Para. 2 lit. a of the GDPR;
  • Data that we have received from you under existing contracts according to Art. 6 Para. 1 lit. b of the GDPR.
  • Data that has been processed as part of an automated process.

The transmission of personal data directly to a controller selected by you will be carried out by us, provided this is technically viable. Please note that according to Art. 20 Para. 4 of the GDPR we may not transmit data that interferes with the freedoms and rights of other persons.

13. Right to lodge a complaint with the supervisory authority according to Art. 77, Para. 1 of the GDPR

If you suspect that your data is being processed unlawfully on our site, you can naturally obtain judicial clarification of the issue at any time. In addition, all other legal options are open to you. Regardless of this, you have the option of contacting a supervisory authority according to Art. 77 Para. 1 of the GDPR. According to Art. 77 of the GDPR, you have a right to lodge a complaint in the EU member state of your place of residence, your workplace and/or the place of the suspected violation, i.e. you can choose the supervisory authority you wish to contact from the aforementioned locations. The supervisory authority with whom the complaint was lodged then informs you of the status and results of your petition, including the possibility of a judicial remedy according to Art. 78 of the GDPR.

Created by:

© IT-Recht-Kanzlei DURY – www.dury.de
© Website-Check GmbH – www.website-check.de