IOB Industrie-Ofen-Bau GmbH Weinheim
 

DEEN

Privacy Policy


Thank you for your interest in our online presence. The protection and security of your personal data is our highest priority. Personal data includes all types of data with which you can be identified as a person. We therefore strictly adhere to the legal provisions of the Federal Data Protection Act (BDSG-neu), the EU-General Data Protection Regulation (GDPR) and the Telemedia Act (TMG).

We would like to point out that internet-based data transmission (e.g. communication by e-mail) can have security gaps and that complete protection of data against access by third parties is therefore impossible. It is therefore recommended to use the postal service when sending very sensitive data or information.

In the following, we will inform you transparently and in comprehensible language about the data collection and its scope, for what your data will be used and what rights you have. If you have any questions regarding data protection, please contact us. You will find the contact details under point 1 of this data protection declaration.

1. Responsible in terms of the data protection act
2. Collection of general information
3. Cookies
3.1 Technically necessary cookies that are set by our website
4. Data security
5. Contact form and use of our e-mail address
6. Deletion or blocking of data
7. Web analysis
8. Social media plugins
9. Your rights towards the person responsible for data processing
9.1 Right to information
9.2 Right of correction
9.3 Right to cancellation (right to be forgotten)
9.3.1 Information to third parties
9.3.2 Exceptions
9.4 Right to limit processing
9.5 Right to information
9.6 Right to data transferability
9.7 Right to object
9.8 Automated decisions in individual cases including profiling
9.9 Right to revoke the data protection consent
9.10 Right to complain to a supervisory authority
10. Existence of automated decision making including profiling
11. Requirement to provide personal data
12. Legal basis of the processing
13. Modification of our Privacy Policy

1. Responsible in terms of the data protection act

Industrial furnace construction GmbH
Harald Wolf (CEO)
Scheffelstrasse 10
69469 Weinheim
Germany

Phone: +49 6201 94900
Fax: +49 6201 949090
Email: iob@iob.de

2. Collection of general information

When you access our website, information of a general nature is automatically collected. This information (server log files) includes

Browser type and version,
operating system used,
Website from which you visit us (referrer URL),
Web page you visit (URLs called),
Date and time of your access,
Your Internet Protocol (IP) address,
the Internet service provider of the accessing computer.

This anonymous data is stored separately from any personal data you may have provided and thus does not allow any conclusions to be drawn about a specific person.

This information is technically necessary and is mandatory when using the Internet. This information is required in order to (1) deliver the contents of our website correctly, (2) optimize the contents of our website as well as the advertising for it, (3) ensure the permanent functionality of our information technology systems and the technology of our website, as well as (4) to provide law enforcement agencies with the information necessary for prosecution in the event of a cyber attack.

Anonymously collected data of this kind is statistically evaluated by us with the aim of optimizing our Internet presence and the technology behind it, as well as to increase data protection and data security in order to ensure an optimum level of protection for the personal data processed by us.

The anonymous data of the server log files are stored separately from all specified personal data.

3. Cookies

Our website uses so-called cookies. Cookies are text files that are stored on your computer in the Internet browser or by the Internet browser.

Some elements of our website require that the calling browser can be identified even after a page change. For example, to store login information. The cookies we use are technically necessary cookies which are automatically deleted when the browser is closed. Some cookies remain stored on your device and enable recognition the next time you visit the site. The legal basis for data processing is Art. 6 para. 1 lit. f of the Data Protection Basic Regulation (GDPR), which enables us to process data in case of a legitimate interest. In this case, our legitimate interest is to offer you a technically error-free and functionally optimized website.

You can set your browser so that you are informed about the setting of cookies and then allow these cookies only in individual cases. You can also generally exclude the acceptance of cookies or accept them only in certain cases. You can also set your browser so that cookies are deleted after closing the browser window. Each browser differs in the way it manages the cookie settings. These are described in the help menu of each browser, which explains how you can change your cookie settings.

Please note that if you do not accept cookies, our website will not function properly.

3.1 Technically necessary cookies that are set by our website

The cookie PHPSESSIDD is a so-called session cookie. This cookie contains as anonymous user information a unique ID, which serves to assign the user to the page called up in order to ensure the basic functionality of this website. The session cookie is usually deleted when the browser is closed.

4. Data security

In order to protect the security of your data during transmission, we use state-of-the-art encryption methods via an SSL or TLS connection.

This encryption prevents your sensitive personal data from being intercepted and viewed by unauthorized third parties. You can recognize an encrypted connection by the fact that the address line of the browser begins with "https://" and by the lock symbol in the browser line.

5. Contact form and use of our e-mail address

If you contact us by e-mail or contact form, the information you provide will be used and stored for the purpose of processing your inquiry and for possible follow-up questions. The mandatory data in the contact form can be recognized by the correspondingly marked input fields. Your data will be deleted after the processing is completed. Your data will not be passed on to third parties. A comparison of the data collected in this way with data that may have been collected by other components of our site is also not carried out.

6. Deletion or blocking of data

We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as this is necessary to achieve the purposes stated here or as required by the commercial and tax law storage and retention periods stipulated by the legislator.

After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions, provided that it is no longer required for the fulfilment or initiation of a contract.

7. Web analysis

We do not use web analytics tools.

8. Social media plugins

No social media plug-ins are used on our websites.

9. Your rights towards the person responsible for data processing

.
In the following, we list the rights you have according to the basic data protection regulation towards the person responsible for data processing. The person responsible is named under point 1 of this data protection declaration. If we process personal data from you, you are a "data subject" within the meaning of the Basic Data Protection Regulation.
If you would like to claim rights as a data subject, you can contact the data controller mentioned under point 1 of this data protection declaration at any time.

9.1 Right to information

Any person affected by the processing of personal data has the right to obtain at any time and free of charge information from the data controller about the personal data stored about him/her and a copy of this information. You are also entitled to receive information about the following:

  • the processing purposes,
  • the categories of personal data processed,
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organizations
.
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration,
  • the existence of a right of rectification or erasure of personal data concerning him or her or of a right to have the processing limited by the controller or to object to such processing,
  • the existence of a right of appeal to a supervisory authority (responsible is the state data protection commissioner of the federal state in which we have our headquarters; addresses and links can be found here),
  • if the personal data is not collected from the data subject: All available information about the origin of the data,
  • the existence of automated decision making including profiling in accordance with Article 22, paragraphs 1 and 4 FADP and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing on the data subject
.

Furthermore, the data subject has the right of information as to whether personal data have been transferred to a third country or to an international organization. If this is the case, the data subject shall also have the right to obtain information on the appropriate safeguards in relation to the transfer.

9.2 Right of correction

Any person affected by the processing of personal data has the right to demand the immediate correction of incorrect personal data concerning him. Furthermore, the data subject shall have the right to request the completion of incomplete personal data, including by means of a supplementary declaration, having regard to the purposes of the processing.

9.3 Right to cancellation (right to be forgotten)

.
Every data subject shall have the right to obtain from the controller the erasure without delay of personal data relating to him or her where one of the following reasons applies and insofar as the processing is not necessary

  • The personal data have been collected or otherwise processed for purposes for which they are no longer necessary
.
  • The data subject withdraws the consent on which the processing was based in accordance with Art. 6, paragraph 1, letter a, GDPR or Art. 9, paragraph 2, letter a, GDPR, and there is no other legal basis for the processing
.
  • The data subject lodges an objection to the processing pursuant to Art. 21(1) DPA and there are no overriding legitimate reasons for the processing, or the data subject lodges an objection to the processing pursuant to Art. 21(2) DPA
.
  • The personal data were processed unlawfully
.
  • The deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject
.
  • The personal data has been collected in relation to information society services offered, in accordance with art. 8, paragraph 1 of the DPA
.

If any of the above reasons apply and a data subject wishes to have personal data stored by us deleted, he/she may contact the person responsible under point 1 at any time. The request for deletion will be complied with immediately.

9.3.1 Information to third parties

If the data controller has made public the personal data concerning you and is obliged to delete them in accordance with Art. 17 para. 1 DPA, he shall take reasonable measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you, as a data subject, have requested them to delete all links to these personal data or copies or replications of these personal data. The person in charge mentioned in point 1 will take the necessary steps in each individual case.

9.3.2 Exceptions

The right to deletion does not exist insofar as the processing is necessary

  • to exercise the right to freedom of expression and information;
in order to comply with a legal obligation requiring processing under Union or national law to which the controller is subject or in order to perform a task carried out in the public interest or in the exercise of official authority vested in the controller;]
  • for reasons of public interest in the field of public health pursuant to Article 9 paragraph 2 letters h and i and Article 9 paragraph 3 DPA;

  • to assert, exercise or defend legal claims
.

9.4 Right to limit processing

.
Any person concerned by the processing of personal data has the right to obtain from the controller the restriction of the processing if one of the following conditions is met:

  • The accuracy of the personal data is disputed by the data subject for a period enabling the controller to verify the accuracy of the personal data
.
  • The processing is unlawful, the data subject refuses to have the personal data deleted and instead requests that the use of the personal data be restricted
.
  • The data controller no longer needs the personal data for the purposes of the processing, but the data subject needs them in order to assert, exercise or defend legal claims
.
  • The data subject has lodged an objection to the processing in accordance with Art. 21 Paragraph 1 DPA and it is not yet clear whether the legitimate reasons given by the controller outweigh those of the data subject
.

If one of the above-mentioned conditions is met and a data subject wishes to request the restriction of personal data stored with us, he/she may at any time contact the data controller mentioned under point 1. He will arrange for the restriction of the processing.

9.5 Right to information

If you have asserted the right to rectification, erasure or limitation of processing vis-à-vis the data controller, the latter is obliged to notify all recipients to whom the personal data concerning you have been disclosed of such rectification, erasure or limitation of processing, unless this proves impossible or involves a disproportionate effort.

You have the right, vis-à-vis the data controller, to be informed of these recipients.

9.6 Right to data transferability

Any person concerned by the processing of personal data has the right to obtain, in a structured, standard and machine-readable format, the personal data relating to him which have been supplied by the data subject to a controller. He/she also has the right to have these data communicated to another controller without hindrance by the controller to whom the personal data have been made available, provided that the processing is based on the consent pursuant to Art. 6, paragraph 1, letter a of the DPA or Art. 9, paragraph 2, letter a of the DPA or on a contract pursuant to Art. 6, paragraph 1, letter b of the DPA, and provided that the processing is carried out by means of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, when exercising their right to data transfer in accordance with Art. 20 Paragraph 1 GDPR, the person concerned has the right to request that the personal data be transferred directly from one person responsible to another, as far as this is technically feasible and provided that this does not affect the rights and freedoms of other persons.

9.7 Right to object

Every person affected by the processing of personal data has the right to object at any time, for reasons arising from his or her particular situation, to the processing of personal data concerning him or her that is carried out on the basis of Art. 6, paragraph 1, letters e or f of the DPA, with effect for the future. This also applies to profiling based on these provisions.

In the event of an objection, we will no longer process the personal data unless we can prove compelling reasons for processing worthy of protection that outweigh the interests, rights and freedoms of the person concerned or the processing serves to assert, exercise or defend legal claims.

If we process personal data for the purpose of direct marketing, the data subject shall have the right to object at any time to the processing of personal data for the purpose of such marketing. This also applies to profiling, insofar as it is connected with such direct marketing. If the data subject objects to us processing for the purposes of direct marketing, we will no longer process the personal data for these purposes.

The data subject shall be free to exercise his right of objection in relation to the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures involving technical specifications.

9.8 Automated decisions in individual cases including profiling

.
Every data subject shall have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning him or her or significantly affects him or her in a similar way, except where the decision (1 ) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is authorised by Union or national legislation to which the controller is subject and that legislation provides for adequate measures to safeguard the rights and freedoms and legitimate interests of the data subject, or (3) is made with the explicit consent of the data subject.

Where the decision is (1) necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is taken with the express consent of the data subject, we shall take appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of the controller, to express his point of view and to challenge the decision.

9.9 Right to revoke the data protection consent

Any person affected by the processing of personal data has the right to withdraw his or her consent to the processing of personal data at any time. Revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

9.10 Right to complain to a supervisory authority

.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place of the suspected infringement, if you consider that the processing of personal data concerning you is in breach of the DPA.

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and the results of the complaint, including the possibility of a judicial remedy in accordance with Article 78 of the Basic Data Protection Regulation.

10. Existence of automated decision making including profiling

.
As a responsible company, we avoid automatic decision making or profiling.

11. Requirement to provide personal data

We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary for the conclusion of a contract that you provide us with personal data, which must subsequently be processed by us.

For example, you are obliged to provide us with personal data if we conclude a contract with you. Failure to provide us with personal data would mean that the contract with you could not be concluded. The person responsible can inform you on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided. For this purpose, please contact the person responsible mentioned under point 1.

12. Legal basis of the processing

Art. 6 para. 1 letter a GDPR serves as a legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations necessary for the supply of goods or the rendering of another service or consideration, the processing is based on Art. 6 para. 1 lit. b GDPR. The same shall apply to such processing operations which are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.

If our company is subject to a legal obligation which makes the processing of personal data necessary, for example to fulfil tax obligations, the processing is based on Art. 6 Para. 1 lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company was injured and his name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. In this case, the processing would be based on Art. 6 para. 1 lit. d GDPR.

Finally, processing operations could be based on Art. 6 para. 1 lit. f GDPR. Processing operations which are not covered by any of the above legal bases are based on this legal basis if the processing is necessary to safeguard our legitimate interests or those of a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the data controller (Recital 47 Sentence 2 GDPR).

13. Modification of our Privacy Policy

We reserve the right to adapt this data protection declaration if necessary, so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration will then apply to your next visit.