x

Privacy Policy

Thank you for your interest in our website. Your privacy and personal protection are very important to us. Below, you will find our information about the treatment of your data in detail.  With this data protection declaration we inform you as data processor in accordance with the provisions of Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR) about the type, scope and purpose of the processing of personal data in connection with our website.

I. Definitions

1) "personal data" means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;

2) "processing" means any operation carried out with or without the aid of automated procedures or any such series of operations relating to personal data, such as the collection, collection, organisation, classification, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of provision, reconciliation or linking, restriction, erasure or destruction;

3) "Controller" means the natural or legal person, authority, body or other body which alone or jointly with others decides on the purposes and means of processing personal data; where the purposes and means of such processing are specified by Union law or by the law of the Member States, the controller or certain criteria for his appointment may be laid down by Union law or by the law of the Member States;

4) "Recipient" means a natural or legal person, authority, institution or other body to which personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing;

II. General Information

1. Responsible for data processing for Neuffer Fenster + Türen GmbH

Kronprinzstraße 8
70173 Stuttgart
Germany
Tel: +49 711 860 60 - 180
Fax: +49 711 860 60 - 111
Email: info@neuffer.de

2. Contact details of the company data protection officer

OBSECOM GmbH
Königstr. 40
70173 Stuttgart
Germany
Tel: 0711 / 4605025-40
Fax: 0711 / 4605025-49
Email: datenschutz@obsecom.de
Website: https://www.obsecom.de

3. Legal Basis

We process personal data on the basis of at least one of the following legal bases:

  • Consent of the data subject to the processing of personal data concerning him/her for one or more specific purposes (Art. 6 para. 1 sentence 1 lit. a GDPR);
  • fulfilment of a contract with the data subject or for the implementation of pre-contractual measures taken at the request of the data subject (Art. 6 para. 1 sentence 1 lit. b GDPR);
  • Fulfilment of a legal obligation to which we are subject (Art. 6 Par. 1 S. 1 lit. c GDPR);
  • protection of our legitimate interests or those of a third party (Art. 6 para. 1 sentence 1 lit. f GDPR) 

In this data protection declaration we refer below to the respective legal basis of individual processing procedures.

4. Forwarding of Data to Recipients

We pass on personal data to recipients (contractors or other third parties) only to the required extent and only under one of the following conditions:

  • The person concerned has consented to the transfer;
  • The transfer serves the fulfilment of contractual obligations or pre-contractual measures on the initiative of the data subject;
  • We are legally obliged to pass them on;
  • The passing on takes place on the basis of justified interests of us or a third party.

5. Third countries

The transfer of personal data to a country or an international organisation outside the European Union (EU) or the European Economic Area (EEA) is subject to legal or contractual permits only in accordance with the requirements of Art. 44 ff. GDPR. This means that the country concerned is subject to an adequacy decision by the EU Commission pursuant to Art. 45 GDPR, suitable guarantees for data protection pursuant to Art. 46 GDPR or binding internal data protection regulations pursuant to Art. 47 GDPR. 

6. Rights of the persons concerned

As a person concerned, you have the following rights:

In accordance with Art. 15 GDPR, you can request information about your personal data processed by us; furthermore, you can request information about the processing purposes, the categories of processed personal data, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the origin of your data, if these were not collected from you, the existence of automated decision-making including profiling and, if applicable, the existence of an automated decision making process. you have the right to obtain meaningful information about their details, such as the logic, scope and effects, the existence of a right to have your data concerning you corrected or deleted, the right to restrict or oppose such processing, the existence of a right of appeal to the supervisory authority, whether personal data have been transferred to a third country or to an international organisation and, if so, the appropriate safeguards in connection with the transfer;

According to Art. 16 GDPR you can demand the immediate correction of incorrect or the completion of your personal data stored with us;

According to Art. 17 GDPR, you can request the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

According to Art. 18 GDPR you can demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, you need the data no longer required by us to assert, exercise or defend legal claims or you have filed an objection to the processing in accordance with Art. 21 GDPR, but it has not yet been determined whether our legitimate reasons for data processing outweigh your interest;

In accordance with Art. 20 GDPR, you may request the transfer of your personal data that you have provided to us in a structured, current and machine-readable format or the transfer to another person responsible;

According to Art. 21 GDPR, you may object to the processing of your personal data if there are reasons for this which arise from your particular situation or if the objection is directed against direct advertising and the legal basis for the processing of the personal data are legitimate interests in accordance with Art. 6 para. 1 sentence 1 letter f GDPR;

According to art. 7 para. 3 GDPR you can revoke your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future;

Under Article 77 GDPR, you may complain to a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place where the alleged infringement occurred.

If you wish to assert the above rights, you can contact us or our data protection officer at any time using the above contact details.

7. Deletion and Restriction of Personal Data

Unless otherwise provided for in this data protection declaration, personal data will be deleted if this data is no longer necessary for the purposes for which it was collected or processed in any other way and if there is no legal obligation to keep it in safekeeping. We also delete the personal data processed by us upon request in accordance with Art. 17 GDPR if the conditions stipulated therein are met. If personal data are required for other and legally permissible purposes, they will not be deleted, but their processing will be restricted in accordance with Art. 18 GDPR. In the event of a restriction, the data will not be processed for other purposes. This applies, for example, to personal data that must be kept by us for commercial or tax reasons. Documents in accordance with § 257 Paragraph 1 Nos. 2 and 3 HGB and § 147 Paragraph 1 Nos. 2, 3, 5 AO are kept for 6 years, documents in accordance with § 257 Paragraph 1 Nos. 1 and 4 HGB and documents in accordance with § 147 Paragraph 1 Nos. 1, 4, 4a AO for 10 years. 

8 Cookies 

Cookies are used in the context of our Internet offer. Cookies are small text files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, PC, etc.) when you visit our site. Cookies do no damage to your end device, do not contain viruses or other malware. Information is stored in the cookie that results in each case in connection with the specifically used terminal device. However, this does not mean that we immediately become aware of your identity. Cookies are mainly used to make the website more user-friendly, effective and secure. 

We use session cookies to recognize during your visit to our site that you have already visited individual pages of our website. Such cookies also provide certain functionalities. Session cookies are deleted after the end of your visit to our website.

In addition, we also use temporary cookies, which are stored on your terminal device for a specified period of time, to optimise user-friendliness and statistical evaluation of the use of our services. If you visit our site again to use our services, it will automatically recognize that you have already been with us at an earlier time and what entries and settings you have made so that you do not have to enter them again.

The data processed by cookies is required for the above-mentioned purposes in order to protect our legitimate interests resulting therefrom and those of third parties pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

Most browsers automatically accept cookies. If you do not wish to do so, however, you can configure your browser so that no cookies are stored on your end device or a message always appears before a new cookie is created. A general objection to the use of cookies used for online marketing purposes can be declared for a variety of services, e.g. at http://www.youronlinechoices.com/ or the deactivation page of the network advertising initiative http://optout.networkadvertising.org However, the deactivation of cookies can lead to the fact that you cannot use all functions of our Internet offer.
 

III Individual processing procedures

1. Hosting

To provide our Internet services, we use services of hosting companies, such as the provision of web servers, storage space, database services, security services and maintenance services.   In doing so, we or our hosting provider process personal data of users of our Internet offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 lit. f GDPR.

2. Access data and log files

When you visit our website or the individual pages, the browser on your terminal automatically sends information to the server of our website. This information is stored in so-called log files by us or our hosting provider and deleted after 12 months at the latest. 

The following information is stored:
     
IP address of the requesting computer,
Date and time of access,
Name and URL of the retrieved file,
Website from which access is made (referrer URL),
the browser used and, if applicable, the operating system of your computer
Status codes and transferred data volume
Name of your access provider.

These data are processed for the following purposes:

Provision of the Internet offer including all functions and contents
Ensuring a smooth connection of the website,
Ensuring comfortable use of our website,
Ensuring system security and stability 
Anonymised statistical evaluation of accesses 
Optimization of the website
Passing on to law enforcement authorities in the event of unlawful interference/attack on our systems
other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes described above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about a person.

3. Contact form

If you use the contact form, you will be asked to provide your name and e-mail address so that we can contact you personally. Further information can be provided voluntarily. Data processing for the purpose of contacting us and responding to your request is carried out voluntarily in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your consent. All personal data collected in connection with the contact form will be deleted after your request has been dealt with, unless storage is required for the documentation of other processes (e.g. subsequent conclusion of the contract).

4. Job Applications

If you are applying for a job, please send your application documents to the e-mail address jobs@neuffer.de. Data processing for the purpose of deciding whether to establish an employment relationship is carried out voluntarily in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your consent. Application documents will be kept for a period of up to 6 months after completion of the application procedure, taking into account the opposition deadlines of the General Equal Treatment Act (AGG), and will then be deleted. Further storage of the application documents for a period of up to two years will only take place if you have given your prior consent to the data being stored.
 

5. Newsletter

If you would like to receive our newsletter, we need your e-mail address. Further information can be provided voluntarily. Data processing for the purpose of sending the newsletter is carried out pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntary consent by means of the so-called double opt-in procedure. The e-mail address will be used and stored for this purpose until you revoke your consent or unsubscribe from receiving the newsletter. You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your cancellation/deregistration request at any time to the e-mail address stated under item II.

We send our newsletters with a so-called pixel-code. A pixel-code is a miniature graphic embedded in the HTML format of the newsletter sent to enable an analysis of reader behavior. In this context, we store whether and at what time a newsletter was opened by you and which of the links contained in the newsletter were called up by you. We use this data to create statistical evaluations of the success or failure of a marketing campaign in order to optimize newsletter distribution and better match the content of future newsletters to your interests. The data collected will not be passed on to third parties and will be deleted after statistical evaluation.

6. MailChimp

The newsletter is sent via MailChimp. MailChimp is provided by the Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA (hereinafter "MailChimp"). MailChimp serves the dispatch and the evaluation of the range of our newsletters. For this purpose, your e-mail address and any other data required by MailChimp for the provision of the newsletter will be processed on our behalf. The legal basis for processing by MailChimp is Art. 6 Para. 1 letter f GDPR and our legitimate interest in using a user-friendly and secure newsletter system.

The personal data collected is stored on servers in the USA. MailChimp has joined the EU/U.S. PrivacyShield and thus fulfils the requirements of the European Union to legitimise the transfer of personal data to the USA. Information on the EU/U.S. PrivacyShield guarantees can be found at:
https://www.privacyshield.gov/participant?id=a2zt0000000000TO6hAAG&status=Active.

For more information on how MailChimp handles your personal data, please refer to the relevant data protection declaration: http://mailchimp.com/legal/privacy
 

IV Statistics and Analysis

1. Facebook pixel

We use the so-called "Facebook pixel" on our website. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is responsible for the processing of personal data of persons in the EU.

Facebook has joined the EU/US Privacy Shield Agreement, thereby committing to European data protection standards and fulfilling the EU requirements for legitimizing the transfer of personal data to the USA. Information on Facebook's voluntary commitment can be found at

https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

The use of this technology enables Facebook to assign visitors to our website to specific groups (e.g. visitors to our website or according to the areas of interest we transmit to Facebook, so-called "custom audiences") for the insertion of specific advertisements and thus to recognize them. This ensures that these users are only shown advertisements that meet their interests and that inconvenience caused by inappropriate advertising is avoided. By using the Facebook pixel, we can also track the effectiveness of our Facebook ads for statistical purposes and track whether and how a user has used our offer after clicking on the ad.
For more information about the Facebook pixel and how it works, visit https://www.facebook.com/business/help/651294705016616. For details on how Facebook processes the data it collects and general information about Facebook advertisements, see Facebook's data policy available at the URL https://www.facebook.com/about/privacy/update In your Facebook account under the heading "Settings" you also have the possibility to object to the collection of your data via the Facebook pixel and its use for the insertion of specific advertisements. Notes on these settings can be found at https://www.facebook.com/settings?tab=ads (login required). 

The use of the Facebook pixel helps us to advertise our products and services in an appropriate way without inconveniencing the advertising addressees with inappropriate advertising. The legal basis for the use of the Facebook pixel is therefore the legitimate interests of us and third parties in these purposes pursuant to Art. 6 para. 1 lit. f GDPR.
 

2. Hotjar

Our website uses the hotjar analysis service. The provider is hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta (hereinafter "hotjar"). hotjar collects data about the visits of the users of our website. This data is used for the purpose of ensuring that our Internet offering is designed and continuously optimised to meet requirements, to measure the success of marketing measures and to compile statistical evaluations. The legal basis is our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. These data can be used to create user profiles under a pseudonym. Cookies may be used for this purpose. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. 

You can object to the collection and storage of data at any time with effect for the future. Click on the link below and follow the instructions to set an opt-out cookie for your computer: https://www.hotjar.com/opt-out (Opt-out). 

Attention: If you delete your cookies, the opt-out cookie will also be deleted and you may have to activate it again. Further information on how hotjar handles your personal data can be found in the data protection declaration of hotjar: https://www.hotjar.com/legal/policies/privacy

3. Bing Conversion Tracking

Our website uses Bing Conversion Tracking. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter "Microsoft"). 
The data is processed for the purpose of appropriate advertising of our products and services, as well as analysis of clicks on advertisements, purchases, and registrations. The legal basis is the legitimate interests of us and third parties in these purposes pursuant to Art. 6 para. 1 lit. f GDPR. Cookies are used for analysis and evaluation. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Microsoft for the provision of conversion tracking. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Microsoft. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

Microsoft has joined the EU/US Privacy Shield Agreement, thereby committing to European data protection standards and fulfilling the EU requirements for legitimizing the transfer of personal data to the USA. For information on Microsoft's voluntary commitment, see

https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active

For more information on data protection and the cookies used at Microsoft Bing, please visit the Microsoft website: https://privacy.microsoft.com/en-us/privacystatement

4. Mouseflow

Our website uses Mouseflow. The provider is Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark (hereinafter "Mouseflow"). Mouseflow is an analysis tool that captures mouse clicks and movements, scrolling movements and other metadata. The data processing takes place for the purpose of optimizing our Internet offer. The legal basis is the legitimate interests of us in these purposes according to Art. 6 para. 1 lit. f GDPR. Cookies are used for analysis and evaluation. This service records your IP address in anonymous form, which of our Internet pages you have visited and, if necessary, other data required by Mouseflow for the provision of the service. You can prevent collection by mouseflow by clicking on the link https://mouseflow.de/opt-out to obtain an opt-out cookie. This cookie means that no visitor data will be collected and stored by Mouseflow when you visit this website in the future. Attention: If you delete your cookies, the opt-out cookie will also be deleted and you may have to activate it again. Further information on data protection and the cookies used at Mouseflow can be found on the Mouseflow website: https://mouseflow.com/privacy/

 

V. Services from Google

Provider of the following Google services is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google"). The legal basis for the use of the following Google services is our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Google has acceded to the EU/US Privacy Shield Agreement, thereby committing to European data protection standards and fulfilling the EU requirements for legitimizing the transfer of personal data to the USA. Information on Google's commitment can be found at

https://www.privacyshield.gov/participant?id=a2zt00000000001L5AAI&status=Active 

For more information on how Google handles your personal data, please see Google's privacy policy: https://www.google.com/intl/de/policies/privacy/.

Information on data use for advertising purposes by Google, setting and objection possibilities can be found on these websites: https://policies.google.com/technologies/partner-sites
https://policies.google.com/technologies/ads
https://adssettings.google.com/
http://www.google.com/ads/preferences/

1. Google Analytics

This website uses Google Analytics from Google. Google Analytics uses cookies. Google collects data about the visits of the users of our website and their usage behaviour. This data is used for the purpose of ensuring that our Internet offering is designed and continuously optimised to meet requirements, to measure the success of marketing measures and to compile statistical evaluations. In this context, pseudonymised user profiles are created and cookies are used. The information generated by the cookie about your use of this website such as browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), time of the server request are transferred to a Google server in the USA and stored there. User and event data will be deleted after 26 months. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are made anonymous so that an assignment is not possible. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website and from processing this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
 

2. Google Analytics Remarketing 

This website uses Google Analytics Remarketing from Google. Google Analytics Remarketing is used to present advertisements to visitors that refer to the content of previously visited websites. Google uses cookies to recognize visitors who visit websites from the Google advertising network. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Google for the provision of analytics remarketing. The IP address transmitted by your browser will under no circumstances be merged with other Google data. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. However, if you do not wish to use Google's remarketing feature, you can disable it by making the appropriate settings at http://www.google.com/settings/ads

3. Google AdWords with conversion tracking

This website uses Google AdWords and Google AdWords for conversion tracking. Google Conversion Tracking is used to track and evaluate your clicks on ads, purchases, subscriptions, phone calls, app downloads and other actions on our website. Cookies are used for analysis and evaluation. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Google for the provision of conversion tracking. The IP address transmitted by your browser will under no circumstances be merged with other Google data. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.  

4. Google Web Fonts

This website uses external fonts from Google, so-called web fonts, to display fonts. To do this, your browser loads the required web fonts into the browser cache when you call up the website. If your browser does not support this function, your computer will use a standard font to display the website. This service collects your IP address, which of our web pages you have visited and, if applicable, other data required by Google for the provision of the web fonts. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google.
 

5. Google Tag Manager

This website uses the Google Tag Manager for tagging. This service allows website tags to be managed through an interface. The Google Tool Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tool Manager triggers other tags, which in turn collect data if necessary. However, the Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains valid for all tracking tags if they are implemented with the Google Tag Manager.

6. Google Maps

This website uses Google Maps from Google to display site plans, maps, terrain data, or geographical maps. This service records your IP address, which of our Internet pages you have visited and, if necessary, other data required by Google for the provision of the maps (e.g. location data). The information generated is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. The terms of use for Google Maps can be found at: https://www.google.com/intl/de_en/help/terms_maps.html.


VI. Media Content

We use in the context of our Internet offer partly foreign contents, which are loaded directly from servers of the offerers named in detail in the following. The purpose of integrating this content is to make our website more attractive. The purpose of making our website more attractive is also our legitimate interest in the use of such third-party content. The legal basis for the use of the following Social Media Plugins are our legitimate interests according to Art. 6 Para. 1 lit. f GDPR.
 

1. YouTube

Our website uses media content from the YouTube platform. Provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google").
The purpose is to display the contents of the YouTube platform on our website. This service collects your IP address and any other data required by Google for YouTube. The information generated about your use of this website is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google.

Google has acceded to the EU/US Privacy Shield Agreement, thereby committing to European data protection standards and fulfilling the EU requirements for legitimising the transfer of personal data to the USA. Information on Google's commitment can be found at

https://www.privacyshield.gov/participant?id=a2zt00000000001L5AAI&status=Active. 

For more information on how Google handles your personal data, please see Google's privacy policy: https://www.google.com/intl/de/policies/privacy/.
 

Privacy Policy
Was this information helpful?
(0 ratings , Ø 0)

Tell us about your project!
Receive a FREE QUOTE in 48 hours.