• +49 2732 765063-0
  • rollforming [at] hennecke.com

Data privacy policy

As a controller in accordance with the GDPR, Hennecke GmbH Roll Forming Technology is aware that the protection of your privacy is an important concern for you when using our websites. We take the protection of your personal data very seriously. Therefore, we would like you to know when we process which personal data, in which framework and under which conditions. We would therefore like to inform you with this data privacy policy in accordance with the provisions of the General Data Protection Regulation (GDPR).
 

Controller

As per Art. 4 No. 7 GDPR, the Controller is

Hennecke GmbH Roll Forming Technology
Johannespfad 9
57223 Kreuztal
Phone.: +49 (0) 2732 765063-0
Email: rollforming [at] hennecke.com

For questions regarding data protection, please contact us at privacy [at] hennecke.com
 

Explanations

Personal data is collected by the controller from you (hereinafter also referred to as: "Data subject") is collected and processed only to the extent necessary, expedient and lawful; the main purpose of this website is to collect data in order to guarantee the functionality of the website and the services offered. More information on the relevant collection and processing can be found below.

As a rule, data are deleted as soon as the purpose of data processing/storage has ceased to exist. Data may also be stored if European or German lawmakers specify longer storage periods. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract. You will find more details in the following explanations.

We would also like to point out that we make use of a contract data processor for hosting and other individual services. This hosting takes place via a content management system, which is referred to in the following at various points. The host of the Content Management System is Strato AG, Pascalstr. 10, 10587 Berlin, Tel.: 030-300 1460, email impressum [at] strato.de. In addition, reference is made below to the point Storage in the Content Management System of the controller.
 

Collection and processing of data

Operation of the website; log files

When accessing the page www.hennecke-rollforming.com, the following personal data of the data subject are collected and stored in a log file:

  • Information about the browser type and version used
  • The operating system of the data subject
  • The Internet service provider of the data subject
  • The IP address of the data subject
  • Date and time of access
  • Websites from which the system of the data subject reaches our website
  • Websites accessed by the data subject's system via our website

The data is processed or stored in log files in order to ensure the functionality of the website and its convenient usage. In addition, the data helps us to optimize the website and to ensure the security of our information technology systems. Administrative issues are also a basis for processing. An evaluation of the data only takes place in connection with statistical evaluations, whereby the individual user remains anonymous.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interest follows from the above-mentioned purposes for data collection and/or for ensuring the functionality of the website. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. If data has been collected for the provision of the website, this occurs after seven days in any case. In this case the IP addresses of the users are deleted or alienated, so that an assignment of the client is no longer possible.

As a rule, there is no legal or contractual obligation to provide this data. If the data are not provided, the provision of a fully functional website is not possible.

 
Contact forms; email contact

Description and scope of data processing

Within the framework of our website contact forms are available which can be used to make contact electronically. If a data subject takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. Furthermore, the IP address as well as the date and time are stored. Thereupon the further processing of the data subject's request takes place. The nature of the data transmitted depends on the information required from the controller – including at least company, first and last name, email, telephone number, country and message – and also the scope of information decided by the data subject.

In addition, we offer various ways to contact employees or departments of the controller by clicking on various e-mail addresses. IP address, email address, date and time are also transmitted here. In addition, the information you provide as continuous text is transmitted.

The data is collected and processed in order to deal with the data subject's request.

In addition, your request or your personal data is stored in the context of the use of a contact form or the establishment of contact by e-mail in the content management system.

The legal basis for the processing of this data is lawful based either on a contract with the data subject as a party to the contract pursuant to Art. 6 par. 1 sentence 1 lit. b) 1st alt. GDPR or based on the implementation of pre-contractual measures with the data subject pursuant to Art. 6 par. 1 sentence 1 lit. b) 2nd alt. GDPR. Processing may also be carried out on the basis of Art. 6 par. 1 sentence 1 lit. f) GDPR if there is a legitimate interest of the controller, for example in the context of customer loyalty. In the context of their economic activity, it is necessary for the controller to engage in customer contact and/or to be available for the customer/interested party.

In any case, the legal basis for storage in the Content Management System is lawful pursuant to Art. 6 par. 1 sentence 1 lit. f) GDPR. The storage is necessary to ensure the infrastructure and functionality of the website and also to secure the website against data breaches etc.

If the processing of the concern of the data subject's request is related to an existing contract with the data subject, the storage period will normally be based on this existing contract. Otherwise the data will be deleted when the purpose of processing has been achieved; this may be when a matter has been conclusively settled. In individual cases, legal storage periods must be observed.

As a rule (excluding exceptions), there will be no legal or contractual obligation to provide the relevant data in this way. If you do not provide the data, your eventual request can not be processed electronically.
 

Storage in the Content Management System of the controller

The controller uses a Content Management System, which in turn is hosted and maintained by a contract processor (see also Explanations). In other words, this Content Management System is a management program for operating and maintaining the website, the contact forms, other services, etc. All of the above-mentioned and represented personal processing procedures are additionally transferred into this Content Management System and stored there. Among other things, this storage is intended to ensure the security of your personal data and act as a backup. Within the scope of data processing, there is an order processing contract which specifies, among other things, sufficient technical and organizational measures.

Furthermore, the storage of personal data in the Content Management System is also technically necessary in order to operate the online content and the services offered.

Accordingly, processing in connection with the Content Management System is based on Art. 6 par. 1 sentence 1 lit. f) GDPR in order to guarantee the functionality of the web services and to be able to offer the services to the data subject. A corresponding order processing contract exists with the data processor pursuant to Art. 28 par. 3 sentence 1 GDPR.

Personal data is stored in the Content Management System for 5 weeks. A backup of the data is then made, which is stored securely and encrypted. This backup exists for another 5 weeks until a new backup is pulled from the Content Management System. For the preparation of the backup Art. 6 par. 1 sentence 1 f) GDPR is decisive for the reasons mentioned above.

There is no legal obligation to provide personal data in the Content Management System. In individual cases, contractual obligations may exist, so that the person concerned could suffer economic and/or legal disadvantages if they are not made available. This must be assessed on a case-by-case basis. Failure to provide personal data in the Content Management System could mean that your requests may not be processed and/or the use of the website may be disrupted.
 

Plugins, tools and links

YouTube

Our website uses plugins from Google's YouTube site. This website is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited.

If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in the interest of presenting our online content in an appealing way and also for the presentation and presentation of our products. This represents a legitimate interest as per Art. 6 par. 1 sentence 1 lit. f) GDPR.

For more information on how we handle user data, please see YouTube's privacy policy: https://www.google.de/intl/en/policies/privacy.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.
 

Google Web Fonts

This site uses Web Fonts provided by Google to uniformly display fonts. When you access a page, your browser loads the required Web Fonts into your browser cache to display texts and fonts correctly.

To do this, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. We use Google Web Fonts in the interest of a uniform and appealing presentation of our online content. This represents a legitimate interest within the meaning of Art. 6 par. 1 sentence 1 lit. f) GDPR.

If your browser does not support Web Fonts, a default font is used by your computer.

For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and read Google's privacy statement: https://www.google.com/policies/privacy/.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.
 

Google Maps

This page uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.

We use Google Maps in the interest of an appealing presentation of our online content and the easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 par. 1 sentence 1 lit. f) GDPR. You can also turn off the tracking capabilities of Google Maps using your browser. You will find more details in the description of your browser.

You can find more information on the handling of user data in Google's privacy policy: https://www.google.de/intl/en/policies/privacy/.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.
 

Links to Facebook, Twitter, Expo21xx, Pressbox

On Hennecke.com you can find links to YouTube, Facebook, Twitter, Expo21xx and Pressebox. These links are intended to integrate the social media presence of the controller and the companies into the website and thus to present the company as a whole or to provide content which is not provided within the framework of the website.

When a data subject clicks on such a link, his browser establishes a direct connection to the server of the respective web page. The server is informed of the location from which your IP address has accessed the page of the respective provider. If the user is also logged in to one of the social media, this medium receives corresponding information, which it can assign to your profile. The controller has no influence on this mechanism.

The use of the services is in the interest of the controller in any case, in order to be able to present the social appearance to the data subject in the simplest way.

For further information please contact

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.
 

Cookies

In some areas of the website, so-called cookies are used in order to provide you with a more individualized service. Cookies are identifiers that a web server can send to your computer to identify it for the duration of your visit. In particular, cookies are used to recognize the language of your browser; after closing the corresponding tab, this cookie is deleted. Most browsers are set to automatically accept cookies. However, you can also deactivate the storage of cookies or set your browser so that it informs you about the use of cookies.

Cookies are used on the legal basis of Art. 6 par. 1 S. 1 lit. f) GDPR, as they guarantee the optimum functionality and security of our website. The provision of such a website is in our legitimate interest.

There is no legal, contractual or other obligation to provide personal data. Failure to provide data can lead to disadvantages for the data subject, such as the reduced functionality of the website and its functions.

Edit cookie settings
 

Rights of the data subject

You have the following rights under the GDPR: You can

  • request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information on
    • the processing purposes,
    • the category of personal data,
    • the categories of recipients to whom your information has been or will be disclosed,
    • the planned storage period,
    • the existence of a right to rectification, cancellation, restriction of processing or opposition,
    • the existence of a right of appeal,
    • the origin of your data, unless it was collected by us,
    • and the existence of automated decision making, including profiling and, where appropriate, meaningful information on its details
  • immediately request the correction or completion of personal data stored by us in accordance with Art. 16 GDPR;
  • request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • pursuant to Art. 18 GDPR, request the restriction of the processing of your personal data if you dispute the accuracy of the data, or if the processing is unlawful and you oppose erasure of the data, if we no longer require the data, but you require them to assert, exercise or defend legal claims or if you have filed an objection to the processing pursuant to Art. 21 GDPR;
  • obtain your personal data, which you have provided to us, in a structured, current and machine-readable format in accordance with Art. 20 GDPR or request its transfer to another controller;
  • as per Art. 7 par. 3 GDPR, withdraw at any time the consent given to us once, with the consequence that we may not continue with the data processing, which was based on this consent, in the future;
  • complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our office.
  • withdraw your consent at any time, e.g. as per Art. 7 par. 1, 9 par. 2 lit. a) GDPR or Section 26 par. 2 sentence 1 BDSG pursuant to Art. 7 par. 3 sentence 1 GDPR.

 
Right to object of the data subject

If your data are processed on the basis of legitimate interests pursuant to Art. 6 par. 1 sentence 1 lit. f) GDPR, you have the right to object to the processing for reasons arising from the particular situation pursuant to Art. 21 par. 1 sentence 1 GDPR. Your personal data will no longer be processed in such a case, unless the data controller can provide compelling reasons to protect the processing, which outweigh your interests, rights and freedoms; the same applies if the processing serves to assert, exercise or defend legal claims, Art. 21 par. 1 sentence 2 GDPR.

Please make contact using the above addresses.
 

Safety

Hennecke uses technical and organizational security measures to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. In the case of the collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in line with technological developments.

Currently we use an SSL procedure during the website visit, which is secured by an RSA encryption with 2048 bits.
 

Validity

This data privacy policy is valid from 25th May 2018.