Privacy Policy

The Privacy Policies set out below apply to the services and processing offered on the leister.com website. The website is operated by Leister AG, responsible for the technical operation and content of the website, and Carr New Zealand Ltd (+64 9 274 0869), responsible for all e-commerce activities. 

 

Privacy Policy Carr New Zealand Ltd

CARR_NEW_ZEALAND_PRIVACY_POLICY_EN
PDF
CARR_NEW_ZEALAND_WEBSITE_TERMS_AND_CONDITIONS_OF_USE_EN
PDF

Privacy Policy Leister AG

III. General information on data processing

Scope of the processing of personal data

As a matter of principle, we process personal data of our users only insofar as this is necessary for the provision of a functional website as well as our contents and services. The processing of personal data of our users takes place regularly only after consent of the user. An exception is made in cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by law.

Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (DSGVO) serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) b 2 DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures. Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) lit. c DSGVO serves as the legal basis. In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Article 6(1)(d) DSGVO serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f DSGVO serves as the legal basis for the processing.

Data deletion and storage period

The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage ceases to apply. In addition, data may be stored if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or performance of a contract.

IV. Provision of the website and creation of log files

Description and scope of data processing

Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer. The following data is collected:

(1) Information about the type of browser and the version used
(2) The operating system of the user
(3) The Internet service provider of the user
(4) The IP address of the user
(5) Date and time of access
(6) Websites from which the user's system accesses our website
(7) Websites that are accessed by the user's system via our website

The data is stored in the log files of our system. This data is not stored together with other personal data of the user.

Legal basis for data processing

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f DSGVO.

Purpose of the data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session. The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes are also our legitimate interest in the data processing according to Art. 6 para. 1 lit. f DSGVO.

retention period

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

Possibility of objection and removal

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

V. Use of cookies

Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when you return to the website. We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.

The following data is stored and transmitted in the cookies:

(1) Language settings
(2) Country settings
(3) Items in a shopping cart
(4) Items in the wish list
(5) Items in the comparison list
(6) Last visited page

We also use cookies on our website that allow us to analyse the surfing behaviour of users. The following data can be transmitted in this way:

(1) Search terms entered
(2) Frequency of page views
(3) Use of website functions

When calling up our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of personal data used in this context is obtained. In this context, a reference to this data protection declaration is also made.

Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 (1) lit. f DSGVO. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a DSGVO if the user has given his consent in this regard.

Purpose of the data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change.

We require cookies for the following applications:

(1) Transfer of country settings
(2) Adoption of language settings
(3) Remembering search terms
(4) Shopping cart
(5) Wish List
(6) Comparison list
(7) Remember the last page

The user data collected through technically necessary cookies are not used to create user profiles. The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus constantly optimize our offer. In these purposes also lies our legitimate interest in the processing of personal data according to Art. 6 para. 1 lit. f DSGVO.

Duration of storage, possibility of objection and elimination

Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transfer of cookies. Cookies that have already been saved can be deleted at any time. This can also be automated. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

VI. Newsletter

Description and scope of data processing

On our website you have the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from the input mask is transmitted to us:

E-mail address, optionally name, company, contact details.

In addition, the following data is collected during registration:

(1) IP address of the calling computer
(2) Date and time of registration

For the processing of data, your consent is obtained during the registration process and reference is made to this privacy policy. In connection with the processing of data for the dispatch of newsletters, the data is only passed on within the LEISTER group, otherwise it is not passed on to third parties. The data will be used exclusively for sending the newsletter.

Legal basis for data processing

The legal basis for the processing of the data after registration to the newsletter by the user is, if the user has given his consent, Art. 6 para. 1 lit. a DSGVO. The legal basis for sending the newsletter as a result of the sale of goods or services is § 7 para. 3 UWG.

Purpose of the data processing

The collection of the user's e-mail address is used to deliver the newsletter. The collection of other personal data during the registration process serves to prevent misuse of the services or the e-mail address used.

retention period

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. The user's e-mail address is therefore stored for as long as the subscription to the newsletter is active. The other personal data collected during the registration process is usually deleted after a period of seven days.

Possibility of objection and removal

The subscription to the newsletter can be cancelled by the user concerned at any time. For this purpose, you will find a corresponding link in every newsletter. This also allows you to revoke your consent to the storage of personal data collected during the registration process.

VII. Registration

Description and scope of data processing

On our website, we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data will not be passed on to third parties. The following data is collected as part of the registration process:

Name, company, contact details incl. e-mail address

The following data is also stored at the time of registration:

(1) The IP address of the user
(2) Date and time of registration

As part of the registration process, the user's consent to the processing of this data is obtained.

Legal basis for data processing

The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent. If the registration serves the fulfilment of a contract of which the user is a contracting party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 lit. b DSGVO.

Purpose of the data processing

User registration is required for the provision of certain content and services (e.g. individual user and device information) on our website. In addition, registration of the user is necessary for the fulfilment of a contract with the user or for the implementation of pre-contractual measures. (Art. 6 para. 1 lit. b DSGVO)

retention period

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case for the data collected during the registration process, if the registration on our website is cancelled or modified. This is the case for the data collected during the registration process for the fulfilment of a contract or for the implementation of pre-contractual measures, if the data is no longer required for the implementation of the contract. Even after the conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to comply with contractual or legal obligations (e.g. tax requirements).

Possibility of objection and removal

As a user you have the possibility to cancel the registration at any time. You can have the data stored about you changed at any time.
If the data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, early deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.

VIII. Contact form and e-mail contact

Description and scope of data processing

A contact form is available on our website, which can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. These dates are:

Name, company, contact details incl. e-mail

The following data is also stored at the time the message is sent:

(1) The IP address of the user
(2) Date and time of registration

For the processing of data, your consent is obtained during the submission process and reference is made to this privacy policy. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, data is only passed on within the Leister Group; it is not passed on to third parties. The data is used exclusively for the processing of the conversation.

Legal basis for data processing

The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) lit. f DSGVO. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.

Purpose of the data processing

The processing of the personal data from the input mask serves us only for the treatment of the establishment of contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

retention period

The data will be deleted/blocked as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it is clear from the circumstances that the matter in question has been conclusively clarified. The examination of the necessity of the deletion/blocking of the data takes place every 2 years, in addition legal archiving obligations are to be considered. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

Possibility of objection and removal

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.

IX. Google services, analytics and plugins

Use of web analysis by Google Analytics

We use Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by visitors to the site is usually transmitted to a Google server in the USA and stored there.

In the event that IP anonymisation is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. IP anonymization is active on this website. Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage.

The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. In addition, the user can prevent the collection of the data generated by the cookie and related to their use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

As an alternative to the browser plug-in or within browsers on mobile devices, the user can click on the following link to set an opt-out cookie that will prevent the collection by Google Analytics within this website in the future (this opt-out cookie only works in this browser and only for this domain. In case of deleting the cookies in the browser, the link must be clicked again): Deactivate Google Analytics

Use of Google Maps

We use Google Maps from Google to display site plans, maps, terrain data, or geographic maps. This service records your IP address, which of our Internet pages you have visited and, if applicable, further data required by Google for the provision of the maps (e.g. location data). The information generated is stored on a server in the USA. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of us or Google. More information about the handling of user data can be found in Google's privacy policy.

The use of Google Maps is in the interest of an attractive presentation and easy location of the services we provide. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO.

More information about the handling of user data can be found in Google's privacy policy:
https://www.google.de/intl/de/policies/privacy/

The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Use of YouTube

When you visit us on YouTube, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as the operator of YouTube, collects and processes personal data in the following manner
Extent as provided in their privacy statements. You can access the data protection declaration under the following link:
https://policies.google.com/privacy

We use the statistical analyses provided by YouTube (the visits to our YouTube channel, the number of interactions, the visits and the average
duration of video plays, information about which countries and cities our visitors come from, and statistics about the gender ratio of our visitors) about the use of our YouTube channel, which YouTube provides in anonymized form via the "Analytics" service. Conclusions about individual users and access to individual user profiles by us are not possible.

In connection with our YouTube channel, we process the following personal data:

(1) Your YouTube username, as well as comments on our YouTube channel and messages you send to us through our YouTube channel.
(2) Your activity on our YouTube channel through the YouTube Analytics service, such as visits to our website, the volume of interactions, visits and average duration of video plays, information about which countries and cities our visitors come from, and statistics about our visitors' general relationships.
(3) Other information necessary to respond to inquiries from our visitors or to uniquely identify our visitors in our systems.

We do not store or process any personal data other than your YouTube username when you send us a direct message.

X. Social media services, analytics and plugins

Use of Facebook

The Facebook fan pages ("Fanpage") are operated by Facebook Ltd, 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland ("Facebook"). When you visit our Fanpage, Facebook processes your personal data in accordance with their privacy policy, which can be found at the following link:
be able to find https://www.facebook.com/policy.php

In connection with our social media channel on Facebook, we process the following personal data:

(1) Your Facebook username, as well as comments on our fan page and messages you have sent through our fan page.
(2) Other information necessary to respond to requests from our visitors or to uniquely identify our visitors in our system.
(3) Your activity on our Fan Page through the Facebook "Insights" service, such as visits to our website, volume of interactions, visits and average duration of video playbacks, information about which countries and cities our visitors come from, and statistics about our visitors' general relationships.

We use the statistical analyses provided by Facebook (the visits to our Fanpage, the number of interactions, the visits and the average duration of video playbacks, information about which countries and cities our visitors come from, and statistics about the gender ratio of our visitors) about the use of our Fanpage, which Facebook provides in anonymised form via the "Insights" service. Conclusions about individual users and access to individual user profiles by us are not possible.

Detailed information about Facebook "Insights" can be found at the following link:
https://www.facebook.com/legal/terms/information_about_page_insights_data

We and Facebook are therefore considered "joint controllers" within the meaning of the GDPR and have therefore entered into a corresponding joint responsibility agreement in order to comply with the requirements of the GDPR. You can view this joint responsibility agreement at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum

Here you will find all the information that is relevant to you as a data subject, in particular with regard to exercising your rights under data protection law.

Outside of the processing of personal data set forth in this Privacy Notice, we have no ability to control the processing of personal data in connection with your use of our Fanpage.

Use of Facebook Plug-ins

Due to our legitimate interest in the analysis, optimization and operation of our online offer (within the meaning of Art. 6 para. 1 lit. f. DSGVO), this website uses the Facebook Social Plugin, which is provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). The embeddings are recognizable by the Facebook logo or the terms "Like", "Like", "Share" in Facebook's colors (blue and white). Information on all Facebook plugins can be found via the following link:
https://developers.facebook.com/docs/plugins/

Facebook Inc. complies with European data protection law and is certified under the Privacy Shield agreement:
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

The plugin establishes a direct connection between your browser and the Facebook servers. The website operator has no influence on the nature and extent of the data that the plugin transmits to the servers of Facebook Inc.

You can find more information here:
https://www.facebook.com/help/186325668085084

The plugin informs Facebook Inc. that you as a user have visited this website. There is the possibility that your IP address is stored. If you are logged into your Facebook account during your visit to this website, the aforementioned information will be linked to it. If you use the functions of the plugin - for example by sharing or "liking" a post - the corresponding information is also transmitted to Facebook Inc. Do you want to prevent the Facebook. Inc. links this data to your Facebook account, please log out of Facebook before visiting this website and delete the stored cookies. Via your Facebook profile, you can make further settings regarding data processing for advertising purposes or object to the use of your data for advertising purposes. You can access the profile settings on Facebook via the following link:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Cookie deactivation page of the US website:
http://optout.aboutads.info/?c=2#!/

Cookie deactivation page of the European website:
http://optout.networkadvertising.org/?c=1#!/

What data, for what purpose and to what extent Facebook collects, uses and processes data and what rights and setting options you have to protect your privacy, you can read in the privacy policy of Facebook. You can find them here:
https://www.facebook.com/about/privacy/

Use of LinkedIn

When you visit our LinkedIn pages, your personal data is processed in accordance with LinkedIn's privacy policy, which can be found at the following link:
https://www.linkedin.com/legal/privacy-policy

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA ("LinkedIn").

In connection with our LinkedIn pages, we process the following personal data:

(1) Your LinkedIn username, as well as comments on our LinkedIn pages and messages you send to us through our LinkedIn pages.
(2) Your activity on our LinkedIn pages via LinkedIn analytics ("LinkedIn Page Insights"), for example, number of activities on our pages.
(3) Other information necessary to respond to inquiries from our visitors or to uniquely identify our visitors in our systems.

We use the statistical information provided by LinkedIn (the visits to our website, the number of interactions, information about which countries and cities our visitors come from and statistics about the field of work of our visitors) about the use of our LinkedIn pages in anonymous form. Conclusions on individual users and access to individual user profiles by us are not possible.

Due to this, "joint responsibility" applies within the meaning of the GDPR. The joint responsibility agreement can be found at the following link:
https://legal.linkedin.com/pages-joint-controller-addendum

Here you will find all the information relevant to you as a data subject, in particular on how to exercise your rights under data protection law. Outside of the processing of personal data set out in this privacy notice, we have no way of influencing the processing of personal data in connection with your use of our LinkedIn pages.

Use of LinkedIn plug-ins

The LinkedIn Plus-ins used on our website are marked with a LinkedIn logo. When you access a page on our website that contains such plug-ins, they are initially disabled. The plug-ins are only activated when you click on the corresponding LinkedIn log-in or button.
You can find an overview of LinkedIn's plug-ins and their appearance here:
https://www.linkedin.com/developers/

When you use our LinkedIn plug-ins, your personal data is processed in accordance with LinkedIn's privacy policy, which can be found at the following link:
https://www.linkedin.com/legal/privacy-policy

LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA ("LinkedIn").

Use of Twitter

When you visit us on Twitter, Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, as the operator of Twitter, collects and processes personal data to the extent described in its privacy policy. You can download the privacy policy at the following link:
View https://twitter.com/de/privacy.

We use the statistical information (the visits to our Twitter page, the number of interactions, information about which countries and cities our visitors come from, and statistics about the gender ratio of our visitors) about the use of our Twitter page that Twitter provides in anonymized form via the "Twitter Analytics" service. Conclusions about individual users and access to individual user profiles by us are not possible.

In connection with our Twitter page, we process the following personal data:

(1) Your Twitter username and comments on our Twitter pages and messages you send to us through our Twitter page.
(2) Your activity on our Twitter pages via the "Analytics" service, for example visits to our website, the reach of posts, information about which countries and cities our visitors come from, and statistics about the gender ratio of our visitors.
(3) Other information necessary to respond to inquiries from our visitors or to uniquely identify our visitors in our systems.

We do not store or process any personal data other than your Twitter username when you send us a direct message.

Use of Twitter plug-ins

Twitter is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). The plug-ins are marked with a LinkedIn logo. When you access a page on our website that contains such plug-ins, they are initially disabled. The plug-ins are only activated when you click on the corresponding button.

You can find an overview of Twitter's plug-ins and their appearance here:
https://developer.twitter.com

You can find information on data protection at Twitter here:
https://twitter.com/de/privacy.

Use of Instagram

The Instagram pages are operated by Facebook Ltd, 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland, the service provider of Instagram. When you visit our Instagram pages, Instagram processes your personal data in accordance with the privacy policy applicable there, which you can find at the following link:
https://help.instagram.com/519522125107875

We use the statistical information provided by Instagram via the Instagram service "Insights" (the visits to our website, the number of interactions, information about which countries and cities our visitors come from and statistics about the gender ratio of our visitors) about the use of the Instagram pages in anonymous form. Conclusions about individual users and access to individual user profiles by us are not possible.

In connection with our social media channel on Instagram, we process the following personal data:

(1) Your Instagram username, as well as comments on our Instagram pages and messages you send to us through our Instagram pages.
(2) Your activities on our Leister Instagram page via the Instagram Insights service, e.g. visits to our website, the reach of posts, information about which countries and cities our visitors come from, and statistics about the gender ratio of our visitors.
(3) Other information necessary to respond to inquiries from our visitors or to uniquely identify our visitors in our systems.

Use of SalesViewer

This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.

In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.

The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.

The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.

XI. Use of further service providers

Use of the Shopify shop system

We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2. Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purposes of hosting and displaying the online store on a processing on our behalf basis. All data collected on our website is processed on Shopify's servers. As part of Shopify's aforementioned services, data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on behalf of Shopify. In case of transfer of data to Shopify Inc. in Canada, the adequate level of data protection is guaranteed by adequacy decision of the European Commission. Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc. and Shopify (USA) Inc. in the USA are certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.

For more information about Shopify's privacy policy, please visit:
https://www.shopify.de/legal/datenschutz

Use of Paypal

If you pay for an order in our online shops, as far as possible with PayPal, your first and last name, delivery address, e-mail address, telephone number and IP address will be transmitted to PayPal (i.e. to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg) in addition to the amount to be paid by you. With the transmission of the data the authorization of the payment takes place to us opposite PayPal (you need a PayPal account for this). In addition, PayPal offers the possibility to process virtual payments via credit cards if a user does not have a PayPal account.

The legal basis for the data processing associated with this is Art. 6 (1) b) DSGVO, i.e. the processing of your data is necessary for the fulfilment of the agreement on a payment of your purchase via PayPal.

The data transmitted to PayPal may be transferred by PayPal to credit agencies. This transmission serves the purpose of checking identity and creditworthiness. You can find more information about PayPal's privacy policy on the PayPal website at:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Payment with PayPal is optional. We provide a range of other payment options wherever possible.

The legal basis for the data processing associated with this is Art. 6 (1) f) DSGVO (balancing of interests, based on our interest in offering you effective and secure payment options and, in this context, preventing fraud).

Use of Klarna

If necessary, we also offer you the possibility of payment by "purchase on account" via the service provider Klarna (Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden). If you decide to purchase on account, you transmit within the scope of your agreement with Klarna the personal data (first and last name, address, date of birth, gender, e-mail address, IP address, telephone number) necessary for the processing of the purchase on account and an identity and credit check, as well as the data necessary for the processing of the purchase on account (number of items, item number, invoice amount and taxes in percent) to Klarna. This data is collected so that Klarna can carry out an identity and credit check and issue an invoice in order to process your purchase with the invoice processing you have requested. With regard to identity and credit checks, Klarna may obtain information from the following credit agencies:

(1) Schufa Holding AG, Kormoranweg 5, 65203 Wiesbaden, Germany
(2) Bürgel Wirtschaftsinformationen GmbH & Co. KG, P.O. Box 5001 66, 22701 Hamburg, Germany
(3) Creditreform Bremen Seddig KG, Contrescarpe 17, 28203 Bremen, Germany
(4) infoscore Consumer Data GmbH, Rheinstrasse 99, 76532 Baden-Baden, Germany

When deciding on the payment option purchase on account, Klarna uses, apart from an address check, also information on your previous payment behaviour as well as probability values on this behaviour in the future. The calculation of these score values by Klarna is carried out on the basis of a scientifically recognised mathematical statistical procedure. For this purpose, Klarna will also use your address data, among other things. The details of the processing of your data by Klarna can be found in the privacy policy of Klarna under the following link:
https://www.klarna.com/de/datenschutz

The legal basis for the data processing associated with this is Art. 6 (1) b) DSGVO, i.e. the processing of your data is necessary for the fulfilment of your agreement with Klarna on a payment of your purchase by purchase on account from Klarna. In addition, the legal basis is Art. 6 (1) f) DSGVO (balancing of interests, based on the interest of Klarna to offer you effective and secure payment options and in this context to prevent fraud).

Use of the podcast hosting service Podigee
We use the podcast hosting service Podigee of the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany. The podcasts are loaded from Podigee or transmitted via Podigee. The use is based on our legitimate interests, i.e. Interest in a secure and efficient provision, analysis and optimization of our podcast offer in accordance with the German Data Protection Act. Art. 6 para. 1 lit. f. GDPR. Podigee processes IP addresses and device information to enable podcast downloads/playbacks and to gather statistical data, such as view counts. This data is anonymised or pseudonymised before being stored in Podigee's database, unless it is necessary for the provision of the podcasts.

For more information and to opt-out, please see Podigee's privacy policy:
https://www.podigee.com/de/about/privacy

myLeister AR app

What data is stored

On our app, we offer users the opportunity to sign up for digital services and features by providing personal information. As soon as you download and install a Leister app on your device, register and connect your Leister welding machine to the Leister app, the following data is stored:

(1) Registration or login data (name, company, contact data incl. e-mail address) according to section "VII. Registration" of the privacy policy
(2) Registration of Leister devices (serial number, article number, date of manufacture, warranty information);
(1) Welding parameter data Device-specific (temperature, pressure, joining force, latitude, longitude and the type of welding machine, etc.);
(4) Geolocation data about the location of your workstations and activities performed there;
(5) Recipes (device-specific welding parameter profiles such as time, temperature and welding speed etc.)
(2) other user inputs (such as environmental conditions, materials, etc.);

As part of the registration process, the user's consent to the processing of this data is obtained. The data will not be passed on to third parties.

XIII. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the German Data Protection Act. GDPR and you are entitled to the following rights against the controller:

Right to information

You may request confirmation from the controller as to whether personal data concerning you is being processed by us. If there is such processing, you can request information from the controller about the following:

(1) the purposes for which the personal data are processed;
(2) the categories of personal data which are processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
(4) the envisaged duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the duration of the storage;
(5) the existence of a right to obtain the rectification or erasure of personal data concerning you, a right to obtain the restriction of processing by the controller or a right to object to such processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) any available information on the origin of the data, if the personal data are not collected from the data subject;
(8) the existence of automated decision-making, including profiling pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information on whether personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. Article 46 of the GDPR in connection with the transfer.

right of rectification

You have a right of rectification and/or completion vis-à-vis the data controller if the personal data processed concerning you are inaccurate or incomplete. The person responsible shall make the correction without delay.

Right to restrict processing

You may request the restriction of the processing of personal data concerning you under the following conditions:

(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;
(3) the controller no longer needs the personal data for the purposes of processing, but you need them for the establishment, exercise or defence of legal claims; or
(4) if you have objected to the processing pursuant to Article 21(1) DSGVO and it is not yet clear whether the legitimate grounds of the controller override your grounds.

Where the processing of personal data relating to you has been restricted, such data may be processed, with the exception of storage, only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or of a Member State. If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

right of cancellation

a) Obligation to delete

You may request the controller to delete the personal data concerning you without delay, and the controller is obliged to delete such data without delay if one of the following reasons applies:

1. The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing according to. Article 6(1)(a) or Article 9(2)(a) DSGVO and there is no other legal basis for the processing.
(3) They shall lay down in accordance with. Article 21 (1) DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 (1) DSGVO. Article 21 (2) DSGVO to object to the processing.
(4) The personal data concerning you have been processed unlawfully.
(5) The deletion of personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
(6) The personal data concerning you has been collected in relation to information society services offered pursuant to Article 8(1) of the GDPR.

b) Information to third parties

If the controller has made the personal data relating to you public and is responsible pursuant to. Article 17(1) of the Data Protection Regulation, it shall take reasonable measures, including technical measures, having regard to the available technology and the cost of implementation, to inform those responsible for processing the personal data that you, as the data subject, have requested erasure of all links to, or copies or replications of, that personal data.

(c) Exceptions

The right to erasure does not exist insofar as the processing is necessary

(1) to exercise the right to freedom of expression and information;
(2) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) of the GDPR;
(4) for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 7. Article 89(1) of the GDPR, insofar as the right referred to in Section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or;
(5) to assert, exercise or defend legal claims.

Right to information

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to communicate this rectification or erasure of the data or restriction of processing to all recipients to whom the personal data concerning you have been disclosed, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.

Right to data portability

You have the right to obtain the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that

(1) the processing is based on consent pursuant to. Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract acc. Art. 6 para. 1 lit. b DSGVO is based and
(2) the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transferred directly from one controller to another, insofar as this is technically feasible. Freedoms and rights of other persons must not be impaired by this. The right to data portability shall not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Right of objection

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) or (f) DSGVO; this also applies to profiling based on these provisions. The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes. You have the possibility, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by means of automated procedures using technical specifications.

Right to revoke the declaration of consent under data protection law

You have the right to revoke your declaration of consent at any time. The revocation shall not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision;

(1) is necessary for the conclusion or performance of a contract between you and the controller,
(2) is authorised by legislation of the Union or the Member States to which the controller is subject and that legislation contains adequate measures to safeguard your rights and freedoms and your legitimate interests; or
(3) is done with your express consent.

However, these decisions must not be based on special categories of personal data pursuant to Art. 9(1) of the GDPR, unless Art. 9(2)(a) or (g) of the GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests. With regard to the cases referred to in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms of, and the legitimate interests of, the data subject, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. The responsible supervisory authority for our company can be found here:

Data protection officer SZ, OW, NW
Gotthardstrasse 21
6414 Oberarth

Email info@kdsb.ch
Telephone no.+41 41 662 74 16
Fax:+41 41 662 74 16

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. The responsible supervisory authority for our company can be found here:

Commission de la Protection de la Vie Privée
Rue de la Presse 35
1000 Brussels

Email commission@privacycommission.be
Telephone no.+32 2 274 48 00
Fax:+32 2 274 48 35

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. The responsible supervisory authority for our company can be found here:

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
Kavalleriestrasse 2-4
40213 Düsseldorf

Email poststelle@ldi.nrw.de
Telephone no.+49 0211 384 24-0
Fax:+49 0211 384 24-10

Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. The responsible supervisory authority for our company can be found here:

IL GARANTE PER LA PROTEZIONE DEI DATI PERSONALI
Piazza di Monte Citorio 121
00186 Roma

Email urp@gpdp.it
Telephone no.+39 06 6967 71

XIV. Data security

Data security

We make every effort to ensure the security of your data within the framework of the applicable data protection laws and technical possibilities. Your personal data will be transmitted encrypted. However, we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible. In order to secure your data, we maintain technical and organizational security assumptions, which we constantly adapt to the state of the art.

XV. Disclosure of data to third parties, data transfer to third countries

Disclosure of data to third parties, data transfer to third countries

In principle, we only use your personal data within our group of companies. If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers) or to respond to your pre-contractual inquiries, they will receive personal data only to the extent that the transmission is necessary for the corresponding service. In the event that we outsource certain parts of data processing ("commissioned processing"), we contractually oblige commissioned processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject. A data transfer to third countries, which are not a gem. Article 45 of the GDPR does not take place and is not planned. The legal basis for the processing of the data is Art. 6 (1) lit. f DSGVO. If the processing aims at the conclusion of a contract/pre-contractual measure, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.

XVI. Data from unsolicited applications and general application procedures

Data from unsolicited applications and general application procedures

Personal data from applications are temporarily stored for the purpose of processing the procedure. In the event of employment, the data will be added to the personnel file and further stored for the purpose of processing the employment relationship. If the applicant is not employed, the personal data provided will be deleted two months after it has been sent (unsolicited application) or two months after the end of the application procedure, unless the legitimate interests of the person responsible conflict with this procedure.

If the applicant objects to this procedure, the transmitted data will be deleted immediately, unless the processing is still necessary due to a legal obligation. His application can then not be considered in case of deletion of the data. The legal basis for the processing of the data is Art. 6 (1) lit. f DSGVO. If the application aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.

XVII. Changes to our data protection declaration

Due to further technical development and/or changes in legal and/or official requirements, it may become necessary to adapt this data protection information. The current version is always available on this page.

Status 04/2021