Data protection declaration
SEVERIN Elektrogeräte GmbH, Röhre 27, 59846 Sundern, (hereinafter also referred to as we/us) is responsible for SEVERIN’s internet offering.
With the data protection declaration web pages, we would like to inform you comprehensivelyand in detail of how we protect your privacy and how personal data is processed in the context of our web pages and/or online offering. Personal data will be deleted as soon as possible and – subject to the following regulations – will never be used or passed on for advertising purposes without your consent.
If the following information is insufficient or incomprehensible, please do not hesitate to contact our data protection officer via the contact details listed in section II.
II. Responsible body / Data protection officer / Competent supervisory authority
|Responsible body||Data protection officer||Competent supervisory authority|
|SEVERIN Elektrogeräte GmbH
59846 Sundern, Germany Tel.: +49 (0)2933-9820
Fax: +49 (0)2399-9821500
|SEVERIN Elektrogeräte GmbH
– Data protection officer –
59846 Sundern, Germany Tel.: +49 (0)2933-9820
Fax: +49 (0)2399-9821500
|Landesbeauftragte für Datenschutz und Informationsfreiheit NRW (State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia)
Postfach 20 04 44
III. General principles / information
The definitions are based on Regulation (EU) 679/2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the “General Data Protection Regulation” or the “GDPR”). In particular, the definitions in Art. 4 and Art. 9 GDPR apply. For your information, we have summarised the essentially relevant definitions below in section X. once again.
2. Scope of personal data processing
We only collect and use our users’ personal data insofar as this is necessary for the production and provision of our services and for the provision of our web or online offerings (including mobile apps).
3. Legal basis
Insofar as personal data is processed on the basis of the data subject’s consent, Art. 6 para. 1 (a) GDPR is the legal basis for processing.
In the processing of personal data for the performance of a contract to which the data subject is a party, the legal basis is Art. 6 para. 1 (b) GDPR. This also applies to the processing required for the performance of pre-contractual measures.
If personal data is processed in order to fulfil a legal obligation to which we are subject, Art. 6 para. 1 (c) GDPR is the legal basis. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 (d) GDPR applies as the legal basis.
If processing is necessary to safeguard our company’s legitimate interests or those of a third party, and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 (f) GDPR serves as the legal basis for processing.
4. Processing for the enforcement of claims / fulfilment of legal obligations
We reserve the right to process personal data for the purpose of asserting claims in the context of justified interests pursuant to Art. 6 para. 1 (f) GDPR; this also includes the transmission of data to authorities and/or courts. Likewise, data may be processed and/or transmitted for the purpose of fulfilling statutory or legal obligations (e.g. information from authorities, etc.); the legal basis for this is Art. 6 para. 1 (c) GDPR.
5. Obtaining consent / right of revocation
Consents pursuant to Art. 6 para. 1 (a) GDPR are always voluntary and are generally obtained in writing or electronically. Electronic consent is obtained by ticking the corresponding box for the purpose of documenting the granting of consent. The content of the declaration of consent is recorded electronically.
Right of revocation: Please note that a consent once given can be revoked at any time with effect for the future – in full or in part. The legality of processing based on consent until revocation remains unaffected by this. Please address any revocation to the contact details given in section II (responsible body or data protection officer).
6. Potential recipients of personal data
In order to provide our web and/or online services, we sometimes use third party service providers who act on our behalf and in accordance with our instructions (contract processors). These service providers may receive personal data or come into contact with personal data within the scope of the provision of services and represent third parties or recipients within the framework of the GDPR.
In such a case, we ensure that our service providers offer sufficient guarantees that suitable technical and organisational measures are in place and that processing is carried out in such a way that they comply with the requirements of the GDPR and guarantee the protection of the rights of the person concerned (cf. Art. 28 GDPR).
Insofar as a transfer of personal data to third parties and/or recipients takes place outside the processing of an order, we ensure that this takes place exclusively in accordance with the requirements of the GDPR and only if there is a corresponding legal basis (e.g. Art. 6 para. 4 GDPR, for the rest see section III.3).
7. Processing of data in so-called third countries
Your personal data is processed within the EU or the European Economic Area (“EEA”).
Only in exceptional cases (e.g. in connection with the use of service providers for the provision of web analysis services) can information be transferred to so-called “third countries”. “Third countries” are countries outside the European Union and/or the Agreement on the European Economic Area where an adequate level of data protection in accordance with EU standards cannot be readily assumed.
If the transmitted information also includes personal data, before such transmission we ensure that an appropriate level of data protection is guaranteed in the respective third country or with the respective recipient in the third country, or that you have given your consent to this, or that another reason for authorisation (e.g. Art. 49 GDPR) exists. An adequate level of data protection can result from a so-called “adequacy decision” of the European Commission or can be ensured by using the so-called “EU standard contractual clauses”. In the case of recipients in the USA, compliance with the principles of the so-called “EU-US Privacy Shield” can also ensure an adequate level of data protection. If transmission should take place to so-called third countries, we will be pleased to provide you with further information on compliance with an appropriate level of data protection upon request. Please contact our data protection officer. Contact details can be found at the beginning of this data protection information. Information about the participants in the EU-US Privacy Shield can also be found here www.privacyshield.gov/list.
8. Data deletion and duration of storage
Data subjects’ personal data will be deleted insofar as the data is no longer required for the respective processing purposes. Instead of deletion, the data may be stored under restriction of processing, if this is provided for by the European or national legislator of EU regulations, laws or other regulations to which our company is subject, in particular e.g.
– to fulfil legal storage obligations (e.g. pursuant to the Fiscal Code (AO) or the Commercial Code (HGB), currently between 6 to 10 years), and/or
if there are justified interests in storage (e.g. during the course of limitation periods for the purpose of any legal defence (§§ 195 et seq. of the German Civil Code, currently between 3 and 30 years).
The data will be deleted at the latest when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion of a contract or for other purposes.
9. Rights of data subjects
The GDPR grants certain rights to the person who is the subject of the processing of personal data (so-called rights of data subjects, in particular Art. 12 to Art. 22 GDPR). The individual rights of the data subjects are explained in more detail in section XI. If you wish to exercise one or more of these rights, you can contact us at any time. Please use the contact options listed under section II.
IV. Data processing for the provision of the website / collection of log files
Every time you visit our website, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected (hereinafter “log data”):
– information regarding the used browser type and version
– the user’s operating system
– the user’s internet service provider
– the user’s IP address
– date and time of access
– websites from which the user’s system accesses our website
– websites accessed by the user’s system via our website
With the exception of the IP address, the above-mentioned log data does not allow any personal reference to the user; personal reference can only be established by assigning or linking the log data to an IP address.
1. Purpose and legal basis
Log data, in particular the IP address, is collected and processed for the purpose of providing the contents of our website to the user, i.e. for the purpose of communication between the user and our web or online offering. The IP address must be temporarily stored for the duration of the respective communication process. This is required to address the communication traffic between the user and our web and/or online offering or is required to use our web and/or online offering. The legal basis for this data processing – i.e. for the duration of your visit to the website – is Art. 6 para. 1 (b) GDPR or § 96 of the Telecommunications law (TKG) or § 15 para. 1 of the Telemedia law (TMG).
Any processing and storage of the IP address in log files beyond the communication process is carried out for the purpose of ensuring the functionality of our web and online offerings, for the purpose of optimising these offerings and for ensuring the security of our information technology systems. The legal basis for storing the IP address for these purposes beyond the communication process is Art. 6 para. 1 (f) GDPR (protection of legitimate interests) or § 109 TKG.
2. Data deletion and duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. If data has been collected in order to provide this website, it will be deleted once you leave the site. Any further storage of log data including the IP address for the purpose of system security takes place for a maximum period of seven days from the end of site access by the user. Any further processing and/or storage of log data is possible and permissible, provided that the IP addresses of the users are deleted after expiry of the aforementioned seven-day storage period or are distorted in such a way that it is no longer possible to assign the log data to an IP address, i.e. that the data is anonymous.
3. Objection and cancellation options
The collection of log data for the provision of the website including its storage in log files within the aforementioned limits is absolutely necessary for the operation of the website. There is therefore no possibility for the user to object. The opposite applies to the processing of log data for analysis purposes, this depends on section VII., depending on the web analysis tools used and the type of data analysis (personal/anonymous/pseudonymous).
V. – currently not occupied –
We distinguish between (i) technically necessary cookies, (ii) analysis cookies and (iii) third-party cookies:
(i) We use technically necessary cookiesto make our web and/or online offering more user-friendly. The following data is stored in technically necessary cookies and transmitted to our systems, for example:
– language settings
– information on the terminal device / PC used and its settings
– items in a shopping cart
– log-in information
(ii) Analysis cookies (also known as session cookies) are used by us to analyse the surfing behaviour of users on our web and/or online offerings for the purpose of advertising, market research or for the demand-oriented design of our offers. The following data about analysis cookies is collected and transmitted to our systems:
– search items entered
– frequency of page views
-use of website functions
The user data collected in this way is pseudonymised by technical means. It is then no longer possible to assign the data to the calling user.
(iii) Third-party cookies are cookies that are not provided by our web servers but by third parties. These include, for example, the integration of the “Like” button. When you click on it, Facebook places a “custom” cookie in the user’s browser. Third-party cookies can never be searched for and/or evaluated by us.
Third parties are solely responsible for the use of such cookies – we have no control over their use and processing. You can prevent third-party cookies from being set by the means described in sections VI.3. and VII.
1. Purpose and legal basis
– applying language settings
– remembering search terms
– repeated access to internet sites
– status check of the setting to accept cookies
The user data collected by technically necessary cookies is not used to create user profiles. The legal basis for the use of technically necessary cookies is Art. 6 para. 1 (b) GDPR, insofar as it is possible to establish a personal reference to the user and the use is necessary for the purpose of providing our web and/or online offerings in the sense of contract fulfilment, otherwise Art. 6 para. 1 (f) GDPR, since the use is also made to safeguard legitimate interests for the purpose of providing web and/or online offerings.
The use of analysis cookies is for the purpose of improving the quality of our website and its contents. Using analysis cookies, we learn how the site is used and can constantly optimise our service (see above). The legal basis for the processing of personal data using analysis cookies is, insofar as it is possible to establish a personal reference to the user, in the case of the user’s consent Art. 6 para. 1 (a) GDPR. If analysis cookies are used to create pseudonymous evaluations, the legal basis is Art. 6 Para. 1 (f) GDPR (protection of legitimate interests) or § 15 Para. 3 of the Telemedia law (TMG).
2. Data deletion and duration of storage
Cookies are stored on the user’s respective end device (smart device/PC) and transmitted from there to our websites. A distinction is made between so-called permanent cookies and session cookies. Session cookies are stored for the duration of a browser session and deleted when the browser is closed. Permanent cookies are not deleted when the respective browser session is closed, but are stored on the user’s terminal device for a longer period of time.
3. Objection and cancellation options
VII. Web analysis
In order to optimise our website and to adjust to our users’ changing habits and technical conditions, we use so-called web analysis tools. For example, we measure which elements are visited by users, whether the information they are looking for is easy to find, and so on. This information can only be interpreted and made meaningful when a larger group of users is considered. For this purpose, the data collected is aggregated, i.e. combined into larger units.
For example, we can adapt the design of pages or optimise content if we discover that a relevant proportion of visitors use new technologies or find existing information impossible or difficult to find.
Within our web and online offerings we carry out the following analyses and use the following web analysis tools:
1. Analysis of log data
Log data is only used for analysis purposes on an anonymous basis – in particular, it is not linked to the user’s personal or related data and/or to an IP address or a cookie. Such an analysis of log data is therefore not subject to the data protection regulations of the GDPR.
2. Google Analytics and Google Tag Manager
As a rule, information generated by cookies regarding your use of this website will be forwarded to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, Google will shorten your IP address within member states of the European Union or in other countries that are contracting parties to the Agreement on the European Economic Area before transmitting it. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. Google uses the information mentioned to evaluate the use of the website on our behalf, to compile reports on the website activities and to provide the website operator with further services associated with the use of the website and the internet. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.
You can prevent the storage of cookies by making the appropriate setting through your browser software; we would point out, however, that this may mean you cannot enjoy full use of all the functions of our website.
If you do not wish to have an evaluation by Google Analytics, you have the following options:
– You can also prevent collection by Google Analytics by clicking on the following link. This sets an opt-out cookie which prevents the future collection of your data by Google Analytics when visiting this website: http://tools.google.com/dlpage/gaoptout?hl=de
Please note: if you delete your cookies, this will mean that the opt-out cookie is also deleted and may need to be re-activated by you.
– You can also prevent disclosure to Google and processing by Google of the data generated by the Google Analytics cookie about your use of the website (incl. your IP address), by downloading and installing the browser plugin available via the following link: (http://tools.google.com/dlpage/gaoptout?hl=de)
We use Google Analytics to evaluate data from AdWords and the double-click cookie for statistical purposes. Should you object to this, you can disable it through the Ads Preferences Manager (http://www.google.com/settings/ads/onweb/?hl=de).
In addition, the Google Tag Manager is used: Google Tag Manager is a solution that allows marketers to manage web page tags through a single interface. The Tag Manager tool itself (which implements the tags) is a cookieless domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data under certain circumstances. The Google Tag Manager does not access this data. If deactivation occurs at domain or cookie level, it remains in use for all tracking tags, which are implemented by Google Tag Manager. (http://www.google.de/tagmanager/use-policy.html).
3. Google Adwords Conversion Tracking
We partly use the online advertising programme Google AdWords on our websites and in this context conversion tracking (visit action evaluation). Google Conversion Tracking is an analytical service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google“). Once this is the case, a conversion tracking cookie will be placed on your computer when you click on an ad placed by Google. These cookies have a limited validity period, they contain no personal data and are therefore not used for personal identification. If you visit certain pages within our website and the cookie has not yet expired, we and Google can recognise that you have clicked the advert and have been directed to that page. Each Google AdWords customer has a different cookie. There is therefore no way for cookies to be tracked through advertisers’ websites.
The information collected using the conversion cookie is used to generate conversion statistics. This tells us the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. We do not obtain any information that can be used to identify users personally. You can prevent cookies from being stored by selecting the appropriate technical settings in your browser software, see section VI.3, above.
On our website we use plugins of the AddThis service, which is operated by AddThis, LLC, 1595 Spring Hill Rd, Suite 300, Vienna, VA 22182, USA (“AddThis”). AddThis provides tools for creating and designing websites (www.addthis.com), that make it easier for website visitors to share the current page with other internet users by e-mail or on social networks. You can recognise these plugins by the “Facebook”, “Twitter” “Pinterest”, “E-Mail” and “g+” buttons integrated into parts of our website.
We do not process the data concerned or pass it on to third parties. By using the AddThis plugin you agree to data processing by AddThis. You can also object to the collection and storage of data by AddThis at any time with future effect by setting a so-called opt-out cookie. Visit http://www.addthis.com/privacy/opt-out.
VIII. Newsletter / advertising / social media plugins
On our web and online offerings we also offer the possibility of registering for our newsletters; we also use advertising tools and social media plug-ins. In detail:
1. Newsletter / advertising and marketing / Customer surveys
Your personal data will only be used for advertising and/or marketing purposes, for conducting customer satisfaction surveys and for registering for the newsletter if you have given your consent or on another legal basis which permits advertising and/or marketing to be conducted without your consent.
If you would like to receive our newsletter, we need a valid email address from you. In order to be able to check whether you are the owner of the given email address or whether the owner agrees to receive the newsletter or advertising, we will send an automated email to the given email address (so-called double opt-in) after the first registration step. Only after you confirm the newsletter registration or the advertising request via a link in the confirmation email will we add the email address provided to our mailing list. We do not collect any other data apart from the email address and the information required to confirm the registration. Your data will only be processed for the purpose of sending the newsletter you have ordered.
The legal basis for advertising and/or marketing measures based on express consent is Art. 6 para. 1 (a) GDPR; for newsletter registration Art. 6 para. 1 (b) GDPR; the statements on consent under section III.5 apply accordingly.