Verantwortlicher im Sinne der Datenschutz-Grundverordnung (DSGVO) und sonstiger in den Mitgliedstaaten der Europäischen Union geltenden Datenschutzgesetze und anderer Bestimmungen mit datenschutzrechtlichem Charakter ist:
Alfred Herzog Metallwarenfabrik GmbH
Halverstraße 20
58515 Lüdenscheid
Telefon: +49 2351 66428-0
https://www.herzog-pfannen.com/
We welcome you to our website and thank you for your interest. The protection of your personal data is an important and self-evident matter for us. Therefore, we conduct our activities in accordance with the applicable legal provisions on the protection of personal data and data security. We are happy to inform you about how we process your personal data and for what purposes.
If you have any further questions regarding the handling of your personal data, please do not hesitate to contact our data protection officer:
Herr Rechtsanwalt Markus Heinrich
c/o Wolter Hoppenberg Rechtsanwälte Partnerschaft mbB
Münsterstraße 1-3
59065 Hamm
E-Mail: info@herzog-pfannen.com
The term personal data is defined in the Federal Data Protection Act (BDSG) and in the GDPR. According to this, personal data are all data that can be related to you personally. This includes, for example, your name, your address, your user behaviour or your IP address.
Unless otherwise stated in the following sections, no personal data is collected, processed or used when using our website. However, we receive certain technical information through the use of analysis and tracking tools based on the data transmitted by your web browser (e.g. browser type/version, operating system used, previously visited websites). We evaluate this information solely for statistical purposes.
Insofar as we obtain the consent of the data subject for processing operations involving personal data concerning them, Art. 6 para. 1 lit. a GDPR serves as the legal basis for the processing of personal data.
When processing personal data that is necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures that are carried out at the request of the person concerned.
Insofar as the processing of your personal data is necessary to fulfill a legal obligation to which we, as the controller, are subject, Art. 6 (1) lit. c GDPR serves as the legal basis for the processing of your personal data.
If the processing of personal data is necessary to protect your vital interests or the vital interests of another natural person, Article 6(1)(d) GDPR serves as the legal basis for the processing of your personal data.
If processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us, Article 6(1)(e) GDPR serves as the legal basis for the processing of your personal data.
If processing is necessary to safeguard our legitimate interests or those of a third party, and if your interests, fundamental rights, and freedoms do not outweigh the former interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing of personal data.
Our website uses cookies. Cookies are data that are stored on your computer system by the Internet browser. The cookies can be transmitted to a page when it is accessed up and thus enable users to be identified. Cookies help to simplify the use of websites for you. We use cookies only for the purpose of obtaining information about the use of our website and for statistical purposes.
It is possible to object to the setting of cookies at any time by changing the setting in your internet browser accordingly. Cookies that have been set can also be deleted. Please note that if you deactivate cookies, you may not be able to use all the functions of our website to their full extent. The data collected from you in this way can be pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the accessing user. The data is not stored together with other personal data from you.
The legal basis for the processing of your personal data using technically necessary cookies is Art. 6 (1) lit. f GDPR. Die Rechtsgrundlage für die Verarbeitung Ihrer personenbezogenen Daten unter Verwendung von Cookies zu Analysezwecken bestimmt sich bei Vorliegen Ihrer diesbezüglichen Einwilligung nach Art. 6 Abs. 1 lit. a DSGVO.
The settings for using third party cookies can also be changed in our data privacy tool.
Every time our website is accessed, data and information are collected by an automated system. These are stored in the log files of the server as well as the log files of our system. This data is not stored together with other personal data of yours.
The following data may be collected:
f you use the option to register on our website by providing personal data, the data in the respective input mask will be transmitted to us. The data is stored by us exclusively for internal use. The data are deleted as soon as it is no longer required to achieve the purpose for which it was collected.
When you register, your IP address and the date and time of registration are stored. This serves to prevent misuse of the services. Your data will not be passed on to third parties. An exception exists if there is a legal obligation to pass on the data.
The data provided during registration are necessary for the provision of content or services. As a registered person, you have the option of deleting or modifying your stored data at any time. You will receive information about your stored personal data at any time.
On our website you will find a contact form that can be used for electronic contact. Alternatively, it is possible to contact us by the e-mail address provided. If you contact us by one of these channels, the personal data you provide will be stored automatically. The data is stored solely for the purpose of processing your request or contacting you. The data will not be passed on to third parties. The legal basis for processing the data is Art. 6 (1) (a) GDPR, provided you have given your consent.
The legal basis for processing the data transmitted in the course of sending an email is Art. 6 (1) lit. f GDPR. If the purpose of the email contact is to conclude a contract, Art. 6 (1) (b) GDPR also serves as the legal basis for processing.
The data are deleted as soon as it is no longer required to achieve the purpose for which it was collected. or the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
We use your personal data to process your online purchases from Alfred Herzog Pfannen and to send you messages regarding the delivery status or notifications in the event of problems with the delivery of your items. We also use your personal data to process your payments. We also use your data to process complaints and product warranty claims. Your personal data is used to establish your identity, to ensure that you are of legal age for online purchases and to match your address with external partners. We aim to offer you multiple payment methods and undertake analysis to identify which payment options are available to you, including your payment history and credit checks.
If you choose to pay using one of the online payment service providers offered by us as part of your order process, your contact details will be transferred to them as part of the order. The legitimacy of the transfer of the data results from Art. 6 para. p. 1 lit. b GDPR for the implementation of the payment method you have chosen as well as our legitimate interests pursuant to Art. 6 para. p. 1 lit. f GDPR to enable user-friendly and uncomplicated payment processing.
The personal data transmitted to the online payment service provider are mostly first name, last name, address, IP address, e-mail address, or other data required for order processing. In addition, it is also data related to the service, such as the type of service, identity of the recipient, invoice amount and taxes as a percentage, billing information, etc..
This transfer is necessary to carry out the service with the payment method you have chosen, in particular to confirm your identity, to administer your payment and the customer relationship.
However, please note: Personal data may also be disclosed by the online payment service provider to service providers, subcontractors or other affiliated companies to the extent necessary to fulfil the contractual obligations arising from your order or to process the personal data on your behalf.
Depending on the selected payment method, e.g. invoice or direct debit, the personal data transmitted to the provider will be transferred by the provider to credit agencies. This transmission serves to check your identity and creditworthiness in relation to the order you have placed. You can find out what information is involved here and what data is generally collected, processed, stored and passed on by the respective provider in the respective data protection declarations of the providers:
We process and store your personal data only as long as this is necessary to achieve the purpose of storage. Storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.
As soon as the storage purpose ceases to apply or a storage period prescribed by the aforementioned regulations expires, the personal data will be routinely blocked or deleted.
If personal data is processed by you, you are a data subject within the meaning of the GDPR and you are entitled to the following rights towards us as the data controller:
You may request confirmation from us as to whether personal data relating to you is being processed by us.
If such processing is taking place, you may request information from us about the following:
You have the right to request information about whether your personal data is transferred to a third country or to an international organisation. In this context, you may request to be informed about the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transfer.
You have the right to rectification and/or completion if the personal data processed about you is inaccurate or incomplete. We must carry out the rectification without delay.
10.3.1 You may request from us to delete your personal data without delay. We are obliged to delete this data immediately if one of the following reasons exists:
10.3.2 If we have made your personal data public and are obliged to delete it in accordance with Art. 17 (1) GDPR, we will take reasonable measures, including technical measures, taking into account the available technology and implementation costs, to inform the data controllers who process the personal data that you, as the data subject, have requested the erasure of all links to this personal data or of copies or replications of this personal data.
10.3.3 The right to erasure does not exist to the extent that the processing is necessary
You may request the restriction of the processing of your personal data under the following conditions:
If the processing of your personal data has been restricted, such data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
If you have asserted the right to rectification, erasure or restriction of processing, we are obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right to be informed by us about these recipients.
You have the right to receive your personal data provided to us in a structured, common and machine-readable format. You also have the right to transfer this data to another data controller without hindrance from us, provided that
In exercising this right, you also have the right to have your personal data transferred directly from us to another controller, insofar as this is technically feasible. This must not affect the freedoms and rights of other people.
The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions.
Thereupon, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
You have the possibility, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by means of automated procedures using technical specifications.
Pursuant to Art. 7 para. 3 sentence 1 GDPR, you have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Pursuant to Article 22(1) of the GDPR, you have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:
However, these decisions may not be based on special categories of personal data pursuant to Art. 9(1) of the GDPR, unless Art. 9(2)(a) or (g) applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
With regard to the cases mentioned in a. and c., we take appropriate measures to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain our intervention, to express your point of view and to contest the decision.
Irrespective of any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of your personal data is in violation of the GDPR.
The supervisory authority to which the complaint has been lodged will inform you of the status and outcome of your complaint, including the possibility of a judicial remedy under Article 78 GDPR.
We measure the reach of our website with Matomo, an open-source tool that we operate on our own server.
No cookies are set on the user’s device and the user’s IP address is automatically shortened, so that it is no longer possible to identify individual persons. Among other things, the approximate geographical location, device, screen resolution, browser, and pages visited, including the length of stay, are evaluated.
The processing of the data is based on Art. 6 (1) (1) (f) GDPR. Our legitimate interest lies in optimizing our website, improving our offerings, and online marketing.
We may transfer your personal data to a third country. In principle, we can provide various appropriate guarantees to ensure that an adequate level of protection is brought about for the processing operations. It is possible to conduct data transfers on the basis of an adequacy decision, internal data protection rules, approved codes of conduct, standard data protection clauses or an approved certification mechanism pursuant to Art. 46 (2) lit. a – f GDPR.
If we make a transfer to a third country on the legal basis of Art. 49 (1) a GDPR, you will be informed at this point about the possible risks of a data transfer to a third country.
There is a risk that the third country receiving your personal data may not provide an equivalent level of protection compared to the protection of personal data in the European Union. This may be the case, for example, if the EU Commission has not issued an adequacy decision for the respective third country or if certain agreements between the European Union and the respective third country are declared invalid. Specifically, in some third countries there are risks regarding the effective protection of EU fundamental rights through the use of surveillance laws (for example, the USA). In such a case, it is our responsibility and that of the recipient to assess whether your rights receive an equivalent level of protection in the third country as in the Union and can also be effectively enforced.
However, the General Data Protection Regulation should not undermine the level of protection afforded to individuals throughout the Union when personal data are transferred from the Union to controllers, processors or other recipients in third countries or to international organisations, including when personal data are further transferred from a third country or from an international organisation to controllers or processors in the same or another third country or to the same or another international organisation.
a. Purpose and description
It may happen that third-party content, such as videos, fonts or graphics from other websites, are integrated within our online offer. This always requires that the providers of this content (hereinafter referred to as “third party providers”) are aware of your IP address. Without the IP address, they could not send the content to your browser. The IP address is therefore necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence on whether the third-party providers store the IP address, e.g. for statistical purposes. Insofar as we are aware of this, we will inform you of it. We would like to provide and improve our online offer through these integrations.
b. Legal basis
In allen anderen Fällen ist unserer berechtigtes Interesse an einer entsprechenden Darstellung unserer Online-Präsenz und an nutzerfreundlichen und wirtschaftlich effizienten Leistungen unsererseits die entsprechende Rechtsgrundlage, Art. 6 Abs. 1 lit. f DSGVO. Further information can be found in the respective data protection statements of the providers.
c. Contractual or legal obligation
The provision of your personal data is neither legally nor contractually required and is also not necessary for the conclusion of a contract. You are also not obliged to provide the personal data. However, failure to provide such data may result in you not being able to use this function or not being able to use it to its full extent.
Your personal data will be stored for the duration of the respective statutory retention period. After expiry of this period, the data is routinely deleted, unless it is necessary for the initiation or fulfilment of a contract.
We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are regularly reviewed and adapted to the technological progress. In addition, data protection is continuously guaranteed by us, through constant auditing and optimisation of the data protection organisation.
We reserve all rights to make changes and updates to this privacy policy.
Alfred Herzog
Metallwarenfabrik GmbH
Halverstraße 20
58515 Lüdenscheid
Phone +49 2351 66428-0
Fax +49 2351 66428-66
We look forward to hearing from you.
