The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is:
Alfred Herzog Metallwarenfabrik GmbH
Auf der Koppel 5
58540 Meinerzhagen
Telephone: +49 2354 4737
https://www.herzog-pfannen.com/
We welcome you to our website and thank you for your interest. The protection of your personal data is an important and self-evident matter for us. Therefore, we conduct our activities in accordance with the applicable legal provisions on the protection of personal data and data security. We are happy to inform you about how we process your personal data and for what purposes.
If you have any further questions regarding the handling of your personal data, please do not hesitate to contact our data protection officer:
Mr. Markus Heinrich, Attorney at Law
c/o Wolter Hoppenberg Attorneys at Law Partnership mbB
Münsterstraße 1-3
59065 Hamm
E-Mail: info@herzog-pfannen.com
The term personal data is defined in the Federal Data Protection Act (BDSG) and in the GDPR. According to this, personal data are all data that can be related to you personally. This includes, for example, your name, your address, your user behaviour or your IP address.
Unless otherwise stated in the following sections, no personal data is collected, processed or used when using our website. However, we receive certain technical information through the use of analysis and tracking tools based on the data transmitted by your web browser (e.g. browser type/version, operating system used, previously visited websites). We evaluate this information solely for statistical purposes.
Insofar as we obtain the consent of the data subject for processing operations of personal data relating to you, Art. 6 (1) lit. a GDPR serves as the legal basis for the processing of personal data.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures that are carried out at the request of the person concerned.
Insofar as processing of your personal data is necessary for compliance with a legal obligation to which we are subject as the controller, Art. 6 (1) lit. c GDPR serves as the legal basis for the processing of your personal data.
If processing of personal data is necessary to protect your vital interests or the vital interests of another natural person, Art. 6 (1) lit. d GDPR serves as the legal basis for the processing of your personal data.
If processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us, Art. 6 (1) (e) GDPR serves as the legal basis for the processing of your personal data.
If the processing is necessary to protect our legitimate interests or those of a third party and your interests, fundamental rights and freedoms do not outweigh the former interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing of personal data.
Our website uses cookies. Cookies are data that are stored on your computer system by the Internet browser. The cookies can be transmitted to a page when it is accessed up and thus enable users to be identified. Cookies help to simplify the use of websites for you. We use cookies only for the purpose of obtaining information about the use of our website and for statistical purposes.
It is possible to object to the setting of cookies at any time by changing the setting in your internet browser accordingly. Cookies that have been set can also be deleted. Please note that if you deactivate cookies, you may not be able to use all the functions of our website to their full extent. The data collected from you in this way can be pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the accessing user. The data is not stored together with other personal data from you.
The legal basis for the processing of your personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The legal basis for the processing of your personal data using cookies for analysis purposes is determined by Art. 6 para. 1 lit. a GDPR if you have given your consent in this regard.
The settings for using third party cookies can also be changed in our data privacy tool.
Every time our website is accessed, data and information are collected by an automated system. These are stored in the log files of the server as well as the log files of our system. This data is not stored together with other personal data of yours.
The following data may be collected:
f you use the option to register on our website by providing personal data, the data in the respective input mask will be transmitted to us. The data is stored by us exclusively for internal use. The data are deleted as soon as it is no longer required to achieve the purpose for which it was collected.
When you register, your IP address and the date and time of registration are stored. This serves to prevent misuse of the services. Your data will not be passed on to third parties. An exception exists if there is a legal obligation to pass on the data.
The data provided during registration are necessary for the provision of content or services. As a registered person, you have the option of deleting or modifying your stored data at any time. You will receive information about your stored personal data at any time.
On our website you will find a contact form that can be used for electronic contact. Alternatively, it is possible to contact us by the e-mail address provided. If you contact us by one of these channels, the personal data you provide will be stored automatically. The data is stored solely for the purpose of processing your request or contacting you. The data will not be passed on to third parties. The legal basis for the processing of the data is Art. 6 Para. 1 lit. a GDPR if you have given your consent.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact aims at the conclusion of a contract, Art. 6 para. 1 lit. b GDPR is also the legal basis for the processing.
The data are deleted as soon as it is no longer required to achieve the purpose for which it was collected. or the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
We use your personal data to process your online purchases from Alfred Herzog Pfannen and to send you messages regarding the delivery status or notifications in the event of problems with the delivery of your items. We also use your personal data to process your payments. We also use your data to process complaints and product warranty claims. Your personal data is used to establish your identity, to ensure that you are of legal age for online purchases and to match your address with external partners. We aim to offer you multiple payment methods and undertake analysis to identify which payment options are available to you, including your payment history and credit checks.
If you choose to pay using one of the online payment service providers offered by us as part of your order process, your contact details will be transferred to them as part of the order. The legitimacy of the transfer of the data results from Art. 6 para. p. 1 lit. b GDPR for the implementation of the payment method you have chosen as well as our legitimate interests pursuant to Art. 6 para. p. 1 lit. f GDPR to enable user-friendly and uncomplicated payment processing.
The personal data transmitted to the online payment service provider are mostly first name, last name, address, IP address, e-mail address, or other data required for order processing. In addition, it is also data related to the service, such as the type of service, identity of the recipient, invoice amount and taxes as a percentage, billing information, etc..
This transfer is necessary to carry out the service with the payment method you have chosen, in particular to confirm your identity, to administer your payment and the customer relationship.
However, please note: Personal data may also be disclosed by the online payment service provider to service providers, subcontractors or other affiliated companies to the extent necessary to fulfil the contractual obligations arising from your order or to process the personal data on your behalf.
Depending on the selected payment method, e.g. invoice or direct debit, the personal data transmitted to the provider will be transferred by the provider to credit agencies. This transmission serves to check your identity and creditworthiness in relation to the order you have placed. You can find out what information is involved here and what data is generally collected, processed, stored and passed on by the respective provider in the respective data protection declarations of the providers:
We process and store your personal data only as long as this is necessary to achieve the purpose of storage. Storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.
As soon as the storage purpose ceases to apply or a storage period prescribed by the aforementioned regulations expires, the personal data will be routinely blocked or deleted.
If personal data is processed by you, you are a data subject within the meaning of the GDPR and you are entitled to the following rights towards us as the data controller:
You may request confirmation from us as to whether personal data relating to you is being processed by us.
If such processing is taking place, you may request information from us about the following:
You have the right to request information about whether your personal data is transferred to a third country or to an international organisation. In this context, you may request to be informed about the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transfer.
You have the right to rectification and/or completion if the personal data processed about you is inaccurate or incomplete. We must carry out the rectification without delay.
10.3.1 You may request from us to delete your personal data without delay. We are obliged to delete this data immediately if one of the following reasons exists:
10.3.2 If we have made your personal data public and are obliged to erase it pursuant to Article 17(1) of the GDPR, we shall take reasonable steps, including technical measures, with regard to the available technology and the cost of implementation, to inform the data controller processing the personal data that you, as the data subject, have requested the erasure of all links to, or copies or replications of, such personal data.
10.3.3 The right to erasure does not exist to the extent that the processing is necessary
You may request the restriction of the processing of your personal data under the following conditions:
If the processing of your personal data has been restricted, such data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
If you have asserted the right to rectification, erasure or restriction of processing, we are obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right to be informed by us about these recipients.
You have the right to receive your personal data provided to us in a structured, common and machine-readable format. You also have the right to transfer this data to another data controller without hindrance from us, provided that
In exercising this right, you also have the right to have your personal data transferred directly from us to another controller, insofar as this is technically feasible. This must not affect the freedoms and rights of other people.
The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which is carried out on the basis of Art. 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions.
Thereupon, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
You have the possibility, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by means of automated procedures using technical specifications.
Pursuant to Art. 7 para. 3 sentence 1 GDPR, you have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Pursuant to Article 22(1) of the GDPR, you have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:
However, these decisions may not be based on special categories of personal data pursuant to Art. 9(1) of the GDPR, unless Art. 9(2)(a) or (g) applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
With regard to the cases mentioned in a. and c., we take appropriate measures to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain our intervention, to express your point of view and to contest the decision.
Irrespective of any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of your personal data is in violation of the GDPR.
The supervisory authority to which the complaint has been lodged will inform you of the status and outcome of your complaint, including the possibility of a judicial remedy under Article 78 GDPR.
a. Description and purpose
We use the “Google Analytics” service on our website. “Google Analytics” is provided by Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) for the analysis of website usage by users. The service uses “cookies” – text files that are stored on your terminal device and which enable an analysis of your use of the website. The information collected by the cookies is usually sent to a Google server in the USA and stored there.
If necessary, Google Analytics on this website will be extended by the code “gat._anonymizeIp();” to ensure anonymised collection of your IP addresses (so-called IP masking).
Your IP address is shortened within the member states of the EU and the European Economic Area. This shortening eliminates the personal reference of your IP address. As part of the data sharing agreement that the website operators have concluded with Google LLC, Google LLC uses the information collected to evaluate website usage and activity and to provide services related to internet usage.
b. Legal basis
The legal basis for the use is Art. 6 para. 1 lit. a GDPR in conjunction with. Art. 49 para. 1 lit. a GDPR, if the anonymised data collection by means of the code “gat._anonymizeIp” does not take place. Otherwise, especially in the case of the use of “gat._anonymizeIp”, Art. 6 para. 1 lit. f GDPR is the legal basis.
c. Recipient
The data are usually transferred to a Google server in the USA and stored there. In the event that IP anonymisation is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
d. Transmission to third countries
The data is transferred to a Google server in the USA and stored there. The personal data is transmitted on the basis of Art. 46 and/or Art. 49 para. 1 lit. a GDPR.
e. Duration of processing
The data sent by us and linked to cookies, user identifiers (e.g. user ID) or advertising IDs are stored by default for 26 months and then automatically deleted.
f. Possibility to object
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser add-on. Opt-out cookies prevent the future collection of your data when visiting this website. In order to prevent collection by Universal Analytics across different devices, you must perform the opt-out on all systems used.
You can control the use of Google Analytics with our data privacy tool.
g. Contractual or legal obligation
There is no contractual or legal obligation for the provision of the data.
h. Further data protection information via link
Further information on terms of use and data protection can be found at:
https://policies.google.com/?hl=de&gl=del
https://policies.google.com/privacy?hl=de&gl=de
a. Description and purpose
We use external fonts, Google Fonts, on our websites. Google Fonts is a service of Google LLC. (“Google”). The integration of these web fonts is performed by a server call, usually a Google server in the USA. This transmits which of our websites you have visited to the server. The IP address of the browser of your terminal device is also stored by Google.
b. Legal basis
The legal basis for the processing of your personal data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the benefits that the use of Google Fonts brings. These include in particular the
c. Recipient
The recipient is Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA).
d. Transmission to third countries
As a rule, your data will be transferred to a Google server in the USA and stored there. The personal data is transferred on the basis of Art. 46 GDPR.
e. Duration of processing
Your data will be deleted as soon as they are no longer required to achieve the purpose for which it was collected. Furthermore, the data will be deleted if you revoke your consent or request the deletion of the personal data.
f. Possibility to object
You can prevent participation in this tracking procedure in various ways:
We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.
g. Contractual or legal obligations
The provision of your personal data is neither legally nor contractually required and is also not necessary for the conclusion of a contract. You are also not obliged to provide the personal data. However, failure to provide such data could result in you not being able to use our website or not being able to use it to its full extent.
h. Further data protection information via link
Further data protection information from Google can be found at:
https://www.google.com/policies/privacy
Further information on the use of data for marketing purposes by Google:
https://www.google.com/policies/technologies/ads
Terms of use and data protection information from Google can be found at:
https://www.google.de/intl/de/policies/
We may transfer your personal data to a third country. In principle, we can provide various appropriate guarantees to ensure that an adequate level of protection is brought about for the processing operations. It is possible to conduct data transfers on the basis of an adequacy decision, internal data protection rules, approved codes of conduct, standard data protection clauses or an approved certification mechanism pursuant to Art. 46 (2) lit. a – f GDPR.
If we make a transfer to a third country on the legal basis of Art. 49 (1) a GDPR, you will be informed at this point about the possible risks of a data transfer to a third country.
There is a risk that the third country receiving your personal data may not provide an equivalent level of protection compared to the protection of personal data in the European Union. This may be the case, for example, if the EU Commission has not issued an adequacy decision for the respective third country or if certain agreements between the European Union and the respective third country are declared invalid. Specifically, in some third countries there are risks regarding the effective protection of EU fundamental rights through the use of surveillance laws (for example, the USA). In such a case, it is our responsibility and that of the recipient to assess whether your rights receive an equivalent level of protection in the third country as in the Union and can also be effectively enforced.
However, the General Data Protection Regulation should not undermine the level of protection afforded to individuals throughout the Union when personal data are transferred from the Union to controllers, processors or other recipients in third countries or to international organisations, including when personal data are further transferred from a third country or from an international organisation to controllers or processors in the same or another third country or to the same or another international organisation.
a. Purpose and description
It may happen that third-party content, such as videos, fonts or graphics from other websites, are integrated within our online offer. This always requires that the providers of this content (hereinafter referred to as “third party providers”) are aware of your IP address. Without the IP address, they could not send the content to your browser. The IP address is therefore necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence on whether the third-party providers store the IP address, e.g. for statistical purposes. Insofar as we are aware of this, we will inform you of it. We would like to provide and improve our online offer through these integrations.
b. Legal basis
In all other cases, our legitimate interest in an appropriate presentation of our online presence and in user-friendly and economically efficient services on our part is the corresponding legal basis, Art. 6 para. 1 lit. f GDPR. Further information can be found in the respective data protection statements of the providers.
c. Contractual or legal obligation
The provision of your personal data is neither legally nor contractually required and is also not necessary for the conclusion of a contract. You are also not obliged to provide the personal data. However, failure to provide such data may result in you not being able to use this function or not being able to use it to its full extent.
Your personal data will be stored for the duration of the respective statutory retention period. After expiry of this period, the data is routinely deleted, unless it is necessary for the initiation or fulfilment of a contract.
We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security procedures are regularly reviewed and adapted to the technological progress. In addition, data protection is continuously guaranteed by us, through constant auditing and optimisation of the data protection organisation.
We reserve all rights to make changes and updates to this privacy policy.
Alfred Herzog
Metallwarenfabrik GmbH
Auf der Koppel 5
58540 Meinerzhagen
Phone +49 2354 4737
Fax +49 2354 2902
We look forward to hearing from you.
