KARL MAYER Holding GmbH & Co. KG, Brühlstrasse 25, 63179 Obertshausen, Germany
Represented by the Managing Directors Mr. Dipl. Ing. (BA) Arno K.-H. Gärtner, Dr. Helmut Preßl
Phone: +49 6104/402-0
Fax: +49 6104/402 73 600
for the websites under the following domains: www.karlmayer.com
2. Data protection officer
You can contact the data protection officer of the Controller at:
Data Protection Officer
c/o KARL MAYER Holding GmbH & Co. KG,
Brühlstraße 25, 63179 Obertshausen, Germany
3. Personal data, purposes of data processing, legal bases, recipients
3.1. Scope of processing of personal data
Personal data is information that can reveal or disclose the identity of the user. We only process personal data of our users if this is necessary to provide a functional website as well as our contents and services. The processing of personal data of our users takes place regularly only after consent of the user. An exception applies in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.
3.2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6(1)(a) GDPR serves as the legal basis.
For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR shall serve as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Where the processing of personal data is necessary to fulfil a legal obligation to which KARL MAYER is subject, Article 6(1)(c) GDPR serves as the legal basis.
Where the vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR shall serve as the legal basis.
If processing is necessary to safeguard a legitimate interest of KARL MAYER or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first interest, Article 6(1)(f) GDPR serves as the legal basis for processing.
3.3. Data deletion and storage time
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the data subject is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
3.4. Data processing for advertising purposes
3.4.1. Postal advertising
We may use your information for marketing purposes. We collect the following data for our own marketing purposes and for marketing purposes of third parties: e-mail address, first name, surname, postal address, year of birth. This data is stored in your customer account for the duration of the contract.
We are also entitled to store further personal data collected about you in compliance with legal requirements for our own marketing purposes. The aim is to provide you with advertising that is solely oriented towards your actual or supposed needs and not to bother you with unnecessary advertising.
In addition, the Controller pseudonymises / anonymises personal data collected about you for the purpose of using the pseudonymised / anonymised data for his own marketing purposes. The pseudonymised / anonymised data can also be used to advertise you individually online, whereby the advertising can be outsourced by a service provider / agency.
The legal basis for the use of personal data for marketing purposes is Article 6(1)(f) GDPR.
Reference to the right of objection:
You can use your personal data for the aforementioned advertising purposes at any time free of charge with effect for the future at email@example.com. If you file an objection, your data will be blocked for further promotional data processing. We would like to point out that in exceptional cases advertising material may still be sent even after receipt of your objection. This is technically due to the necessary lead time within the selection process and does not mean that we have not implemented your objection.
3.4.2. Data Processing for the newsletter
On our web pages we offer you the possibility to register for our newsletter. In order to be sure that no mistakes were made when entering the email address, we use the so-called double opt-in procedure: After you have entered your e-mail address in the registration field and transferred it to us, we will send you a confirmation link to this e-mail address. Only when you click on this confirmation link, your email address will be added to our mailing list for sending our newsletters.
The legal basis for this data processing is Article 6(1)(a) DSGVO. The email address is stored for the purpose of sending the newsletter as long as the subscription to the newsletter is active.
Reference to the right of withdrawal:
You can revoke your consent at any time with effect for the future by unsubscribing at the end of each newsletter (by clicking on the link contained therein).
3.5. Data processing for online presence and website optimization
If you have agreed to the so-called geolocalisation in your browser or in the operating system or other settings of your respective device, we use this function to be able to offer you individual services related to your current location (e.g. the location of the nearest branch). We process your location data processed in this way exclusively for this function. If you stop the use, the data will be deleted.
The legal basis for this data processing is Article 6(1)(f) GDPR.
You have the option of changing your browser or your operating system or the relevant location settings of your respective device in such a way that no location-related data is transmitted to us.
3.5.2. Cookies - General Information
Most of the cookies we use are deleted after the end of the browser session (so-called session cookies). With these we can offer you e.g. a shopping cart display across all websites, in which you can read how many articles are currently in your shopping cart and how high your current shopping value is. Other cookies remain on your computer and enable us to recognize your computer on your next visit (so-called permanent or cross-session cookies). These cookies in particular serve to make our webshop user-friendly, more effective and safer. Thanks to these files, it is possible, for example, to display information on the site that is specifically tailored to your interests.
If you have a customer account and are logged in or activate the "stay logged in" function, the information stored in cookies is assigned pseudonymised under a cookie ID.
You can set your browser so that it does not place our cookies on your hard drive. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have your browser notify you when you receive a new cookie or how to delete all cookies already received and block them for all others.
To do this, please proceed as follows:
With Internet Explorer
- Select "Internet Options" from the "Tools" menu.
- Click on the "Privacy" tab.
- Now you can make the security settings for the Internet zone. Here you can set whether and which cookies should be accepted or rejected.
- Confirm your setting with "OK".
- Select Settings from the "Tools" menu.
- Click on "Privacy".
- Select "Create according to user-defined settings" from the drop-down menu.
- Now you can set whether cookies should be accepted, how long you want to keep these cookies and add exceptions to which websites you always or never want to allow cookies to be used.
- Confirm your setting with "OK".
On Google Chrome:
- Click the Chrome menu on the browser toolbar.
- Now select "Settings".
- Click on "Show advanced settings".
- Under "Privacy", click on "Content Settings".
- Under "Cookies" you can make the following settings for cookies: delete cookies, block cookies by default, delete cookies and website data by default after closing the browser
- Allow exceptions for cookies from certain websites or domains
However, we would like to point out that in this case you may not be able to use all functions of this webshop to their full extent.
If these cookies and/or the information they contain are containing personal data, the legal basis for data processing is Article 6(1)(f) GDPR. Our interest in optimizing our webshop is to be regarded as justified in the sense of the aforementioned regulation.
3.5.3. Google Analytics
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is set to prevent future collection of your data when you visit this webshop. The opt-out cookie is only valid in this browser and only for our webshop and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found on the Google Analytics website.
We have concluded a data processing agreement with Google for this data processing.
3.5.4. Google Tag Manager
Our webshop uses the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags through a single interface. The tool Tag Manager itself (which implements the tags) is a cookieless domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
And use the browser plugin available under „Doubleclick deactivation extension“. Alternatively, you can disable the Doubleclick cookies on the Digital Advertising Alliance site by following this link: http://www.aboutads.info/choices/
To protect input forms on our site, we use the "reCAPTCHA" service from Google. By using this service it can be differenciated whether the corresponding input is of human origin or is abusive through automated machine processing. The legal basis for this data processing is Article 6(1)(f) GDPR.
To our knowledge, the referrer URL, the IP address, the behaviour of webshop visitors, information about operating system, browser and dwell time, cookies, display instructions and scripts, the user's input behaviour and mouse movements in the "reCAPTCHA" checkbox area are transmitted to "Google". Google uses the information obtained in this way, among other things, to digitize books and other printed matter and to optimize services such as Google Street View and Google Maps (e.g. house number and street name recognition).
The IP address transmitted within the scope of "reCAPTCHA" will not be merged with other Google data unless you are logged in to your Google account at the time you use the "reCAPTCHA" plug-in. If you wish to prevent Google from transmitting and storing data about you and your behaviour on our webshop, you must log out of Google before you visit our site or use the reCAPTCHA plug-in.
3.5.7. Possibility of disagreement/opt-out
In addition to the deactivation methods described above, you can also generally prevent the targeting technologies described by setting a corresponding cookie in your browser (see also 3.7.2). You can also deactivate preference-based advertising using the preference manager available here.
3.5.8. Social media links
3.8. How to contact us
You have the possibility to contact us in several ways. By e-mail, by phone, by web contact mask or by mail. When you contact us, we use the personal data that you voluntarily provide to us in this context solely for the purpose of contacting you and processing your request.
The legal basis for this data processing is Art. 6 (1)(a), Art. 6 (1)(b), Art. 6 (1)(c) and Art. 6 (1)(f) GDPR. Your data will be deleted once the intended purpose has been achieved.
3.9. Customer reviews / comments / other user content
If users leave comments or other contributions on KARL MAYER websites, their IP addresses will be stored on the basis of our legitimate interests within the meaning of Art. 6 (1)(f) GDPR for 7 days. This is done for our safety, if someone leaves illegal contents in comments and contributions (insults, forbidden political propaganda, etc.).
You can also publish your own content on KARL MAYER websites in various places (e.g. product evaluations, comments, etc.). When you make a comment, recommendation or rating on products, brands and styles, we process the personal data that you voluntarily provide as part of the comment or rating. You can publish content on KARL MAYER websites under your first name and abbreviated surname.
The legal basis for this data processing is Art. 6 (1)(f) GDPR.
4. Your statutory rights
Below you will find your rights that you can assert.
4.1. Overview of the individual statutory rights under Article 15 ff. GDPR
In addition to the right to revoke your consent given to us, you have the following further rights if the respective legal requirements are met:
- the right to obtain information about your personal data stored by us (Art. 15 GDPR), in particular you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the origin of your data if these were not collected directly from you;
- the right to correct inaccurate or complete correct data (Art. 16 GDPR),
- the right to delete your data stored with us (Art. 17 GDPR), as far as no legal or contractual retention periods or other legal obligations or rights for further storage are to be observed by us,
- the right to restrict the processing of your data (Art. 18 GDPR) if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete it; the data controller no longer needs the data, but you need them to assert, exercise or defend legal claims or you have filed an objection to the processing in accordance with Art. 21 GDPR,
- the right to tranfer data in accordance with Art. 20 GDPR, i.e. the right to receive selected data stored by us about you in a common, machine-readable format, or to request the transfer to another Controller.
You can assert the above-mentioned rights under firstname.lastname@example.org
4.2. Right to object
Under the conditions of Art. 21 (1) GDPR, data processing may be objected for reasons arising from the special situation of the data subject.
You can exercise this right at email@example.com
4.3. Right of revocation
Insofar as we process data on the basis of a consent given by you, you have the right to revoke the consent given at any time. The revocation of the consent does not mean that the data processing carried out on the basis of the consent up to the time of the revocation becomes ineffective.
You can exercise this right at firstname.lastname@example.org
4.4. Right of appeal
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State of your place of residence, employment or suspected infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.